last executing test programs: 1.390913582s ago: executing program 0 (id=61397): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r5, &(0x7f0000000100)="3f051c000302140006001e00890000004a1b78", 0x13, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 1.358811875s ago: executing program 0 (id=61400): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x18, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) (async) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000d40)={0xe5a44100, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[0x0], 0x1}, 0x58) (async) syz_clone3(&(0x7f0000000d40)={0xe5a44100, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[0x0], 0x1}, 0x58) 1.280868032s ago: executing program 2 (id=61403): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x10000002]}}, 0x0, 0x8, &(0x7f0000000300)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r8, @ANYRES64=r7], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r8, 0x0) ioctl$KVM_X86_SETUP_MCE(r8, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r9 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r9, 0x0, 0x0, 0x805, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000000c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x23}}], 0x1, 0x4) 1.280019213s ago: executing program 2 (id=61404): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 1.251618276s ago: executing program 0 (id=61405): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 1.246711186s ago: executing program 2 (id=61406): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c) (fail_nth: 1) 1.128848238s ago: executing program 3 (id=61409): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r4, &(0x7f0000000100)="3f051c000302140006001e00890000004a1b78", 0x13, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r5, 0x1, 0x1, 0x6, @broadcast}, 0x14) 958.101045ms ago: executing program 3 (id=61410): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r5, &(0x7f0000000100)="3f051c000302140006001e00890000004a1b78", 0x13, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 942.891896ms ago: executing program 3 (id=61411): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r3, &(0x7f0000000100)="3f051c000302140006001e00890000", 0xf, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r4, 0x1, 0x1, 0x6, @broadcast}, 0x14) 928.885188ms ago: executing program 3 (id=61412): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r3, @ANYRES64=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x16, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r5, 0x0, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x4000) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r8, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x3d, 0x526d630517582f22, 0x20}) sendmmsg$inet6(r9, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r10, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) 869.034824ms ago: executing program 2 (id=61413): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f00000000c0)={[0x80a0000, 0xd000, 0x100000, 0x8080000], 0x17, 0x86, 0x80000001000000}) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) (async) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) (async) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r5, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r6, 0x0, 0x0, 0x1, &(0x7f0000000240)=@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, 0x80) (async) sendto(r6, 0x0, 0x0, 0x1, &(0x7f0000000240)=@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, 0x80) unshare(0x62020680) 751.783735ms ago: executing program 2 (id=61415): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 673.278413ms ago: executing program 0 (id=61416): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r0, 0x0) 564.938564ms ago: executing program 1 (id=61418): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x4000010, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_clone(0x80020000, 0x0, 0x0, 0x0, 0x0, 0x0) 564.548254ms ago: executing program 1 (id=61419): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r4, &(0x7f0000000100)="3f051c000302140006001e00890000004a1b78", 0x13, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r5, 0x1, 0x1, 0x6, @broadcast}, 0x14) 541.974846ms ago: executing program 1 (id=61420): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r3, &(0x7f0000000100)="3f051c000302140006001e00890000", 0xf, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r4, 0x1, 0x1, 0x6, @broadcast}, 0x14) 512.187939ms ago: executing program 1 (id=61421): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNDETACHFILTER(r5, 0x401054d6, 0x0) (fail_nth: 1) 213.217969ms ago: executing program 3 (id=61422): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r3, @ANYRES64=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = dup(r2) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x10000) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r6) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x32, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r9, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x500120}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="280200001400100025bd7000fedbdf252b08a40001000a5ca0a3a663866e77e218f4a72be609a461d1993a661606af6caa1a1e05038dd19dfe93b4acaa1fe5fcb7b998a9fe5405c4da1d01c4662f3a43b0e5c5b504f980db189cfe8398b6ebea82bec291ee4c955f3fcc2473e96763384b97ec715c1454c2de0541c969e91c771558e42a102a3c6e2cb0dfa2f34bfab1eee8bc2baf3da35ad8c78b32b54ad79d8515ac5fcdd19ff1b93fbb9ba1df594b55726163afd8cb17e479000100d2a0a6d09671cf17388f73d8fc6ef38f7b4bf0fcf41b436fb9c3660265b0366e09fdb1980588ff773f09f7f2595aa578f5192b483e08e24e116e6ff3f47ff3d7419ea630c110d96a8a899e15febd0d305f2db770420e4597619d3805d4746bb9974b877b67319b2a14daded0836d74eea778cb6faa79c68eab15329c7686e3cf637d4db429889277570c2a7bbb384a0ec87c78392ecf928016bb010797650c7adccecfeef1e70a4cf2049029ec9fe8985bd76861fdc27578f41dba84de9099524657837a58ee7187106efa0a8efad798934dd0fe079b0f066c12f32b952b376c6cf41c52b16c00b21360eb33219d2c5d77a29e48f8383e65c264a69cf53c7bab775d24ab957dba0fe34d5ed9fbc4e09fc183480613812e3f0110a83b5e5b1ec258c5e8c8e6b4fd77349227c2f260e5e1fd5339ee0e0001003d561826a0f8dfc40b9800"/529], 0x228}, 0x1, 0x0, 0x0, 0x80}, 0x10048811) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r8, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) open(&(0x7f0000000080)='./file0\x00', 0x40, 0xc1) 186.642461ms ago: executing program 0 (id=61423): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 164.738764ms ago: executing program 3 (id=61424): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 164.478664ms ago: executing program 0 (id=61425): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1) 126.818137ms ago: executing program 1 (id=61426): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth1_to_batadv\x00', 0x0}) setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r5, &(0x7f0000000100)="3f051c000302140006001e00890000004a1b78", 0x13, 0x0, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @broadcast}, 0x14) 126.401517ms ago: executing program 1 (id=61427): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) socket$packet(0x11, 0x2, 0x300) sendmmsg$inet6(r2, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c) write(r3, &(0x7f00000000c0)="8f2a0a65", 0x4) (fail_nth: 1) 0s ago: executing program 2 (id=61428): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xe, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000b40)={'dummy0\x00'}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000100)={{0x8, 0x7ff, 0x8, 0x6}, 'syz0\x00', 0x31}) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x7, 0x526d630517582f27, 0x4}) socket$packet(0x11, 0x2, 0x300) sendmmsg$inet6(r7, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r2, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x86}, 0x1c) kernel console output (not intermixed with test programs): 498963][T19084] ? proc_fail_nth_write+0x17e/0x210 [ 1865.498986][T19084] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1865.499007][T19084] dump_stack+0x19/0x20 [ 1865.499026][T19084] should_fail_ex+0x3d9/0x530 [ 1865.499043][T19084] should_failslab+0xac/0x100 [ 1865.499062][T19084] kmem_cache_alloc_noprof+0x42/0x430 [ 1865.499079][T19084] ? getname_flags+0xc6/0x710 [ 1865.499096][T19084] getname_flags+0xc6/0x710 [ 1865.499112][T19084] ? build_open_flags+0x487/0x600 [ 1865.499134][T19084] getname+0x1b/0x30 [ 1865.499150][T19084] do_sys_openat2+0xcb/0x1c0 [ 1865.499170][T19084] ? fput+0x1a5/0x240 [ 1865.499190][T19084] ? do_sys_open+0x100/0x100 [ 1865.499210][T19084] ? ksys_write+0x1ef/0x250 [ 1865.499226][T19084] ? __cfi_ksys_write+0x10/0x10 [ 1865.499243][T19084] __x64_sys_openat+0x13a/0x170 [ 1865.499346][T19084] x64_sys_call+0xe69/0x2ee0 [ 1865.499371][T19084] do_syscall_64+0x58/0xf0 [ 1865.499393][T19084] ? clear_bhb_loop+0x50/0xa0 [ 1865.499413][T19084] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1865.499432][T19084] RIP: 0033:0x7f6b9378f6c9 [ 1865.499448][T19084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1865.499464][T19084] RSP: 002b:00007f6b946b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1865.499484][T19084] RAX: ffffffffffffffda RBX: 00007f6b939e5fa0 RCX: 00007f6b9378f6c9 [ 1865.499498][T19084] RDX: 0000000000000008 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1865.499512][T19084] RBP: 00007f6b946b1090 R08: 0000000000000000 R09: 0000000000000000 [ 1865.499524][T19084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1865.499536][T19084] R13: 00007f6b939e6038 R14: 00007f6b939e5fa0 R15: 00007ffdb7cb7578 [ 1865.499552][T19084] [ 1865.984939][T19117] batadv_slave_1: entered promiscuous mode [ 1865.991115][T19116] batadv_slave_1: left promiscuous mode [ 1865.996805][T19119] batadv_slave_1: entered promiscuous mode [ 1866.002941][T19118] batadv_slave_1: left promiscuous mode [ 1866.086238][T19133] batadv_slave_1: entered promiscuous mode [ 1866.092408][T19132] batadv_slave_1: left promiscuous mode [ 1866.129954][T19140] FAULT_INJECTION: forcing a failure. [ 1866.129954][T19140] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1866.144795][T19140] CPU: 1 UID: 0 PID: 19140 Comm: syz.1.55809 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1866.144826][T19140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1866.144838][T19140] Call Trace: [ 1866.144844][T19140] [ 1866.144852][T19140] __dump_stack+0x21/0x30 [ 1866.144882][T19140] dump_stack_lvl+0x10c/0x190 [ 1866.144905][T19140] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1866.144929][T19140] ? unwind_get_return_address+0x51/0x90 [ 1866.144951][T19140] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1866.144986][T19140] dump_stack+0x19/0x20 [ 1866.145009][T19140] should_fail_ex+0x3d9/0x530 [ 1866.145029][T19140] should_fail+0xf/0x20 [ 1866.145046][T19140] should_fail_usercopy+0x1e/0x30 [ 1866.145066][T19140] _copy_from_user+0x22/0xb0 [ 1866.145088][T19140] ___sys_recvmsg+0x12f/0x510 [ 1866.145107][T19140] ? __sys_recvmsg+0x280/0x280 [ 1866.145124][T19140] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 1866.145142][T19140] ? selinux_file_permission+0x309/0xb30 [ 1866.145166][T19140] ? __fget_files+0x2c5/0x340 [ 1866.145187][T19140] do_recvmmsg+0x326/0x770 [ 1866.145205][T19140] ? __sys_recvmmsg+0x290/0x290 [ 1866.145222][T19140] ? __cfi_vfs_write+0x10/0x10 [ 1866.145241][T19140] ? fput+0x1a5/0x240 [ 1866.145263][T19140] __x64_sys_recvmmsg+0x191/0x240 [ 1866.145280][T19140] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 1866.145298][T19140] ? __kasan_check_read+0x15/0x20 [ 1866.145324][T19140] x64_sys_call+0x292c/0x2ee0 [ 1866.145349][T19140] do_syscall_64+0x58/0xf0 [ 1866.145372][T19140] ? clear_bhb_loop+0x50/0xa0 [ 1866.145392][T19140] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1866.145412][T19140] RIP: 0033:0x7f8050b8f6c9 [ 1866.145428][T19140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1866.145445][T19140] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1866.145466][T19140] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1866.145482][T19140] RDX: 0000000000000001 RSI: 0000200000000380 RDI: 0000000000000006 [ 1866.145494][T19140] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1866.145508][T19140] R10: 0000000040012160 R11: 0000000000000246 R12: 0000000000000001 [ 1866.145520][T19140] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1866.145537][T19140] [ 1866.386520][ T4363] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 1866.426181][T19142] batadv_slave_1: entered promiscuous mode [ 1866.432318][T19141] batadv_slave_1: left promiscuous mode [ 1866.503713][T19159] batadv_slave_1: entered promiscuous mode [ 1866.509886][T19158] batadv_slave_1: left promiscuous mode [ 1866.553469][ T4363] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1866.562738][ T4363] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1866.570996][ T4363] usb 1-1: Product: syz [ 1866.575231][ T4363] usb 1-1: Manufacturer: syz [ 1866.580060][ T4363] usb 1-1: SerialNumber: syz [ 1866.717061][T19176] FAULT_INJECTION: forcing a failure. [ 1866.717061][T19176] name failslab, interval 1, probability 0, space 0, times 0 [ 1866.748800][T19176] CPU: 0 UID: 0 PID: 19176 Comm: syz.2.55826 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1866.748832][T19176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1866.748844][T19176] Call Trace: [ 1866.748851][T19176] [ 1866.748859][T19176] __dump_stack+0x21/0x30 [ 1866.748889][T19176] dump_stack_lvl+0x10c/0x190 [ 1866.748921][T19176] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1866.748946][T19176] dump_stack+0x19/0x20 [ 1866.748969][T19176] should_fail_ex+0x3d9/0x530 [ 1866.748989][T19176] should_failslab+0xac/0x100 [ 1866.749011][T19176] __kmalloc_cache_noprof+0x41/0x490 [ 1866.749030][T19176] ? __kasan_check_write+0x18/0x20 [ 1866.749055][T19176] ? input_allocate_device+0x62/0x400 [ 1866.749081][T19176] ? mutex_lock_interruptible+0x92/0x1c0 [ 1866.749101][T19176] ? __cfi_mutex_lock_interruptible+0x10/0x10 [ 1866.749119][T19176] input_allocate_device+0x62/0x400 [ 1866.749145][T19176] uinput_ioctl_handler+0x13b/0x1520 [ 1866.749171][T19176] ? uinput_release+0x70/0x70 [ 1866.749196][T19176] ? mutex_unlock+0x8b/0x240 [ 1866.749216][T19176] uinput_ioctl+0x2c/0x40 [ 1866.749240][T19176] ? __cfi_uinput_ioctl+0x10/0x10 [ 1866.749264][T19176] __se_sys_ioctl+0x135/0x1b0 [ 1866.749285][T19176] __x64_sys_ioctl+0x7f/0xa0 [ 1866.749304][T19176] x64_sys_call+0x1878/0x2ee0 [ 1866.749330][T19176] do_syscall_64+0x58/0xf0 [ 1866.749352][T19176] ? clear_bhb_loop+0x50/0xa0 [ 1866.749372][T19176] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1866.749391][T19176] RIP: 0033:0x7f92aa78f6c9 [ 1866.749408][T19176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1866.749425][T19176] RSP: 002b:00007f92ab603038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1866.749446][T19176] RAX: ffffffffffffffda RBX: 00007f92aa9e5fa0 RCX: 00007f92aa78f6c9 [ 1866.749462][T19176] RDX: 0000000000000000 RSI: 00000000405c5503 RDI: 0000000000000007 [ 1866.749475][T19176] RBP: 00007f92ab603090 R08: 0000000000000000 R09: 0000000000000000 [ 1866.749488][T19176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1866.749501][T19176] R13: 00007f92aa9e6038 R14: 00007f92aa9e5fa0 R15: 00007ffea55b0808 [ 1866.749518][T19176] [ 1867.014427][T19184] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1867.024395][T19185] batadv_slave_1: entered promiscuous mode [ 1867.032388][T19183] batadv_slave_1: left promiscuous mode [ 1867.060162][T19187] batadv_slave_1: entered promiscuous mode [ 1867.067314][T19186] batadv_slave_1: left promiscuous mode [ 1867.238137][T19209] batadv_slave_1: entered promiscuous mode [ 1867.244318][T19208] batadv_slave_1: left promiscuous mode [ 1867.402712][T19224] FAULT_INJECTION: forcing a failure. [ 1867.402712][T19224] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1867.419932][T19224] CPU: 1 UID: 0 PID: 19224 Comm: syz.3.55848 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1867.419966][T19224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1867.419978][T19224] Call Trace: [ 1867.419985][T19224] [ 1867.419993][T19224] __dump_stack+0x21/0x30 [ 1867.420023][T19224] dump_stack_lvl+0x10c/0x190 [ 1867.420046][T19224] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1867.420070][T19224] ? check_stack_object+0x12c/0x140 [ 1867.420097][T19224] dump_stack+0x19/0x20 [ 1867.420120][T19224] should_fail_ex+0x3d9/0x530 [ 1867.420140][T19224] should_fail+0xf/0x20 [ 1867.420157][T19224] should_fail_usercopy+0x1e/0x30 [ 1867.420177][T19224] _copy_to_user+0x24/0xa0 [ 1867.420199][T19224] simple_read_from_buffer+0xed/0x160 [ 1867.420223][T19224] proc_fail_nth_read+0x19e/0x210 [ 1867.420246][T19224] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 1867.420268][T19224] ? vfs_writev+0xa16/0xcf0 [ 1867.420289][T19224] ? bpf_lsm_file_permission+0xd/0x20 [ 1867.420314][T19224] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 1867.420336][T19224] vfs_read+0x27d/0xc70 [ 1867.420354][T19224] ? __cfi_vfs_read+0x10/0x10 [ 1867.420369][T19224] ? __kasan_check_write+0x18/0x20 [ 1867.420395][T19224] ? mutex_lock+0x92/0x1c0 [ 1867.420413][T19224] ? __cfi_mutex_lock+0x10/0x10 [ 1867.420430][T19224] ? __fget_files+0x2c5/0x340 [ 1867.420451][T19224] ksys_read+0x141/0x250 [ 1867.420468][T19224] ? __cfi_ksys_read+0x10/0x10 [ 1867.420486][T19224] ? __kasan_check_read+0x15/0x20 [ 1867.420511][T19224] __x64_sys_read+0x7f/0x90 [ 1867.420528][T19224] x64_sys_call+0x2638/0x2ee0 [ 1867.420554][T19224] do_syscall_64+0x58/0xf0 [ 1867.420576][T19224] ? clear_bhb_loop+0x50/0xa0 [ 1867.420596][T19224] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1867.420616][T19224] RIP: 0033:0x7f735e38e0dc [ 1867.420632][T19224] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1867.420648][T19224] RSP: 002b:00007f735f2b2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1867.420669][T19224] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38e0dc [ 1867.420684][T19224] RDX: 000000000000000f RSI: 00007f735f2b20a0 RDI: 0000000000000009 [ 1867.420698][T19224] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1867.420711][T19224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1867.420723][T19224] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1867.420740][T19224] [ 1867.430633][T19226] batadv_slave_1: entered promiscuous mode [ 1867.689444][T19225] batadv_slave_1: left promiscuous mode [ 1867.948293][T19246] FAULT_INJECTION: forcing a failure. [ 1867.948293][T19246] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1867.969870][T19246] CPU: 0 UID: 0 PID: 19246 Comm: syz.1.55858 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1867.969902][T19246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1867.969913][T19246] Call Trace: [ 1867.969919][T19246] [ 1867.969926][T19246] __dump_stack+0x21/0x30 [ 1867.969957][T19246] dump_stack_lvl+0x10c/0x190 [ 1867.969980][T19246] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1867.970005][T19246] ? proc_fail_nth_write+0x17e/0x210 [ 1867.970029][T19246] ? check_stack_object+0x107/0x140 [ 1867.970048][T19246] dump_stack+0x19/0x20 [ 1867.970076][T19246] should_fail_ex+0x3d9/0x530 [ 1867.970097][T19246] should_fail+0xf/0x20 [ 1867.970114][T19246] should_fail_usercopy+0x1e/0x30 [ 1867.970134][T19246] _copy_from_user+0x22/0xb0 [ 1867.970157][T19246] __tun_chr_ioctl+0x1f2/0x1f10 [ 1867.970179][T19246] ? __kasan_check_write+0x18/0x20 [ 1867.970205][T19246] ? tun_flow_create+0x410/0x410 [ 1867.970224][T19246] ? __fget_files+0x2c5/0x340 [ 1867.970246][T19246] ? __fget_files+0x2c5/0x340 [ 1867.970266][T19246] tun_chr_ioctl+0x2e/0x40 [ 1867.970284][T19246] ? __cfi_tun_chr_ioctl+0x10/0x10 [ 1867.970303][T19246] __se_sys_ioctl+0x135/0x1b0 [ 1867.970323][T19246] __x64_sys_ioctl+0x7f/0xa0 [ 1867.970342][T19246] x64_sys_call+0x1878/0x2ee0 [ 1867.970367][T19246] do_syscall_64+0x58/0xf0 [ 1867.970389][T19246] ? clear_bhb_loop+0x50/0xa0 [ 1867.970408][T19246] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1867.970428][T19246] RIP: 0033:0x7f8050b8f6c9 [ 1867.970443][T19246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1867.970460][T19246] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1867.970481][T19246] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1867.970496][T19246] RDX: 00002000000000c0 RSI: 00000000400454ca RDI: 0000000000000007 [ 1867.970509][T19246] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1867.970522][T19246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1867.970535][T19246] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1867.970552][T19246] [ 1868.325508][T19252] batadv_slave_1: entered promiscuous mode [ 1868.332958][T19251] batadv_slave_1: left promiscuous mode [ 1868.450640][T19269] batadv_slave_1: entered promiscuous mode [ 1868.456917][T19268] batadv_slave_1: left promiscuous mode [ 1868.845852][T19282] batadv_slave_1: entered promiscuous mode [ 1868.852120][T19281] batadv_slave_1: left promiscuous mode [ 1869.064793][ T6269] usb 1-1: USB disconnect, device number 71 [ 1869.070492][T19296] FAULT_INJECTION: forcing a failure. [ 1869.070492][T19296] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1869.090326][T19296] CPU: 1 UID: 0 PID: 19296 Comm: syz.1.55881 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1869.090359][T19296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1869.090371][T19296] Call Trace: [ 1869.090378][T19296] [ 1869.090386][T19296] __dump_stack+0x21/0x30 [ 1869.090414][T19296] dump_stack_lvl+0x10c/0x190 [ 1869.090445][T19296] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1869.090469][T19296] ? unwind_get_return_address+0x51/0x90 [ 1869.090490][T19296] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1869.090518][T19296] dump_stack+0x19/0x20 [ 1869.090540][T19296] should_fail_ex+0x3d9/0x530 [ 1869.090560][T19296] should_fail+0xf/0x20 [ 1869.090578][T19296] should_fail_usercopy+0x1e/0x30 [ 1869.090598][T19296] _copy_from_user+0x22/0xb0 [ 1869.090620][T19296] ___sys_recvmsg+0x12f/0x510 [ 1869.090638][T19296] ? __sys_recvmsg+0x280/0x280 [ 1869.090655][T19296] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 1869.090674][T19296] ? selinux_file_permission+0x309/0xb30 [ 1869.090698][T19296] ? __fget_files+0x2c5/0x340 [ 1869.090727][T19296] do_recvmmsg+0x326/0x770 [ 1869.090744][T19296] ? __sys_recvmmsg+0x290/0x290 [ 1869.090761][T19296] ? __cfi_vfs_write+0x10/0x10 [ 1869.090782][T19296] ? fput+0x1a5/0x240 [ 1869.090804][T19296] __x64_sys_recvmmsg+0x191/0x240 [ 1869.090822][T19296] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 1869.090840][T19296] ? __kasan_check_read+0x15/0x20 [ 1869.090866][T19296] x64_sys_call+0x292c/0x2ee0 [ 1869.090892][T19296] do_syscall_64+0x58/0xf0 [ 1869.090915][T19296] ? clear_bhb_loop+0x50/0xa0 [ 1869.090933][T19296] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1869.090951][T19296] RIP: 0033:0x7f8050b8f6c9 [ 1869.090967][T19296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1869.090983][T19296] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1869.091004][T19296] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1869.091019][T19296] RDX: 0000000000000001 RSI: 0000200000000380 RDI: 0000000000000006 [ 1869.091032][T19296] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1869.091045][T19296] R10: 0000000040012160 R11: 0000000000000246 R12: 0000000000000001 [ 1869.091058][T19296] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1869.091075][T19296] [ 1869.365491][T19303] batadv_slave_1: entered promiscuous mode [ 1869.371704][T19302] batadv_slave_1: left promiscuous mode [ 1869.692688][T19332] FAULT_INJECTION: forcing a failure. [ 1869.692688][T19332] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1869.718787][T19332] CPU: 1 UID: 0 PID: 19332 Comm: syz.2.55897 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1869.718819][T19332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1869.718831][T19332] Call Trace: [ 1869.718837][T19332] [ 1869.718845][T19332] __dump_stack+0x21/0x30 [ 1869.718872][T19332] dump_stack_lvl+0x10c/0x190 [ 1869.718893][T19332] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1869.718915][T19332] ? kernel_text_address+0xa9/0xe0 [ 1869.718936][T19332] dump_stack+0x19/0x20 [ 1869.718956][T19332] should_fail_ex+0x3d9/0x530 [ 1869.718971][T19332] should_fail+0xf/0x20 [ 1869.718985][T19332] should_fail_usercopy+0x1e/0x30 [ 1869.719002][T19332] _copy_from_user+0x22/0xb0 [ 1869.719020][T19332] ___sys_sendmsg+0x159/0x2a0 [ 1869.719043][T19332] ? __sys_sendmsg+0x280/0x280 [ 1869.719064][T19332] ? kstrtouint+0x78/0xf0 [ 1869.719082][T19332] __sys_sendmmsg+0x271/0x470 [ 1869.719104][T19332] ? __cfi___sys_sendmmsg+0x10/0x10 [ 1869.719129][T19332] ? __cfi_ksys_write+0x10/0x10 [ 1869.719148][T19332] __x64_sys_sendmmsg+0xa4/0xc0 [ 1869.719171][T19332] x64_sys_call+0xfec/0x2ee0 [ 1869.719194][T19332] do_syscall_64+0x58/0xf0 [ 1869.719214][T19332] ? clear_bhb_loop+0x50/0xa0 [ 1869.719233][T19332] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1869.719250][T19332] RIP: 0033:0x7f92aa78f6c9 [ 1869.719267][T19332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1869.719282][T19332] RSP: 002b:00007f92ab603038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1869.719300][T19332] RAX: ffffffffffffffda RBX: 00007f92aa9e5fa0 RCX: 00007f92aa78f6c9 [ 1869.719315][T19332] RDX: 0000000000000001 RSI: 0000200000000580 RDI: 0000000000000007 [ 1869.719326][T19332] RBP: 00007f92ab603090 R08: 0000000000000000 R09: 0000000000000000 [ 1869.719338][T19332] R10: 0000000000046000 R11: 0000000000000246 R12: 0000000000000001 [ 1869.719350][T19332] R13: 00007f92aa9e6038 R14: 00007f92aa9e5fa0 R15: 00007ffea55b0808 [ 1869.719367][T19332] [ 1869.955080][T19343] FAULT_INJECTION: forcing a failure. [ 1869.955080][T19343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1869.978691][T19343] CPU: 0 UID: 0 PID: 19343 Comm: syz.2.55902 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1869.978721][T19343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1869.978733][T19343] Call Trace: [ 1869.978740][T19343] [ 1869.978751][T19343] __dump_stack+0x21/0x30 [ 1869.978777][T19343] dump_stack_lvl+0x10c/0x190 [ 1869.978798][T19343] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1869.978820][T19343] dump_stack+0x19/0x20 [ 1869.978839][T19343] should_fail_ex+0x3d9/0x530 [ 1869.978856][T19343] should_fail+0xf/0x20 [ 1869.978873][T19343] should_fail_usercopy+0x1e/0x30 [ 1869.978891][T19343] _copy_from_user+0x22/0xb0 [ 1869.978913][T19343] _RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x493/0xa380 [ 1869.978959][T19343] ? __cfi__RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x10/0x10 [ 1869.979008][T19343] ? is_bpf_text_address+0x17b/0x1a0 [ 1869.979029][T19343] ? kernel_text_address+0xa9/0xe0 [ 1869.979052][T19343] ? __kernel_text_address+0x11/0x40 [ 1869.979073][T19343] ? unwind_get_return_address+0x51/0x90 [ 1869.979096][T19343] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1869.979122][T19343] ? arch_stack_walk+0x10b/0x170 [ 1869.979141][T19343] ? stack_trace_save+0x9d/0xe0 [ 1869.979166][T19343] ? stack_depot_save_flags+0x38/0x800 [ 1869.979187][T19343] ? kasan_save_stack+0x4d/0x60 [ 1869.979206][T19343] ? kasan_save_stack+0x3e/0x60 [ 1869.979224][T19343] ? __kasan_record_aux_stack+0xb2/0xd0 [ 1869.979247][T19343] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 1869.979271][T19343] ? __call_rcu_common+0xd5/0x700 [ 1869.979287][T19343] ? call_rcu+0x14/0x20 [ 1869.979303][T19343] ? __kasan_check_write+0x18/0x20 [ 1869.979329][T19343] ? _raw_spin_trylock+0xaf/0x130 [ 1869.979351][T19343] ? __cfi__raw_spin_trylock+0x10/0x10 [ 1869.979373][T19343] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1869.979397][T19343] ? is_bpf_text_address+0x17b/0x1a0 [ 1869.979422][T19343] ? is_bpf_text_address+0x17b/0x1a0 [ 1869.979442][T19343] ? kernel_text_address+0xa9/0xe0 [ 1869.979467][T19343] ? is_bpf_text_address+0x17b/0x1a0 [ 1869.979486][T19343] ? kernel_text_address+0xa9/0xe0 [ 1869.979508][T19343] ? __kernel_text_address+0x11/0x40 [ 1869.979530][T19343] ? unwind_get_return_address+0x51/0x90 [ 1869.979550][T19343] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1869.979575][T19343] ? arch_stack_walk+0x10b/0x170 [ 1869.979595][T19343] ? is_bpf_text_address+0x17b/0x1a0 [ 1869.979613][T19343] ? kernel_text_address+0xa9/0xe0 [ 1869.979635][T19343] ? __kernel_text_address+0x11/0x40 [ 1869.979657][T19343] ? unwind_get_return_address+0x51/0x90 [ 1869.979677][T19343] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1869.979702][T19343] ? arch_stack_walk+0x10b/0x170 [ 1869.979721][T19343] ? __kasan_check_write+0x18/0x20 [ 1869.979745][T19343] ? _raw_spin_lock+0x8c/0x120 [ 1869.979766][T19343] ? __cfi__raw_spin_lock+0x10/0x10 [ 1869.979788][T19343] ? stack_depot_save_flags+0x38/0x800 [ 1869.979807][T19343] ? stack_trace_save+0x9d/0xe0 [ 1869.979832][T19343] ? _raw_spin_unlock+0x45/0x60 [ 1869.979853][T19343] ? rust_helper_spin_unlock+0x19/0x30 [ 1869.979871][T19343] ? _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x914/0x1400 [ 1869.979895][T19343] ? security_inode_alloc+0x51/0x200 [ 1869.979927][T19343] ? inode_init_always_gfp+0x756/0x9e0 [ 1869.979947][T19343] ? alloc_inode+0xc5/0x270 [ 1869.979966][T19343] ? proc_pident_instantiate+0x6d/0x2c0 [ 1869.979987][T19343] ? proc_pident_lookup+0x1c7/0x270 [ 1869.980006][T19343] ? path_openat+0x1301/0x34b0 [ 1869.980027][T19343] ? do_sys_openat2+0x12c/0x1c0 [ 1869.980049][T19343] ? __x64_sys_openat+0x13a/0x170 [ 1869.980071][T19343] ? x64_sys_call+0xe69/0x2ee0 [ 1869.980096][T19343] ? do_syscall_64+0x58/0xf0 [ 1869.980118][T19343] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1869.980139][T19343] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 1869.980163][T19343] ? avc_has_perm_noaudit+0x268/0x360 [ 1869.980187][T19343] ? __asan_memcpy+0x5a/0x80 [ 1869.980203][T19343] ? avc_has_perm_noaudit+0x286/0x360 [ 1869.980227][T19343] ? avc_has_perm+0x144/0x220 [ 1869.980250][T19343] ? __cfi_avc_has_perm+0x10/0x10 [ 1869.980272][T19343] ? kasan_save_alloc_info+0x40/0x50 [ 1869.980298][T19343] ? selinux_file_open+0x457/0x610 [ 1869.980319][T19343] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x40c/0x2cf0 [ 1869.980344][T19343] ? avc_has_extended_perms+0x7c7/0xdd0 [ 1869.980367][T19343] ? __asan_memcpy+0x5a/0x80 [ 1869.980383][T19343] ? avc_has_extended_perms+0x921/0xdd0 [ 1869.980407][T19343] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 1869.980435][T19343] ? do_vfs_ioctl+0xeda/0x1e30 [ 1869.980454][T19343] ? arch_stack_walk+0x10b/0x170 [ 1869.980471][T19343] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 1869.980491][T19343] ? _parse_integer+0x2e/0x40 [ 1869.980518][T19343] ? ioctl_has_perm+0x384/0x4d0 [ 1869.980538][T19343] ? has_cap_mac_admin+0xd0/0xd0 [ 1869.980560][T19343] ? proc_fail_nth_write+0x17e/0x210 [ 1869.980581][T19343] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1869.980621][T19343] ? selinux_file_ioctl+0x6e0/0x1360 [ 1869.980642][T19343] ? vfs_write+0x93e/0xf30 [ 1869.980658][T19343] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 1869.980678][T19343] ? __cfi_vfs_write+0x10/0x10 [ 1869.980694][T19343] ? __kasan_check_write+0x18/0x20 [ 1869.980718][T19343] ? mutex_unlock+0x8b/0x240 [ 1869.980735][T19343] ? __cfi_mutex_unlock+0x10/0x10 [ 1869.980750][T19343] ? __fget_files+0x2c5/0x340 [ 1869.980770][T19343] ? __fget_files+0x2c5/0x340 [ 1869.980789][T19343] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 1869.980815][T19343] ? __se_sys_ioctl+0x114/0x1b0 [ 1869.980834][T19343] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 1869.980860][T19343] __se_sys_ioctl+0x135/0x1b0 [ 1869.980880][T19343] __x64_sys_ioctl+0x7f/0xa0 [ 1869.980899][T19343] x64_sys_call+0x1878/0x2ee0 [ 1869.980930][T19343] do_syscall_64+0x58/0xf0 [ 1869.980951][T19343] ? clear_bhb_loop+0x50/0xa0 [ 1869.980971][T19343] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1869.980990][T19343] RIP: 0033:0x7f92aa78f6c9 [ 1869.981007][T19343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1869.981021][T19343] RSP: 002b:00007f92ab603038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1869.981045][T19343] RAX: ffffffffffffffda RBX: 00007f92aa9e5fa0 RCX: 00007f92aa78f6c9 [ 1869.981059][T19343] RDX: 0000200000000300 RSI: 00000000c0306201 RDI: 0000000000000006 [ 1869.981072][T19343] RBP: 00007f92ab603090 R08: 0000000000000000 R09: 0000000000000000 [ 1869.981083][T19343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1869.981095][T19343] R13: 00007f92aa9e6038 R14: 00007f92aa9e5fa0 R15: 00007ffea55b0808 [ 1869.981110][T19343] [ 1870.097597][T19348] batadv_slave_1: entered promiscuous mode [ 1870.643934][T19349] batadv_slave_1: entered promiscuous mode [ 1870.654128][T19347] batadv_slave_1: left promiscuous mode [ 1870.663391][T19346] batadv_slave_1: left promiscuous mode [ 1870.685170][ T36] audit: type=1400 audit(1763277027.360:332): avc: denied { setopt } for pid=19356 comm="syz.1.55908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 1870.782120][T19386] batadv_slave_1: entered promiscuous mode [ 1870.794663][T19383] batadv_slave_1: left promiscuous mode [ 1870.829603][T19394] FAULT_INJECTION: forcing a failure. [ 1870.829603][T19394] name failslab, interval 1, probability 0, space 0, times 0 [ 1870.842305][T19394] CPU: 0 UID: 0 PID: 19394 Comm: syz.2.55923 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1870.842337][T19394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1870.842349][T19394] Call Trace: [ 1870.842356][T19394] [ 1870.842363][T19394] __dump_stack+0x21/0x30 [ 1870.842392][T19394] dump_stack_lvl+0x10c/0x190 [ 1870.842412][T19394] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1870.842432][T19394] ? __kasan_check_write+0x18/0x20 [ 1870.842458][T19394] ? proc_fail_nth_write+0x17e/0x210 [ 1870.842479][T19394] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1870.842500][T19394] dump_stack+0x19/0x20 [ 1870.842521][T19394] should_fail_ex+0x3d9/0x530 [ 1870.842539][T19394] should_failslab+0xac/0x100 [ 1870.842558][T19394] kmem_cache_alloc_noprof+0x42/0x430 [ 1870.842575][T19394] ? getname_flags+0xc6/0x710 [ 1870.842593][T19394] getname_flags+0xc6/0x710 [ 1870.842609][T19394] ? build_open_flags+0x487/0x600 [ 1870.842632][T19394] getname+0x1b/0x30 [ 1870.842648][T19394] do_sys_openat2+0xcb/0x1c0 [ 1870.842670][T19394] ? fput+0x1a5/0x240 [ 1870.842691][T19394] ? do_sys_open+0x100/0x100 [ 1870.842712][T19394] ? ksys_write+0x1ef/0x250 [ 1870.842729][T19394] ? __cfi_ksys_write+0x10/0x10 [ 1870.842746][T19394] __x64_sys_openat+0x13a/0x170 [ 1870.842770][T19394] x64_sys_call+0xe69/0x2ee0 [ 1870.842794][T19394] do_syscall_64+0x58/0xf0 [ 1870.842816][T19394] ? clear_bhb_loop+0x50/0xa0 [ 1870.842836][T19394] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1870.842855][T19394] RIP: 0033:0x7f92aa78f6c9 [ 1870.842877][T19394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1870.842895][T19394] RSP: 002b:00007f92ab603038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1870.842916][T19394] RAX: ffffffffffffffda RBX: 00007f92aa9e5fa0 RCX: 00007f92aa78f6c9 [ 1870.842931][T19394] RDX: 0000000000000008 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1870.842945][T19394] RBP: 00007f92ab603090 R08: 0000000000000000 R09: 0000000000000000 [ 1870.842958][T19394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1870.842969][T19394] R13: 00007f92aa9e6038 R14: 00007f92aa9e5fa0 R15: 00007ffea55b0808 [ 1870.842986][T19394] [ 1871.129580][T19420] FAULT_INJECTION: forcing a failure. [ 1871.129580][T19420] name failslab, interval 1, probability 0, space 0, times 0 [ 1871.142275][T19420] CPU: 0 UID: 0 PID: 19420 Comm: syz.3.55934 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1871.142304][T19420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1871.142315][T19420] Call Trace: [ 1871.142321][T19420] [ 1871.142328][T19420] __dump_stack+0x21/0x30 [ 1871.142355][T19420] dump_stack_lvl+0x10c/0x190 [ 1871.142376][T19420] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1871.142398][T19420] ? kernel_text_address+0xa9/0xe0 [ 1871.142418][T19420] dump_stack+0x19/0x20 [ 1871.142438][T19420] should_fail_ex+0x3d9/0x530 [ 1871.142456][T19420] should_failslab+0xac/0x100 [ 1871.142475][T19420] __kmalloc_node_noprof+0x6c/0x520 [ 1871.142493][T19420] ? __kvmalloc_node_noprof+0x11d/0x300 [ 1871.142517][T19420] __kvmalloc_node_noprof+0x11d/0x300 [ 1871.142539][T19420] ? __cfi___kvmalloc_node_noprof+0x10/0x10 [ 1871.142565][T19420] traverse+0xf5/0x720 [ 1871.142584][T19420] ? __cfi_mutex_lock+0x10/0x10 [ 1871.142600][T19420] ? selinux_file_permission+0x309/0xb30 [ 1871.142622][T19420] seq_read_iter+0xe55/0xfe0 [ 1871.142641][T19420] ? __kasan_check_write+0x18/0x20 [ 1871.142667][T19420] ? proc_fail_nth_write+0x17e/0x210 [ 1871.142693][T19420] vfs_read+0x62b/0xc70 [ 1871.142711][T19420] ? __cfi_vfs_read+0x10/0x10 [ 1871.142731][T19420] ksys_pread64+0x170/0x270 [ 1871.142749][T19420] ? __cfi_ksys_pread64+0x10/0x10 [ 1871.142767][T19420] __x64_sys_pread64+0x9f/0xb0 [ 1871.142786][T19420] x64_sys_call+0x2a34/0x2ee0 [ 1871.142812][T19420] do_syscall_64+0x58/0xf0 [ 1871.142833][T19420] ? clear_bhb_loop+0x50/0xa0 [ 1871.142860][T19420] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1871.142876][T19420] RIP: 0033:0x7f735e38f6c9 [ 1871.142893][T19420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1871.142910][T19420] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1871.142930][T19420] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1871.142946][T19420] RDX: 0000000000001000 RSI: 00002000000029c0 RDI: 0000000000000008 [ 1871.142960][T19420] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1871.142973][T19420] R10: 0000000000000d36 R11: 0000000000000246 R12: 0000000000000001 [ 1871.142986][T19420] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1871.143003][T19420] [ 1871.433338][ T36] audit: type=1400 audit(1763277028.110:333): avc: denied { bind } for pid=19437 comm="syz.0.55942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1871.460146][ T36] audit: type=1400 audit(1763277028.110:334): avc: denied { write } for pid=19437 comm="syz.0.55942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1871.507632][T19450] batadv_slave_1: entered promiscuous mode [ 1871.519094][T19449] batadv_slave_1: left promiscuous mode [ 1871.619953][T19466] FAULT_INJECTION: forcing a failure. [ 1871.619953][T19466] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1871.635179][T19466] CPU: 1 UID: 0 PID: 19466 Comm: syz.1.55956 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1871.635210][T19466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1871.635221][T19466] Call Trace: [ 1871.635228][T19466] [ 1871.635236][T19466] __dump_stack+0x21/0x30 [ 1871.635264][T19466] dump_stack_lvl+0x10c/0x190 [ 1871.635286][T19466] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1871.635310][T19466] ? __kasan_check_read+0x15/0x20 [ 1871.635337][T19466] dump_stack+0x19/0x20 [ 1871.635360][T19466] should_fail_ex+0x3d9/0x530 [ 1871.635379][T19466] should_fail+0xf/0x20 [ 1871.635396][T19466] should_fail_usercopy+0x1e/0x30 [ 1871.635415][T19466] __kvm_read_guest_page+0x177/0x210 [ 1871.635434][T19466] kvm_vcpu_read_guest_page+0x31a/0x400 [ 1871.635454][T19466] kvm_fetch_guest_virt+0x146/0x190 [ 1871.635479][T19466] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 1871.635504][T19466] __do_insn_fetch_bytes+0x321/0x730 [ 1871.635523][T19466] ? x86_decode_insn+0x4fb0/0x4fb0 [ 1871.635540][T19466] ? vmx_get_segment+0x3e4/0x8e0 [ 1871.635566][T19466] ? emulator_get_segment+0x29e/0x580 [ 1871.635591][T19466] x86_decode_insn+0x33b/0x4fb0 [ 1871.635608][T19466] ? __cfi_emulator_get_segment+0x10/0x10 [ 1871.635637][T19466] ? __cfi_x86_decode_insn+0x10/0x10 [ 1871.635653][T19466] ? __kasan_check_write+0x18/0x20 [ 1871.635677][T19466] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 1871.635698][T19466] ? __asan_memset+0x39/0x50 [ 1871.635714][T19466] ? init_decode_cache+0x7c/0x90 [ 1871.635732][T19466] ? init_emulate_ctxt+0x410/0x540 [ 1871.635752][T19466] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 1871.635772][T19466] ? unwind_get_return_address+0x51/0x90 [ 1871.635793][T19466] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1871.635821][T19466] x86_decode_emulated_instruction+0x66/0x190 [ 1871.635842][T19466] x86_emulate_instruction+0x2d3/0x1870 [ 1871.635865][T19466] handle_ud+0x19e/0x320 [ 1871.635883][T19466] ? __cfi_handle_ud+0x10/0x10 [ 1871.635901][T19466] ? __cfi_rcu_note_context_switch+0x10/0x10 [ 1871.635923][T19466] ? clear_bhb_loop+0x50/0xa0 [ 1871.635943][T19466] ? clear_bhb_loop+0x50/0xa0 [ 1871.635961][T19466] ? clear_bhb_loop+0x50/0xa0 [ 1871.635980][T19466] ? clear_bhb_loop+0x50/0xa0 [ 1871.635999][T19466] ? clear_bhb_loop+0x12/0xa0 [ 1871.636019][T19466] handle_exception_nmi+0x194/0xeb0 [ 1871.636039][T19466] ? __cfi_handle_exception_nmi+0x10/0x10 [ 1871.636057][T19466] vmx_handle_exit+0x12c2/0x1b40 [ 1871.636081][T19466] ? kvm_deliver_exception_payload+0xd7/0x200 [ 1871.636104][T19466] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 1871.636129][T19466] ? vmx_handle_exit_irqoff+0x401/0x7a0 [ 1871.636154][T19466] vcpu_run+0x4bd0/0x7830 [ 1871.636176][T19466] ? x64_sys_call+0xe69/0x2ee0 [ 1871.636212][T19466] ? signal_pending+0xc0/0xc0 [ 1871.636233][T19466] ? __kasan_check_write+0x18/0x20 [ 1871.636258][T19466] ? xfd_validate_state+0x68/0x150 [ 1871.636282][T19466] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 1871.636302][T19466] ? __kasan_check_write+0x18/0x20 [ 1871.636327][T19466] ? fpregs_mark_activate+0x69/0x160 [ 1871.636347][T19466] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 1871.636367][T19466] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 1871.636388][T19466] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 1871.636413][T19466] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 1871.636436][T19466] ? kstrtoull+0x13b/0x1e0 [ 1871.636454][T19466] ? kstrtouint+0x78/0xf0 [ 1871.636471][T19466] ? ioctl_has_perm+0x1aa/0x4d0 [ 1871.636492][T19466] ? __asan_memcpy+0x5a/0x80 [ 1871.636509][T19466] ? ioctl_has_perm+0x3e0/0x4d0 [ 1871.636531][T19466] ? has_cap_mac_admin+0xd0/0xd0 [ 1871.636557][T19466] ? __kasan_check_write+0x18/0x20 [ 1871.636582][T19466] ? mutex_lock_killable+0x92/0x1c0 [ 1871.636600][T19466] ? __cfi_mutex_lock_killable+0x10/0x10 [ 1871.636619][T19466] ? proc_fail_nth_write+0x17e/0x210 [ 1871.636641][T19466] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1871.636665][T19466] kvm_vcpu_ioctl+0x96f/0xee0 [ 1871.636682][T19466] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1871.636698][T19466] ? __cfi_vfs_write+0x10/0x10 [ 1871.636716][T19466] ? __kasan_check_write+0x18/0x20 [ 1871.636740][T19466] ? mutex_unlock+0x8b/0x240 [ 1871.636757][T19466] ? __cfi_mutex_unlock+0x10/0x10 [ 1871.636773][T19466] ? __fget_files+0x2c5/0x340 [ 1871.636793][T19466] ? __fget_files+0x2c5/0x340 [ 1871.636813][T19466] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1871.636837][T19466] ? security_file_ioctl+0x34/0xd0 [ 1871.636857][T19466] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1871.636873][T19466] __se_sys_ioctl+0x135/0x1b0 [ 1871.636893][T19466] __x64_sys_ioctl+0x7f/0xa0 [ 1871.636912][T19466] x64_sys_call+0x1878/0x2ee0 [ 1871.636937][T19466] do_syscall_64+0x58/0xf0 [ 1871.636960][T19466] ? clear_bhb_loop+0x50/0xa0 [ 1871.636979][T19466] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1871.636999][T19466] RIP: 0033:0x7f8050b8f6c9 [ 1871.637014][T19466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1871.637030][T19466] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1871.637051][T19466] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1871.637067][T19466] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 1871.637080][T19466] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1871.637093][T19466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1871.637105][T19466] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1871.637122][T19466] [ 1873.240816][T19561] batadv_slave_1: entered promiscuous mode [ 1873.260303][T19560] batadv_slave_1: left promiscuous mode [ 1873.655538][T19609] batadv_slave_1: entered promiscuous mode [ 1873.668239][T19608] batadv_slave_1: left promiscuous mode [ 1874.051437][T19618] FAULT_INJECTION: forcing a failure. [ 1874.051437][T19618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1874.078779][T19618] CPU: 0 UID: 0 PID: 19618 Comm: syz.1.56019 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1874.078810][T19618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1874.078822][T19618] Call Trace: [ 1874.078828][T19618] [ 1874.078836][T19618] __dump_stack+0x21/0x30 [ 1874.078864][T19618] dump_stack_lvl+0x10c/0x190 [ 1874.078891][T19618] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1874.078915][T19618] ? vfs_write+0x93e/0xf30 [ 1874.078932][T19618] ? check_stack_object+0x107/0x140 [ 1874.078950][T19618] dump_stack+0x19/0x20 [ 1874.078972][T19618] should_fail_ex+0x3d9/0x530 [ 1874.078992][T19618] should_fail+0xf/0x20 [ 1874.079010][T19618] should_fail_usercopy+0x1e/0x30 [ 1874.079030][T19618] _copy_from_user+0x22/0xb0 [ 1874.079052][T19618] __se_sys_capset+0x233/0x440 [ 1874.079076][T19618] ? __kasan_check_write+0x18/0x20 [ 1874.079102][T19618] ? __x64_sys_capset+0x80/0x80 [ 1874.079125][T19618] ? ksys_write+0x1ef/0x250 [ 1874.079143][T19618] ? __cfi_ksys_write+0x10/0x10 [ 1874.079161][T19618] ? __kasan_check_read+0x15/0x20 [ 1874.079187][T19618] __x64_sys_capset+0x5f/0x80 [ 1874.079211][T19618] x64_sys_call+0x259c/0x2ee0 [ 1874.079236][T19618] do_syscall_64+0x58/0xf0 [ 1874.079257][T19618] ? clear_bhb_loop+0x50/0xa0 [ 1874.079278][T19618] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1874.079297][T19618] RIP: 0033:0x7f8050b8f6c9 [ 1874.079314][T19618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1874.079331][T19618] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 1874.079353][T19618] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1874.079368][T19618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080 [ 1874.079381][T19618] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1874.079394][T19618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1874.079407][T19618] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1874.079423][T19618] [ 1874.440803][T19649] tmpfs: Bad value for 'mpol' [ 1874.508708][T19665] batadv_slave_1: entered promiscuous mode [ 1874.529889][T19664] batadv_slave_1: left promiscuous mode [ 1874.669291][T19686] FAULT_INJECTION: forcing a failure. [ 1874.669291][T19686] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.692820][T19686] CPU: 0 UID: 0 PID: 19686 Comm: syz.3.56050 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1874.692851][T19686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1874.692863][T19686] Call Trace: [ 1874.692868][T19686] [ 1874.692876][T19686] __dump_stack+0x21/0x30 [ 1874.692904][T19686] dump_stack_lvl+0x10c/0x190 [ 1874.692926][T19686] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1874.692948][T19686] ? avc_has_perm+0x144/0x220 [ 1874.692971][T19686] dump_stack+0x19/0x20 [ 1874.692992][T19686] should_fail_ex+0x3d9/0x530 [ 1874.693010][T19686] should_failslab+0xac/0x100 [ 1874.693030][T19686] __kmalloc_cache_noprof+0x41/0x490 [ 1874.693048][T19686] ? vhost_task_create+0x101/0x350 [ 1874.693067][T19686] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 1874.693089][T19686] vhost_task_create+0x101/0x350 [ 1874.693107][T19686] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 1874.693127][T19686] ? __cfi_vhost_task_create+0x10/0x10 [ 1874.693145][T19686] ? __cfi_vhost_task_fn+0x10/0x10 [ 1874.693162][T19686] ? __kasan_check_write+0x18/0x20 [ 1874.693186][T19686] ? mutex_lock+0x92/0x1c0 [ 1874.693203][T19686] ? __cfi_mutex_lock+0x10/0x10 [ 1874.693218][T19686] ? kernel_text_address+0xa9/0xe0 [ 1874.693240][T19686] kvm_mmu_post_init_vm+0x156/0x2d0 [ 1874.693264][T19686] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 1874.693296][T19686] ? _parse_integer_limit+0x195/0x1e0 [ 1874.693323][T19686] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 1874.693344][T19686] ? kstrtoull+0x13b/0x1e0 [ 1874.693360][T19686] ? kstrtouint+0x78/0xf0 [ 1874.693376][T19686] ? ioctl_has_perm+0x1aa/0x4d0 [ 1874.693396][T19686] ? __asan_memcpy+0x5a/0x80 [ 1874.693413][T19686] ? ioctl_has_perm+0x3e0/0x4d0 [ 1874.693432][T19686] ? has_cap_mac_admin+0xd0/0xd0 [ 1874.693451][T19686] ? __kasan_check_write+0x18/0x20 [ 1874.693476][T19686] ? mutex_lock_killable+0x92/0x1c0 [ 1874.693492][T19686] ? __cfi_mutex_lock_killable+0x10/0x10 [ 1874.693510][T19686] ? proc_fail_nth_write+0x17e/0x210 [ 1874.693533][T19686] kvm_vcpu_ioctl+0x96f/0xee0 [ 1874.693551][T19686] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1874.693568][T19686] ? __cfi_vfs_write+0x10/0x10 [ 1874.693584][T19686] ? __kasan_check_write+0x18/0x20 [ 1874.693609][T19686] ? mutex_unlock+0x8b/0x240 [ 1874.693624][T19686] ? __cfi_mutex_unlock+0x10/0x10 [ 1874.693639][T19686] ? __fget_files+0x2c5/0x340 [ 1874.693658][T19686] ? __fget_files+0x2c5/0x340 [ 1874.693677][T19686] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1874.693700][T19686] ? security_file_ioctl+0x34/0xd0 [ 1874.693718][T19686] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1874.693733][T19686] __se_sys_ioctl+0x135/0x1b0 [ 1874.693752][T19686] __x64_sys_ioctl+0x7f/0xa0 [ 1874.693770][T19686] x64_sys_call+0x1878/0x2ee0 [ 1874.693794][T19686] do_syscall_64+0x58/0xf0 [ 1874.693814][T19686] ? clear_bhb_loop+0x50/0xa0 [ 1874.693833][T19686] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1874.693852][T19686] RIP: 0033:0x7f735e38f6c9 [ 1874.693868][T19686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1874.693884][T19686] RSP: 002b:00007f735f291038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1874.693905][T19686] RAX: ffffffffffffffda RBX: 00007f735e5e6090 RCX: 00007f735e38f6c9 [ 1874.693921][T19686] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 1874.693934][T19686] RBP: 00007f735f291090 R08: 0000000000000000 R09: 0000000000000000 [ 1874.693947][T19686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1874.693960][T19686] R13: 00007f735e5e6128 R14: 00007f735e5e6090 R15: 00007ffd91ad4938 [ 1874.693977][T19686] [ 1874.734991][T19692] syz.1.56053 uses obsolete (PF_INET,SOCK_PACKET) [ 1875.077621][T19700] batadv_slave_1: entered promiscuous mode [ 1875.085586][T19699] batadv_slave_1: left promiscuous mode [ 1875.365701][T19765] FAULT_INJECTION: forcing a failure. [ 1875.365701][T19765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1875.381232][T19765] CPU: 1 UID: 0 PID: 19765 Comm: syz.3.56086 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1875.381265][T19765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1875.381277][T19765] Call Trace: [ 1875.381284][T19765] [ 1875.381292][T19765] __dump_stack+0x21/0x30 [ 1875.381322][T19765] dump_stack_lvl+0x10c/0x190 [ 1875.381345][T19765] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1875.381369][T19765] ? __kasan_check_read+0x15/0x20 [ 1875.381396][T19765] dump_stack+0x19/0x20 [ 1875.381418][T19765] should_fail_ex+0x3d9/0x530 [ 1875.381438][T19765] should_fail+0xf/0x20 [ 1875.381454][T19765] should_fail_usercopy+0x1e/0x30 [ 1875.381474][T19765] __kvm_read_guest_page+0x177/0x210 [ 1875.381493][T19765] kvm_vcpu_read_guest_page+0x31a/0x400 [ 1875.381513][T19765] kvm_fetch_guest_virt+0x146/0x190 [ 1875.381539][T19765] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 1875.381564][T19765] __do_insn_fetch_bytes+0x321/0x730 [ 1875.381584][T19765] ? x86_decode_insn+0x4fb0/0x4fb0 [ 1875.381602][T19765] ? emulator_read_write+0x410/0x580 [ 1875.381621][T19765] ? tdp_iter_restart+0x1c4/0x360 [ 1875.381641][T19765] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 1875.381665][T19765] ? tdp_iter_next+0x362/0xa30 [ 1875.381684][T19765] x86_decode_insn+0x33b/0x4fb0 [ 1875.381702][T19765] ? trace_mark_mmio_spte+0x22/0x130 [ 1875.381728][T19765] ? __cfi_x86_decode_insn+0x10/0x10 [ 1875.381745][T19765] ? __kasan_check_write+0x18/0x20 [ 1875.381771][T19765] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 1875.381792][T19765] ? __asan_memset+0x39/0x50 [ 1875.381808][T19765] ? init_decode_cache+0x7c/0x90 [ 1875.381825][T19765] ? init_emulate_ctxt+0x410/0x540 [ 1875.381846][T19765] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 1875.381867][T19765] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 1875.381888][T19765] x86_decode_emulated_instruction+0x66/0x190 [ 1875.381910][T19765] x86_emulate_instruction+0x2d3/0x1870 [ 1875.381931][T19765] ? kvm_multiple_exception+0x6d8/0xad0 [ 1875.381954][T19765] kvm_mmu_page_fault+0x336/0x970 [ 1875.381976][T19765] handle_ept_violation+0x21c/0x440 [ 1875.381995][T19765] ? vmx_vcpu_run+0x1100/0x2000 [ 1875.382020][T19765] ? __cfi_handle_ept_violation+0x10/0x10 [ 1875.382040][T19765] vmx_handle_exit+0x12c2/0x1b40 [ 1875.382064][T19765] ? kvm_deliver_exception_payload+0xd7/0x200 [ 1875.382087][T19765] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 1875.382112][T19765] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 1875.382138][T19765] vcpu_run+0x4bd0/0x7830 [ 1875.382170][T19765] ? signal_pending+0xc0/0xc0 [ 1875.382200][T19765] ? complete_emulated_mmio+0x4fb/0x790 [ 1875.382221][T19765] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 1875.382246][T19765] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 1875.382269][T19765] ? kstrtoull+0x13b/0x1e0 [ 1875.382286][T19765] ? kstrtouint+0x78/0xf0 [ 1875.382303][T19765] ? ioctl_has_perm+0x1aa/0x4d0 [ 1875.382325][T19765] ? __asan_memcpy+0x5a/0x80 [ 1875.382342][T19765] ? ioctl_has_perm+0x3e0/0x4d0 [ 1875.382363][T19765] ? has_cap_mac_admin+0xd0/0xd0 [ 1875.382384][T19765] ? __kasan_check_write+0x18/0x20 [ 1875.382410][T19765] ? mutex_lock_killable+0x92/0x1c0 [ 1875.382429][T19765] ? __cfi_mutex_lock_killable+0x10/0x10 [ 1875.382446][T19765] ? proc_fail_nth_write+0x17e/0x210 [ 1875.382469][T19765] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1875.382493][T19765] kvm_vcpu_ioctl+0x96f/0xee0 [ 1875.382510][T19765] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1875.382528][T19765] ? __cfi_vfs_write+0x10/0x10 [ 1875.382546][T19765] ? __kasan_check_write+0x18/0x20 [ 1875.382571][T19765] ? mutex_unlock+0x8b/0x240 [ 1875.382588][T19765] ? __cfi_mutex_unlock+0x10/0x10 [ 1875.382604][T19765] ? __fget_files+0x2c5/0x340 [ 1875.382625][T19765] ? __fget_files+0x2c5/0x340 [ 1875.382645][T19765] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1875.382668][T19765] ? security_file_ioctl+0x34/0xd0 [ 1875.382687][T19765] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1875.382703][T19765] __se_sys_ioctl+0x135/0x1b0 [ 1875.382723][T19765] __x64_sys_ioctl+0x7f/0xa0 [ 1875.382742][T19765] x64_sys_call+0x1878/0x2ee0 [ 1875.382767][T19765] do_syscall_64+0x58/0xf0 [ 1875.382790][T19765] ? clear_bhb_loop+0x50/0xa0 [ 1875.382810][T19765] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1875.382829][T19765] RIP: 0033:0x7f735e38f6c9 [ 1875.382846][T19765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1875.382862][T19765] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1875.382883][T19765] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1875.382898][T19765] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 1875.382910][T19765] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1875.382923][T19765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1875.382936][T19765] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1875.382952][T19765] [ 1876.355394][T19816] batadv_slave_1: entered promiscuous mode [ 1876.371320][T19814] batadv_slave_1: left promiscuous mode [ 1876.671875][T19840] batadv_slave_1: entered promiscuous mode [ 1876.678016][T19839] batadv_slave_1: left promiscuous mode [ 1877.400995][T19880] FAULT_INJECTION: forcing a failure. [ 1877.400995][T19880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1877.418355][T19880] CPU: 0 UID: 0 PID: 19880 Comm: syz.0.56143 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1877.418389][T19880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1877.418401][T19880] Call Trace: [ 1877.418407][T19880] [ 1877.418414][T19880] __dump_stack+0x21/0x30 [ 1877.418443][T19880] dump_stack_lvl+0x10c/0x190 [ 1877.418466][T19880] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1877.418491][T19880] ? __kasan_check_read+0x15/0x20 [ 1877.418517][T19880] dump_stack+0x19/0x20 [ 1877.418539][T19880] should_fail_ex+0x3d9/0x530 [ 1877.418559][T19880] should_fail+0xf/0x20 [ 1877.418576][T19880] should_fail_usercopy+0x1e/0x30 [ 1877.418595][T19880] __kvm_read_guest_page+0x177/0x210 [ 1877.418615][T19880] kvm_vcpu_read_guest_page+0x31a/0x400 [ 1877.418634][T19880] kvm_fetch_guest_virt+0x146/0x190 [ 1877.418658][T19880] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 1877.418681][T19880] __do_insn_fetch_bytes+0x321/0x730 [ 1877.418700][T19880] ? x86_decode_insn+0x4fb0/0x4fb0 [ 1877.418717][T19880] ? emulator_read_write+0x410/0x580 [ 1877.418736][T19880] ? tdp_iter_restart+0x1c4/0x360 [ 1877.418758][T19880] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 1877.418780][T19880] ? tdp_iter_next+0x362/0xa30 [ 1877.418800][T19880] x86_decode_insn+0x33b/0x4fb0 [ 1877.418815][T19880] ? trace_mark_mmio_spte+0x22/0x130 [ 1877.418840][T19880] ? __cfi_x86_decode_insn+0x10/0x10 [ 1877.418856][T19880] ? __kasan_check_write+0x18/0x20 [ 1877.418882][T19880] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 1877.418902][T19880] ? __asan_memset+0x39/0x50 [ 1877.418917][T19880] ? init_decode_cache+0x7c/0x90 [ 1877.418933][T19880] ? init_emulate_ctxt+0x410/0x540 [ 1877.418952][T19880] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 1877.418972][T19880] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 1877.418992][T19880] x86_decode_emulated_instruction+0x66/0x190 [ 1877.419013][T19880] x86_emulate_instruction+0x2d3/0x1870 [ 1877.419034][T19880] ? kvm_multiple_exception+0x6d8/0xad0 [ 1877.419057][T19880] kvm_mmu_page_fault+0x336/0x970 [ 1877.419078][T19880] handle_ept_violation+0x21c/0x440 [ 1877.419098][T19880] ? vmx_vcpu_run+0x1100/0x2000 [ 1877.419121][T19880] ? __cfi_handle_ept_violation+0x10/0x10 [ 1877.419140][T19880] vmx_handle_exit+0x12c2/0x1b40 [ 1877.419162][T19880] ? kvm_deliver_exception_payload+0xd7/0x200 [ 1877.419181][T19880] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 1877.419213][T19880] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 1877.419237][T19880] vcpu_run+0x4bd0/0x7830 [ 1877.419263][T19880] ? signal_pending+0xc0/0xc0 [ 1877.419284][T19880] ? complete_emulated_mmio+0x4fb/0x790 [ 1877.419305][T19880] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 1877.419329][T19880] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 1877.419351][T19880] ? kstrtoull+0x13b/0x1e0 [ 1877.419368][T19880] ? kstrtouint+0x78/0xf0 [ 1877.419383][T19880] ? ioctl_has_perm+0x1aa/0x4d0 [ 1877.419403][T19880] ? __asan_memcpy+0x5a/0x80 [ 1877.419419][T19880] ? ioctl_has_perm+0x3e0/0x4d0 [ 1877.419438][T19880] ? has_cap_mac_admin+0xd0/0xd0 [ 1877.419458][T19880] ? __kasan_check_write+0x18/0x20 [ 1877.419484][T19880] ? mutex_lock_killable+0x92/0x1c0 [ 1877.419501][T19880] ? __cfi_mutex_lock_killable+0x10/0x10 [ 1877.419518][T19880] ? proc_fail_nth_write+0x17e/0x210 [ 1877.419541][T19880] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1877.419563][T19880] kvm_vcpu_ioctl+0x96f/0xee0 [ 1877.419578][T19880] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1877.419593][T19880] ? __cfi_vfs_write+0x10/0x10 [ 1877.419609][T19880] ? __kasan_check_write+0x18/0x20 [ 1877.419632][T19880] ? mutex_unlock+0x8b/0x240 [ 1877.419648][T19880] ? __cfi_mutex_unlock+0x10/0x10 [ 1877.419663][T19880] ? __fget_files+0x2c5/0x340 [ 1877.419682][T19880] ? __fget_files+0x2c5/0x340 [ 1877.419702][T19880] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1877.419727][T19880] ? security_file_ioctl+0x34/0xd0 [ 1877.419746][T19880] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 1877.419763][T19880] __se_sys_ioctl+0x135/0x1b0 [ 1877.419783][T19880] __x64_sys_ioctl+0x7f/0xa0 [ 1877.419803][T19880] x64_sys_call+0x1878/0x2ee0 [ 1877.419829][T19880] do_syscall_64+0x58/0xf0 [ 1877.419851][T19880] ? clear_bhb_loop+0x50/0xa0 [ 1877.419872][T19880] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1877.419891][T19880] RIP: 0033:0x7f6b9378f6c9 [ 1877.419908][T19880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1877.419925][T19880] RSP: 002b:00007f6b946b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1877.419963][T19880] RAX: ffffffffffffffda RBX: 00007f6b939e5fa0 RCX: 00007f6b9378f6c9 [ 1877.419979][T19880] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 1877.419991][T19880] RBP: 00007f6b946b1090 R08: 0000000000000000 R09: 0000000000000000 [ 1877.420004][T19880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1877.420017][T19880] R13: 00007f6b939e6038 R14: 00007f6b939e5fa0 R15: 00007ffdb7cb7578 [ 1877.420034][T19880] [ 1878.522072][T19951] FAULT_INJECTION: forcing a failure. [ 1878.522072][T19951] name failslab, interval 1, probability 0, space 0, times 0 [ 1878.550907][T19951] CPU: 1 UID: 0 PID: 19951 Comm: syz.0.56170 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1878.550940][T19951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1878.550952][T19951] Call Trace: [ 1878.550958][T19951] [ 1878.550965][T19951] __dump_stack+0x21/0x30 [ 1878.550993][T19951] dump_stack_lvl+0x10c/0x190 [ 1878.551013][T19951] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1878.551034][T19951] ? __kasan_check_write+0x18/0x20 [ 1878.551059][T19951] ? proc_fail_nth_write+0x17e/0x210 [ 1878.551081][T19951] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1878.551109][T19951] dump_stack+0x19/0x20 [ 1878.551130][T19951] should_fail_ex+0x3d9/0x530 [ 1878.551148][T19951] should_failslab+0xac/0x100 [ 1878.551168][T19951] kmem_cache_alloc_noprof+0x42/0x430 [ 1878.551186][T19951] ? getname_flags+0xc6/0x710 [ 1878.551204][T19951] getname_flags+0xc6/0x710 [ 1878.551222][T19951] ? build_open_flags+0x487/0x600 [ 1878.551246][T19951] getname+0x1b/0x30 [ 1878.551267][T19951] do_sys_openat2+0xcb/0x1c0 [ 1878.551290][T19951] ? fput+0x1a5/0x240 [ 1878.551310][T19951] ? do_sys_open+0x100/0x100 [ 1878.551332][T19951] ? ksys_write+0x1ef/0x250 [ 1878.551349][T19951] ? __cfi_ksys_write+0x10/0x10 [ 1878.551367][T19951] __x64_sys_openat+0x13a/0x170 [ 1878.551391][T19951] x64_sys_call+0xe69/0x2ee0 [ 1878.551415][T19951] do_syscall_64+0x58/0xf0 [ 1878.551438][T19951] ? clear_bhb_loop+0x50/0xa0 [ 1878.551460][T19951] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1878.551480][T19951] RIP: 0033:0x7f6b9378df10 [ 1878.551497][T19951] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1878.551514][T19951] RSP: 002b:00007f6b946b0f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1878.551535][T19951] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6b9378df10 [ 1878.551550][T19951] RDX: 0000000000000002 RSI: 00007f6b946b0fa0 RDI: 00000000ffffff9c [ 1878.551563][T19951] RBP: 00007f6b946b0fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1878.551576][T19951] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1878.551588][T19951] R13: 00007f6b939e6038 R14: 00007f6b939e5fa0 R15: 00007ffdb7cb7578 [ 1878.551605][T19951] [ 1879.565967][T20054] FAULT_INJECTION: forcing a failure. [ 1879.565967][T20054] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1879.608783][T20054] CPU: 1 UID: 0 PID: 20054 Comm: syz.3.56216 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1879.608818][T20054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1879.608830][T20054] Call Trace: [ 1879.608837][T20054] [ 1879.608846][T20054] __dump_stack+0x21/0x30 [ 1879.608875][T20054] dump_stack_lvl+0x10c/0x190 [ 1879.608898][T20054] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1879.608923][T20054] dump_stack+0x19/0x20 [ 1879.608949][T20054] should_fail_ex+0x3d9/0x530 [ 1879.608969][T20054] should_fail+0xf/0x20 [ 1879.608986][T20054] should_fail_usercopy+0x1e/0x30 [ 1879.609006][T20054] _copy_from_user+0x22/0xb0 [ 1879.609028][T20054] lo_ioctl+0x52c/0x1d50 [ 1879.609052][T20054] ? __cfi_lo_ioctl+0x10/0x10 [ 1879.609073][T20054] ? stack_depot_save_flags+0x38/0x800 [ 1879.609099][T20054] ? stack_trace_save+0x9d/0xe0 [ 1879.609125][T20054] ? kasan_save_track+0x4f/0x80 [ 1879.609145][T20054] ? kasan_save_track+0x3e/0x80 [ 1879.609164][T20054] ? kasan_save_alloc_info+0x40/0x50 [ 1879.609188][T20054] ? __kasan_slab_alloc+0x73/0x90 [ 1879.609208][T20054] ? kmem_cache_alloc_noprof+0x1cb/0x430 [ 1879.609226][T20054] ? security_inode_alloc+0x51/0x200 [ 1879.609253][T20054] ? inode_init_always_gfp+0x756/0x9e0 [ 1879.609274][T20054] ? alloc_inode+0xc5/0x270 [ 1879.609293][T20054] ? new_inode+0x25/0x1e0 [ 1879.609313][T20054] ? proc_pid_make_inode+0x25/0x140 [ 1879.609333][T20054] ? proc_pident_instantiate+0x6d/0x2c0 [ 1879.609353][T20054] ? proc_pident_lookup+0x1c7/0x270 [ 1879.609372][T20054] ? proc_tid_base_lookup+0x2f/0x40 [ 1879.609396][T20054] ? path_openat+0x1301/0x34b0 [ 1879.609418][T20054] ? do_filp_open+0x1c6/0x3e0 [ 1879.609439][T20054] ? do_sys_openat2+0x12c/0x1c0 [ 1879.609461][T20054] ? __x64_sys_openat+0x13a/0x170 [ 1879.609485][T20054] ? x64_sys_call+0xe69/0x2ee0 [ 1879.609509][T20054] ? do_syscall_64+0x58/0xf0 [ 1879.609532][T20054] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1879.609555][T20054] ? avc_has_perm_noaudit+0x268/0x360 [ 1879.609580][T20054] ? __asan_memcpy+0x5a/0x80 [ 1879.609598][T20054] ? avc_has_perm_noaudit+0x286/0x360 [ 1879.609623][T20054] ? avc_has_perm+0x144/0x220 [ 1879.609646][T20054] ? __cfi_avc_has_perm+0x10/0x10 [ 1879.609669][T20054] ? kasan_save_alloc_info+0x40/0x50 [ 1879.609696][T20054] ? selinux_file_open+0x457/0x610 [ 1879.609718][T20054] ? __cfi_selinux_file_open+0x10/0x10 [ 1879.609742][T20054] ? avc_has_extended_perms+0x7c7/0xdd0 [ 1879.609767][T20054] ? __asan_memcpy+0x5a/0x80 [ 1879.609784][T20054] ? avc_has_extended_perms+0x921/0xdd0 [ 1879.609810][T20054] ? do_vfs_ioctl+0xeda/0x1e30 [ 1879.609829][T20054] ? arch_stack_walk+0x10b/0x170 [ 1879.609846][T20054] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 1879.609868][T20054] ? _parse_integer+0x2e/0x40 [ 1879.609895][T20054] ? blkdev_common_ioctl+0x10e4/0x2810 [ 1879.609921][T20054] ? blkdev_bszset+0x220/0x220 [ 1879.609945][T20054] ? has_cap_mac_admin+0xd0/0xd0 [ 1879.609967][T20054] ? proc_fail_nth_write+0x17e/0x210 [ 1879.609994][T20054] ? __kasan_check_write+0x18/0x20 [ 1879.610020][T20054] ? mutex_unlock+0x8b/0x240 [ 1879.610037][T20054] ? __cfi_mutex_unlock+0x10/0x10 [ 1879.610054][T20054] ? __fget_files+0x2c5/0x340 [ 1879.610075][T20054] ? __cfi_lo_ioctl+0x10/0x10 [ 1879.610100][T20054] blkdev_ioctl+0x546/0x680 [ 1879.610124][T20054] ? __cfi_blkdev_ioctl+0x10/0x10 [ 1879.610148][T20054] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1879.610172][T20054] ? security_file_ioctl+0x34/0xd0 [ 1879.610192][T20054] ? __cfi_blkdev_ioctl+0x10/0x10 [ 1879.610215][T20054] __se_sys_ioctl+0x135/0x1b0 [ 1879.610235][T20054] __x64_sys_ioctl+0x7f/0xa0 [ 1879.610255][T20054] x64_sys_call+0x1878/0x2ee0 [ 1879.610279][T20054] do_syscall_64+0x58/0xf0 [ 1879.610301][T20054] ? clear_bhb_loop+0x50/0xa0 [ 1879.610322][T20054] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1879.610341][T20054] RIP: 0033:0x7f735e38f6c9 [ 1879.610358][T20054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1879.610374][T20054] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1879.610396][T20054] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1879.610412][T20054] RDX: 00002000000004c0 RSI: 0000000000004c0a RDI: 0000000000000009 [ 1879.610429][T20054] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1879.610443][T20054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1879.610455][T20054] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1879.610473][T20054] [ 1880.330123][T20075] FAULT_INJECTION: forcing a failure. [ 1880.330123][T20075] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.365909][T20075] CPU: 1 UID: 0 PID: 20075 Comm: syz.3.56228 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1880.365938][T20075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1880.365950][T20075] Call Trace: [ 1880.365956][T20075] [ 1880.365964][T20075] __dump_stack+0x21/0x30 [ 1880.365991][T20075] dump_stack_lvl+0x10c/0x190 [ 1880.366013][T20075] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1880.366045][T20075] dump_stack+0x19/0x20 [ 1880.366066][T20075] should_fail_ex+0x3d9/0x530 [ 1880.366085][T20075] should_failslab+0xac/0x100 [ 1880.366105][T20075] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 1880.366126][T20075] ? rust_helper_krealloc+0x33/0xd0 [ 1880.366153][T20075] krealloc_noprof+0x8d/0x130 [ 1880.366171][T20075] rust_helper_krealloc+0x33/0xd0 [ 1880.366195][T20075] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 1880.366219][T20075] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 1880.366241][T20075] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 1880.366264][T20075] ? inode_init_always_gfp+0x756/0x9e0 [ 1880.366281][T20075] ? alloc_inode+0xc5/0x270 [ 1880.366299][T20075] ? proc_pident_instantiate+0x6d/0x2c0 [ 1880.366317][T20075] ? proc_pident_lookup+0x1c7/0x270 [ 1880.366334][T20075] ? path_openat+0x1301/0x34b0 [ 1880.366353][T20075] ? do_sys_openat2+0x12c/0x1c0 [ 1880.366372][T20075] ? __x64_sys_openat+0x13a/0x170 [ 1880.366393][T20075] ? x64_sys_call+0xe69/0x2ee0 [ 1880.366415][T20075] ? do_syscall_64+0x58/0xf0 [ 1880.366436][T20075] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1880.366456][T20075] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 1880.366480][T20075] ? avc_has_perm_noaudit+0x268/0x360 [ 1880.366503][T20075] ? __asan_memcpy+0x5a/0x80 [ 1880.366519][T20075] ? avc_has_perm_noaudit+0x286/0x360 [ 1880.366544][T20075] ? avc_has_perm+0x144/0x220 [ 1880.366566][T20075] ? __cfi_avc_has_perm+0x10/0x10 [ 1880.366587][T20075] ? kasan_save_alloc_info+0x40/0x50 [ 1880.366610][T20075] ? selinux_file_open+0x457/0x610 [ 1880.366631][T20075] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 1880.366655][T20075] ? avc_has_extended_perms+0x7c7/0xdd0 [ 1880.366677][T20075] ? __asan_memcpy+0x5a/0x80 [ 1880.366692][T20075] ? avc_has_extended_perms+0x921/0xdd0 [ 1880.366714][T20075] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 1880.366738][T20075] ? do_vfs_ioctl+0xeda/0x1e30 [ 1880.366756][T20075] ? arch_stack_walk+0x10b/0x170 [ 1880.366772][T20075] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 1880.366793][T20075] ? _parse_integer+0x2e/0x40 [ 1880.366819][T20075] ? ioctl_has_perm+0x384/0x4d0 [ 1880.366839][T20075] ? has_cap_mac_admin+0xd0/0xd0 [ 1880.366859][T20075] ? proc_fail_nth_write+0x17e/0x210 [ 1880.366880][T20075] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1880.366903][T20075] ? selinux_file_ioctl+0x6e0/0x1360 [ 1880.366924][T20075] ? vfs_write+0x93e/0xf30 [ 1880.366940][T20075] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 1880.366961][T20075] ? __cfi_vfs_write+0x10/0x10 [ 1880.366977][T20075] ? __kasan_check_write+0x18/0x20 [ 1880.367001][T20075] ? mutex_unlock+0x8b/0x240 [ 1880.367022][T20075] ? __cfi_mutex_unlock+0x10/0x10 [ 1880.367038][T20075] ? __fget_files+0x2c5/0x340 [ 1880.367058][T20075] ? __fget_files+0x2c5/0x340 [ 1880.367075][T20075] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 1880.367098][T20075] ? __se_sys_ioctl+0x114/0x1b0 [ 1880.367116][T20075] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 1880.367141][T20075] __se_sys_ioctl+0x135/0x1b0 [ 1880.367159][T20075] __x64_sys_ioctl+0x7f/0xa0 [ 1880.367177][T20075] x64_sys_call+0x1878/0x2ee0 [ 1880.367200][T20075] do_syscall_64+0x58/0xf0 [ 1880.367221][T20075] ? clear_bhb_loop+0x50/0xa0 [ 1880.367239][T20075] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1880.367257][T20075] RIP: 0033:0x7f735e38f6c9 [ 1880.367273][T20075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1880.367290][T20075] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1880.367311][T20075] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1880.367326][T20075] RDX: 0000000000000000 RSI: 00000000c0306201 RDI: 0000000000000007 [ 1880.367339][T20075] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1880.367352][T20075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1880.367364][T20075] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1880.367381][T20075] [ 1881.819079][T20219] FAULT_INJECTION: forcing a failure. [ 1881.819079][T20219] name failslab, interval 1, probability 0, space 0, times 0 [ 1881.833307][T20219] CPU: 0 UID: 0 PID: 20219 Comm: syz.3.56295 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1881.833339][T20219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1881.833349][T20219] Call Trace: [ 1881.833356][T20219] [ 1881.833364][T20219] __dump_stack+0x21/0x30 [ 1881.833393][T20219] dump_stack_lvl+0x10c/0x190 [ 1881.833416][T20219] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1881.833441][T20219] dump_stack+0x19/0x20 [ 1881.833462][T20219] should_fail_ex+0x3d9/0x530 [ 1881.833482][T20219] should_failslab+0xac/0x100 [ 1881.833503][T20219] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 1881.833523][T20219] ? rust_helper_krealloc+0x33/0xd0 [ 1881.833551][T20219] krealloc_noprof+0x8d/0x130 [ 1881.833570][T20219] rust_helper_krealloc+0x33/0xd0 [ 1881.833594][T20219] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 1881.833621][T20219] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 1881.833655][T20219] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 1881.833680][T20219] ? inode_init_always_gfp+0x756/0x9e0 [ 1881.833698][T20219] ? alloc_inode+0xc5/0x270 [ 1881.833716][T20219] ? proc_pident_instantiate+0x6d/0x2c0 [ 1881.833735][T20219] ? proc_pident_lookup+0x1c7/0x270 [ 1881.833752][T20219] ? path_openat+0x1301/0x34b0 [ 1881.833773][T20219] ? do_sys_openat2+0x12c/0x1c0 [ 1881.833792][T20219] ? __x64_sys_openat+0x13a/0x170 [ 1881.833812][T20219] ? x64_sys_call+0xe69/0x2ee0 [ 1881.833835][T20219] ? do_syscall_64+0x58/0xf0 [ 1881.833855][T20219] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1881.833875][T20219] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 1881.833897][T20219] ? avc_has_perm_noaudit+0x268/0x360 [ 1881.833922][T20219] ? __asan_memcpy+0x5a/0x80 [ 1881.833939][T20219] ? avc_has_perm_noaudit+0x286/0x360 [ 1881.833963][T20219] ? avc_has_perm+0x144/0x220 [ 1881.833985][T20219] ? __cfi_avc_has_perm+0x10/0x10 [ 1881.834005][T20219] ? kasan_save_alloc_info+0x40/0x50 [ 1881.834028][T20219] ? selinux_file_open+0x457/0x610 [ 1881.834048][T20219] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1cc/0x2cf0 [ 1881.834075][T20219] ? avc_has_extended_perms+0x7c7/0xdd0 [ 1881.834099][T20219] ? __asan_memcpy+0x5a/0x80 [ 1881.834116][T20219] ? avc_has_extended_perms+0x921/0xdd0 [ 1881.834139][T20219] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 1881.834164][T20219] ? do_vfs_ioctl+0xeda/0x1e30 [ 1881.834183][T20219] ? arch_stack_walk+0x10b/0x170 [ 1881.834200][T20219] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 1881.834222][T20219] ? _parse_integer+0x2e/0x40 [ 1881.834250][T20219] ? ioctl_has_perm+0x384/0x4d0 [ 1881.834272][T20219] ? has_cap_mac_admin+0xd0/0xd0 [ 1881.834293][T20219] ? proc_fail_nth_write+0x17e/0x210 [ 1881.834316][T20219] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1881.834340][T20219] ? selinux_file_ioctl+0x6e0/0x1360 [ 1881.834361][T20219] ? vfs_write+0x93e/0xf30 [ 1881.834377][T20219] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 1881.834399][T20219] ? __cfi_vfs_write+0x10/0x10 [ 1881.834416][T20219] ? __kasan_check_write+0x18/0x20 [ 1881.834440][T20219] ? mutex_unlock+0x8b/0x240 [ 1881.834458][T20219] ? __cfi_mutex_unlock+0x10/0x10 [ 1881.834474][T20219] ? __fget_files+0x2c5/0x340 [ 1881.834494][T20219] ? __fget_files+0x2c5/0x340 [ 1881.834513][T20219] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 1881.834541][T20219] ? __se_sys_ioctl+0x114/0x1b0 [ 1881.834560][T20219] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 1881.834587][T20219] __se_sys_ioctl+0x135/0x1b0 [ 1881.834606][T20219] __x64_sys_ioctl+0x7f/0xa0 [ 1881.834625][T20219] x64_sys_call+0x1878/0x2ee0 [ 1881.834657][T20219] do_syscall_64+0x58/0xf0 [ 1881.834676][T20219] ? clear_bhb_loop+0x50/0xa0 [ 1881.834692][T20219] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1881.834707][T20219] RIP: 0033:0x7f735e38f6c9 [ 1881.834722][T20219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1881.834736][T20219] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1881.834756][T20219] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1881.834768][T20219] RDX: 0000000000000000 RSI: 000000004018620d RDI: 0000000000000008 [ 1881.834779][T20219] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1881.834791][T20219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1881.834801][T20219] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1881.834814][T20219] [ 1882.513297][T20255] FAULT_INJECTION: forcing a failure. [ 1882.513297][T20255] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1882.561786][T20255] CPU: 1 UID: 0 PID: 20255 Comm: syz.0.56314 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1882.561817][T20255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1882.561837][T20255] Call Trace: [ 1882.561843][T20255] [ 1882.561851][T20255] __dump_stack+0x21/0x30 [ 1882.561879][T20255] dump_stack_lvl+0x10c/0x190 [ 1882.561901][T20255] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1882.561923][T20255] ? check_stack_object+0x107/0x140 [ 1882.561940][T20255] dump_stack+0x19/0x20 [ 1882.561961][T20255] should_fail_ex+0x3d9/0x530 [ 1882.561980][T20255] should_fail+0xf/0x20 [ 1882.561995][T20255] should_fail_usercopy+0x1e/0x30 [ 1882.562012][T20255] _copy_from_user+0x22/0xb0 [ 1882.562032][T20255] copy_clone_args_from_user+0x1ec/0x6a0 [ 1882.562056][T20255] ? __delayed_free_task+0x40/0x40 [ 1882.562078][T20255] ? proc_fail_nth_write+0x17e/0x210 [ 1882.562102][T20255] ? bpf_lsm_file_permission+0xd/0x20 [ 1882.562127][T20255] __se_sys_clone3+0xf2/0x2d0 [ 1882.562150][T20255] ? __x64_sys_clone3+0x80/0x80 [ 1882.562186][T20255] ? __kasan_check_write+0x18/0x20 [ 1882.562212][T20255] ? fput+0x1a5/0x240 [ 1882.562234][T20255] ? __kasan_check_read+0x15/0x20 [ 1882.562260][T20255] __x64_sys_clone3+0x5f/0x80 [ 1882.562281][T20255] x64_sys_call+0x28fc/0x2ee0 [ 1882.562306][T20255] do_syscall_64+0x58/0xf0 [ 1882.562328][T20255] ? clear_bhb_loop+0x50/0xa0 [ 1882.562346][T20255] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1882.562366][T20255] RIP: 0033:0x7f6b9378f6c9 [ 1882.562381][T20255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1882.562396][T20255] RSP: 002b:00007f6b946b0f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1882.562417][T20255] RAX: ffffffffffffffda RBX: 000000000000007a RCX: 00007f6b9378f6c9 [ 1882.562432][T20255] RDX: 00007f6b946b0f20 RSI: 000000000000007a RDI: 00007f6b946b0f20 [ 1882.562445][T20255] RBP: 00007f6b946b1090 R08: 0000000000000000 R09: 000000000000007a [ 1882.562458][T20255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1882.562471][T20255] R13: 00007f6b939e6038 R14: 00007f6b939e5fa0 R15: 00007ffdb7cb7578 [ 1882.562487][T20255] [ 1883.646123][T20315] FAULT_INJECTION: forcing a failure. [ 1883.646123][T20315] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1883.659374][T20315] CPU: 1 UID: 0 PID: 20315 Comm: syz.1.56340 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1883.659421][T20315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1883.659432][T20315] Call Trace: [ 1883.659438][T20315] [ 1883.659446][T20315] __dump_stack+0x21/0x30 [ 1883.659473][T20315] dump_stack_lvl+0x10c/0x190 [ 1883.659495][T20315] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1883.659518][T20315] dump_stack+0x19/0x20 [ 1883.659539][T20315] should_fail_ex+0x3d9/0x530 [ 1883.659557][T20315] should_fail+0xf/0x20 [ 1883.659573][T20315] should_fail_usercopy+0x1e/0x30 [ 1883.659592][T20315] _copy_from_user+0x22/0xb0 [ 1883.659613][T20315] inet6_ioctl+0x17c/0x280 [ 1883.659636][T20315] ? __cfi_inet6_ioctl+0x10/0x10 [ 1883.659659][T20315] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1883.659683][T20315] sock_do_ioctl+0x105/0x330 [ 1883.659703][T20315] ? sock_show_fdinfo+0xd0/0xd0 [ 1883.659721][T20315] ? __cfi_vfs_write+0x10/0x10 [ 1883.659747][T20315] ? __kasan_check_write+0x18/0x20 [ 1883.659771][T20315] ? mutex_unlock+0x8b/0x240 [ 1883.659788][T20315] sock_ioctl+0x634/0x7b0 [ 1883.659805][T20315] ? __cfi_sock_ioctl+0x10/0x10 [ 1883.659822][T20315] ? __fget_files+0x2c5/0x340 [ 1883.659841][T20315] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1883.659863][T20315] ? security_file_ioctl+0x34/0xd0 [ 1883.659882][T20315] ? __cfi_sock_ioctl+0x10/0x10 [ 1883.659898][T20315] __se_sys_ioctl+0x135/0x1b0 [ 1883.659917][T20315] __x64_sys_ioctl+0x7f/0xa0 [ 1883.659935][T20315] x64_sys_call+0x1878/0x2ee0 [ 1883.659959][T20315] do_syscall_64+0x58/0xf0 [ 1883.659980][T20315] ? clear_bhb_loop+0x50/0xa0 [ 1883.660000][T20315] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1883.660018][T20315] RIP: 0033:0x7f8050b8f6c9 [ 1883.660033][T20315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1883.660047][T20315] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1883.660066][T20315] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1883.660080][T20315] RDX: 0000200000000800 RSI: 000000000000890b RDI: 0000000000000009 [ 1883.660092][T20315] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1883.660104][T20315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1883.660115][T20315] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1883.660131][T20315] [ 1884.145294][ T36] audit: type=1400 audit(1763277040.820:335): avc: denied { read } for pid=20355 comm="syz.3.56357" dev="sockfs" ino=907065 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1884.201654][ T36] audit: type=1400 audit(1763277040.840:336): avc: denied { lock } for pid=20355 comm="syz.3.56357" path="socket:[907074]" dev="sockfs" ino=907074 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 1884.253936][T20365] tipc: Enabling of bearer rejected, failed to enable media [ 1884.308715][ T36] audit: type=1400 audit(1763277040.980:337): avc: denied { create } for pid=20373 comm="syz.0.56367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 1884.617222][T20413] FAULT_INJECTION: forcing a failure. [ 1884.617222][T20413] name failslab, interval 1, probability 0, space 0, times 0 [ 1884.648804][T20413] CPU: 0 UID: 0 PID: 20413 Comm: syz.2.56383 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1884.648835][T20413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1884.648847][T20413] Call Trace: [ 1884.648852][T20413] [ 1884.648860][T20413] __dump_stack+0x21/0x30 [ 1884.648887][T20413] dump_stack_lvl+0x10c/0x190 [ 1884.648908][T20413] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1884.648927][T20413] ? __kasan_check_write+0x18/0x20 [ 1884.648950][T20413] ? proc_fail_nth_write+0x17e/0x210 [ 1884.648971][T20413] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1884.648990][T20413] dump_stack+0x19/0x20 [ 1884.649010][T20413] should_fail_ex+0x3d9/0x530 [ 1884.649027][T20413] should_failslab+0xac/0x100 [ 1884.649045][T20413] kmem_cache_alloc_noprof+0x42/0x430 [ 1884.649062][T20413] ? getname_flags+0xc6/0x710 [ 1884.649081][T20413] getname_flags+0xc6/0x710 [ 1884.649096][T20413] ? build_open_flags+0x487/0x600 [ 1884.649118][T20413] getname+0x1b/0x30 [ 1884.649133][T20413] do_sys_openat2+0xcb/0x1c0 [ 1884.649153][T20413] ? fput+0x1a5/0x240 [ 1884.649173][T20413] ? do_sys_open+0x100/0x100 [ 1884.649193][T20413] ? ksys_write+0x1ef/0x250 [ 1884.649208][T20413] ? __cfi_ksys_write+0x10/0x10 [ 1884.649226][T20413] __x64_sys_openat+0x13a/0x170 [ 1884.649248][T20413] x64_sys_call+0xe69/0x2ee0 [ 1884.649272][T20413] do_syscall_64+0x58/0xf0 [ 1884.649294][T20413] ? clear_bhb_loop+0x50/0xa0 [ 1884.649313][T20413] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1884.649332][T20413] RIP: 0033:0x7f92aa78df10 [ 1884.649347][T20413] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1884.649363][T20413] RSP: 002b:00007f92ab602f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1884.649393][T20413] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f92aa78df10 [ 1884.649407][T20413] RDX: 0000000000000000 RSI: 00007f92aa81207e RDI: 00000000ffffff9c [ 1884.649419][T20413] RBP: 00007f92aa81207e R08: 0000000000000000 R09: 0000000000000000 [ 1884.649431][T20413] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1884.649443][T20413] R13: 00007f92aa9e6038 R14: 00007f92aa9e5fa0 R15: 00007ffea55b0808 [ 1884.649460][T20413] [ 1886.029496][T20479] batadv_slave_1: entered promiscuous mode [ 1886.043392][T20478] batadv_slave_1: left promiscuous mode [ 1887.240848][T20583] batadv_slave_1: entered promiscuous mode [ 1887.247017][T20582] batadv_slave_1: left promiscuous mode [ 1888.037958][T20622] FAULT_INJECTION: forcing a failure. [ 1888.037958][T20622] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1888.068823][T20622] CPU: 0 UID: 0 PID: 20622 Comm: syz.3.56480 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1888.068855][T20622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1888.068867][T20622] Call Trace: [ 1888.068873][T20622] [ 1888.068880][T20622] __dump_stack+0x21/0x30 [ 1888.068908][T20622] dump_stack_lvl+0x10c/0x190 [ 1888.068931][T20622] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1888.068955][T20622] ? kstrtoull+0x13b/0x1e0 [ 1888.068972][T20622] dump_stack+0x19/0x20 [ 1888.068991][T20622] should_fail_ex+0x3d9/0x530 [ 1888.069017][T20622] should_fail+0xf/0x20 [ 1888.069034][T20622] should_fail_usercopy+0x1e/0x30 [ 1888.069052][T20622] _copy_from_user+0x22/0xb0 [ 1888.069074][T20622] ___sys_sendmsg+0x159/0x2a0 [ 1888.069098][T20622] ? __sys_sendmsg+0x280/0x280 [ 1888.069121][T20622] ? proc_fail_nth_write+0x17e/0x210 [ 1888.069143][T20622] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1888.069171][T20622] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1888.069195][T20622] ? fput+0x1a5/0x240 [ 1888.069216][T20622] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1888.069239][T20622] ? ksys_write+0x1ef/0x250 [ 1888.069256][T20622] ? __kasan_check_read+0x15/0x20 [ 1888.069280][T20622] x64_sys_call+0x2a4c/0x2ee0 [ 1888.069304][T20622] do_syscall_64+0x58/0xf0 [ 1888.069324][T20622] ? clear_bhb_loop+0x50/0xa0 [ 1888.069343][T20622] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1888.069361][T20622] RIP: 0033:0x7f735e38f6c9 [ 1888.069377][T20622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1888.069394][T20622] RSP: 002b:00007f735f2b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1888.069415][T20622] RAX: ffffffffffffffda RBX: 00007f735e5e5fa0 RCX: 00007f735e38f6c9 [ 1888.069429][T20622] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007 [ 1888.069442][T20622] RBP: 00007f735f2b2090 R08: 0000000000000000 R09: 0000000000000000 [ 1888.069455][T20622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1888.069467][T20622] R13: 00007f735e5e6038 R14: 00007f735e5e5fa0 R15: 00007ffd91ad4938 [ 1888.069482][T20622] [ 1888.772231][T20658] bridge0: port 1(bridge_slave_0) entered blocking state [ 1888.784910][T20658] bridge0: port 1(bridge_slave_0) entered disabled state [ 1888.808845][T20658] bridge_slave_0: entered allmulticast mode [ 1888.823158][T20658] bridge_slave_0: entered promiscuous mode [ 1888.840472][ T8937] bridge_slave_1: left allmulticast mode [ 1888.846145][ T8937] bridge_slave_1: left promiscuous mode [ 1888.858851][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 1888.866493][ T8937] bridge_slave_0: left allmulticast mode [ 1888.878830][ T8937] bridge_slave_0: left promiscuous mode [ 1888.884465][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 1888.977010][T20658] bridge0: port 2(bridge_slave_1) entered blocking state [ 1888.996649][T20658] bridge0: port 2(bridge_slave_1) entered disabled state [ 1889.014011][T20658] bridge_slave_1: entered allmulticast mode [ 1889.029262][T20658] bridge_slave_1: entered promiscuous mode [ 1889.039770][ T8937] veth1_macvtap: left promiscuous mode [ 1889.045307][ T8937] veth0_vlan: left promiscuous mode [ 1889.283495][T20658] bridge0: port 2(bridge_slave_1) entered blocking state [ 1889.290586][T20658] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1889.297898][T20658] bridge0: port 1(bridge_slave_0) entered blocking state [ 1889.304970][T20658] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1889.382699][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1889.390036][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1889.429973][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1889.437046][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1889.459124][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1889.466183][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1889.511596][T20658] veth0_vlan: entered promiscuous mode [ 1889.535521][T20658] veth1_macvtap: entered promiscuous mode [ 1890.051397][T20741] netlink: 'syz.0.56534': attribute type 10 has an invalid length. [ 1890.069632][T20741] netlink: 40 bytes leftover after parsing attributes in process `syz.0.56534'. [ 1890.078699][T20741] veth1: entered promiscuous mode [ 1891.630403][T20847] batadv_slave_1: entered promiscuous mode [ 1891.645915][T20846] batadv_slave_1: left promiscuous mode [ 1895.416109][T21113] batadv_slave_1: entered promiscuous mode [ 1895.429149][T21112] batadv_slave_1: left promiscuous mode [ 1901.682327][T21600] batadv_slave_1: entered promiscuous mode [ 1901.698238][T21599] batadv_slave_1: left promiscuous mode [ 1901.950242][T21665] batadv_slave_1: entered promiscuous mode [ 1901.956406][T21664] batadv_slave_1: left promiscuous mode [ 1902.311835][ T8937] bridge_slave_1: left allmulticast mode [ 1902.317501][ T8937] bridge_slave_1: left promiscuous mode [ 1902.328857][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 1902.346715][ T8937] bridge_slave_0: left allmulticast mode [ 1902.367060][ T8937] bridge_slave_0: left promiscuous mode [ 1902.372911][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 1902.513188][ T8937] veth1_macvtap: left promiscuous mode [ 1902.522215][ T8937] veth0_vlan: left promiscuous mode [ 1902.685592][T21705] bridge0: port 1(bridge_slave_0) entered blocking state [ 1902.699854][T21705] bridge0: port 1(bridge_slave_0) entered disabled state [ 1902.706937][T21705] bridge_slave_0: entered allmulticast mode [ 1902.732315][T21705] bridge_slave_0: entered promiscuous mode [ 1902.739081][T21705] bridge0: port 2(bridge_slave_1) entered blocking state [ 1902.746113][T21705] bridge0: port 2(bridge_slave_1) entered disabled state [ 1902.753423][T21705] bridge_slave_1: entered allmulticast mode [ 1902.759879][T21705] bridge_slave_1: entered promiscuous mode [ 1902.896827][T21705] bridge0: port 2(bridge_slave_1) entered blocking state [ 1902.903915][T21705] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1902.911216][T21705] bridge0: port 1(bridge_slave_0) entered blocking state [ 1902.918247][T21705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1902.943513][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 1902.959291][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 1902.976177][T18579] bridge0: port 1(bridge_slave_0) entered blocking state [ 1902.983254][T18579] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1903.007039][ T8937] bridge0: port 2(bridge_slave_1) entered blocking state [ 1903.014096][ T8937] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1903.064369][T21705] veth0_vlan: entered promiscuous mode [ 1903.082918][T21705] veth1_macvtap: entered promiscuous mode [ 1903.760483][T21839] FAULT_INJECTION: forcing a failure. [ 1903.760483][T21839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1903.773900][T21839] CPU: 1 UID: 0 PID: 21839 Comm: syz.1.57051 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1903.773931][T21839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1903.773943][T21839] Call Trace: [ 1903.773949][T21839] [ 1903.773957][T21839] __dump_stack+0x21/0x30 [ 1903.773983][T21839] dump_stack_lvl+0x10c/0x190 [ 1903.774004][T21839] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1903.774026][T21839] ? avc_has_perm_noaudit+0x286/0x360 [ 1903.774052][T21839] dump_stack+0x19/0x20 [ 1903.774073][T21839] should_fail_ex+0x3d9/0x530 [ 1903.774090][T21839] should_fail+0xf/0x20 [ 1903.774106][T21839] should_fail_usercopy+0x1e/0x30 [ 1903.774123][T21839] _copy_from_iter+0x1a3/0x14d0 [ 1903.774143][T21839] ? selinux_file_open+0x457/0x610 [ 1903.774163][T21839] ? __cfi_selinux_file_open+0x10/0x10 [ 1903.774183][T21839] ? __cfi__copy_from_iter+0x10/0x10 [ 1903.774203][T21839] ? txopt_get+0x184/0x210 [ 1903.774222][T21839] ? fl6_sock_lookup+0xe0/0xe0 [ 1903.774240][T21839] ? __ipv6_fixup_options+0x75/0x140 [ 1903.774261][T21839] rawv6_sendmsg+0xafa/0x17d0 [ 1903.774281][T21839] ? __cfi_avc_has_perm+0x10/0x10 [ 1903.774304][T21839] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 1903.774321][T21839] ? unwind_get_return_address+0x51/0x90 [ 1903.774343][T21839] ? selinux_socket_sendmsg+0x284/0x380 [ 1903.774370][T21839] ? avc_has_perm+0x144/0x220 [ 1903.774393][T21839] ? inet_send_prepare+0x64/0x4f0 [ 1903.774409][T21839] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 1903.774428][T21839] inet_sendmsg+0x116/0x120 [ 1903.774444][T21839] sock_write_iter+0x3cb/0x4f0 [ 1903.774463][T21839] ? __cfi_sock_write_iter+0x10/0x10 [ 1903.774482][T21839] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1903.774507][T21839] vfs_write+0x718/0xf30 [ 1903.774524][T21839] ? __cfi_sock_write_iter+0x10/0x10 [ 1903.774543][T21839] ? __cfi_vfs_write+0x10/0x10 [ 1903.774562][T21839] ksys_write+0x141/0x250 [ 1903.774579][T21839] ? __cfi_ksys_write+0x10/0x10 [ 1903.774597][T21839] ? __kasan_check_read+0x15/0x20 [ 1903.774622][T21839] __x64_sys_write+0x7f/0x90 [ 1903.774639][T21839] x64_sys_call+0x271c/0x2ee0 [ 1903.774676][T21839] do_syscall_64+0x58/0xf0 [ 1903.774698][T21839] ? clear_bhb_loop+0x50/0xa0 [ 1903.774719][T21839] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1903.774738][T21839] RIP: 0033:0x7f8050b8f6c9 [ 1903.774754][T21839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1903.774771][T21839] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1903.774792][T21839] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1903.774806][T21839] RDX: 00000000000005ac RSI: 00002000000000c0 RDI: 0000000000000007 [ 1903.774819][T21839] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1903.774832][T21839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1903.774844][T21839] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1903.774860][T21839] [ 1909.195213][ T36] audit: type=1400 audit(1763277065.870:338): avc: denied { accept } for pid=21853 comm="syz.0.57058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1909.496159][T21910] FAULT_INJECTION: forcing a failure. [ 1909.496159][T21910] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1909.518879][T21910] CPU: 1 UID: 0 PID: 21910 Comm: syz.1.57084 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1909.518911][T21910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1909.518924][T21910] Call Trace: [ 1909.518931][T21910] [ 1909.518939][T21910] __dump_stack+0x21/0x30 [ 1909.518968][T21910] dump_stack_lvl+0x10c/0x190 [ 1909.518991][T21910] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1909.519016][T21910] ? kstrtoull+0x13b/0x1e0 [ 1909.519034][T21910] dump_stack+0x19/0x20 [ 1909.519056][T21910] should_fail_ex+0x3d9/0x530 [ 1909.519076][T21910] should_fail+0xf/0x20 [ 1909.519102][T21910] should_fail_usercopy+0x1e/0x30 [ 1909.519122][T21910] _copy_from_user+0x22/0xb0 [ 1909.519144][T21910] ___sys_sendmsg+0x159/0x2a0 [ 1909.519171][T21910] ? __sys_sendmsg+0x280/0x280 [ 1909.519196][T21910] ? proc_fail_nth_write+0x17e/0x210 [ 1909.519220][T21910] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1909.519248][T21910] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1909.519274][T21910] ? fput+0x1a5/0x240 [ 1909.519295][T21910] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1909.519320][T21910] ? ksys_write+0x1ef/0x250 [ 1909.519338][T21910] ? __kasan_check_read+0x15/0x20 [ 1909.519365][T21910] x64_sys_call+0x2a4c/0x2ee0 [ 1909.519390][T21910] do_syscall_64+0x58/0xf0 [ 1909.519412][T21910] ? clear_bhb_loop+0x50/0xa0 [ 1909.519437][T21910] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1909.519456][T21910] RIP: 0033:0x7f8050b8f6c9 [ 1909.519472][T21910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1909.519488][T21910] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1909.519508][T21910] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1909.519523][T21910] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007 [ 1909.519536][T21910] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1909.519549][T21910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1909.519561][T21910] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1909.519579][T21910] [ 1913.293079][T22050] FAULT_INJECTION: forcing a failure. [ 1913.293079][T22050] name failslab, interval 1, probability 0, space 0, times 0 [ 1913.320565][T22050] CPU: 1 UID: 0 PID: 22050 Comm: syz.3.57154 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1913.320596][T22050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1913.320608][T22050] Call Trace: [ 1913.320615][T22050] [ 1913.320623][T22050] __dump_stack+0x21/0x30 [ 1913.320652][T22050] dump_stack_lvl+0x10c/0x190 [ 1913.320673][T22050] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1913.320697][T22050] dump_stack+0x19/0x20 [ 1913.320717][T22050] should_fail_ex+0x3d9/0x530 [ 1913.320736][T22050] should_failslab+0xac/0x100 [ 1913.320754][T22050] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 1913.320772][T22050] ? sock_alloc_inode+0x48/0x150 [ 1913.320792][T22050] ? __kasan_check_write+0x18/0x20 [ 1913.320817][T22050] sock_alloc_inode+0x48/0x150 [ 1913.320835][T22050] ? __cfi_sock_alloc_inode+0x10/0x10 [ 1913.320853][T22050] alloc_inode+0x7a/0x270 [ 1913.320872][T22050] ? bpf_lsm_socket_create+0xd/0x20 [ 1913.320893][T22050] new_inode_pseudo+0x19/0x40 [ 1913.320912][T22050] __sock_create+0x130/0x810 [ 1913.320933][T22050] __sys_socket+0xe2/0x1c0 [ 1913.320953][T22050] __x64_sys_socket+0x7e/0x90 [ 1913.320974][T22050] x64_sys_call+0x2608/0x2ee0 [ 1913.321005][T22050] do_syscall_64+0x58/0xf0 [ 1913.321026][T22050] ? clear_bhb_loop+0x50/0xa0 [ 1913.321045][T22050] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1913.321063][T22050] RIP: 0033:0x7f1ccc98f6c9 [ 1913.321079][T22050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1913.321094][T22050] RSP: 002b:00007f1ccd8d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1913.321115][T22050] RAX: ffffffffffffffda RBX: 00007f1cccbe5fa0 RCX: 00007f1ccc98f6c9 [ 1913.321129][T22050] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000002 [ 1913.321141][T22050] RBP: 00007f1ccd8d0090 R08: 0000000000000000 R09: 0000000000000000 [ 1913.321152][T22050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1913.321164][T22050] R13: 00007f1cccbe6038 R14: 00007f1cccbe5fa0 R15: 00007ffd161f71e8 [ 1913.321180][T22050] [ 1913.321188][T22050] socket: no more sockets [ 1917.228388][ T36] audit: type=1400 audit(1763277073.900:339): avc: denied { write } for pid=22231 comm="syz.0.57239" path="socket:[922749]" dev="sockfs" ino=922749 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1918.096748][T18579] bridge_slave_1: left allmulticast mode [ 1918.108345][T18579] bridge_slave_1: left promiscuous mode [ 1918.115794][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1918.126131][T18579] bridge_slave_0: left allmulticast mode [ 1918.133322][T18579] bridge_slave_0: left promiscuous mode [ 1918.139075][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1918.270024][T22306] bridge0: port 1(bridge_slave_0) entered blocking state [ 1918.277112][T22306] bridge0: port 1(bridge_slave_0) entered disabled state [ 1918.284204][T22306] bridge_slave_0: entered allmulticast mode [ 1918.290404][T22306] bridge_slave_0: entered promiscuous mode [ 1918.296763][T22306] bridge0: port 2(bridge_slave_1) entered blocking state [ 1918.303841][T22306] bridge0: port 2(bridge_slave_1) entered disabled state [ 1918.310964][T22306] bridge_slave_1: entered allmulticast mode [ 1918.317298][T22306] bridge_slave_1: entered promiscuous mode [ 1918.385738][T18579] veth1_macvtap: left promiscuous mode [ 1918.398285][T18579] veth0_vlan: left promiscuous mode [ 1918.530269][T22306] bridge0: port 2(bridge_slave_1) entered blocking state [ 1918.537344][T22306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1918.544661][T22306] bridge0: port 1(bridge_slave_0) entered blocking state [ 1918.551708][T22306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1918.617072][T22306] veth0_vlan: entered promiscuous mode [ 1918.639831][T22306] veth1_macvtap: entered promiscuous mode [ 1918.957639][T22396] FAULT_INJECTION: forcing a failure. [ 1918.957639][T22396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1918.988818][T22396] CPU: 1 UID: 0 PID: 22396 Comm: syz.3.57301 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1918.988850][T22396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1918.988862][T22396] Call Trace: [ 1918.988870][T22396] [ 1918.988878][T22396] __dump_stack+0x21/0x30 [ 1918.988906][T22396] dump_stack_lvl+0x10c/0x190 [ 1918.988929][T22396] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1918.988952][T22396] ? selinux_file_open+0x457/0x610 [ 1918.988975][T22396] dump_stack+0x19/0x20 [ 1918.988997][T22396] should_fail_ex+0x3d9/0x530 [ 1918.989016][T22396] should_fail_alloc_page+0xeb/0x110 [ 1918.989036][T22396] __alloc_pages_noprof+0x19b/0x7b0 [ 1918.989060][T22396] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 1918.989082][T22396] ? is_bpf_text_address+0x17b/0x1a0 [ 1918.989103][T22396] ? __kernel_text_address+0x11/0x40 [ 1918.989124][T22396] ? unwind_get_return_address+0x51/0x90 [ 1918.989146][T22396] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1918.989172][T22396] ? arch_stack_walk+0x10b/0x170 [ 1918.989190][T22396] __folio_alloc_noprof+0x14/0x80 [ 1918.989213][T22396] folio_prealloc+0x46/0x240 [ 1918.989234][T22396] do_pte_missing+0x164c/0x4240 [ 1918.989262][T22396] ? _parse_integer+0x2e/0x40 [ 1918.989289][T22396] ? pte_marker_clear+0x1b0/0x1b0 [ 1918.989310][T22396] ? kstrtouint_from_user+0xfb/0x150 [ 1918.989327][T22396] ? __x64_sys_openat+0x13a/0x170 [ 1918.989350][T22396] ? x64_sys_call+0xe69/0x2ee0 [ 1918.989375][T22396] ? selinux_file_permission+0x309/0xb30 [ 1918.989396][T22396] ? __pte_offset_map+0x1b0/0x230 [ 1918.989421][T22396] ? pte_offset_map_rw_nolock+0xba/0x110 [ 1918.989446][T22396] handle_mm_fault+0x1166/0x1b90 [ 1918.989468][T22396] ? __cfi_handle_mm_fault+0x10/0x10 [ 1918.989487][T22396] ? lock_vma_under_rcu+0x49d/0x540 [ 1918.989509][T22396] ? __kasan_check_write+0x18/0x20 [ 1918.989535][T22396] do_user_addr_fault+0x96c/0x1200 [ 1918.989560][T22396] ? __cfi_ksys_write+0x10/0x10 [ 1918.989579][T22396] exc_page_fault+0x59/0xc0 [ 1918.989598][T22396] asm_exc_page_fault+0x2b/0x30 [ 1918.989617][T22396] RIP: 0033:0x7f1ccc85692a [ 1918.989633][T22396] Code: b2 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 57 41 bf 00 00 c0 fe 41 56 41 55 41 54 45 31 e4 55 53 48 81 ec 08 1b 00 00 <48> 89 7c 24 78 48 8d 9c 24 f0 06 00 00 48 89 74 24 70 48 89 54 24 [ 1918.989650][T22396] RSP: 002b:00007f1ccd8ce4f0 EFLAGS: 00010206 [ 1918.989668][T22396] RAX: 00007f1ccc856910 RBX: 00007f1cccbe5fa0 RCX: 0000200000000380 [ 1918.989682][T22396] RDX: 0000200000fe8000 RSI: 0000000000000009 RDI: ffffffffffffffff [ 1918.989696][T22396] RBP: 00007f1ccd8d0090 R08: 0000000000000001 R09: 0000000000000000 [ 1918.989708][T22396] R10: ffffffffffffffff R11: 0000200000fe8000 R12: 0000000000000000 [ 1918.989721][T22396] R13: 00007f1cccbe6038 R14: 00007f1cccbe5fa0 R15: 00000000fec00000 [ 1918.989738][T22396] [ 1918.989748][T22396] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1919.608847][ T4375] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1919.761452][ T4375] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1919.775769][ T4375] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1919.788786][ T4375] usb 4-1: can't read configurations, error -71 [ 1920.025164][T22468] kvm: user requested TSC rate below hardware speed [ 1920.423097][T22506] FAULT_INJECTION: forcing a failure. [ 1920.423097][T22506] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1920.437268][T22506] CPU: 0 UID: 0 PID: 22506 Comm: syz.1.57367 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1920.437299][T22506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1920.437311][T22506] Call Trace: [ 1920.437317][T22506] [ 1920.437325][T22506] __dump_stack+0x21/0x30 [ 1920.437353][T22506] dump_stack_lvl+0x10c/0x190 [ 1920.437383][T22506] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1920.437406][T22506] ? kstrtoull+0x13b/0x1e0 [ 1920.437423][T22506] dump_stack+0x19/0x20 [ 1920.437445][T22506] should_fail_ex+0x3d9/0x530 [ 1920.437465][T22506] should_fail+0xf/0x20 [ 1920.437481][T22506] should_fail_usercopy+0x1e/0x30 [ 1920.437501][T22506] _copy_from_user+0x22/0xb0 [ 1920.437523][T22506] ___sys_sendmsg+0x159/0x2a0 [ 1920.437550][T22506] ? __sys_sendmsg+0x280/0x280 [ 1920.437575][T22506] ? proc_fail_nth_write+0x17e/0x210 [ 1920.437599][T22506] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1920.437628][T22506] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1920.437653][T22506] ? fput+0x1a5/0x240 [ 1920.437675][T22506] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1920.437700][T22506] ? ksys_write+0x1ef/0x250 [ 1920.437717][T22506] ? __kasan_check_read+0x15/0x20 [ 1920.437742][T22506] x64_sys_call+0x2a4c/0x2ee0 [ 1920.437764][T22506] do_syscall_64+0x58/0xf0 [ 1920.437786][T22506] ? clear_bhb_loop+0x50/0xa0 [ 1920.437806][T22506] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1920.437824][T22506] RIP: 0033:0x7f8050b8f6c9 [ 1920.437839][T22506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1920.437856][T22506] RSP: 002b:00007f8051b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1920.437876][T22506] RAX: ffffffffffffffda RBX: 00007f8050de5fa0 RCX: 00007f8050b8f6c9 [ 1920.437891][T22506] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000006 [ 1920.437904][T22506] RBP: 00007f8051b05090 R08: 0000000000000000 R09: 0000000000000000 [ 1920.437915][T22506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1920.437926][T22506] R13: 00007f8050de6038 R14: 00007f8050de5fa0 R15: 00007ffdb1c07f18 [ 1920.437941][T22506] [ 1923.647409][T22802] kvm: user requested TSC rate below hardware speed [ 1923.757884][T22803] bridge0: port 1(bridge_slave_0) entered blocking state [ 1923.767026][T22803] bridge0: port 1(bridge_slave_0) entered disabled state [ 1923.774192][T22803] bridge_slave_0: entered allmulticast mode [ 1923.783117][T22803] bridge_slave_0: entered promiscuous mode [ 1923.789835][T22803] bridge0: port 2(bridge_slave_1) entered blocking state [ 1923.796941][T22803] bridge0: port 2(bridge_slave_1) entered disabled state [ 1923.806776][T22803] bridge_slave_1: entered allmulticast mode [ 1923.812997][T22803] bridge_slave_1: entered promiscuous mode [ 1923.822317][T18579] bridge_slave_1: left allmulticast mode [ 1923.828018][T18579] bridge_slave_1: left promiscuous mode [ 1923.833724][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1923.841313][T18579] bridge_slave_0: left allmulticast mode [ 1923.846996][T18579] bridge_slave_0: left promiscuous mode [ 1923.852649][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1923.995812][T22803] bridge0: port 2(bridge_slave_1) entered blocking state [ 1924.002901][T22803] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1924.010193][T22803] bridge0: port 1(bridge_slave_0) entered blocking state [ 1924.017209][T22803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1924.044196][T18579] veth1_macvtap: left promiscuous mode [ 1924.049886][T18579] veth0_vlan: left promiscuous mode [ 1924.093709][T22356] bridge0: port 1(bridge_slave_0) entered disabled state [ 1924.101258][T22356] bridge0: port 2(bridge_slave_1) entered disabled state [ 1924.115222][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1924.122302][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1924.130073][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1924.137107][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1924.184428][T22803] veth0_vlan: entered promiscuous mode [ 1924.202429][T22803] veth1_macvtap: entered promiscuous mode [ 1924.221682][T22852] kvm: user requested TSC rate below hardware speed [ 1924.632654][T22893] No source specified [ 1924.927700][T22907] kvm: user requested TSC rate below hardware speed [ 1926.324996][T22995] kvm: user requested TSC rate below hardware speed [ 1926.628727][T23025] kvm: user requested TSC rate below hardware speed [ 1927.040141][T23066] kvm: user requested TSC rate below hardware speed [ 1927.107372][T23071] kvm: user requested TSC rate below hardware speed [ 1927.356431][T23090] kvm: user requested TSC rate below hardware speed [ 1927.412620][T23099] kvm: user requested TSC rate below hardware speed [ 1927.998888][T23188] kvm: user requested TSC rate below hardware speed [ 1928.125054][T23194] kvm: user requested TSC rate below hardware speed [ 1928.465833][T23220] FAULT_INJECTION: forcing a failure. [ 1928.465833][T23220] name failslab, interval 1, probability 0, space 0, times 0 [ 1928.479161][T23220] CPU: 0 UID: 0 PID: 23220 Comm: syz.0.57709 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1928.479193][T23220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1928.479205][T23220] Call Trace: [ 1928.479212][T23220] [ 1928.479219][T23220] __dump_stack+0x21/0x30 [ 1928.479249][T23220] dump_stack_lvl+0x10c/0x190 [ 1928.479272][T23220] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1928.479296][T23220] ? __kasan_check_write+0x18/0x20 [ 1928.479321][T23220] ? proc_fail_nth_write+0x17e/0x210 [ 1928.479345][T23220] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1928.479368][T23220] dump_stack+0x19/0x20 [ 1928.479390][T23220] should_fail_ex+0x3d9/0x530 [ 1928.479408][T23220] should_failslab+0xac/0x100 [ 1928.479429][T23220] kmem_cache_alloc_noprof+0x42/0x430 [ 1928.479447][T23220] ? getname_flags+0xc6/0x710 [ 1928.479466][T23220] getname_flags+0xc6/0x710 [ 1928.479484][T23220] ? build_open_flags+0x487/0x600 [ 1928.479509][T23220] getname+0x1b/0x30 [ 1928.479526][T23220] do_sys_openat2+0xcb/0x1c0 [ 1928.479548][T23220] ? fput+0x1a5/0x240 [ 1928.479568][T23220] ? do_sys_open+0x100/0x100 [ 1928.479590][T23220] ? ksys_write+0x1ef/0x250 [ 1928.479607][T23220] ? __cfi_ksys_write+0x10/0x10 [ 1928.479625][T23220] __x64_sys_openat+0x13a/0x170 [ 1928.479657][T23220] x64_sys_call+0xe69/0x2ee0 [ 1928.479683][T23220] do_syscall_64+0x58/0xf0 [ 1928.479706][T23220] ? clear_bhb_loop+0x50/0xa0 [ 1928.479727][T23220] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1928.479746][T23220] RIP: 0033:0x7fddde18df10 [ 1928.479763][T23220] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1928.479780][T23220] RSP: 002b:00007fdddef6df10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1928.479801][T23220] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fddde18df10 [ 1928.479816][T23220] RDX: 0000000000000002 RSI: 00007fdddef6dfa0 RDI: 00000000ffffff9c [ 1928.479828][T23220] RBP: 00007fdddef6dfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1928.479841][T23220] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1928.479853][T23220] R13: 00007fddde3e6038 R14: 00007fddde3e5fa0 R15: 00007ffee0f80018 [ 1928.479870][T23220] [ 1928.718218][T23222] kvm: user requested TSC rate below hardware speed [ 1929.115979][T23249] kvm: user requested TSC rate below hardware speed [ 1930.348876][T23349] No source specified [ 1933.881768][T23497] FAULT_INJECTION: forcing a failure. [ 1933.881768][T23497] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1933.899397][T23497] CPU: 1 UID: 0 PID: 23497 Comm: syz.3.57847 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1933.899428][T23497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1933.899441][T23497] Call Trace: [ 1933.899448][T23497] [ 1933.899455][T23497] __dump_stack+0x21/0x30 [ 1933.899485][T23497] dump_stack_lvl+0x10c/0x190 [ 1933.899508][T23497] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1933.899532][T23497] ? kstrtoull+0x13b/0x1e0 [ 1933.899550][T23497] dump_stack+0x19/0x20 [ 1933.899572][T23497] should_fail_ex+0x3d9/0x530 [ 1933.899592][T23497] should_fail+0xf/0x20 [ 1933.899609][T23497] should_fail_usercopy+0x1e/0x30 [ 1933.899628][T23497] _copy_from_user+0x22/0xb0 [ 1933.899651][T23497] ___sys_sendmsg+0x159/0x2a0 [ 1933.899678][T23497] ? __sys_sendmsg+0x280/0x280 [ 1933.899704][T23497] ? proc_fail_nth_write+0x17e/0x210 [ 1933.899728][T23497] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1933.899756][T23497] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1933.899781][T23497] ? fput+0x1a5/0x240 [ 1933.899802][T23497] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1933.899828][T23497] ? ksys_write+0x1ef/0x250 [ 1933.899846][T23497] ? __kasan_check_read+0x15/0x20 [ 1933.899872][T23497] x64_sys_call+0x2a4c/0x2ee0 [ 1933.899898][T23497] do_syscall_64+0x58/0xf0 [ 1933.899926][T23497] ? clear_bhb_loop+0x50/0xa0 [ 1933.899955][T23497] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1933.899974][T23497] RIP: 0033:0x7f1ccc98f6c9 [ 1933.899989][T23497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1933.900005][T23497] RSP: 002b:00007f1ccd8d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1933.900024][T23497] RAX: ffffffffffffffda RBX: 00007f1cccbe5fa0 RCX: 00007f1ccc98f6c9 [ 1933.900039][T23497] RDX: 000000004404c010 RSI: 0000200000000200 RDI: 0000000000000006 [ 1933.900052][T23497] RBP: 00007f1ccd8d0090 R08: 0000000000000000 R09: 0000000000000000 [ 1933.900064][T23497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1933.900076][T23497] R13: 00007f1cccbe6038 R14: 00007f1cccbe5fa0 R15: 00007ffd161f71e8 [ 1933.900092][T23497] [ 1934.526312][ T36] audit: type=1400 audit(1763277091.200:340): avc: denied { map } for pid=23530 comm="syz.1.57867" path="socket:[935784]" dev="sockfs" ino=935784 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 1934.563815][T23533] set_tsc_khz: 2 callbacks suppressed [ 1934.563833][T23533] kvm: user requested TSC rate below hardware speed [ 1935.609713][T23615] kvm: user requested TSC rate below hardware speed [ 1936.460222][T23638] FAULT_INJECTION: forcing a failure. [ 1936.460222][T23638] name failslab, interval 1, probability 0, space 0, times 0 [ 1936.487521][T23638] CPU: 1 UID: 0 PID: 23638 Comm: syz.0.57921 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1936.487555][T23638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1936.487568][T23638] Call Trace: [ 1936.487574][T23638] [ 1936.487583][T23638] __dump_stack+0x21/0x30 [ 1936.487611][T23638] dump_stack_lvl+0x10c/0x190 [ 1936.487635][T23638] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1936.487659][T23638] ? proc_tid_base_lookup+0x2f/0x40 [ 1936.487683][T23638] ? do_filp_open+0x1c6/0x3e0 [ 1936.487705][T23638] ? do_sys_openat2+0x12c/0x1c0 [ 1936.487736][T23638] ? __x64_sys_openat+0x13a/0x170 [ 1936.487760][T23638] ? do_syscall_64+0x58/0xf0 [ 1936.487783][T23638] dump_stack+0x19/0x20 [ 1936.487806][T23638] should_fail_ex+0x3d9/0x530 [ 1936.487826][T23638] should_failslab+0xac/0x100 [ 1936.487846][T23638] kmem_cache_alloc_noprof+0x42/0x430 [ 1936.487864][T23638] ? vm_area_dup+0x42/0x570 [ 1936.487884][T23638] vm_area_dup+0x42/0x570 [ 1936.487903][T23638] __split_vma+0x1bd/0xa80 [ 1936.487922][T23638] ? vms_gather_munmap_vmas+0xdd0/0xdd0 [ 1936.487943][T23638] ? mas_find+0x3f1/0x5f0 [ 1936.487961][T23638] ? __kasan_check_write+0x18/0x20 [ 1936.487987][T23638] vms_gather_munmap_vmas+0x428/0xdd0 [ 1936.488010][T23638] mmap_region+0x598/0x1bc0 [ 1936.488029][T23638] ? __cfi_mmap_region+0x10/0x10 [ 1936.488049][T23638] ? __kasan_check_read+0x15/0x20 [ 1936.488074][T23638] ? arch_get_unmapped_area_topdown+0x232/0x8d0 [ 1936.488097][T23638] ? file_mmap_ok+0x147/0x1a0 [ 1936.488114][T23638] do_mmap+0xb6d/0x13c0 [ 1936.488132][T23638] ? __cfi_do_mmap+0x10/0x10 [ 1936.488148][T23638] ? down_write_killable+0xe9/0x2d0 [ 1936.488168][T23638] ? __cfi_down_write_killable+0x10/0x10 [ 1936.488189][T23638] vm_mmap_pgoff+0x38f/0x4e0 [ 1936.488208][T23638] ? __cfi_vm_mmap_pgoff+0x10/0x10 [ 1936.488225][T23638] ? __fget_files+0x2c5/0x340 [ 1936.488246][T23638] ksys_mmap_pgoff+0x166/0x1e0 [ 1936.488265][T23638] __x64_sys_mmap+0x121/0x140 [ 1936.488291][T23638] x64_sys_call+0x13bf/0x2ee0 [ 1936.488316][T23638] do_syscall_64+0x58/0xf0 [ 1936.488338][T23638] ? clear_bhb_loop+0x50/0xa0 [ 1936.488358][T23638] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1936.488377][T23638] RIP: 0033:0x7fddde18f6c9 [ 1936.488394][T23638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1936.488411][T23638] RSP: 002b:00007fdddef6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1936.488432][T23638] RAX: ffffffffffffffda RBX: 00007fddde3e5fa0 RCX: 00007fddde18f6c9 [ 1936.488447][T23638] RDX: 0000000001000002 RSI: 0000000000400000 RDI: 0000200000000000 [ 1936.488461][T23638] RBP: 00007fdddef6e090 R08: 0000000000000008 R09: 000000000010c000 [ 1936.488474][T23638] R10: 0000000000011012 R11: 0000000000000246 R12: 0000000000000001 [ 1936.488487][T23638] R13: 00007fddde3e6038 R14: 00007fddde3e5fa0 R15: 00007ffee0f80018 [ 1936.488504][T23638] [ 1936.907082][T23671] kvm: user requested TSC rate below hardware speed [ 1937.258808][ T4360] usb 2-1: new full-speed USB device number 62 using dummy_hcd [ 1937.352688][T23709] kvm: user requested TSC rate below hardware speed [ 1937.410185][ T4360] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1937.418266][ T4360] usb 2-1: not running at top speed; connect to a high speed hub [ 1937.429781][ T4360] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1937.438542][ T4360] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1937.468178][ T4360] usb 2-1: config 1 has no interface number 1 [ 1937.474329][ T4360] usb 2-1: config 1 interface 2 has no altsetting 0 [ 1937.490502][ T4360] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1937.507168][ T4360] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1937.518797][ T4360] usb 2-1: Product: syz [ 1937.527237][ T4360] usb 2-1: Manufacturer: syz [ 1937.535543][ T4360] usb 2-1: SerialNumber: syz [ 1937.754372][T23679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1937.769637][T23679] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1937.796814][ T4360] usb 2-1: 2:1 : no UAC_FORMAT_TYPE desc [ 1937.809784][ T4360] usb 2-1: selecting invalid altsetting 0 [ 1937.837281][ T4360] usb 2-1: USB disconnect, device number 62 [ 1937.852582][T23739] udevd[23739]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 1937.976780][T23760] kvm: user requested TSC rate below hardware speed [ 1938.095780][T23768] loop5: detected capacity change from 0 to 7 [ 1938.202058][ T36] audit: type=1400 audit(1763277094.880:341): avc: denied { listen } for pid=23779 comm="syz.3.57988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1938.259983][T23788] kvm: user requested TSC rate below hardware speed [ 1938.573435][ T36] audit: type=1400 audit(1763277095.250:342): avc: denied { getopt } for pid=23815 comm="syz.0.58005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1940.171004][T23904] FAULT_INJECTION: forcing a failure. [ 1940.171004][T23904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1940.185032][T23904] CPU: 0 UID: 0 PID: 23904 Comm: syz.1.58049 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1940.185060][T23904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1940.185071][T23904] Call Trace: [ 1940.185078][T23904] [ 1940.185086][T23904] __dump_stack+0x21/0x30 [ 1940.185114][T23904] dump_stack_lvl+0x10c/0x190 [ 1940.185137][T23904] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1940.185160][T23904] ? check_stack_object+0x107/0x140 [ 1940.185178][T23904] dump_stack+0x19/0x20 [ 1940.185200][T23904] should_fail_ex+0x3d9/0x530 [ 1940.185218][T23904] should_fail+0xf/0x20 [ 1940.185234][T23904] should_fail_usercopy+0x1e/0x30 [ 1940.185253][T23904] _copy_from_user+0x22/0xb0 [ 1940.185275][T23904] __sys_bind+0x1de/0x3f0 [ 1940.185296][T23904] ? __cfi___sys_bind+0x10/0x10 [ 1940.185315][T23904] ? __kasan_check_read+0x15/0x20 [ 1940.185337][T23904] __x64_sys_bind+0x7e/0x90 [ 1940.185358][T23904] x64_sys_call+0x1ffd/0x2ee0 [ 1940.185381][T23904] do_syscall_64+0x58/0xf0 [ 1940.185416][T23904] ? clear_bhb_loop+0x50/0xa0 [ 1940.185436][T23904] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1940.185455][T23904] RIP: 0033:0x7f6d3dd8f6c9 [ 1940.185470][T23904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1940.185486][T23904] RSP: 002b:00007f6d3ec9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 1940.185507][T23904] RAX: ffffffffffffffda RBX: 00007f6d3dfe5fa0 RCX: 00007f6d3dd8f6c9 [ 1940.185522][T23904] RDX: 0000000000000047 RSI: 0000200000000040 RDI: 0000000000000007 [ 1940.185534][T23904] RBP: 00007f6d3ec9c090 R08: 0000000000000000 R09: 0000000000000000 [ 1940.185547][T23904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1940.185558][T23904] R13: 00007f6d3dfe6038 R14: 00007f6d3dfe5fa0 R15: 00007ffeb98de6a8 [ 1940.185574][T23904] [ 1940.378694][T23907] kvm: user requested TSC rate below hardware speed [ 1941.204886][ T36] audit: type=1400 audit(1763277097.876:343): avc: denied { mount } for pid=23959 comm="syz.1.58073" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 1941.227573][T23960] FAULT_INJECTION: forcing a failure. [ 1941.227573][T23960] name failslab, interval 1, probability 0, space 0, times 0 [ 1941.240324][T23960] CPU: 0 UID: 0 PID: 23960 Comm: syz.1.58073 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1941.240357][T23960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1941.240369][T23960] Call Trace: [ 1941.240375][T23960] [ 1941.240384][T23960] __dump_stack+0x21/0x30 [ 1941.240413][T23960] dump_stack_lvl+0x10c/0x190 [ 1941.240441][T23960] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1941.240464][T23960] ? proc_fail_nth_write+0x17e/0x210 [ 1941.240489][T23960] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1941.240513][T23960] dump_stack+0x19/0x20 [ 1941.240535][T23960] should_fail_ex+0x3d9/0x530 [ 1941.240554][T23960] should_failslab+0xac/0x100 [ 1941.240575][T23960] kmem_cache_alloc_noprof+0x42/0x430 [ 1941.240593][T23960] ? getname_flags+0xc6/0x710 [ 1941.240613][T23960] getname_flags+0xc6/0x710 [ 1941.240630][T23960] ? __fget_files+0x2c5/0x340 [ 1941.240650][T23960] user_path_at+0x2b/0x60 [ 1941.240670][T23960] __se_sys_mount+0x288/0x480 [ 1941.240688][T23960] ? ksys_write+0x1ef/0x250 [ 1941.240705][T23960] ? __x64_sys_mount+0xf0/0xf0 [ 1941.240724][T23960] __x64_sys_mount+0xc3/0xf0 [ 1941.240741][T23960] x64_sys_call+0x2021/0x2ee0 [ 1941.240767][T23960] do_syscall_64+0x58/0xf0 [ 1941.240789][T23960] ? clear_bhb_loop+0x50/0xa0 [ 1941.240810][T23960] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1941.240830][T23960] RIP: 0033:0x7f6d3dd8f6c9 [ 1941.240846][T23960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1941.240863][T23960] RSP: 002b:00007f6d3ec9c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1941.240884][T23960] RAX: ffffffffffffffda RBX: 00007f6d3dfe5fa0 RCX: 00007f6d3dd8f6c9 [ 1941.240899][T23960] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000 [ 1941.240912][T23960] RBP: 00007f6d3ec9c090 R08: 0000000000000000 R09: 0000000000000000 [ 1941.240925][T23960] R10: 0000000000008020 R11: 0000000000000246 R12: 0000000000000001 [ 1941.240938][T23960] R13: 00007f6d3dfe6038 R14: 00007f6d3dfe5fa0 R15: 00007ffeb98de6a8 [ 1941.240954][T23960] [ 1941.247178][ T36] audit: type=1400 audit(1763277097.916:344): avc: denied { unmount } for pid=22803 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 1941.496872][T23967] Invalid ELF header type: 3 != 1 [ 1941.498788][ T36] audit: type=1400 audit(1763277098.166:345): avc: denied { module_load } for pid=23965 comm="syz.1.58082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 1941.545200][ T36] audit: type=1400 audit(1763277098.206:346): avc: denied { remount } for pid=23965 comm="syz.1.58082" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 1941.650289][T23976] FAULT_INJECTION: forcing a failure. [ 1941.650289][T23976] name failslab, interval 1, probability 0, space 0, times 0 [ 1941.668973][T23976] CPU: 0 UID: 0 PID: 23976 Comm: syz.1.58086 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1941.669006][T23976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1941.669018][T23976] Call Trace: [ 1941.669025][T23976] [ 1941.669033][T23976] __dump_stack+0x21/0x30 [ 1941.669061][T23976] dump_stack_lvl+0x10c/0x190 [ 1941.669084][T23976] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1941.669108][T23976] ? proc_tid_base_lookup+0x2f/0x40 [ 1941.669133][T23976] ? do_filp_open+0x1c6/0x3e0 [ 1941.669154][T23976] ? do_sys_openat2+0x12c/0x1c0 [ 1941.669177][T23976] ? __x64_sys_openat+0x13a/0x170 [ 1941.669199][T23976] ? do_syscall_64+0x58/0xf0 [ 1941.669223][T23976] dump_stack+0x19/0x20 [ 1941.669245][T23976] should_fail_ex+0x3d9/0x530 [ 1941.669273][T23976] should_failslab+0xac/0x100 [ 1941.669295][T23976] kmem_cache_alloc_noprof+0x42/0x430 [ 1941.669313][T23976] ? vm_area_dup+0x42/0x570 [ 1941.669333][T23976] vm_area_dup+0x42/0x570 [ 1941.669351][T23976] __split_vma+0x1bd/0xa80 [ 1941.669372][T23976] ? vms_gather_munmap_vmas+0xdd0/0xdd0 [ 1941.669392][T23976] ? mas_find+0x3f1/0x5f0 [ 1941.669410][T23976] ? __kasan_check_write+0x18/0x20 [ 1941.669437][T23976] vms_gather_munmap_vmas+0x428/0xdd0 [ 1941.669459][T23976] mmap_region+0x598/0x1bc0 [ 1941.669479][T23976] ? __cfi_mmap_region+0x10/0x10 [ 1941.669499][T23976] ? __kasan_check_read+0x15/0x20 [ 1941.669524][T23976] ? arch_get_unmapped_area_topdown+0x232/0x8d0 [ 1941.669547][T23976] ? file_mmap_ok+0x147/0x1a0 [ 1941.669565][T23976] do_mmap+0xb6d/0x13c0 [ 1941.669582][T23976] ? __cfi_do_mmap+0x10/0x10 [ 1941.669598][T23976] ? down_write_killable+0xe9/0x2d0 [ 1941.669618][T23976] ? __cfi_down_write_killable+0x10/0x10 [ 1941.669639][T23976] vm_mmap_pgoff+0x38f/0x4e0 [ 1941.669658][T23976] ? __cfi_vm_mmap_pgoff+0x10/0x10 [ 1941.669675][T23976] ? __fget_files+0x2c5/0x340 [ 1941.669697][T23976] ksys_mmap_pgoff+0x166/0x1e0 [ 1941.669716][T23976] __x64_sys_mmap+0x121/0x140 [ 1941.669742][T23976] x64_sys_call+0x13bf/0x2ee0 [ 1941.669767][T23976] do_syscall_64+0x58/0xf0 [ 1941.669789][T23976] ? clear_bhb_loop+0x50/0xa0 [ 1941.669809][T23976] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1941.669829][T23976] RIP: 0033:0x7f6d3dd8f6c9 [ 1941.669845][T23976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1941.669862][T23976] RSP: 002b:00007f6d3ec9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1941.669883][T23976] RAX: ffffffffffffffda RBX: 00007f6d3dfe5fa0 RCX: 00007f6d3dd8f6c9 [ 1941.669898][T23976] RDX: 0000000001000002 RSI: 0000000000400000 RDI: 0000200000000000 [ 1941.669912][T23976] RBP: 00007f6d3ec9c090 R08: 0000000000000007 R09: 000000000010c000 [ 1941.669926][T23976] R10: 0000000000011012 R11: 0000000000000246 R12: 0000000000000001 [ 1941.669939][T23976] R13: 00007f6d3dfe6038 R14: 00007f6d3dfe5fa0 R15: 00007ffeb98de6a8 [ 1941.669956][T23976] [ 1942.696753][T24033] FAULT_INJECTION: forcing a failure. [ 1942.696753][T24033] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1942.719937][T24033] CPU: 0 UID: 0 PID: 24033 Comm: syz.1.58112 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1942.719972][T24033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1942.719985][T24033] Call Trace: [ 1942.719991][T24033] [ 1942.720000][T24033] __dump_stack+0x21/0x30 [ 1942.720033][T24033] dump_stack_lvl+0x10c/0x190 [ 1942.720057][T24033] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1942.720082][T24033] ? check_stack_object+0x12c/0x140 [ 1942.720100][T24033] dump_stack+0x19/0x20 [ 1942.720130][T24033] should_fail_ex+0x3d9/0x530 [ 1942.720150][T24033] should_fail+0xf/0x20 [ 1942.720168][T24033] should_fail_usercopy+0x1e/0x30 [ 1942.720187][T24033] _copy_to_user+0x24/0xa0 [ 1942.720210][T24033] simple_read_from_buffer+0xed/0x160 [ 1942.720233][T24033] proc_fail_nth_read+0x19e/0x210 [ 1942.720257][T24033] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 1942.720281][T24033] ? bpf_lsm_file_permission+0xd/0x20 [ 1942.720305][T24033] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 1942.720328][T24033] vfs_read+0x27d/0xc70 [ 1942.720346][T24033] ? __cfi_vfs_read+0x10/0x10 [ 1942.720362][T24033] ? __kasan_check_write+0x18/0x20 [ 1942.720387][T24033] ? mutex_lock+0x92/0x1c0 [ 1942.720405][T24033] ? __cfi_mutex_lock+0x10/0x10 [ 1942.720421][T24033] ? __fget_files+0x2c5/0x340 [ 1942.720443][T24033] ksys_read+0x141/0x250 [ 1942.720459][T24033] ? __cfi_ksys_read+0x10/0x10 [ 1942.720476][T24033] ? __kasan_check_read+0x15/0x20 [ 1942.720502][T24033] __x64_sys_read+0x7f/0x90 [ 1942.720519][T24033] x64_sys_call+0x2638/0x2ee0 [ 1942.720545][T24033] do_syscall_64+0x58/0xf0 [ 1942.720567][T24033] ? clear_bhb_loop+0x50/0xa0 [ 1942.720588][T24033] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1942.720608][T24033] RIP: 0033:0x7f6d3dd8e0dc [ 1942.720625][T24033] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1942.720642][T24033] RSP: 002b:00007f6d3ec9c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1942.720663][T24033] RAX: ffffffffffffffda RBX: 00007f6d3dfe5fa0 RCX: 00007f6d3dd8e0dc [ 1942.720678][T24033] RDX: 000000000000000f RSI: 00007f6d3ec9c0a0 RDI: 0000000000000006 [ 1942.720690][T24033] RBP: 00007f6d3ec9c090 R08: 0000000000000000 R09: 0000000000000000 [ 1942.720703][T24033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1942.720716][T24033] R13: 00007f6d3dfe6038 R14: 00007f6d3dfe5fa0 R15: 00007ffeb98de6a8 [ 1942.720732][T24033] [ 1943.231572][T24085] kvm: user requested TSC rate below hardware speed [ 1943.746011][T24148] kvm: user requested TSC rate below hardware speed [ 1944.656051][T24257] kvm: user requested TSC rate below hardware speed [ 1945.747944][T24333] kvm: user requested TSC rate below hardware speed [ 1946.309533][T24365] kvm: user requested TSC rate below hardware speed [ 1946.610217][T24393] kvm: user requested TSC rate below hardware speed [ 1946.814834][T24407] kvm: user requested TSC rate below hardware speed [ 1948.045038][T24467] kvm: user requested TSC rate below hardware speed [ 1948.251792][T24489] kvm: user requested TSC rate below hardware speed [ 1948.390681][T24503] kvm: user requested TSC rate below hardware speed [ 1948.657819][T24543] kvm: user requested TSC rate below hardware speed [ 1948.986485][T24603] kvm: user requested TSC rate below hardware speed [ 1949.265420][T24655] kvm: user requested TSC rate below hardware speed [ 1954.160240][T24996] set_tsc_khz: 2 callbacks suppressed [ 1954.160258][T24996] kvm: user requested TSC rate below hardware speed [ 1954.905028][T25070] kvm: user requested TSC rate below hardware speed [ 1958.366839][T18579] bridge_slave_1: left allmulticast mode [ 1958.372595][T18579] bridge_slave_1: left promiscuous mode [ 1958.378215][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1958.416260][T18579] bridge_slave_0: left allmulticast mode [ 1958.428786][T18579] bridge_slave_0: left promiscuous mode [ 1958.434421][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1958.602772][T18579] veth1_macvtap: left promiscuous mode [ 1958.608327][T18579] veth0_vlan: left promiscuous mode [ 1958.734914][T25332] bridge0: port 1(bridge_slave_0) entered blocking state [ 1958.754897][T25332] bridge0: port 1(bridge_slave_0) entered disabled state [ 1958.764994][T25332] bridge_slave_0: entered allmulticast mode [ 1958.790217][T25332] bridge_slave_0: entered promiscuous mode [ 1958.801485][T25332] bridge0: port 2(bridge_slave_1) entered blocking state [ 1958.808519][T25332] bridge0: port 2(bridge_slave_1) entered disabled state [ 1958.836434][T25332] bridge_slave_1: entered allmulticast mode [ 1958.844233][T25332] bridge_slave_1: entered promiscuous mode [ 1959.001962][T25332] bridge0: port 2(bridge_slave_1) entered blocking state [ 1959.009066][T25332] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1959.016346][T25332] bridge0: port 1(bridge_slave_0) entered blocking state [ 1959.023419][T25332] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1959.090571][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1959.097932][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1959.115180][T18579] bridge0: port 1(bridge_slave_0) entered blocking state [ 1959.122257][T18579] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1959.130503][T18579] bridge0: port 2(bridge_slave_1) entered blocking state [ 1959.137539][T18579] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1959.161827][T25332] veth0_vlan: entered promiscuous mode [ 1959.182170][T25332] veth1_macvtap: entered promiscuous mode [ 1973.881401][T26567] bridge0: port 1(bridge_slave_0) entered blocking state [ 1973.898658][T26567] bridge0: port 1(bridge_slave_0) entered disabled state [ 1973.910256][T26567] bridge_slave_0: entered allmulticast mode [ 1973.916594][T26567] bridge_slave_0: entered promiscuous mode [ 1973.945570][T26567] bridge0: port 2(bridge_slave_1) entered blocking state [ 1973.978799][T26567] bridge0: port 2(bridge_slave_1) entered disabled state [ 1974.010777][T26567] bridge_slave_1: entered allmulticast mode [ 1974.017126][T26567] bridge_slave_1: entered promiscuous mode [ 1974.080930][T22356] bridge_slave_1: left allmulticast mode [ 1974.086597][T22356] bridge_slave_1: left promiscuous mode [ 1974.108842][T22356] bridge0: port 2(bridge_slave_1) entered disabled state [ 1974.132796][T22356] bridge_slave_0: left allmulticast mode [ 1974.138505][T22356] bridge_slave_0: left promiscuous mode [ 1974.148839][T22356] bridge0: port 1(bridge_slave_0) entered disabled state [ 1974.307019][T22356] veth1_macvtap: left promiscuous mode [ 1974.312709][T22356] veth0_vlan: left promiscuous mode [ 1974.455113][T26567] bridge0: port 2(bridge_slave_1) entered blocking state [ 1974.462190][T26567] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1974.469477][T26567] bridge0: port 1(bridge_slave_0) entered blocking state [ 1974.476505][T26567] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1974.512727][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1974.529327][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1974.553136][ T8937] bridge0: port 1(bridge_slave_0) entered blocking state [ 1974.560220][ T8937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1974.576102][T18579] bridge0: port 2(bridge_slave_1) entered blocking state [ 1974.583188][T18579] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1974.647640][T26567] veth0_vlan: entered promiscuous mode [ 1974.685869][T26567] veth1_macvtap: entered promiscuous mode [ 1980.761083][T22356] bridge_slave_1: left allmulticast mode [ 1980.766788][T22356] bridge_slave_1: left promiscuous mode [ 1980.788665][T22356] bridge0: port 2(bridge_slave_1) entered disabled state [ 1980.808961][T22356] bridge_slave_0: left allmulticast mode [ 1980.814634][T22356] bridge_slave_0: left promiscuous mode [ 1980.848842][T22356] bridge0: port 1(bridge_slave_0) entered disabled state [ 1980.993716][T22356] veth1_macvtap: left promiscuous mode [ 1981.009171][T22356] veth0_vlan: left promiscuous mode [ 1981.220912][T27179] bridge0: port 1(bridge_slave_0) entered blocking state [ 1981.232259][T27179] bridge0: port 1(bridge_slave_0) entered disabled state [ 1981.246995][T27179] bridge_slave_0: entered allmulticast mode [ 1981.263786][T27179] bridge_slave_0: entered promiscuous mode [ 1981.279363][T27179] bridge0: port 2(bridge_slave_1) entered blocking state [ 1981.295899][T27179] bridge0: port 2(bridge_slave_1) entered disabled state [ 1981.313718][T27179] bridge_slave_1: entered allmulticast mode [ 1981.329401][T27179] bridge_slave_1: entered promiscuous mode [ 1981.488830][T27179] bridge0: port 2(bridge_slave_1) entered blocking state [ 1981.495889][T27179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1981.503211][T27179] bridge0: port 1(bridge_slave_0) entered blocking state [ 1981.510272][T27179] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1981.615989][T27179] veth0_vlan: entered promiscuous mode [ 1981.635884][T27179] veth1_macvtap: entered promiscuous mode [ 1991.212025][T28104] bridge0: port 1(bridge_slave_0) entered blocking state [ 1991.242076][T28104] bridge0: port 1(bridge_slave_0) entered disabled state [ 1991.278807][T28104] bridge_slave_0: entered allmulticast mode [ 1991.285166][T28104] bridge_slave_0: entered promiscuous mode [ 1991.311187][T28104] bridge0: port 2(bridge_slave_1) entered blocking state [ 1991.318227][T28104] bridge0: port 2(bridge_slave_1) entered disabled state [ 1991.349467][T28104] bridge_slave_1: entered allmulticast mode [ 1991.365988][T28104] bridge_slave_1: entered promiscuous mode [ 1991.431018][T18579] bridge_slave_1: left allmulticast mode [ 1991.436693][T18579] bridge_slave_1: left promiscuous mode [ 1991.448842][T18579] bridge0: port 2(bridge_slave_1) entered disabled state [ 1991.479255][T18579] bridge_slave_0: left allmulticast mode [ 1991.488773][T18579] bridge_slave_0: left promiscuous mode [ 1991.494395][T18579] bridge0: port 1(bridge_slave_0) entered disabled state [ 1991.639921][T18579] veth1_macvtap: left promiscuous mode [ 1991.645525][T18579] veth0_vlan: left promiscuous mode [ 1991.831011][T28104] bridge0: port 2(bridge_slave_1) entered blocking state [ 1991.838064][T28104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1991.845357][T28104] bridge0: port 1(bridge_slave_0) entered blocking state [ 1991.852394][T28104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1991.900169][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 1991.913663][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 1991.948628][T22356] bridge0: port 1(bridge_slave_0) entered blocking state [ 1991.955727][T22356] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1991.972198][T22356] bridge0: port 2(bridge_slave_1) entered blocking state [ 1991.979288][T22356] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1992.031498][T28104] veth0_vlan: entered promiscuous mode [ 1992.054257][T28104] veth1_macvtap: entered promiscuous mode [ 2018.622102][T29895] No source specified [ 2018.870555][ T8937] bridge_slave_1: left allmulticast mode [ 2018.876219][ T8937] bridge_slave_1: left promiscuous mode [ 2018.898307][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 2018.916094][ T8937] bridge_slave_0: left allmulticast mode [ 2018.928753][ T8937] bridge_slave_0: left promiscuous mode [ 2018.934398][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 2019.090778][ T8937] veth1_macvtap: left promiscuous mode [ 2019.098957][ T8937] veth0_vlan: left promiscuous mode [ 2019.309564][T29909] bridge0: port 1(bridge_slave_0) entered blocking state [ 2019.325939][T29909] bridge0: port 1(bridge_slave_0) entered disabled state [ 2019.350556][T29909] bridge_slave_0: entered allmulticast mode [ 2019.369221][T29909] bridge_slave_0: entered promiscuous mode [ 2019.386365][T29909] bridge0: port 2(bridge_slave_1) entered blocking state [ 2019.403642][T29909] bridge0: port 2(bridge_slave_1) entered disabled state [ 2019.421469][T29909] bridge_slave_1: entered allmulticast mode [ 2019.439780][T29909] bridge_slave_1: entered promiscuous mode [ 2019.593679][T29909] bridge0: port 2(bridge_slave_1) entered blocking state [ 2019.600782][T29909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2019.608062][T29909] bridge0: port 1(bridge_slave_0) entered blocking state [ 2019.615139][T29909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2019.690680][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state [ 2019.698314][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state [ 2019.709415][ T8937] bridge0: port 1(bridge_slave_0) entered blocking state [ 2019.716472][ T8937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2019.746151][ T8937] bridge0: port 2(bridge_slave_1) entered blocking state [ 2019.753232][ T8937] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2019.817824][T29909] veth0_vlan: entered promiscuous mode [ 2019.844423][T29909] veth1_macvtap: entered promiscuous mode [ 2019.971529][T29960] FAULT_INJECTION: forcing a failure. [ 2019.971529][T29960] name failslab, interval 1, probability 0, space 0, times 0 [ 2019.986696][T29960] CPU: 1 UID: 0 PID: 29960 Comm: syz.2.61042 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2019.986727][T29960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2019.986738][T29960] Call Trace: [ 2019.986744][T29960] [ 2019.986751][T29960] __dump_stack+0x21/0x30 [ 2019.986781][T29960] dump_stack_lvl+0x10c/0x190 [ 2019.986803][T29960] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2019.986824][T29960] ? __kasan_check_write+0x18/0x20 [ 2019.986850][T29960] dump_stack+0x19/0x20 [ 2019.986871][T29960] should_fail_ex+0x3d9/0x530 [ 2019.986890][T29960] should_failslab+0xac/0x100 [ 2019.986910][T29960] kmem_cache_alloc_noprof+0x42/0x430 [ 2019.986928][T29960] ? getname_flags+0xc6/0x710 [ 2019.986947][T29960] ? __cfi_ksys_write+0x10/0x10 [ 2019.986965][T29960] getname_flags+0xc6/0x710 [ 2019.986984][T29960] __x64_sys_mkdir+0x61/0x80 [ 2019.987005][T29960] x64_sys_call+0x26c8/0x2ee0 [ 2019.987027][T29960] do_syscall_64+0x58/0xf0 [ 2019.987047][T29960] ? clear_bhb_loop+0x50/0xa0 [ 2019.987067][T29960] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2019.987087][T29960] RIP: 0033:0x7f2a75f8f6c9 [ 2019.987104][T29960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2019.987121][T29960] RSP: 002b:00007f2a749f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2019.987143][T29960] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8f6c9 [ 2019.987158][T29960] RDX: 0000000000000000 RSI: 00000000000000d2 RDI: 0000200000000040 [ 2019.987172][T29960] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2019.987185][T29960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2019.987221][T29960] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2019.987238][T29960] [ 2020.279663][T29992] FAULT_INJECTION: forcing a failure. [ 2020.279663][T29992] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2020.318201][T29992] CPU: 0 UID: 0 PID: 29992 Comm: syz.2.61058 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2020.318236][T29992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2020.318248][T29992] Call Trace: [ 2020.318255][T29992] [ 2020.318263][T29992] __dump_stack+0x21/0x30 [ 2020.318292][T29992] dump_stack_lvl+0x10c/0x190 [ 2020.318316][T29992] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2020.318341][T29992] ? check_stack_object+0x12c/0x140 [ 2020.318360][T29992] dump_stack+0x19/0x20 [ 2020.318382][T29992] should_fail_ex+0x3d9/0x530 [ 2020.318401][T29992] should_fail+0xf/0x20 [ 2020.318418][T29992] should_fail_usercopy+0x1e/0x30 [ 2020.318447][T29992] _copy_to_user+0x24/0xa0 [ 2020.318470][T29992] simple_read_from_buffer+0xed/0x160 [ 2020.318494][T29992] proc_fail_nth_read+0x19e/0x210 [ 2020.318519][T29992] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2020.318542][T29992] ? bpf_lsm_file_permission+0xd/0x20 [ 2020.318567][T29992] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2020.318590][T29992] vfs_read+0x27d/0xc70 [ 2020.318606][T29992] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2020.318628][T29992] ? __cfi_vfs_read+0x10/0x10 [ 2020.318645][T29992] ? __kasan_check_write+0x18/0x20 [ 2020.318671][T29992] ? mutex_lock+0x92/0x1c0 [ 2020.318689][T29992] ? __cfi_mutex_lock+0x10/0x10 [ 2020.318706][T29992] ? __fget_files+0x2c5/0x340 [ 2020.318730][T29992] ksys_read+0x141/0x250 [ 2020.318744][T29992] ? __cfi_ksys_read+0x10/0x10 [ 2020.318759][T29992] ? __kasan_check_read+0x15/0x20 [ 2020.318784][T29992] __x64_sys_read+0x7f/0x90 [ 2020.318801][T29992] x64_sys_call+0x2638/0x2ee0 [ 2020.318827][T29992] do_syscall_64+0x58/0xf0 [ 2020.318849][T29992] ? clear_bhb_loop+0x50/0xa0 [ 2020.318870][T29992] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2020.318891][T29992] RIP: 0033:0x7f2a75f8e0dc [ 2020.318908][T29992] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2020.318925][T29992] RSP: 002b:00007f2a749f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2020.318947][T29992] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8e0dc [ 2020.318962][T29992] RDX: 000000000000000f RSI: 00007f2a749f70a0 RDI: 0000000000000006 [ 2020.318976][T29992] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2020.318988][T29992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2020.319000][T29992] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2020.319017][T29992] [ 2020.826655][T30039] FAULT_INJECTION: forcing a failure. [ 2020.826655][T30039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2020.859472][T30039] CPU: 1 UID: 0 PID: 30039 Comm: syz.2.61080 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2020.859504][T30039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2020.859516][T30039] Call Trace: [ 2020.859522][T30039] [ 2020.859531][T30039] __dump_stack+0x21/0x30 [ 2020.859585][T30039] dump_stack_lvl+0x10c/0x190 [ 2020.859608][T30039] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2020.859639][T30039] ? check_stack_object+0x12c/0x140 [ 2020.859658][T30039] dump_stack+0x19/0x20 [ 2020.859680][T30039] should_fail_ex+0x3d9/0x530 [ 2020.859699][T30039] should_fail+0xf/0x20 [ 2020.859715][T30039] should_fail_usercopy+0x1e/0x30 [ 2020.859735][T30039] _copy_to_user+0x24/0xa0 [ 2020.859756][T30039] simple_read_from_buffer+0xed/0x160 [ 2020.859777][T30039] proc_fail_nth_read+0x19e/0x210 [ 2020.859799][T30039] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2020.859820][T30039] ? bpf_lsm_file_permission+0xd/0x20 [ 2020.859842][T30039] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2020.859865][T30039] vfs_read+0x27d/0xc70 [ 2020.859882][T30039] ? __cfi_fuse_dev_write+0x10/0x10 [ 2020.859902][T30039] ? __cfi_vfs_read+0x10/0x10 [ 2020.859918][T30039] ? __kasan_check_write+0x18/0x20 [ 2020.859944][T30039] ? mutex_lock+0x92/0x1c0 [ 2020.859962][T30039] ? __cfi_mutex_lock+0x10/0x10 [ 2020.859980][T30039] ? __fget_files+0x2c5/0x340 [ 2020.860001][T30039] ksys_read+0x141/0x250 [ 2020.860018][T30039] ? __cfi_ksys_read+0x10/0x10 [ 2020.860035][T30039] ? __kasan_check_read+0x15/0x20 [ 2020.860061][T30039] __x64_sys_read+0x7f/0x90 [ 2020.860078][T30039] x64_sys_call+0x2638/0x2ee0 [ 2020.860104][T30039] do_syscall_64+0x58/0xf0 [ 2020.860128][T30039] ? clear_bhb_loop+0x50/0xa0 [ 2020.860147][T30039] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2020.860167][T30039] RIP: 0033:0x7f2a75f8e0dc [ 2020.860184][T30039] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2020.860201][T30039] RSP: 002b:00007f2a749f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2020.860222][T30039] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8e0dc [ 2020.860238][T30039] RDX: 000000000000000f RSI: 00007f2a749f70a0 RDI: 0000000000000006 [ 2020.860251][T30039] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2020.860264][T30039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2020.860276][T30039] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2020.860293][T30039] [ 2021.319157][T30070] FAULT_INJECTION: forcing a failure. [ 2021.319157][T30070] name failslab, interval 1, probability 0, space 0, times 0 [ 2021.369642][T30070] CPU: 0 UID: 0 PID: 30070 Comm: syz.1.61093 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2021.369680][T30070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2021.369692][T30070] Call Trace: [ 2021.369699][T30070] [ 2021.369706][T30070] __dump_stack+0x21/0x30 [ 2021.369735][T30070] dump_stack_lvl+0x10c/0x190 [ 2021.369759][T30070] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2021.369784][T30070] ? avc_has_perm+0x144/0x220 [ 2021.369808][T30070] dump_stack+0x19/0x20 [ 2021.369830][T30070] should_fail_ex+0x3d9/0x530 [ 2021.369849][T30070] should_failslab+0xac/0x100 [ 2021.369870][T30070] kmem_cache_alloc_node_noprof+0x45/0x440 [ 2021.369890][T30070] ? perf_event_alloc+0x128/0x1c70 [ 2021.369908][T30070] ? __cfi_selinux_file_open+0x10/0x10 [ 2021.369930][T30070] perf_event_alloc+0x128/0x1c70 [ 2021.369949][T30070] ? __cfi_ptrace_triggered+0x10/0x10 [ 2021.369974][T30070] ? __cfi_ptrace_triggered+0x10/0x10 [ 2021.369998][T30070] perf_event_create_kernel_counter+0xdd/0x5a0 [ 2021.370019][T30070] ? __cfi_ptrace_triggered+0x10/0x10 [ 2021.370043][T30070] register_user_hw_breakpoint+0x36/0x50 [ 2021.370065][T30070] ptrace_set_debugreg+0x379/0xba0 [ 2021.370101][T30070] ? __kernel_text_address+0x11/0x40 [ 2021.370124][T30070] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2021.370150][T30070] ? arch_stack_walk+0x10b/0x170 [ 2021.370167][T30070] ? putreg+0x5a0/0x5a0 [ 2021.370189][T30070] ? _parse_integer_limit+0x195/0x1e0 [ 2021.370217][T30070] ? _parse_integer+0x2e/0x40 [ 2021.370241][T30070] ? kstrtoull+0x13b/0x1e0 [ 2021.370258][T30070] ? kstrtouint+0x78/0xf0 [ 2021.370274][T30070] ? kstrtouint_from_user+0xfb/0x150 [ 2021.370291][T30070] ? __x64_sys_openat+0x13a/0x170 [ 2021.370315][T30070] ? x64_sys_call+0xe69/0x2ee0 [ 2021.370399][T30070] ? __kasan_check_write+0x18/0x20 [ 2021.370430][T30070] ? _raw_spin_lock+0x8c/0x120 [ 2021.370451][T30070] ? __cfi__raw_spin_lock+0x10/0x10 [ 2021.370472][T30070] ? wait_task_inactive+0x320/0x590 [ 2021.370490][T30070] ? vfs_write+0x93e/0xf30 [ 2021.370509][T30070] ? __cfi_wait_task_inactive+0x10/0x10 [ 2021.370527][T30070] ? __kasan_check_write+0x18/0x20 [ 2021.370552][T30070] ? mutex_unlock+0x8b/0x240 [ 2021.370571][T30070] arch_ptrace+0x372/0x410 [ 2021.370595][T30070] __se_sys_ptrace+0x152/0x3c0 [ 2021.370613][T30070] ? __x64_sys_ptrace+0xc0/0xc0 [ 2021.370631][T30070] __x64_sys_ptrace+0x9f/0xc0 [ 2021.370647][T30070] x64_sys_call+0x2d88/0x2ee0 [ 2021.370673][T30070] do_syscall_64+0x58/0xf0 [ 2021.370695][T30070] ? clear_bhb_loop+0x50/0xa0 [ 2021.370716][T30070] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2021.370736][T30070] RIP: 0033:0x7fd536b8f6c9 [ 2021.370753][T30070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2021.370771][T30070] RSP: 002b:00007fd537acf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2021.370792][T30070] RAX: ffffffffffffffda RBX: 00007fd536de5fa0 RCX: 00007fd536b8f6c9 [ 2021.370806][T30070] RDX: 0000000000000358 RSI: 0000000000000208 RDI: 0000000000000006 [ 2021.370819][T30070] RBP: 00007fd537acf090 R08: 0000000000000000 R09: 0000000000000000 [ 2021.370831][T30070] R10: ffff8881f6e4ebc0 R11: 0000000000000246 R12: 0000000000000001 [ 2021.370844][T30070] R13: 00007fd536de6038 R14: 00007fd536de5fa0 R15: 00007fff4cce4b78 [ 2021.370861][T30070] [ 2023.138323][T30179] FAULT_INJECTION: forcing a failure. [ 2023.138323][T30179] name failslab, interval 1, probability 0, space 0, times 0 [ 2023.151097][T30179] CPU: 1 UID: 0 PID: 30179 Comm: syz.0.61147 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2023.151130][T30179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2023.151143][T30179] Call Trace: [ 2023.151149][T30179] [ 2023.151158][T30179] __dump_stack+0x21/0x30 [ 2023.151187][T30179] dump_stack_lvl+0x10c/0x190 [ 2023.151211][T30179] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2023.151235][T30179] dump_stack+0x19/0x20 [ 2023.151257][T30179] should_fail_ex+0x3d9/0x530 [ 2023.151277][T30179] should_failslab+0xac/0x100 [ 2023.151298][T30179] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 2023.151318][T30179] ? rust_helper_krealloc+0x33/0xd0 [ 2023.151346][T30179] krealloc_noprof+0x8d/0x130 [ 2023.151366][T30179] rust_helper_krealloc+0x33/0xd0 [ 2023.151390][T30179] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 2023.151416][T30179] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 2023.151441][T30179] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 2023.151468][T30179] ? inode_init_always_gfp+0x756/0x9e0 [ 2023.151488][T30179] ? alloc_inode+0xc5/0x270 [ 2023.151507][T30179] ? proc_pident_instantiate+0x6d/0x2c0 [ 2023.151528][T30179] ? proc_pident_lookup+0x1c7/0x270 [ 2023.151548][T30179] ? path_openat+0x1301/0x34b0 [ 2023.151569][T30179] ? do_sys_openat2+0x12c/0x1c0 [ 2023.151592][T30179] ? __x64_sys_openat+0x13a/0x170 [ 2023.151614][T30179] ? x64_sys_call+0xe69/0x2ee0 [ 2023.151639][T30179] ? do_syscall_64+0x58/0xf0 [ 2023.151662][T30179] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2023.151683][T30179] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2023.151709][T30179] ? avc_has_perm_noaudit+0x268/0x360 [ 2023.151733][T30179] ? __asan_memcpy+0x5a/0x80 [ 2023.151750][T30179] ? avc_has_perm_noaudit+0x286/0x360 [ 2023.151774][T30179] ? avc_has_perm+0x144/0x220 [ 2023.151798][T30179] ? __cfi_avc_has_perm+0x10/0x10 [ 2023.151821][T30179] ? kasan_save_alloc_info+0x40/0x50 [ 2023.151846][T30179] ? selinux_file_open+0x457/0x610 [ 2023.151868][T30179] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 2023.151895][T30179] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2023.151919][T30179] ? __asan_memcpy+0x5a/0x80 [ 2023.151935][T30179] ? avc_has_extended_perms+0x921/0xdd0 [ 2023.151959][T30179] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2023.151991][T30179] ? do_vfs_ioctl+0xeda/0x1e30 [ 2023.152011][T30179] ? arch_stack_walk+0x10b/0x170 [ 2023.152028][T30179] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2023.152050][T30179] ? _parse_integer+0x2e/0x40 [ 2023.152078][T30179] ? ioctl_has_perm+0x384/0x4d0 [ 2023.152100][T30179] ? has_cap_mac_admin+0xd0/0xd0 [ 2023.152122][T30179] ? proc_fail_nth_write+0x17e/0x210 [ 2023.152145][T30179] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2023.152169][T30179] ? selinux_file_ioctl+0x6e0/0x1360 [ 2023.152190][T30179] ? vfs_write+0x93e/0xf30 [ 2023.152206][T30179] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2023.152227][T30179] ? __cfi_vfs_write+0x10/0x10 [ 2023.152244][T30179] ? __kasan_check_write+0x18/0x20 [ 2023.152270][T30179] ? mutex_unlock+0x8b/0x240 [ 2023.152287][T30179] ? __cfi_mutex_unlock+0x10/0x10 [ 2023.152304][T30179] ? __fget_files+0x2c5/0x340 [ 2023.152325][T30179] ? __fget_files+0x2c5/0x340 [ 2023.152345][T30179] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2023.152371][T30179] ? __se_sys_ioctl+0x114/0x1b0 [ 2023.152391][T30179] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2023.152417][T30179] __se_sys_ioctl+0x135/0x1b0 [ 2023.152437][T30179] __x64_sys_ioctl+0x7f/0xa0 [ 2023.152456][T30179] x64_sys_call+0x1878/0x2ee0 [ 2023.152482][T30179] do_syscall_64+0x58/0xf0 [ 2023.152504][T30179] ? clear_bhb_loop+0x50/0xa0 [ 2023.152523][T30179] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2023.152542][T30179] RIP: 0033:0x7f36e258f6c9 [ 2023.152559][T30179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2023.152575][T30179] RSP: 002b:00007f36e33d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2023.152596][T30179] RAX: ffffffffffffffda RBX: 00007f36e27e5fa0 RCX: 00007f36e258f6c9 [ 2023.152611][T30179] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000006 [ 2023.152625][T30179] RBP: 00007f36e33d2090 R08: 0000000000000000 R09: 0000000000000000 [ 2023.152638][T30179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2023.152650][T30179] R13: 00007f36e27e6038 R14: 00007f36e27e5fa0 R15: 00007fff8098c968 [ 2023.152667][T30179] [ 2023.638293][T30185] fuse: Bad value for 'fd' [ 2023.725583][ T36] audit: type=1400 audit(1763277180.396:347): avc: denied { getopt } for pid=30196 comm="syz.0.61157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 2023.788147][T30208] FAULT_INJECTION: forcing a failure. [ 2023.788147][T30208] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2023.814178][T30208] CPU: 0 UID: 0 PID: 30208 Comm: syz.0.61163 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2023.814210][T30208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2023.814222][T30208] Call Trace: [ 2023.814229][T30208] [ 2023.814237][T30208] __dump_stack+0x21/0x30 [ 2023.814265][T30208] dump_stack_lvl+0x10c/0x190 [ 2023.814288][T30208] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2023.814312][T30208] ? vfs_write+0x93e/0xf30 [ 2023.814330][T30208] dump_stack+0x19/0x20 [ 2023.814351][T30208] should_fail_ex+0x3d9/0x530 [ 2023.814371][T30208] should_fail+0xf/0x20 [ 2023.814387][T30208] should_fail_usercopy+0x1e/0x30 [ 2023.814407][T30208] _copy_from_user+0x22/0xb0 [ 2023.814429][T30208] do_sock_getsockopt+0x1d7/0x6d0 [ 2023.814456][T30208] ? __cfi_do_sock_getsockopt+0x10/0x10 [ 2023.814480][T30208] ? __fget_files+0x2c5/0x340 [ 2023.814501][T30208] __x64_sys_getsockopt+0x1d5/0x280 [ 2023.814527][T30208] x64_sys_call+0x10db/0x2ee0 [ 2023.814551][T30208] do_syscall_64+0x58/0xf0 [ 2023.814574][T30208] ? clear_bhb_loop+0x50/0xa0 [ 2023.814595][T30208] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2023.814613][T30208] RIP: 0033:0x7f36e258f6c9 [ 2023.814628][T30208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2023.814644][T30208] RSP: 002b:00007f36e33d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 2023.814664][T30208] RAX: ffffffffffffffda RBX: 00007f36e27e5fa0 RCX: 00007f36e258f6c9 [ 2023.814678][T30208] RDX: 0000000000000007 RSI: 0000000000000112 RDI: 0000000000000008 [ 2023.814691][T30208] RBP: 00007f36e33d2090 R08: 0000200000000100 R09: 0000000000000000 [ 2023.814704][T30208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2023.814715][T30208] R13: 00007f36e27e6038 R14: 00007f36e27e5fa0 R15: 00007fff8098c968 [ 2023.814732][T30208] [ 2024.285814][T30302] FAULT_INJECTION: forcing a failure. [ 2024.285814][T30302] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2024.299118][T30302] CPU: 1 UID: 0 PID: 30302 Comm: syz.2.61206 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2024.299149][T30302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2024.299162][T30302] Call Trace: [ 2024.299168][T30302] [ 2024.299176][T30302] __dump_stack+0x21/0x30 [ 2024.299204][T30302] dump_stack_lvl+0x10c/0x190 [ 2024.299227][T30302] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2024.299252][T30302] dump_stack+0x19/0x20 [ 2024.299274][T30302] should_fail_ex+0x3d9/0x530 [ 2024.299294][T30302] should_fail+0xf/0x20 [ 2024.299311][T30302] should_fail_usercopy+0x1e/0x30 [ 2024.299331][T30302] _copy_from_user+0x22/0xb0 [ 2024.299353][T30302] _RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x493/0xa380 [ 2024.299395][T30302] ? __cfi__RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x10/0x10 [ 2024.299446][T30302] ? is_bpf_text_address+0x17b/0x1a0 [ 2024.299468][T30302] ? kernel_text_address+0xa9/0xe0 [ 2024.299491][T30302] ? __kernel_text_address+0x11/0x40 [ 2024.299513][T30302] ? unwind_get_return_address+0x51/0x90 [ 2024.299535][T30302] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2024.299562][T30302] ? arch_stack_walk+0x10b/0x170 [ 2024.299580][T30302] ? stack_trace_save+0x9d/0xe0 [ 2024.299604][T30302] ? stack_depot_save_flags+0x38/0x800 [ 2024.299625][T30302] ? kasan_save_stack+0x4d/0x60 [ 2024.299644][T30302] ? kasan_save_stack+0x3e/0x60 [ 2024.299662][T30302] ? __kasan_record_aux_stack+0xb2/0xd0 [ 2024.299686][T30302] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 2024.299710][T30302] ? __call_rcu_common+0xd5/0x700 [ 2024.299727][T30302] ? call_rcu+0x14/0x20 [ 2024.299743][T30302] ? __kasan_check_write+0x18/0x20 [ 2024.299768][T30302] ? _raw_spin_trylock+0xaf/0x130 [ 2024.299790][T30302] ? __cfi__raw_spin_trylock+0x10/0x10 [ 2024.299812][T30302] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2024.299834][T30302] ? cgroup_rstat_updated+0x132/0x7f0 [ 2024.299858][T30302] ? __cfi_cgroup_rstat_updated+0x10/0x10 [ 2024.299893][T30302] ? is_bpf_text_address+0x17b/0x1a0 [ 2024.299913][T30302] ? kernel_text_address+0xa9/0xe0 [ 2024.299938][T30302] ? is_bpf_text_address+0x17b/0x1a0 [ 2024.299957][T30302] ? kernel_text_address+0xa9/0xe0 [ 2024.299978][T30302] ? __kernel_text_address+0x11/0x40 [ 2024.299998][T30302] ? unwind_get_return_address+0x51/0x90 [ 2024.300018][T30302] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2024.300044][T30302] ? arch_stack_walk+0x10b/0x170 [ 2024.300064][T30302] ? is_bpf_text_address+0x17b/0x1a0 [ 2024.300084][T30302] ? kernel_text_address+0xa9/0xe0 [ 2024.300105][T30302] ? __kernel_text_address+0x11/0x40 [ 2024.300126][T30302] ? unwind_get_return_address+0x51/0x90 [ 2024.300146][T30302] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2024.300171][T30302] ? arch_stack_walk+0x10b/0x170 [ 2024.300189][T30302] ? __kasan_check_write+0x18/0x20 [ 2024.300213][T30302] ? _raw_spin_lock+0x8c/0x120 [ 2024.300234][T30302] ? __cfi__raw_spin_lock+0x10/0x10 [ 2024.300256][T30302] ? stack_depot_save_flags+0x38/0x800 [ 2024.300275][T30302] ? stack_trace_save+0x9d/0xe0 [ 2024.300299][T30302] ? _raw_spin_unlock+0x45/0x60 [ 2024.300321][T30302] ? rust_helper_spin_unlock+0x19/0x30 [ 2024.300338][T30302] ? _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x914/0x1400 [ 2024.300363][T30302] ? security_inode_alloc+0x51/0x200 [ 2024.300388][T30302] ? inode_init_always_gfp+0x756/0x9e0 [ 2024.300405][T30302] ? alloc_inode+0xc5/0x270 [ 2024.300424][T30302] ? proc_pident_instantiate+0x6d/0x2c0 [ 2024.300444][T30302] ? proc_pident_lookup+0x1c7/0x270 [ 2024.300463][T30302] ? path_openat+0x1301/0x34b0 [ 2024.300484][T30302] ? do_sys_openat2+0x12c/0x1c0 [ 2024.300506][T30302] ? __x64_sys_openat+0x13a/0x170 [ 2024.300528][T30302] ? x64_sys_call+0xe69/0x2ee0 [ 2024.300552][T30302] ? do_syscall_64+0x58/0xf0 [ 2024.300574][T30302] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2024.300595][T30302] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2024.300618][T30302] ? avc_has_perm_noaudit+0x268/0x360 [ 2024.300642][T30302] ? __asan_memcpy+0x5a/0x80 [ 2024.300658][T30302] ? avc_has_perm_noaudit+0x286/0x360 [ 2024.300683][T30302] ? avc_has_perm+0x144/0x220 [ 2024.300706][T30302] ? __cfi_avc_has_perm+0x10/0x10 [ 2024.300729][T30302] ? kasan_save_alloc_info+0x40/0x50 [ 2024.300754][T30302] ? selinux_file_open+0x457/0x610 [ 2024.300776][T30302] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x40c/0x2cf0 [ 2024.300803][T30302] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2024.300826][T30302] ? __asan_memcpy+0x5a/0x80 [ 2024.300841][T30302] ? avc_has_extended_perms+0x921/0xdd0 [ 2024.300865][T30302] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2024.300896][T30302] ? do_vfs_ioctl+0xeda/0x1e30 [ 2024.300915][T30302] ? arch_stack_walk+0x10b/0x170 [ 2024.300932][T30302] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2024.300953][T30302] ? _parse_integer+0x2e/0x40 [ 2024.300982][T30302] ? ioctl_has_perm+0x384/0x4d0 [ 2024.301002][T30302] ? has_cap_mac_admin+0xd0/0xd0 [ 2024.301023][T30302] ? proc_fail_nth_write+0x17e/0x210 [ 2024.301045][T30302] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2024.301068][T30302] ? selinux_file_ioctl+0x6e0/0x1360 [ 2024.301087][T30302] ? vfs_write+0x93e/0xf30 [ 2024.301102][T30302] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2024.301124][T30302] ? __cfi_vfs_write+0x10/0x10 [ 2024.301140][T30302] ? __kasan_check_write+0x18/0x20 [ 2024.301165][T30302] ? mutex_unlock+0x8b/0x240 [ 2024.301182][T30302] ? __cfi_mutex_unlock+0x10/0x10 [ 2024.301198][T30302] ? __fget_files+0x2c5/0x340 [ 2024.301218][T30302] ? __fget_files+0x2c5/0x340 [ 2024.301238][T30302] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2024.301264][T30302] ? __se_sys_ioctl+0x114/0x1b0 [ 2024.301284][T30302] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2024.301309][T30302] __se_sys_ioctl+0x135/0x1b0 [ 2024.301327][T30302] __x64_sys_ioctl+0x7f/0xa0 [ 2024.301345][T30302] x64_sys_call+0x1878/0x2ee0 [ 2024.301368][T30302] do_syscall_64+0x58/0xf0 [ 2024.301388][T30302] ? clear_bhb_loop+0x50/0xa0 [ 2024.301407][T30302] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2024.301426][T30302] RIP: 0033:0x7f2a75f8f6c9 [ 2024.301443][T30302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2024.301459][T30302] RSP: 002b:00007f2a749f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2024.301480][T30302] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8f6c9 [ 2024.301495][T30302] RDX: 0000200000000100 RSI: 00000000c0306201 RDI: 0000000000000006 [ 2024.301507][T30302] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2024.301520][T30302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2024.301533][T30302] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2024.301549][T30302] [ 2024.305193][T30307] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 2024.338777][T26239] usb 2-1: new high-speed USB device number 63 using dummy_hcd [ 2024.342258][T30307] rust_binder: Read failure Err(EFAULT) in pid:81 [ 2024.510171][T26239] usb 2-1: unable to get BOS descriptor or descriptor too short [ 2024.540761][ T36] audit: type=1400 audit(1763277181.216:348): avc: denied { relabelfrom } for pid=30314 comm="syz.3.61213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 2024.545316][T26239] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 222, changing to 11 [ 2024.552428][ T36] audit: type=1400 audit(1763277181.236:349): avc: denied { relabelto } for pid=30314 comm="syz.3.61213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 2024.554589][T26239] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2025.061968][T26239] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.40 [ 2025.074584][T26239] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2025.082828][T26239] usb 2-1: Product: syz [ 2025.086999][T26239] usb 2-1: Manufacturer: syz [ 2025.090748][T30319] FAULT_INJECTION: forcing a failure. [ 2025.090748][T30319] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2025.091714][T26239] usb 2-1: SerialNumber: syz [ 2025.105385][T30319] CPU: 0 UID: 0 PID: 30319 Comm: syz.2.61215 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2025.105412][T30319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2025.105424][T30319] Call Trace: [ 2025.105431][T30319] [ 2025.105439][T30319] __dump_stack+0x21/0x30 [ 2025.105468][T30319] dump_stack_lvl+0x10c/0x190 [ 2025.105490][T30319] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2025.105513][T30319] ? proc_fail_nth_write+0x17e/0x210 [ 2025.105536][T30319] ? check_stack_object+0x107/0x140 [ 2025.105554][T30319] dump_stack+0x19/0x20 [ 2025.105576][T30319] should_fail_ex+0x3d9/0x530 [ 2025.105595][T30319] should_fail+0xf/0x20 [ 2025.105610][T30319] should_fail_usercopy+0x1e/0x30 [ 2025.105629][T30319] _copy_from_user+0x22/0xb0 [ 2025.105651][T30319] __tun_chr_ioctl+0x1f2/0x1f10 [ 2025.105670][T30319] ? __kasan_check_write+0x18/0x20 [ 2025.105695][T30319] ? tun_flow_create+0x410/0x410 [ 2025.105712][T30319] ? __fget_files+0x2c5/0x340 [ 2025.105732][T30319] ? __fget_files+0x2c5/0x340 [ 2025.105752][T30319] tun_chr_ioctl+0x2e/0x40 [ 2025.105768][T30319] ? __cfi_tun_chr_ioctl+0x10/0x10 [ 2025.105786][T30319] __se_sys_ioctl+0x135/0x1b0 [ 2025.105804][T30319] __x64_sys_ioctl+0x7f/0xa0 [ 2025.105823][T30319] x64_sys_call+0x1878/0x2ee0 [ 2025.105847][T30319] do_syscall_64+0x58/0xf0 [ 2025.105869][T30319] ? clear_bhb_loop+0x50/0xa0 [ 2025.105889][T30319] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2025.105907][T30319] RIP: 0033:0x7f2a75f8f6c9 [ 2025.105922][T30319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2025.105938][T30319] RSP: 002b:00007f2a749f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2025.105957][T30319] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8f6c9 [ 2025.105972][T30319] RDX: 0000200000000000 RSI: 00000000400454ca RDI: 0000000000000007 [ 2025.105985][T30319] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2025.105997][T30319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2025.106009][T30319] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2025.106025][T30319] [ 2025.938268][T26239] usbhid 2-1:1.0: can't add hid device: -71 [ 2025.948793][T26239] usbhid 2-1:1.0: probe with driver usbhid failed with error -71 [ 2025.982674][T26239] usb 2-1: USB disconnect, device number 63 [ 2026.048330][T30392] FAULT_INJECTION: forcing a failure. [ 2026.048330][T30392] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2026.061473][T30392] CPU: 1 UID: 0 PID: 30392 Comm: syz.3.61244 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2026.061502][T30392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2026.061513][T30392] Call Trace: [ 2026.061520][T30392] [ 2026.061527][T30392] __dump_stack+0x21/0x30 [ 2026.061555][T30392] dump_stack_lvl+0x10c/0x190 [ 2026.061576][T30392] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2026.061599][T30392] ? check_stack_object+0x12c/0x140 [ 2026.061617][T30392] dump_stack+0x19/0x20 [ 2026.061637][T30392] should_fail_ex+0x3d9/0x530 [ 2026.061655][T30392] should_fail+0xf/0x20 [ 2026.061670][T30392] should_fail_usercopy+0x1e/0x30 [ 2026.061695][T30392] _copy_to_user+0x24/0xa0 [ 2026.061716][T30392] simple_read_from_buffer+0xed/0x160 [ 2026.061738][T30392] proc_fail_nth_read+0x19e/0x210 [ 2026.061760][T30392] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.061782][T30392] ? bpf_lsm_file_permission+0xd/0x20 [ 2026.061804][T30392] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.061825][T30392] vfs_read+0x27d/0xc70 [ 2026.061841][T30392] ? ipv6_setsockopt+0xf0/0x170 [ 2026.061863][T30392] ? __cfi_vfs_read+0x10/0x10 [ 2026.061877][T30392] ? __kasan_check_write+0x18/0x20 [ 2026.061901][T30392] ? mutex_lock+0x92/0x1c0 [ 2026.061917][T30392] ? __cfi_mutex_lock+0x10/0x10 [ 2026.061933][T30392] ? __fget_files+0x2c5/0x340 [ 2026.061953][T30392] ksys_read+0x141/0x250 [ 2026.061969][T30392] ? __cfi_ksys_read+0x10/0x10 [ 2026.061984][T30392] ? __kasan_check_write+0x18/0x20 [ 2026.062008][T30392] ? __kasan_check_read+0x15/0x20 [ 2026.062031][T30392] __x64_sys_read+0x7f/0x90 [ 2026.062047][T30392] x64_sys_call+0x2638/0x2ee0 [ 2026.062071][T30392] do_syscall_64+0x58/0xf0 [ 2026.062092][T30392] ? clear_bhb_loop+0x50/0xa0 [ 2026.062111][T30392] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2026.062130][T30392] RIP: 0033:0x7f1329f8e0dc [ 2026.062146][T30392] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2026.062163][T30392] RSP: 002b:00007f132adfc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2026.062183][T30392] RAX: ffffffffffffffda RBX: 00007f132a1e5fa0 RCX: 00007f1329f8e0dc [ 2026.062198][T30392] RDX: 000000000000000f RSI: 00007f132adfc0a0 RDI: 000000000000000a [ 2026.062211][T30392] RBP: 00007f132adfc090 R08: 0000000000000000 R09: 0000000000000000 [ 2026.062224][T30392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2026.062236][T30392] R13: 00007f132a1e6038 R14: 00007f132a1e5fa0 R15: 00007ffce46d5588 [ 2026.062252][T30392] [ 2026.530767][T30436] FAULT_INJECTION: forcing a failure. [ 2026.530767][T30436] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2026.554666][T30436] CPU: 0 UID: 0 PID: 30436 Comm: syz.3.61271 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2026.554700][T30436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2026.554711][T30436] Call Trace: [ 2026.554718][T30436] [ 2026.554726][T30436] __dump_stack+0x21/0x30 [ 2026.554756][T30436] dump_stack_lvl+0x10c/0x190 [ 2026.554779][T30436] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2026.554803][T30436] ? check_stack_object+0x12c/0x140 [ 2026.554821][T30436] dump_stack+0x19/0x20 [ 2026.554844][T30436] should_fail_ex+0x3d9/0x530 [ 2026.554863][T30436] should_fail+0xf/0x20 [ 2026.554880][T30436] should_fail_usercopy+0x1e/0x30 [ 2026.554900][T30436] _copy_to_user+0x24/0xa0 [ 2026.554929][T30436] simple_read_from_buffer+0xed/0x160 [ 2026.554952][T30436] proc_fail_nth_read+0x19e/0x210 [ 2026.554976][T30436] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.554996][T30436] ? bpf_lsm_file_permission+0xd/0x20 [ 2026.555015][T30436] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.555034][T30436] vfs_read+0x27d/0xc70 [ 2026.555047][T30436] ? irqentry_exit+0x4a/0x60 [ 2026.555065][T30436] ? exc_page_fault+0x66/0xc0 [ 2026.555081][T30436] ? __cfi_vfs_read+0x10/0x10 [ 2026.555094][T30436] ? __kasan_check_write+0x18/0x20 [ 2026.555116][T30436] ? mutex_lock+0x92/0x1c0 [ 2026.555131][T30436] ? __cfi_mutex_lock+0x10/0x10 [ 2026.555147][T30436] ? __fget_files+0x2c5/0x340 [ 2026.555165][T30436] ksys_read+0x141/0x250 [ 2026.555180][T30436] ? __cfi_ksys_read+0x10/0x10 [ 2026.555195][T30436] ? __kasan_check_read+0x15/0x20 [ 2026.555218][T30436] __x64_sys_read+0x7f/0x90 [ 2026.555233][T30436] x64_sys_call+0x2638/0x2ee0 [ 2026.555255][T30436] do_syscall_64+0x58/0xf0 [ 2026.555274][T30436] ? clear_bhb_loop+0x50/0xa0 [ 2026.555293][T30436] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2026.555310][T30436] RIP: 0033:0x7f1329f8e0dc [ 2026.555325][T30436] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2026.555339][T30436] RSP: 002b:00007f132adfc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2026.555358][T30436] RAX: ffffffffffffffda RBX: 00007f132a1e5fa0 RCX: 00007f1329f8e0dc [ 2026.555371][T30436] RDX: 000000000000000f RSI: 00007f132adfc0a0 RDI: 0000000000000008 [ 2026.555382][T30436] RBP: 00007f132adfc090 R08: 0000000000000000 R09: 0000000000000000 [ 2026.555393][T30436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2026.555403][T30436] R13: 00007f132a1e6038 R14: 00007f132a1e5fa0 R15: 00007ffce46d5588 [ 2026.555417][T30436] [ 2026.855159][T30447] FAULT_INJECTION: forcing a failure. [ 2026.855159][T30447] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2026.868333][T30447] CPU: 0 UID: 0 PID: 30447 Comm: syz.3.61278 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2026.868366][T30447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2026.868378][T30447] Call Trace: [ 2026.868385][T30447] [ 2026.868393][T30447] __dump_stack+0x21/0x30 [ 2026.868421][T30447] dump_stack_lvl+0x10c/0x190 [ 2026.868443][T30447] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2026.868468][T30447] ? check_stack_object+0x12c/0x140 [ 2026.868487][T30447] dump_stack+0x19/0x20 [ 2026.868509][T30447] should_fail_ex+0x3d9/0x530 [ 2026.868529][T30447] should_fail+0xf/0x20 [ 2026.868546][T30447] should_fail_usercopy+0x1e/0x30 [ 2026.868567][T30447] _copy_to_user+0x24/0xa0 [ 2026.868589][T30447] simple_read_from_buffer+0xed/0x160 [ 2026.868613][T30447] proc_fail_nth_read+0x19e/0x210 [ 2026.868636][T30447] ? avc_has_perm_noaudit+0x268/0x360 [ 2026.868661][T30447] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.868685][T30447] ? bpf_lsm_file_permission+0xd/0x20 [ 2026.868710][T30447] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2026.868736][T30447] vfs_read+0x27d/0xc70 [ 2026.868751][T30447] ? __kasan_check_write+0x18/0x20 [ 2026.868775][T30447] ? __cfi_vfs_read+0x10/0x10 [ 2026.868790][T30447] ? __kasan_check_write+0x18/0x20 [ 2026.868815][T30447] ? mutex_lock+0x92/0x1c0 [ 2026.868833][T30447] ? __cfi_mutex_lock+0x10/0x10 [ 2026.868850][T30447] ? __fget_files+0x2c5/0x340 [ 2026.868871][T30447] ksys_read+0x141/0x250 [ 2026.868887][T30447] ? __cfi_ksys_read+0x10/0x10 [ 2026.868913][T30447] ? __kasan_check_read+0x15/0x20 [ 2026.868939][T30447] __x64_sys_read+0x7f/0x90 [ 2026.868956][T30447] x64_sys_call+0x2638/0x2ee0 [ 2026.868982][T30447] do_syscall_64+0x58/0xf0 [ 2026.869005][T30447] ? clear_bhb_loop+0x50/0xa0 [ 2026.869026][T30447] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2026.869045][T30447] RIP: 0033:0x7f1329f8e0dc [ 2026.869061][T30447] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2026.869078][T30447] RSP: 002b:00007f132adfc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2026.869100][T30447] RAX: ffffffffffffffda RBX: 00007f132a1e5fa0 RCX: 00007f1329f8e0dc [ 2026.869115][T30447] RDX: 000000000000000f RSI: 00007f132adfc0a0 RDI: 0000000000000007 [ 2026.869129][T30447] RBP: 00007f132adfc090 R08: 0000000000000000 R09: 0000000000000000 [ 2026.869142][T30447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2026.869155][T30447] R13: 00007f132a1e6038 R14: 00007f132a1e5fa0 R15: 00007ffce46d5588 [ 2026.869172][T30447] [ 2027.208865][T30470] netlink: 172 bytes leftover after parsing attributes in process `syz.0.61287'. [ 2027.218456][T30470] netlink: 16 bytes leftover after parsing attributes in process `syz.0.61287'. [ 2027.407136][T30485] FAULT_INJECTION: forcing a failure. [ 2027.407136][T30485] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2027.439057][T30485] CPU: 0 UID: 0 PID: 30485 Comm: syz.0.61295 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2027.439091][T30485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2027.439103][T30485] Call Trace: [ 2027.439110][T30485] [ 2027.439118][T30485] __dump_stack+0x21/0x30 [ 2027.439147][T30485] dump_stack_lvl+0x10c/0x190 [ 2027.439170][T30485] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2027.439193][T30485] ? check_stack_object+0x107/0x140 [ 2027.439212][T30485] dump_stack+0x19/0x20 [ 2027.439234][T30485] should_fail_ex+0x3d9/0x530 [ 2027.439254][T30485] should_fail+0xf/0x20 [ 2027.439270][T30485] should_fail_usercopy+0x1e/0x30 [ 2027.439290][T30485] _copy_from_user+0x22/0xb0 [ 2027.439312][T30485] copy_clone_args_from_user+0x1ec/0x6a0 [ 2027.439338][T30485] ? __delayed_free_task+0x40/0x40 [ 2027.439360][T30485] ? proc_fail_nth_write+0x17e/0x210 [ 2027.439384][T30485] ? bpf_lsm_file_permission+0xd/0x20 [ 2027.439410][T30485] __se_sys_clone3+0xf2/0x2d0 [ 2027.439432][T30485] ? __x64_sys_clone3+0x80/0x80 [ 2027.439456][T30485] ? __kasan_check_write+0x18/0x20 [ 2027.439481][T30485] ? fput+0x1a5/0x240 [ 2027.439504][T30485] ? __kasan_check_read+0x15/0x20 [ 2027.439529][T30485] __x64_sys_clone3+0x5f/0x80 [ 2027.439550][T30485] x64_sys_call+0x28fc/0x2ee0 [ 2027.439575][T30485] do_syscall_64+0x58/0xf0 [ 2027.439597][T30485] ? clear_bhb_loop+0x50/0xa0 [ 2027.439617][T30485] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2027.439636][T30485] RIP: 0033:0x7f36e258f6c9 [ 2027.439653][T30485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2027.439670][T30485] RSP: 002b:00007f36e33d1f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 2027.439692][T30485] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f36e258f6c9 [ 2027.439707][T30485] RDX: 00007f36e33d1f20 RSI: 0000000000000058 RDI: 00007f36e33d1f20 [ 2027.439721][T30485] RBP: 00007f36e33d2090 R08: 0000000000000000 R09: 0000000000000058 [ 2027.439735][T30485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2027.439747][T30485] R13: 00007f36e27e6038 R14: 00007f36e27e5fa0 R15: 00007fff8098c968 [ 2027.439764][T30485] [ 2027.695779][T30496] FAULT_INJECTION: forcing a failure. [ 2027.695779][T30496] name failslab, interval 1, probability 0, space 0, times 0 [ 2027.709381][T30496] CPU: 0 UID: 0 PID: 30496 Comm: syz.0.61300 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2027.709410][T30496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2027.709422][T30496] Call Trace: [ 2027.709429][T30496] [ 2027.709437][T30496] __dump_stack+0x21/0x30 [ 2027.709464][T30496] dump_stack_lvl+0x10c/0x190 [ 2027.709488][T30496] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2027.709512][T30496] ? bpf_lsm_file_permission+0xd/0x20 [ 2027.709538][T30496] dump_stack+0x19/0x20 [ 2027.709559][T30496] should_fail_ex+0x3d9/0x530 [ 2027.709579][T30496] should_failslab+0xac/0x100 [ 2027.709599][T30496] kmem_cache_alloc_noprof+0x42/0x430 [ 2027.709617][T30496] ? __kasan_check_write+0x18/0x20 [ 2027.709643][T30496] ? copy_fs_struct+0x5d/0x2d0 [ 2027.709660][T30496] ? __cfi_mutex_unlock+0x10/0x10 [ 2027.709677][T30496] ? __fget_files+0x2c5/0x340 [ 2027.709697][T30496] copy_fs_struct+0x5d/0x2d0 [ 2027.709713][T30496] ? ksys_unshare+0x381/0x880 [ 2027.709736][T30496] ksys_unshare+0x48f/0x880 [ 2027.709758][T30496] ? xfd_validate_state+0x68/0x150 [ 2027.709781][T30496] ? __cfi_ksys_unshare+0x10/0x10 [ 2027.709803][T30496] ? __kasan_check_read+0x15/0x20 [ 2027.709835][T30496] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 2027.709858][T30496] __x64_sys_unshare+0x3c/0x50 [ 2027.709880][T30496] x64_sys_call+0x2998/0x2ee0 [ 2027.709905][T30496] do_syscall_64+0x58/0xf0 [ 2027.709928][T30496] ? clear_bhb_loop+0x50/0xa0 [ 2027.709947][T30496] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2027.709966][T30496] RIP: 0033:0x7f36e258f6c9 [ 2027.709982][T30496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2027.709998][T30496] RSP: 002b:00007f36e33d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2027.710019][T30496] RAX: ffffffffffffffda RBX: 00007f36e27e5fa0 RCX: 00007f36e258f6c9 [ 2027.710034][T30496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000060000600 [ 2027.710048][T30496] RBP: 00007f36e33d2090 R08: 0000000000000000 R09: 0000000000000000 [ 2027.710061][T30496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2027.710073][T30496] R13: 00007f36e27e6038 R14: 00007f36e27e5fa0 R15: 00007fff8098c968 [ 2027.710090][T30496] [ 2028.609191][T30533] FAULT_INJECTION: forcing a failure. [ 2028.609191][T30533] name failslab, interval 1, probability 0, space 0, times 0 [ 2028.632020][T30533] CPU: 0 UID: 0 PID: 30533 Comm: syz.1.61318 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2028.632055][T30533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2028.632068][T30533] Call Trace: [ 2028.632075][T30533] [ 2028.632084][T30533] __dump_stack+0x21/0x30 [ 2028.632113][T30533] dump_stack_lvl+0x10c/0x190 [ 2028.632137][T30533] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2028.632162][T30533] dump_stack+0x19/0x20 [ 2028.632184][T30533] should_fail_ex+0x3d9/0x530 [ 2028.632204][T30533] should_failslab+0xac/0x100 [ 2028.632225][T30533] kmem_cache_alloc_noprof+0x42/0x430 [ 2028.632244][T30533] ? dup_fd+0x63/0x9d0 [ 2028.632262][T30533] dup_fd+0x63/0x9d0 [ 2028.632280][T30533] ? __kasan_check_write+0x18/0x20 [ 2028.632305][T30533] ? mutex_unlock+0x8b/0x240 [ 2028.632323][T30533] ? __cfi_mutex_unlock+0x10/0x10 [ 2028.632341][T30533] __close_range+0x1b3/0x6c0 [ 2028.632361][T30533] ? ksys_write+0x1ef/0x250 [ 2028.632379][T30533] ? __cfi___close_range+0x10/0x10 [ 2028.632399][T30533] ? __kasan_check_read+0x15/0x20 [ 2028.632425][T30533] __x64_sys_close_range+0x7e/0x90 [ 2028.632451][T30533] x64_sys_call+0x1686/0x2ee0 [ 2028.632476][T30533] do_syscall_64+0x58/0xf0 [ 2028.632499][T30533] ? clear_bhb_loop+0x50/0xa0 [ 2028.632519][T30533] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2028.632539][T30533] RIP: 0033:0x7fd536b8f6c9 [ 2028.632556][T30533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2028.632573][T30533] RSP: 002b:00007fd537acf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 2028.632594][T30533] RAX: ffffffffffffffda RBX: 00007fd536de5fa0 RCX: 00007fd536b8f6c9 [ 2028.632609][T30533] RDX: 0000000000000002 RSI: ffffffffffffffff RDI: 0000000000000008 [ 2028.632623][T30533] RBP: 00007fd537acf090 R08: 0000000000000000 R09: 0000000000000000 [ 2028.632636][T30533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2028.632649][T30533] R13: 00007fd536de6038 R14: 00007fd536de5fa0 R15: 00007fff4cce4b78 [ 2028.632666][T30533] [ 2030.147095][T30654] No source specified [ 2030.222729][ T36] audit: type=1400 audit(1763277186.896:350): avc: denied { create } for pid=30666 comm="syz.3.61378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 2030.258354][ T36] audit: type=1400 audit(1763277186.896:351): avc: denied { shutdown } for pid=30666 comm="syz.3.61378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 2030.275826][T30667] SELinux: security_context_str_to_sid (syste_uÝGй ‰:) failed with errno=-22 [ 2030.458476][T30688] FAULT_INJECTION: forcing a failure. [ 2030.458476][T30688] name failslab, interval 1, probability 0, space 0, times 0 [ 2030.485254][T30688] CPU: 0 UID: 0 PID: 30688 Comm: syz.3.61390 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2030.485287][T30688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2030.485300][T30688] Call Trace: [ 2030.485306][T30688] [ 2030.485315][T30688] __dump_stack+0x21/0x30 [ 2030.485344][T30688] dump_stack_lvl+0x10c/0x190 [ 2030.485368][T30688] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2030.485392][T30688] ? release_sock+0x171/0x1f0 [ 2030.485415][T30688] dump_stack+0x19/0x20 [ 2030.485437][T30688] should_fail_ex+0x3d9/0x530 [ 2030.485457][T30688] should_failslab+0xac/0x100 [ 2030.485477][T30688] kmem_cache_alloc_node_noprof+0x45/0x440 [ 2030.485495][T30688] ? netlink_data_ready+0x20/0x20 [ 2030.485519][T30688] ? __alloc_skb+0x10c/0x370 [ 2030.485541][T30688] __alloc_skb+0x10c/0x370 [ 2030.485563][T30688] netlink_alloc_large_skb+0xf7/0x1b0 [ 2030.485591][T30688] netlink_sendmsg+0x586/0xaf0 [ 2030.485617][T30688] ? __cfi_netlink_sendmsg+0x10/0x10 [ 2030.485643][T30688] ? __asan_memcpy+0x5a/0x80 [ 2030.485659][T30688] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 2030.485682][T30688] ? security_socket_sendmsg+0x33/0xd0 [ 2030.485700][T30688] sock_write_iter+0x49c/0x4f0 [ 2030.485720][T30688] ? __cfi_sock_write_iter+0x10/0x10 [ 2030.485741][T30688] do_iter_readv_writev+0x628/0x810 [ 2030.485762][T30688] ? vfs_iter_read+0x5f0/0x5f0 [ 2030.485781][T30688] ? bpf_lsm_file_permission+0xd/0x20 [ 2030.485807][T30688] vfs_writev+0x485/0xcf0 [ 2030.485829][T30688] ? do_writev+0x2d0/0x2d0 [ 2030.485848][T30688] ? vfs_write+0x93e/0xf30 [ 2030.485870][T30688] do_writev+0x14d/0x2d0 [ 2030.485891][T30688] ? vfs_readv+0xa50/0xa50 [ 2030.485911][T30688] ? __kasan_check_read+0x15/0x20 [ 2030.485938][T30688] __x64_sys_writev+0x81/0x90 [ 2030.485956][T30688] x64_sys_call+0x1fbb/0x2ee0 [ 2030.485982][T30688] do_syscall_64+0x58/0xf0 [ 2030.486004][T30688] ? clear_bhb_loop+0x50/0xa0 [ 2030.486025][T30688] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2030.486045][T30688] RIP: 0033:0x7f1329f8f6c9 [ 2030.486061][T30688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2030.486078][T30688] RSP: 002b:00007f132adfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 2030.486100][T30688] RAX: ffffffffffffffda RBX: 00007f132a1e5fa0 RCX: 00007f1329f8f6c9 [ 2030.486116][T30688] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000007 [ 2030.486129][T30688] RBP: 00007f132adfc090 R08: 0000000000000000 R09: 0000000000000000 [ 2030.486143][T30688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2030.486155][T30688] R13: 00007f132a1e6038 R14: 00007f132a1e5fa0 R15: 00007ffce46d5588 [ 2030.486173][T30688] [ 2030.532255][T30698] FAULT_INJECTION: forcing a failure. [ 2030.532255][T30698] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2030.764062][T30698] CPU: 1 UID: 0 PID: 30698 Comm: syz.3.61394 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2030.764089][T30698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2030.764100][T30698] Call Trace: [ 2030.764107][T30698] [ 2030.764114][T30698] __dump_stack+0x21/0x30 [ 2030.764141][T30698] dump_stack_lvl+0x10c/0x190 [ 2030.764163][T30698] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2030.764183][T30698] ? proc_fail_nth_write+0x17e/0x210 [ 2030.764197][T30698] ? check_stack_object+0x107/0x140 [ 2030.764207][T30698] dump_stack+0x19/0x20 [ 2030.764219][T30698] should_fail_ex+0x3d9/0x530 [ 2030.764230][T30698] should_fail+0xf/0x20 [ 2030.764240][T30698] should_fail_usercopy+0x1e/0x30 [ 2030.764250][T30698] _copy_from_user+0x22/0xb0 [ 2030.764263][T30698] __tun_chr_ioctl+0x1f2/0x1f10 [ 2030.764274][T30698] ? __kasan_check_write+0x18/0x20 [ 2030.764288][T30698] ? tun_flow_create+0x410/0x410 [ 2030.764306][T30698] ? __fget_files+0x2c5/0x340 [ 2030.764317][T30698] ? __fget_files+0x2c5/0x340 [ 2030.764328][T30698] tun_chr_ioctl+0x2e/0x40 [ 2030.764338][T30698] ? __cfi_tun_chr_ioctl+0x10/0x10 [ 2030.764348][T30698] __se_sys_ioctl+0x135/0x1b0 [ 2030.764360][T30698] __x64_sys_ioctl+0x7f/0xa0 [ 2030.764370][T30698] x64_sys_call+0x1878/0x2ee0 [ 2030.764383][T30698] do_syscall_64+0x58/0xf0 [ 2030.764396][T30698] ? clear_bhb_loop+0x50/0xa0 [ 2030.764408][T30698] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2030.764418][T30698] RIP: 0033:0x7f1329f8f6c9 [ 2030.764428][T30698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2030.764437][T30698] RSP: 002b:00007f132adfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2030.764450][T30698] RAX: ffffffffffffffda RBX: 00007f132a1e5fa0 RCX: 00007f1329f8f6c9 [ 2030.764458][T30698] RDX: 0000200000000140 RSI: 00000000400454ca RDI: 0000000000000007 [ 2030.764466][T30698] RBP: 00007f132adfc090 R08: 0000000000000000 R09: 0000000000000000 [ 2030.764473][T30698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2030.764480][T30698] R13: 00007f132a1e6038 R14: 00007f132a1e5fa0 R15: 00007ffce46d5588 [ 2030.764489][T30698] [ 2031.190291][T30724] FAULT_INJECTION: forcing a failure. [ 2031.190291][T30724] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2031.231134][T30724] CPU: 0 UID: 0 PID: 30724 Comm: syz.2.61406 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2031.231168][T30724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2031.231180][T30724] Call Trace: [ 2031.231187][T30724] [ 2031.231196][T30724] __dump_stack+0x21/0x30 [ 2031.231225][T30724] dump_stack_lvl+0x10c/0x190 [ 2031.231249][T30724] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2031.231274][T30724] ? check_stack_object+0x107/0x140 [ 2031.231292][T30724] dump_stack+0x19/0x20 [ 2031.231314][T30724] should_fail_ex+0x3d9/0x530 [ 2031.231334][T30724] should_fail+0xf/0x20 [ 2031.231352][T30724] should_fail_usercopy+0x1e/0x30 [ 2031.231372][T30724] _copy_from_user+0x22/0xb0 [ 2031.231395][T30724] __sys_connect+0x136/0x440 [ 2031.231420][T30724] ? __cfi___sys_connect+0x10/0x10 [ 2031.231445][T30724] ? __kasan_check_read+0x15/0x20 [ 2031.231471][T30724] __x64_sys_connect+0x7e/0x90 [ 2031.231494][T30724] x64_sys_call+0x1c2f/0x2ee0 [ 2031.231526][T30724] do_syscall_64+0x58/0xf0 [ 2031.231549][T30724] ? clear_bhb_loop+0x50/0xa0 [ 2031.231570][T30724] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2031.231590][T30724] RIP: 0033:0x7f2a75f8f6c9 [ 2031.231606][T30724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2031.231624][T30724] RSP: 002b:00007f2a749f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2031.231646][T30724] RAX: ffffffffffffffda RBX: 00007f2a761e5fa0 RCX: 00007f2a75f8f6c9 [ 2031.231661][T30724] RDX: 000000000000001c RSI: 0000200000000080 RDI: 0000000000000008 [ 2031.231675][T30724] RBP: 00007f2a749f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2031.231688][T30724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2031.231700][T30724] R13: 00007f2a761e6038 R14: 00007f2a761e5fa0 R15: 00007ffd3633b308 [ 2031.231717][T30724] [ 2031.898946][T30756] FAULT_INJECTION: forcing a failure. [ 2031.898946][T30756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2031.928825][T30756] CPU: 1 UID: 0 PID: 30756 Comm: syz.1.61421 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2031.928857][T30756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2031.928869][T30756] Call Trace: [ 2031.928875][T30756] [ 2031.928883][T30756] __dump_stack+0x21/0x30 [ 2031.928911][T30756] dump_stack_lvl+0x10c/0x190 [ 2031.928934][T30756] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2031.928959][T30756] ? check_stack_object+0x12c/0x140 [ 2031.928978][T30756] dump_stack+0x19/0x20 [ 2031.929000][T30756] should_fail_ex+0x3d9/0x530 [ 2031.929020][T30756] should_fail+0xf/0x20 [ 2031.929037][T30756] should_fail_usercopy+0x1e/0x30 [ 2031.929057][T30756] _copy_to_user+0x24/0xa0 [ 2031.929079][T30756] simple_read_from_buffer+0xed/0x160 [ 2031.929102][T30756] proc_fail_nth_read+0x19e/0x210 [ 2031.929126][T30756] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2031.929148][T30756] ? bpf_lsm_file_permission+0xd/0x20 [ 2031.929173][T30756] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2031.929195][T30756] vfs_read+0x27d/0xc70 [ 2031.929219][T30756] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2031.929243][T30756] ? __cfi_vfs_read+0x10/0x10 [ 2031.929259][T30756] ? __kasan_check_write+0x18/0x20 [ 2031.929285][T30756] ? mutex_lock+0x92/0x1c0 [ 2031.929303][T30756] ? __cfi_mutex_lock+0x10/0x10 [ 2031.929320][T30756] ? __fget_files+0x2c5/0x340 [ 2031.929341][T30756] ksys_read+0x141/0x250 [ 2031.929358][T30756] ? __cfi_ksys_read+0x10/0x10 [ 2031.929375][T30756] ? __kasan_check_read+0x15/0x20 [ 2031.929401][T30756] __x64_sys_read+0x7f/0x90 [ 2031.929419][T30756] x64_sys_call+0x2638/0x2ee0 [ 2031.929445][T30756] do_syscall_64+0x58/0xf0 [ 2031.929467][T30756] ? clear_bhb_loop+0x50/0xa0 [ 2031.929488][T30756] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2031.929507][T30756] RIP: 0033:0x7fd536b8e0dc [ 2031.929524][T30756] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2031.929541][T30756] RSP: 002b:00007fd537acf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2031.929562][T30756] RAX: ffffffffffffffda RBX: 00007fd536de5fa0 RCX: 00007fd536b8e0dc [ 2031.929578][T30756] RDX: 000000000000000f RSI: 00007fd537acf0a0 RDI: 0000000000000009 [ 2031.929591][T30756] RBP: 00007fd537acf090 R08: 0000000000000000 R09: 0000000000000000 [ 2031.929604][T30756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2031.929617][T30756] R13: 00007fd536de6038 R14: 00007fd536de5fa0 R15: 00007fff4cce4b78 [ 2031.929633][T30756] [ 2032.273082][T30770] FAULT_INJECTION: forcing a failure. [ 2032.273082][T30770] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2032.298793][T30770] CPU: 0 UID: 0 PID: 30770 Comm: syz.1.61427 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2032.298832][T30770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2032.298845][T30770] Call Trace: [ 2032.298852][T30770] [ 2032.298860][T30770] __dump_stack+0x21/0x30 [ 2032.298890][T30770] dump_stack_lvl+0x10c/0x190 [ 2032.298913][T30770] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2032.298937][T30770] ? avc_has_perm_noaudit+0x286/0x360 [ 2032.298964][T30770] dump_stack+0x19/0x20 [ 2032.298985][T30770] should_fail_ex+0x3d9/0x530 [ 2032.299006][T30770] should_fail+0xf/0x20 [ 2032.299023][T30770] should_fail_usercopy+0x1e/0x30 [ 2032.299042][T30770] _copy_from_iter+0x1a3/0x14d0 [ 2032.299065][T30770] ? selinux_file_open+0x457/0x610 [ 2032.299087][T30770] ? __cfi_selinux_file_open+0x10/0x10 [ 2032.299108][T30770] ? __cfi__copy_from_iter+0x10/0x10 [ 2032.299129][T30770] ? txopt_get+0x184/0x210 [ 2032.299150][T30770] ? fl6_sock_lookup+0xe0/0xe0 [ 2032.299170][T30770] rawv6_sendmsg+0xafa/0x17d0 [ 2032.299192][T30770] ? __cfi_avc_has_perm+0x10/0x10 [ 2032.299216][T30770] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 2032.299235][T30770] ? unwind_get_return_address+0x51/0x90 [ 2032.299259][T30770] ? selinux_socket_sendmsg+0x284/0x380 [ 2032.299287][T30770] ? avc_has_perm+0x144/0x220 [ 2032.299312][T30770] ? inet_send_prepare+0x64/0x4f0 [ 2032.299329][T30770] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 2032.299349][T30770] inet_sendmsg+0x116/0x120 [ 2032.299367][T30770] sock_write_iter+0x3cb/0x4f0 [ 2032.299387][T30770] ? __cfi_sock_write_iter+0x10/0x10 [ 2032.299407][T30770] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2032.299439][T30770] vfs_write+0x718/0xf30 [ 2032.299457][T30770] ? __cfi_sock_write_iter+0x10/0x10 [ 2032.299476][T30770] ? __cfi_vfs_write+0x10/0x10 [ 2032.299496][T30770] ksys_write+0x141/0x250 [ 2032.299514][T30770] ? __cfi_ksys_write+0x10/0x10 [ 2032.299532][T30770] ? __kasan_check_read+0x15/0x20 [ 2032.299558][T30770] __x64_sys_write+0x7f/0x90 [ 2032.299576][T30770] x64_sys_call+0x271c/0x2ee0 [ 2032.299602][T30770] do_syscall_64+0x58/0xf0 [ 2032.299624][T30770] ? clear_bhb_loop+0x50/0xa0 [ 2032.299644][T30770] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2032.299664][T30770] RIP: 0033:0x7fd536b8f6c9 [ 2032.299681][T30770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2032.299697][T30770] RSP: 002b:00007fd537acf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2032.299718][T30770] RAX: ffffffffffffffda RBX: 00007fd536de5fa0 RCX: 00007fd536b8f6c9 [ 2032.299734][T30770] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000007 [ 2032.299747][T30770] RBP: 00007fd537acf090 R08: 0000000000000000 R09: 0000000000000000 [ 2032.299759][T30770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2032.299772][T30770] R13: 00007fd536de6038 R14: 00007fd536de5fa0 R15: 00007fff4cce4b78 [ 2032.299788][T30770] [ 2032.528811][ T36] audit: type=1400 audit(1763277189.176:352): avc: denied { search } for pid=30774 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2032.635842][ T36] audit: type=1400 audit(1763277189.176:353): avc: denied { read } for pid=30775 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2032.659079][ T36] audit: type=1400 audit(1763277189.176:354): avc: denied { open } for pid=30775 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2032.684086][ T36] audit: type=1400 audit(1763277189.176:355): avc: denied { getattr } for pid=30775 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2032.713744][ T36] audit: type=1400 audit(1763277189.176:356): avc: denied { getattr } for pid=30775 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2032.729349][T30790] FAULT_INJECTION: forcing a failure. [ 2032.729349][T30790] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2032.740020][ T36] audit: type=1400 audit(1763277189.296:357): avc: denied { read } for pid=30777 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2032.774878][ T36] audit: type=1400 audit(1763277189.296:358): avc: denied { open } for pid=30777 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=435 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2032.800546][T30790] CPU: 0 UID: 0 PID: 30790 Comm: syz.1.61433 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2032.800580][T30790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2032.800592][T30790] Call Trace: [ 2032.800599][T30790] [ 2032.800607][T30790] __dump_stack+0x21/0x30 [ 2032.800636][T30790] dump_stack_lvl+0x10c/0x190 [ 2032.800657][T30790] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2032.800681][T30790] ? check_stack_object+0x107/0x140 [ 2032.800700][T30790] dump_stack+0x19/0x20 [ 2032.800723][T30790] should_fail_ex+0x3d9/0x530 [ 2032.800742][T30790] should_fail+0xf/0x20 [ 2032.800760][T30790] should_fail_usercopy+0x1e/0x30 [ 2032.800779][T30790] _copy_from_user+0x22/0xb0 [ 2032.800802][T30790] __sys_bind+0x1de/0x3f0 [ 2032.800824][T30790] ? __cfi___sys_bind+0x10/0x10 [ 2032.800847][T30790] ? __kasan_check_read+0x15/0x20 [ 2032.800874][T30790] __x64_sys_bind+0x7e/0x90 [ 2032.800896][T30790] x64_sys_call+0x1ffd/0x2ee0 [ 2032.800921][T30790] do_syscall_64+0x58/0xf0 [ 2032.800944][T30790] ? clear_bhb_loop+0x50/0xa0 [ 2032.800964][T30790] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2032.800984][T30790] RIP: 0033:0x7fd536b8f6c9 [ 2032.801000][T30790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2032.801016][T30790] RSP: 002b:00007fd537acf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 2032.801037][T30790] RAX: ffffffffffffffda RBX: 00007fd536de5fa0 RCX: 00007fd536b8f6c9 [ 2032.801052][T30790] RDX: 000000000000001c RSI: 00002000000000c0 RDI: 0000000000000007 [ 2032.801066][T30790] RBP: 00007fd537acf090 R08: 0000000000000000 R09: 0000000000000000 [ 2032.801078][T30790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2032.801090][T30790] R13: 00007fd536de6038 R14: 00007fd536de5fa0 R15: 00007fff4cce4b78 [ 2032.801107][T30790] [ 2032.992227][ T36] audit: type=1400 audit(1763277189.496:359): avc: denied { write } for pid=30774 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=425 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2032.995865][T30800] FAULT_INJECTION: forcing a failure. [ 2032.995865][T30800] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2033.028537][T30800] CPU: 0 UID: 0 PID: 30800 Comm: syz.0.61435 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2033.028564][T30800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2033.028575][T30800] Call Trace: [ 2033.028581][T30800] [ 2033.028588][T30800] __dump_stack+0x21/0x30 [ 2033.028616][T30800] dump_stack_lvl+0x10c/0x190 [ 2033.028636][T30800] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2033.028660][T30800] ? check_stack_object+0x12c/0x140 [ 2033.028677][T30800] dump_stack+0x19/0x20 [ 2033.028696][T30800] should_fail_ex+0x3d9/0x530 [ 2033.028713][T30800] should_fail+0xf/0x20 [ 2033.028733][T30800] should_fail_usercopy+0x1e/0x30 [ 2033.028750][T30800] _copy_to_user+0x24/0xa0 [ 2033.028769][T30800] simple_read_from_buffer+0xed/0x160 [ 2033.028790][T30800] proc_fail_nth_read+0x19e/0x210 [ 2033.028812][T30800] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2033.028835][T30800] ? bpf_lsm_file_permission+0xd/0x20 [ 2033.028856][T30800] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2033.028879][T30800] vfs_read+0x27d/0xc70 [ 2033.028896][T30800] ? __cfi_vfs_read+0x10/0x10 [ 2033.028912][T30800] ? __kasan_check_write+0x18/0x20 [ 2033.028938][T30800] ? mutex_lock+0x92/0x1c0 [ 2033.028956][T30800] ? __cfi_mutex_lock+0x10/0x10 [ 2033.028973][T30800] ? __fget_files+0x2c5/0x340 [ 2033.028993][T30800] ksys_read+0x141/0x250 [ 2033.029009][T30800] ? __cfi_ksys_read+0x10/0x10 [ 2033.029025][T30800] ? fdget+0x189/0x1f0 [ 2033.029044][T30800] ? __kasan_check_read+0x15/0x20 [ 2033.029068][T30800] __x64_sys_read+0x7f/0x90 [ 2033.029085][T30800] x64_sys_call+0x2638/0x2ee0 [ 2033.029110][T30800] do_syscall_64+0x58/0xf0 [ 2033.029132][T30800] ? clear_bhb_loop+0x50/0xa0 [ 2033.029152][T30800] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2033.029171][T30800] RIP: 0033:0x7f36e258e0dc [ 2033.029188][T30800] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2033.029204][T30800] RSP: 002b:00007f36e33b1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2033.029222][T30800] RAX: ffffffffffffffda RBX: 00007f36e27e6090 RCX: 00007f36e258e0dc [ 2033.029236][T30800] RDX: 000000000000000f RSI: 00007f36e33b10a0 RDI: 0000000000000007 [ 2033.029248][T30800] RBP: 00007f36e33b1090 R08: 0000000000000000 R09: 0000000000000000 [ 2033.029259][T30800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2033.029270][T30800] R13: 00007f36e27e6128 R14: 00007f36e27e6090 R15: 00007fff8098c968 [ 2033.029285][T30800]