[ 19.361176][ T383] !!! css_create !!! [ 19.365278][ T383] !!! css_create !!! [ 19.369182][ T383] !!! css_create !!! [ 19.373185][ T383] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 19.855378][ T98] device bridge_slave_1 left promiscuous mode [ 19.865226][ T98] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.872877][ T98] device bridge_slave_0 left promiscuous mode [ 19.895234][ T98] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.180474][ T22] kauditd_printk_skb: 65 callbacks suppressed [ 30.180481][ T22] audit: type=1400 audit(1653690494.659:148): avc: denied { read } for pid=141 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts. 2022/05/27 22:28:21 parsed 1 programs [ 36.700741][ T22] audit: type=1400 audit(1653690501.179:149): avc: denied { mounton } for pid=410 comm="syz-executor" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 36.701647][ T410] cgroup: Unknown subsys name 'net' [ 36.729416][ T410] cgroup: Unknown subsys name 'devices' [ 36.736003][ T410] cgroup: Unknown subsys name 'hugetlb' [ 36.741595][ T410] cgroup: Unknown subsys name 'rlimit' 2022/05/27 22:28:21 executed programs: 0 [ 36.747691][ T22] audit: type=1400 audit(1653690501.229:150): avc: denied { mounton } for pid=410 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 36.790989][ T22] audit: type=1400 audit(1653690501.229:151): avc: denied { mount } for pid=410 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 36.814334][ T22] audit: type=1400 audit(1653690501.249:152): avc: denied { mounton } for pid=414 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 36.819115][ T414] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.838377][ T22] audit: type=1400 audit(1653690501.249:153): avc: denied { module_request } for pid=414 comm="syz-executor.2" kmod="netdev-nr2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 36.860497][ T414] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.876744][ T414] device bridge_slave_0 entered promiscuous mode [ 36.883560][ T414] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.890601][ T414] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.897831][ T414] device bridge_slave_1 entered promiscuous mode [ 37.027902][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.034924][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.042512][ T426] device bridge_slave_0 entered promiscuous mode [ 37.049642][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.056849][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.064047][ T426] device bridge_slave_1 entered promiscuous mode [ 37.070690][ T425] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.077786][ T425] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.085014][ T425] device bridge_slave_0 entered promiscuous mode [ 37.093145][ T424] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.100292][ T424] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.107732][ T424] device bridge_slave_0 entered promiscuous mode [ 37.124867][ T425] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.131926][ T425] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.139319][ T425] device bridge_slave_1 entered promiscuous mode [ 37.145794][ T427] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.152789][ T427] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.160195][ T427] device bridge_slave_0 entered promiscuous mode [ 37.166748][ T424] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.173745][ T424] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.181127][ T424] device bridge_slave_1 entered promiscuous mode [ 37.187791][ T414] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.194786][ T414] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.202069][ T414] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.209097][ T414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.220836][ T428] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.227898][ T428] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.235184][ T428] device bridge_slave_0 entered promiscuous mode [ 37.245212][ T427] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.252270][ T427] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.259617][ T427] device bridge_slave_1 entered promiscuous mode [ 37.286158][ T428] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.293168][ T428] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.301146][ T428] device bridge_slave_1 entered promiscuous mode [ 37.404597][ T424] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.411640][ T424] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.418882][ T424] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.425900][ T424] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.439142][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.447300][ T107] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.454730][ T107] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.462045][ T107] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.469755][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.477208][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.498929][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.507170][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.514165][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.536665][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.544497][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.571271][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.578974][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.587645][ T388] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.594646][ T388] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.602427][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.610641][ T388] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.617657][ T388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.653956][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.662024][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.670192][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.679038][ T73] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.686097][ T73] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.694672][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.703141][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.710168][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.725219][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.733161][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.741196][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.795909][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.803353][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.813161][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.820682][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.829658][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.838879][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.847157][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.875176][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.883423][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.892121][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.900016][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.908579][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.916555][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.924347][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.932636][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.939679][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.946970][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.955426][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.962434][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.969825][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.977170][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.985282][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.992616][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.000084][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.008228][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.015248][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.022574][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.030732][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.037741][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.045050][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.053180][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.060334][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.067667][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.075530][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.083345][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.091433][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.099285][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 38.107129][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.114979][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.123377][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.131660][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.139970][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.148280][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.156399][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.164241][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.172339][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.180200][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 38.188633][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 38.197035][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.216407][ T22] audit: type=1400 audit(1653690502.699:154): avc: denied { mount } for pid=425 comm="syz-executor.3" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 38.216545][ T425] !!! css_create !!! [ 38.244723][ T425] !!! css_create !!! [ 38.248936][ T425] !!! css_create !!! [ 38.252974][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.253849][ T425] !!! css_create !!! [ 38.261505][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.272772][ T425] !!! css_create !!! [ 38.272959][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.277994][ T425] !!! css_create !!! [ 38.284814][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.288819][ T425] !!! css_create !!! [ 38.296338][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.300088][ T425] !!! css_create !!! [ 38.307469][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.318840][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.327143][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.335547][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.343834][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.352497][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.360680][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.376987][ T414] !!! css_create !!! [ 38.381817][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.382168][ T414] !!! css_create !!! [ 38.390264][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.393797][ T414] !!! css_create !!! [ 38.402738][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.412166][ T414] !!! css_create !!! [ 38.420234][ T22] audit: type=1400 audit(1653690502.899:155): avc: denied { mounton } for pid=445 comm="syz-executor.3" path="/root/syzkaller-testdir1493098226/syzkaller.CjnF8D/0/file0" dev="sda1" ino=1158 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 38.420345][ T414] !!! css_create !!! [ 38.450298][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.453209][ T414] !!! css_create !!! [ 38.459675][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.463468][ T414] !!! css_create !!! [ 38.471919][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.475755][ T414] !!! css_create !!! [ 38.483592][ T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.487264][ C1] !!! css_killed_ref_fn css ffff88811be2bc00 !!! [ 38.487275][ C1] !!! css_killed_ref_fn css ffff88810bf3d000 !!! [ 38.487287][ C1] !!! css_killed_ref_fn css ffff88810b3cf800 !!! [ 38.526856][ T107] !!! css_release css ffff88811be2bc00 !!! [ 38.532754][ T107] !!! css_put is zero set CSS_NO_REF css ffff88811be2bc00 !!! [ 38.540640][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.541298][ T23] !!! css_release css ffff88810bf3d000 !!! [ 38.548620][ T22] audit: type=1400 audit(1653690503.019:156): avc: denied { append } for pid=141 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.554620][ T23] !!! css_put is zero set CSS_NO_REF css ffff88810bf3d000 !!! [ 38.577408][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.587406][ T23] !!! css_release css ffff88810b3cf800 !!! [ 38.593394][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.598157][ T23] !!! css_put is zero set CSS_NO_REF css ffff88810b3cf800 !!! [ 38.605911][ T22] audit: type=1400 audit(1653690503.019:157): avc: denied { open } for pid=141 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.613623][ T446] !!! css_create !!! [ 38.636173][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.640138][ T446] !!! css_create !!! [ 38.648141][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.652645][ T446] !!! css_create !!! [ 38.659846][ T22] audit: type=1400 audit(1653690503.019:158): avc: denied { getattr } for pid=141 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.663903][ T446] FAULT_INJECTION: forcing a failure. [ 38.663903][ T446] name failslab, interval 1, probability 0, space 0, times 1 [ 38.686943][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.699502][ T446] CPU: 1 PID: 446 Comm: syz-executor.3 Not tainted 5.10.118-syzkaller-00001-g08d8dbfab803 #0 [ 38.717391][ T446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.727423][ T446] Call Trace: [ 38.730687][ T446] dump_stack+0x19c/0x1e2 [ 38.734995][ T446] should_fail+0x3f7/0x5b0 [ 38.739387][ T446] __should_failslab+0xd2/0x130 [ 38.744207][ T446] should_failslab+0x9/0x20 [ 38.748678][ T446] slab_pre_alloc_hook+0x25/0xe0 [ 38.753583][ T446] kmem_cache_alloc_trace+0x47/0x2b0 [ 38.758926][ T446] ? percpu_ref_init+0xd0/0x330 [ 38.763746][ T446] percpu_ref_init+0xd0/0x330 [ 38.768395][ T446] ? cgroup_setup_root+0x8a0/0x8a0 [ 38.773479][ T446] cgroup_apply_control_enable+0x49f/0xfc0 [ 38.779260][ T446] cgroup_apply_control+0x36/0x710 [ 38.784340][ T446] ? init_wait_entry+0xe0/0xe0 [ 38.789072][ T446] ? cgroup_kn_lock_live+0x1af/0x370 [ 38.794332][ T446] cgroup_subtree_control_write+0xd05/0x12d0 [ 38.800285][ T446] ? cgroup_subtree_control_show+0x1c0/0x1c0 [ 38.806232][ T446] cgroup_file_write+0x22f/0x4f0 [ 38.811138][ T446] kernfs_fop_write_iter+0x2cd/0x410 [ 38.816829][ T446] ? cgroup_seqfile_stop+0xc0/0xc0 [ 38.821910][ T446] vfs_write+0xb57/0xe50 [ 38.826122][ T446] ksys_write+0x157/0x260 [ 38.830421][ T446] __x64_sys_write+0x7b/0x90 [ 38.834982][ T446] do_syscall_64+0x34/0x70 [ 38.839374][ T446] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.845236][ T446] RIP: 0033:0x7f01cc25c0e9 [ 38.849621][ T446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 38.869197][ T446] RSP: 002b:00007f01cc1d2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 38.877580][ T446] RAX: ffffffffffffffda RBX: 00007f01cc36ef60 RCX: 00007f01cc25c0e9 [ 38.885530][ T446] RDX: 0000000000000006 RSI: 00000000200000c0 RDI: 0000000000000004 [ 38.893481][ T446] RBP: 00007f01cc1d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 38.901438][ T446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 38.909383][ T446] R13: 00007fff24e5e3cf R14: 00007f01cc1d2300 R15: 0000000000022000 [ 38.922394][ T426] !!! css_create !!! [ 38.929440][ T426] !!! css_create !!! [ 38.945824][ T426] !!! css_create !!! [ 38.951446][ T426] !!! css_create !!! [ 38.951552][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.956225][ T426] !!! css_create !!! [ 38.964154][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.967482][ C1] !!! css_killed_ref_fn css ffff88810c4a8400 !!! [ 38.967496][ C1] !!! css_killed_ref_fn css ffff88810c4a8800 !!! [ 38.968262][ T426] !!! css_create !!! [ 38.976571][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.982566][ T426] !!! css_create !!! [ 38.989876][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.016505][ T427] !!! css_create !!! [ 39.020452][ T427] !!! css_create !!! [ 39.024449][ T23] !!! css_release css ffff88810c4a8400 !!! [ 39.030331][ T23] !!! css_put is zero set CSS_NO_REF css ffff88810c4a8400 !!! [ 39.037960][ T107] !!! css_release css ffff88810c4a8800 !!! [ 39.043754][ T107] !!! css_put is zero set CSS_NO_REF css ffff88810c4a8800 !!! [ 39.053345][ T454] !!! css_create !!! [ 39.057889][ T454] !!! css_create !!! [ 39.062108][ T454] !!! css_create !!! [ 39.066366][ T454] FAULT_INJECTION: forcing a failure. [ 39.066366][ T454] name failslab, interval 1, probability 0, space 0, times 0 [ 39.078996][ T454] CPU: 1 PID: 454 Comm: syz-executor.2 Not tainted 5.10.118-syzkaller-00001-g08d8dbfab803 #0 [ 39.089122][ T454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.099149][ T454] Call Trace: [ 39.102411][ T454] dump_stack+0x19c/0x1e2 [ 39.106715][ T454] should_fail+0x3f7/0x5b0 [ 39.111102][ T454] __should_failslab+0xd2/0x130 [ 39.115923][ T454] ? __kernfs_new_node+0x97/0x6d0 [ 39.120928][ T454] should_failslab+0x9/0x20 [ 39.125403][ T454] slab_pre_alloc_hook+0x25/0xe0 [ 39.130321][ T454] ? __kernfs_new_node+0x97/0x6d0 [ 39.135316][ T454] kmem_cache_alloc+0x40/0x2a0 [ 39.140048][ T454] __kernfs_new_node+0x97/0x6d0 [ 39.144882][ T454] ? string+0x29f/0x2b0 [ 39.149010][ T454] ? vsnprintf+0x1a6c/0x1b30 [ 39.153578][ T454] kernfs_new_node+0x97/0x170 [ 39.158236][ T454] __kernfs_create_file+0x4a/0x270 [ 39.163319][ T454] cgroup_addrm_files+0x99e/0xeb0 [ 39.168318][ T454] ? delete_node+0x747/0x7a0 [ 39.172882][ T454] css_populate_dir+0x137/0x370 [ 39.177712][ T454] cgroup_apply_control_enable+0x31e/0xfc0 [ 39.183502][ T454] cgroup_apply_control+0x36/0x710 [ 39.188587][ T454] ? init_wait_entry+0xe0/0xe0 [ 39.193323][ T454] ? cgroup_kn_lock_live+0x1af/0x370 [ 39.198581][ T454] cgroup_subtree_control_write+0xd05/0x12d0 [ 39.204532][ T454] ? cgroup_subtree_control_show+0x1c0/0x1c0 [ 39.210493][ T454] cgroup_file_write+0x22f/0x4f0 [ 39.215407][ T454] kernfs_fop_write_iter+0x2cd/0x410 [ 39.220668][ T454] ? cgroup_seqfile_stop+0xc0/0xc0 [ 39.225751][ T454] vfs_write+0xb57/0xe50 [ 39.229965][ T454] ksys_write+0x157/0x260 [ 39.234265][ T454] __x64_sys_write+0x7b/0x90 [ 39.238824][ T454] do_syscall_64+0x34/0x70 [ 39.243211][ T454] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.249071][ T454] RIP: 0033:0x7fd0215750e9 [ 39.253459][ T454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 39.273036][ T454] RSP: 002b:00007fd0214ca168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 39.281420][ T454] RAX: ffffffffffffffda RBX: 00007fd021688030 RCX: 00007fd0215750e9 [ 39.289363][ T454] RDX: 0000000000000006 RSI: 00000000200000c0 RDI: 0000000000000004 [ 39.297314][ T454] RBP: 00007fd0214ca1d0 R08: 0000000000000000 R09: 0000000000000000 [ 39.305266][ T454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 39.313214][ T454] R13: 00007fff813521ff R14: 00007fd0214ca300 R15: 0000000000022000 [ 39.323014][ T454] cgroup: cgroup_addrm_files: failed to add max, err=-12 [ 39.330853][ T427] !!! css_create !!! [ 39.334876][ T427] !!! css_create !!! [ 39.339294][ T428] !!! css_create !!! [ 39.343300][ T428] !!! css_create !!! [ 39.348025][ T427] !!! css_create !!! [ 39.353901][ T427] !!! css_create !!! [ 39.357851][ C1] !!! css_killed_ref_fn css ffff88810c80e800 !!! [ 39.357866][ C1] !!! css_killed_ref_fn css ffff88810c504800 !!! [ 39.357875][ C1] !!! css_killed_ref_fn css ffff88810c507800 !!! [ 39.377849][ T427] !!! css_create !!! [ 39.382457][ T428] !!! css_create !!! [ 39.391271][ T428] !!! css_create !!! [ 39.395415][ T393] !!! css_release css ffff88810c80e800 !!! [ 39.401263][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810c80e800 !!! [ 39.409092][ T393] !!! css_release css ffff88810c504800 !!! [ 39.415061][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810c504800 !!! [ 39.423370][ T428] !!! css_create !!! [ 39.427559][ T428] !!! css_create !!! [ 39.431544][ T428] !!! css_create !!! [ 39.436002][ T393] !!! css_release css ffff88810c507800 !!! [ 39.441976][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810c507800 !!! [ 39.449692][ T468] !!! css_create !!! [ 39.453665][ T468] !!! css_create !!! [ 39.457646][ T468] !!! css_create !!! [ 39.461588][ T468] FAULT_INJECTION: forcing a failure. [ 39.461588][ T468] name failslab, interval 1, probability 0, space 0, times 0 [ 39.474832][ T468] CPU: 0 PID: 468 Comm: syz-executor.4 Not tainted 5.10.118-syzkaller-00001-g08d8dbfab803 #0 [ 39.484964][ T468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.494996][ T468] Call Trace: [ 39.498272][ T468] dump_stack+0x19c/0x1e2 [ 39.502583][ T468] should_fail+0x3f7/0x5b0 [ 39.506979][ T468] __should_failslab+0xd2/0x130 [ 39.511802][ T468] ? __kernfs_new_node+0x97/0x6d0 [ 39.516798][ T468] should_failslab+0x9/0x20 [ 39.521273][ T468] slab_pre_alloc_hook+0x25/0xe0 [ 39.526182][ T468] ? __kernfs_new_node+0x97/0x6d0 [ 39.531181][ T468] kmem_cache_alloc+0x40/0x2a0 [ 39.535922][ T468] __kernfs_new_node+0x97/0x6d0 [ 39.540745][ T468] ? string+0x29f/0x2b0 [ 39.544875][ T468] ? vsnprintf+0x1a6c/0x1b30 [ 39.549441][ T468] kernfs_new_node+0x97/0x170 [ 39.554090][ T468] __kernfs_create_file+0x4a/0x270 [ 39.559174][ T468] cgroup_addrm_files+0x99e/0xeb0 [ 39.564172][ T468] ? delete_node+0x747/0x7a0 [ 39.568740][ T468] css_populate_dir+0x137/0x370 [ 39.573584][ T468] cgroup_apply_control_enable+0x31e/0xfc0 [ 39.579372][ T468] cgroup_apply_control+0x36/0x710 [ 39.584459][ T468] ? init_wait_entry+0xe0/0xe0 [ 39.589233][ T468] ? cgroup_kn_lock_live+0x1af/0x370 [ 39.594576][ T468] cgroup_subtree_control_write+0xd05/0x12d0 [ 39.600529][ T468] ? cgroup_subtree_control_show+0x1c0/0x1c0 [ 39.606502][ T468] cgroup_file_write+0x22f/0x4f0 [ 39.611408][ T468] kernfs_fop_write_iter+0x2cd/0x410 [ 39.616664][ T468] ? cgroup_seqfile_stop+0xc0/0xc0 [ 39.621746][ T468] vfs_write+0xb57/0xe50 [ 39.625962][ T468] ksys_write+0x157/0x260 [ 39.630270][ T468] __x64_sys_write+0x7b/0x90 [ 39.634837][ T468] do_syscall_64+0x34/0x70 [ 39.639224][ T468] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.645088][ T468] RIP: 0033:0x7fd2a2d510e9 [ 39.649479][ T468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 39.669056][ T468] RSP: 002b:00007fd2a2ca6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 39.677443][ T468] RAX: ffffffffffffffda RBX: 00007fd2a2e64030 RCX: 00007fd2a2d510e9 [ 39.685391][ T468] RDX: 0000000000000006 RSI: 00000000200000c0 RDI: 0000000000000004 [ 39.693338][ T468] RBP: 00007fd2a2ca61d0 R08: 0000000000000000 R09: 0000000000000000 [ 39.701288][ T468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 39.709241][ T468] R13: 00007ffd2be0054f R14: 00007fd2a2ca6300 R15: 0000000000022000 [ 39.719165][ T468] cgroup: cgroup_addrm_files: failed to add max, err=-12 [ 39.745140][ C1] !!! css_killed_ref_fn css ffff88810cb80c00 !!! [ 39.751487][ C1] !!! css_killed_ref_fn css ffff88810cb87800 !!! [ 39.757803][ C1] !!! css_killed_ref_fn css ffff88810cb86400 !!! [ 39.764155][ T393] !!! css_release css ffff88810cb80c00 !!! [ 39.769954][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810cb80c00 !!! [ 39.777678][ T393] !!! css_release css ffff88810cb87800 !!! [ 39.783669][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810cb87800 !!! [ 39.791624][ T393] !!! css_release css ffff88810cb86400 !!! [ 39.797445][ T393] !!! css_put is zero set CSS_NO_REF css ffff88810cb86400 !!! [ 39.804946][ T469] !!! css_create !!! [ 39.809084][ T469] !!! css_create !!! [ 39.813046][ T469] !!! css_create !!! [ 39.817081][ T469] FAULT_INJECTION: forcing a failure. [ 39.817081][ T469] name failslab, interval 1, probability 0, space 0, times 0 [ 39.829777][ T469] CPU: 0 PID: 469 Comm: syz-executor.0 Not tainted 5.10.118-syzkaller-00001-g08d8dbfab803 #0 [ 39.839911][ T469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.849939][ T469] Call Trace: [ 39.853216][ T469] dump_stack+0x19c/0x1e2 [ 39.857520][ T469] should_fail+0x3f7/0x5b0 [ 39.861909][ T469] __should_failslab+0xd2/0x130 [ 39.866734][ T469] ? __kernfs_new_node+0x97/0x6d0 [ 39.871731][ T469] should_failslab+0x9/0x20 [ 39.876216][ T469] slab_pre_alloc_hook+0x25/0xe0 [ 39.881131][ T469] ? __kernfs_new_node+0x97/0x6d0 [ 39.886136][ T469] kmem_cache_alloc+0x40/0x2a0 [ 39.890876][ T469] __kernfs_new_node+0x97/0x6d0 [ 39.895695][ T469] ? string+0x29f/0x2b0 [ 39.899820][ T469] ? vsnprintf+0x1a6c/0x1b30 [ 39.904379][ T469] kernfs_new_node+0x97/0x170 [ 39.909027][ T469] __kernfs_create_file+0x4a/0x270 [ 39.914111][ T469] cgroup_addrm_files+0x99e/0xeb0 [ 39.919204][ T469] ? delete_node+0x747/0x7a0 [ 39.923763][ T469] css_populate_dir+0x137/0x370 [ 39.928587][ T469] cgroup_apply_control_enable+0x31e/0xfc0 [ 39.934372][ T469] cgroup_apply_control+0x36/0x710 [ 39.939457][ T469] ? init_wait_entry+0xe0/0xe0 [ 39.944209][ T469] ? cgroup_kn_lock_live+0x1af/0x370 [ 39.949472][ T469] cgroup_subtree_control_write+0xd05/0x12d0 [ 39.955427][ T469] ? cgroup_subtree_control_show+0x1c0/0x1c0 [ 39.961374][ T469] cgroup_file_write+0x22f/0x4f0 [ 39.966281][ T469] kernfs_fop_write_iter+0x2cd/0x410 [ 39.971535][ T469] ? cgroup_seqfile_stop+0xc0/0xc0 [ 39.976620][ T469] vfs_write+0xb57/0xe50 [ 39.980837][ T469] ksys_write+0x157/0x260 [ 39.985142][ T469] __x64_sys_write+0x7b/0x90 [ 39.989710][ T469] do_syscall_64+0x34/0x70 [ 39.994107][ T469] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.999975][ T469] RIP: 0033:0x7f74b6c330e9 [ 40.004362][ T469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 40.023940][ T469] RSP: 002b:00007f74b6b88168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 40.025257][ C1] general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] PREEMPT SMP KASAN [ 40.032332][ T469] RAX: ffffffffffffffda RBX: 00007f74b6d46030 RCX: 00007f74b6c330e9 [ 40.044020][ C1] KASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f] [ 40.051965][ T469] RDX: 0000000000000006 RSI: 00000000200000c0 RDI: 0000000000000004 [ 40.060344][ C1] CPU: 1 PID: 17 Comm: ksoftirqd/1 Not tainted 5.10.118-syzkaller-00001-g08d8dbfab803 #0 [ 40.068285][ T469] RBP: 00007f74b6b881d0 R08: 0000000000000000 R09: 0000000000000000 [ 40.078051][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.085996][ T469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 40.096035][ C1] RIP: 0010:ip6_pol_route+0x5e2/0x13b0 [ 40.103983][ T469] R13: 00007ffcb6af9f5f R14: 00007f74b6b88300 R15: 0000000000022000 [ 40.109419][ C1] Code: e8 33 bd a7 fd 48 8b 03 65 4c 8b 28 31 ff 4c 89 ee e8 22 37 70 fd 4d 85 ed 0f 84 c6 00 00 00 49 8d 5d 78 48 89 d8 48 c1 e8 03 <42> 8a 04 30 84 c0 0f 85 75 0b 00 00 44 8b 33 31 ff 44 89 f6 e8 45 [ 40.122913][ T469] cgroup: cgroup_addrm_files: failed to add max, err=-12 [ 40.137029][ C1] RSP: 0018:ffffc90000127868 EFLAGS: 00010206 [ 40.137041][ C1] RAX: 000000000000000f RBX: 000000000000007b RCX: 0000000080000300 [ 40.137048][ C1] RDX: ffff888100289e80 RSI: 0000000000000003 RDI: 0000000000000000 [ 40.137056][ C1] RBP: ffffc90000127930 R08: ffffffff83f8ddae R09: ffff88810ce9db40 [ 40.137063][ C1] R10: fffff52000024f1b R11: 1ffff92000024f17 R12: 1ffff92000024f16 [ 40.137069][ C1] R13: 0000000000000003 R14: dffffc0000000000 R15: 1ffff92000024f17 [ 40.137078][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 40.137084][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.137098][ C1] CR2: 00007fd2a2ca6718 CR3: 000000010cbc8000 CR4: 00000000003506a0 [ 40.213229][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.221173][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.229114][ C1] Call Trace: [ 40.232380][ C1] ip6_pol_route_input+0x54/0x80 [ 40.237292][ C1] ? ip6_route_input_lookup+0xd0/0xd0 [ 40.242640][ C1] fib6_rule_lookup+0xcf/0x5e0 [ 40.247378][ C1] ip6_route_input+0x689/0x9e0 [ 40.252115][ C1] ipv6_rcv+0x1ef/0x4a0 [ 40.256329][ C1] ? asan.module_dtor+0x20/0x20 [ 40.261153][ C1] ? ip6_rcv_finish+0x2c0/0x2c0 [ 40.265983][ C1] __netif_receive_skb+0x127/0x410 [ 40.271076][ C1] ? __kasan_check_write+0x14/0x20 [ 40.276158][ C1] process_backlog+0x372/0x6b0 [ 40.280893][ C1] napi_poll+0x1a3/0x6a0 [ 40.285112][ C1] net_rx_action+0x2ff/0x930 [ 40.289679][ C1] __do_softirq+0x253/0x67b [ 40.294154][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 40.299325][ C1] run_ksoftirqd+0x23/0x30 [ 40.303713][ C1] smpboot_thread_fn+0x4c8/0x8b0 [ 40.308625][ C1] kthread+0x365/0x400 [ 40.312666][ C1] ? cpu_report_death+0x1a0/0x1a0 [ 40.317663][ C1] ? kthread_blkcg+0xd0/0xd0 [ 40.322227][ C1] ret_from_fork+0x1f/0x30 [ 40.326611][ C1] Modules linked in: [ 40.330527][ C1] ---[ end trace 897625ee2abfc660 ]--- [ 40.335996][ C1] RIP: 0010:ip6_pol_route+0x5e2/0x13b0 [ 40.341442][ C1] Code: e8 33 bd a7 fd 48 8b 03 65 4c 8b 28 31 ff 4c 89 ee e8 22 37 70 fd 4d 85 ed 0f 84 c6 00 00 00 49 8d 5d 78 48 89 d8 48 c1 e8 03 <42> 8a 04 30 84 c0 0f 85 75 0b 00 00 44 8b 33 31 ff 44 89 f6 e8 45 [ 40.361060][ C1] RSP: 0018:ffffc90000127868 EFLAGS: 00010206 [ 40.367177][ C1] RAX: 000000000000000f RBX: 000000000000007b RCX: 0000000080000300 [ 40.375162][ C1] RDX: ffff888100289e80 RSI: 0000000000000003 RDI: 0000000000000000 [ 40.383127][ C1] RBP: ffffc90000127930 R08: ffffffff83f8ddae R09: ffff88810ce9db40 [ 40.391111][ C1] R10: fffff52000024f1b R11: 1ffff92000024f17 R12: 1ffff92000024f16 [ 40.399085][ C1] R13: 0000000000000003 R14: dffffc0000000000 R15: 1ffff92000024f17 [ 40.407067][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 40.416011][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.422589][ C1] CR2: 00007fd2a2ca6718 CR3: 000000010cbc8000 CR4: 00000000003506a0 [ 40.430562][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.438529][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.446502][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 40.453830][ C1] Kernel Offset: disabled [ 40.458140][ C1] Rebooting in 86400 seconds..