last executing test programs: 3.126489164s ago: executing program 3 (id=4491): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032b00fe08000e40000200875a65969ff57b00ff0200000000000000000001ffaaaaaa"], 0xfdef) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='\x00') r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r6) 2.976048596s ago: executing program 3 (id=4493): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x20000000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$inet(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x5, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) close(r0) sendmsg$inet(r1, &(0x7f0000000b40)={0x0, 0xfffffffffffffe47, 0x0}, 0x11) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) perf_event_open(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x8) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x36b9cf0e}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000240)={0x5, 0x80, 0x6, 0x0, 0x0, 0xf, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0xd2428a2}}, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000791020000000000095000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r5}, 0x10) r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000400)) openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.stat\x00', 0x60ff, 0x8cffffff) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x2, 0x2, 0x0, &(0x7f00000002c0)) socketpair(0x11, 0x3, 0x8, &(0x7f0000000300)) 2.898120162s ago: executing program 0 (id=4494): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10) 2.838294247s ago: executing program 1 (id=4495): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3}, 0x10) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r4}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0x0, 0x9}, 0xc) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r6}, 0x10) r7 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000400)='syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r7, &(0x7f00000004c0)='devices.deny\x00', 0x2, 0x0) 2.748355525s ago: executing program 0 (id=4496): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r0}, 0x10) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffb, 0x2}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) syz_clone(0x40000000, &(0x7f0000000340)="453e542a564f5e4cb39898e819e9a50f74b167a47aecfd31bef5375c0a1f1e98693e0c3b85", 0x25, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000480)="c7d7b77cb10806feb66116a54416032f3e8e1c2e7d6faf2eba5017d34c9be4de44bea23c1ef9af33ea3554ecb64a033230f4393094cfbb784cee59cc425f3601c4ce1b4d2febdad55deb607d059ea63cf92e79329117b7f78accf087f96a6fd5c595f42ffc6fd5aa6a3a526a909d11c63daa074a2efbcbf4") perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x2, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b81a100850000006d000000040000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r3}, 0x10) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000500)=ANY=[], 0xfdef) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000800850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) r9 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x7}, 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r10}, &(0x7f0000000000), &(0x7f00000005c0)=r11}, 0x20) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10) close(r9) close(r6) socketpair$unix(0x1, 0x5, 0x0, 0x0) 2.150342873s ago: executing program 3 (id=4497): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000380)=""/166}, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1, 0x25, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x0, 0x0}, 0x10) 2.010898685s ago: executing program 1 (id=4498): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xd0ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.860893677s ago: executing program 3 (id=4499): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r2}, 0x10) write$cgroup_int(r0, &(0x7f0000000200), 0x43451) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x43451) (fail_nth: 9) 1.562209372s ago: executing program 1 (id=4500): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0xfff, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="7c87f39f4071f01cf3eb50b29c8b3d7b64d08c92a8d4b2e97e2558952cdb8e212405f83bf1ac60875131e38ecc69dd3b3e73d678cf3f5b335e4867f841f1800aee77825fb8c3b7913c036c27d6ae818734d0a9f19afb5563c53ef9c15a31cd0ff4cc43c1744ba8b6079f5a563998c6cb4b8a591fe32ae86ee80f93b3c5658e85c563a48a05b8e3e52048d5e226ec88ca758c62", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r4}, 0x10) 1.317586642s ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 1.21567955s ago: executing program 0 (id=4501): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10) 1.21515442s ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 1.148826946s ago: executing program 1 (id=4502): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r3, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102031100fef2000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800950000ebff00"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000900)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r11}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8914, &(0x7f0000000080)) write$cgroup_subtree(r8, &(0x7f0000000180)=ANY=[], 0xffbf) 1.148529216s ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 1.071427962s ago: executing program 0 (id=4503): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10) 1.070218672s ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 1.005438047s ago: executing program 1 (id=4504): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3}, 0x10) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r4}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0x0, 0x9}, 0xc) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r6}, 0x10) r7 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000400)='syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r7, &(0x7f00000004c0)='devices.deny\x00', 0x2, 0x0) 1.005245607s ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 923.067954ms ago: executing program 0 (id=4505): perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0x80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032b00fe08000e40000200875a65969ff57b00ff0200000000000000000001ffaaaaaa"], 0xfdef) 922.778144ms ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 835.265741ms ago: executing program 3 (id=4506): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032b00fe08000e40000200875a65969ff57b00ff0200000000000000000001ffaaaaaa"], 0xfdef) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='\x00') r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r6) 832.062371ms ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 756.569347ms ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 680.428104ms ago: executing program 0 (id=4507): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10) r3 = perf_event_open$cgroup(&(0x7f0000000280)={0x5, 0x80, 0xf, 0x7, 0x7f, 0xa, 0x0, 0x5, 0x80480, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100, 0x2, @perf_bp={&(0x7f0000000200), 0x6}, 0x101010, 0x2, 0x101, 0x6, 0x3, 0x20, 0xff, 0x0, 0xa, 0x0, 0x800}, r2, 0x2, 0xffffffffffffffff, 0x6) openat$cgroup_devices(r1, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x6, 0x7, 0xb, 0x60, 0x0, 0x799b, 0x10040, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000, 0x293}, 0x8080, 0xfa4e, 0x3b, 0x5, 0xffff, 0xa, 0x812, 0x0, 0xca6, 0x0, 0x7}, 0x0, 0x6, r3, 0x1) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000300), 0x4) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000400), 0x4) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00'}, 0x48) 678.664334ms ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 423.323435ms ago: executing program 1 (id=4508): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3}, 0x10) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0x0, 0x9}, 0xc) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r5}, 0x10) r6 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000400)='syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r6, &(0x7f00000004c0)='devices.deny\x00', 0x2, 0x0) 423.004825ms ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 191.962154ms ago: executing program 3 (id=4509): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000b00)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00'}, 0x10) r2 = perf_event_open$cgroup(&(0x7f0000000280)={0x5, 0x80, 0xf, 0x7, 0x7f, 0xa, 0x0, 0x5, 0x80480, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100, 0x2, @perf_bp={&(0x7f0000000200), 0x6}, 0x101010, 0x2, 0x101, 0x6, 0x3, 0x20, 0xff, 0x0, 0xa, 0x0, 0x800}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x6) openat$cgroup_devices(r1, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x6, 0x7, 0xb, 0x60, 0x0, 0x799b, 0x10040, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000, 0x293}, 0x8080, 0xfa4e, 0x3b, 0x5, 0xffff, 0xa, 0x812, 0x0, 0xca6, 0x0, 0x7}, 0x0, 0x6, r2, 0x1) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000300), 0x4) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000400), 0x4) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00'}, 0x48) 190.955964ms ago: executing program 2 (id=4462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 5) 0s ago: executing program 4 (id=4459): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) kernel console output (not intermixed with test programs): 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.779419][ T8343] RSP: 002b:00007fe172e54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 229.787662][ T8343] RAX: ffffffffffffffda RBX: 00007fe174362f80 RCX: 00007fe1741d49f9 [ 229.795480][ T8343] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000007 [ 229.803282][ T8343] RBP: 00007fe172e54090 R08: 0000000000000000 R09: 0000000000000000 [ 229.811096][ T8343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 229.818905][ T8343] R13: 0000000000000000 R14: 00007fe174362f80 R15: 00007fff9fd960b8 [ 229.927081][ T8367] device sit0 left promiscuous mode [ 229.972191][ T8367] device sit0 entered promiscuous mode [ 230.150543][ T8381] device syzkaller0 entered promiscuous mode [ 231.288774][ T8441] FAULT_INJECTION: forcing a failure. [ 231.288774][ T8441] name failslab, interval 1, probability 0, space 0, times 0 [ 231.315525][ T8441] CPU: 1 PID: 8441 Comm: syz.1.2801 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 231.326808][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 231.336695][ T8441] Call Trace: [ 231.339833][ T8441] dump_stack_lvl+0x1e2/0x24b [ 231.344341][ T8441] ? panic+0x812/0x812 [ 231.348246][ T8441] ? bfq_pos_tree_add_move+0x43b/0x43b [ 231.353541][ T8441] dump_stack+0x15/0x17 [ 231.357528][ T8441] should_fail+0x3c6/0x510 [ 231.361779][ T8441] ? __delayacct_tsk_init+0x2c/0xa0 [ 231.366812][ T8441] __should_failslab+0xa4/0xe0 [ 231.371411][ T8441] should_failslab+0x9/0x20 [ 231.375749][ T8441] kmem_cache_alloc+0x3d/0x2e0 [ 231.380350][ T8441] __delayacct_tsk_init+0x2c/0xa0 [ 231.385209][ T8441] copy_process+0x9e8/0x3340 [ 231.389641][ T8441] ? proc_fail_nth_write+0x20b/0x290 [ 231.394755][ T8441] ? proc_fail_nth_read+0x210/0x210 [ 231.399793][ T8441] ? check_kill_permission+0x97/0x490 [ 231.404997][ T8441] ? rw_verify_area+0x1c3/0x360 [ 231.409684][ T8441] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 231.414632][ T8441] ? group_send_sig_info+0x131/0x320 [ 231.419761][ T8441] kernel_clone+0x21e/0x9e0 [ 231.424093][ T8441] ? create_io_thread+0x1e0/0x1e0 [ 231.428955][ T8441] __x64_sys_clone+0x23f/0x290 [ 231.433552][ T8441] ? __do_sys_vfork+0x130/0x130 [ 231.438243][ T8441] ? debug_smp_processor_id+0x17/0x20 [ 231.443451][ T8441] do_syscall_64+0x34/0x70 [ 231.447700][ T8441] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 231.453427][ T8441] RIP: 0033:0x7fe1741d49f9 [ 231.457684][ T8441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.477119][ T8441] RSP: 002b:00007fe172e53fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 231.485376][ T8441] RAX: ffffffffffffffda RBX: 00007fe174362f80 RCX: 00007fe1741d49f9 [ 231.493177][ T8441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 231.500986][ T8441] RBP: 00007fe172e54090 R08: 0000000000000000 R09: 0000000000000000 [ 231.508799][ T8441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.516612][ T8441] R13: 0000000000000000 R14: 00007fe174362f80 R15: 00007fff9fd960b8 [ 232.933654][ T8543] FAULT_INJECTION: forcing a failure. [ 232.933654][ T8543] name failslab, interval 1, probability 0, space 0, times 0 [ 232.962166][ T8543] CPU: 0 PID: 8543 Comm: syz.4.2840 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 232.973273][ T8543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 232.983170][ T8543] Call Trace: [ 232.986301][ T8543] dump_stack_lvl+0x1e2/0x24b [ 232.990812][ T8543] ? bfq_pos_tree_add_move+0x43b/0x43b [ 232.996104][ T8543] ? pcpu_memcg_post_alloc_hook+0x1c8/0x360 [ 233.001832][ T8543] dump_stack+0x15/0x17 [ 233.005822][ T8543] should_fail+0x3c6/0x510 [ 233.010077][ T8543] ? selinux_tun_dev_alloc_security+0x51/0x140 [ 233.016069][ T8543] __should_failslab+0xa4/0xe0 [ 233.020751][ T8543] should_failslab+0x9/0x20 [ 233.025089][ T8543] kmem_cache_alloc_trace+0x3a/0x2e0 [ 233.030210][ T8543] selinux_tun_dev_alloc_security+0x51/0x140 [ 233.036039][ T8543] security_tun_dev_alloc_security+0x62/0x90 [ 233.041845][ T8543] tun_net_init+0x1c8/0x550 [ 233.046182][ T8543] register_netdevice+0x346/0x13f0 [ 233.051131][ T8543] ? xdp_rxq_info_reg+0xec/0x270 [ 233.055902][ T8543] ? netif_stacked_transfer_operstate+0x240/0x240 [ 233.062157][ T8543] tun_set_iff+0x816/0xdb0 [ 233.066403][ T8543] __tun_chr_ioctl+0x8b3/0x2260 [ 233.071090][ T8543] ? tun_flow_create+0x320/0x320 [ 233.075866][ T8543] ? __fget_files+0x31e/0x380 [ 233.080380][ T8543] tun_chr_ioctl+0x2a/0x40 [ 233.084632][ T8543] ? tun_chr_poll+0x670/0x670 [ 233.089145][ T8543] __se_sys_ioctl+0x114/0x190 [ 233.093665][ T8543] __x64_sys_ioctl+0x7b/0x90 [ 233.098084][ T8543] do_syscall_64+0x34/0x70 [ 233.102340][ T8543] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 233.108065][ T8543] RIP: 0033:0x7f44dbec99f9 [ 233.112331][ T8543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.131749][ T8543] RSP: 002b:00007f44dab49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 233.139992][ T8543] RAX: ffffffffffffffda RBX: 00007f44dc057f80 RCX: 00007f44dbec99f9 [ 233.147806][ T8543] RDX: 0000000020000080 RSI: 00000000400454ca RDI: 0000000000000009 [ 233.155615][ T8543] RBP: 00007f44dab49090 R08: 0000000000000000 R09: 0000000000000000 [ 233.163429][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 233.171239][ T8543] R13: 0000000000000000 R14: 00007f44dc057f80 R15: 00007ffc725d2fb8 [ 233.875705][ T8590] device syzkaller0 entered promiscuous mode [ 235.250354][ T8656] device pim6reg1 entered promiscuous mode [ 235.288859][ T8666] syz.1.2886[8666] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.288952][ T8666] syz.1.2886[8666] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.744552][ T8712] device sit0 left promiscuous mode [ 235.839533][ T8712] device sit0 entered promiscuous mode [ 236.283602][ T8768] syz.4.2927[8768] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.283664][ T8768] syz.4.2927[8768] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.344323][ T8739] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.380667][ T8739] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.388074][ T8739] device bridge_slave_0 entered promiscuous mode [ 236.395632][ T8739] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.402657][ T8739] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.410108][ T8739] device bridge_slave_1 entered promiscuous mode [ 236.490688][ T8781] syz.4.2927[8781] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.490753][ T8781] syz.4.2927[8781] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.733168][ T8739] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.751162][ T8739] bridge0: port 2(bridge_slave_1) entered forwarding state [ 236.758268][ T8739] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.765061][ T8739] bridge0: port 1(bridge_slave_0) entered forwarding state [ 236.786552][ T8787] device syzkaller0 entered promiscuous mode [ 236.926519][ T956] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.940261][ T956] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.950064][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 236.967568][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 236.998281][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 237.006594][ T956] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.013476][ T956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.031013][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 237.049237][ T956] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.056115][ T956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.184007][ T9] device veth0_vlan left promiscuous mode [ 237.336060][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 237.481073][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 237.490545][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 237.554734][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 237.567222][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 237.578090][ T8739] device veth0_vlan entered promiscuous mode [ 237.605423][ T949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 237.613901][ T949] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 237.689380][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 237.696887][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 237.775758][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 237.784186][ T955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 237.822078][ T8828] device sit0 left promiscuous mode [ 237.852408][ T8739] device veth1_macvtap entered promiscuous mode [ 237.876426][ T8828] device sit0 entered promiscuous mode [ 237.902116][ T954] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 237.911636][ T954] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 237.920848][ T954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 237.929062][ T954] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 237.937607][ T954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 237.949827][ T8830] device macsec0 entered promiscuous mode [ 238.573404][ T8847] FAULT_INJECTION: forcing a failure. [ 238.573404][ T8847] name failslab, interval 1, probability 0, space 0, times 0 [ 238.654348][ T8847] CPU: 0 PID: 8847 Comm: syz.0.2951 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 238.665465][ T8847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 238.675353][ T8847] Call Trace: [ 238.678493][ T8847] dump_stack_lvl+0x1e2/0x24b [ 238.683001][ T8847] ? bfq_pos_tree_add_move+0x43b/0x43b [ 238.688295][ T8847] dump_stack+0x15/0x17 [ 238.692291][ T8847] should_fail+0x3c6/0x510 [ 238.696632][ T8847] ? kvmalloc_node+0x82/0x130 [ 238.701232][ T8847] __should_failslab+0xa4/0xe0 [ 238.705838][ T8847] should_failslab+0x9/0x20 [ 238.710170][ T8847] __kmalloc+0x60/0x330 [ 238.714159][ T8847] ? kvmalloc_node+0x82/0x130 [ 238.718672][ T8847] kvmalloc_node+0x82/0x130 [ 238.723012][ T8847] pfifo_fast_init+0x25e/0x7a0 [ 238.727615][ T8847] qdisc_create_dflt+0x138/0x3d0 [ 238.732386][ T8847] mq_init+0x2c8/0x6b0 [ 238.736296][ T8847] ? local_bh_enable+0x30/0x30 [ 238.740893][ T8847] ? __kasan_check_write+0x14/0x20 [ 238.745832][ T8847] ? qdisc_alloc+0x586/0x750 [ 238.750265][ T8847] ? mutex_lock+0xa5/0x110 [ 238.754510][ T8847] qdisc_create_dflt+0x138/0x3d0 [ 238.759372][ T8847] ? _raw_spin_lock+0xa4/0x1b0 [ 238.764345][ T8847] dev_activate+0x123/0x1310 [ 238.768789][ T8847] ? dev_set_rx_mode+0x245/0x2e0 [ 238.773552][ T8847] __dev_open+0x3bf/0x4e0 [ 238.777846][ T8847] ? dev_open+0x260/0x260 [ 238.782001][ T8847] ? _raw_spin_unlock_bh+0x51/0x60 [ 238.786945][ T8847] ? dev_set_rx_mode+0x245/0x2e0 [ 238.791731][ T8847] ? __kasan_check_read+0x11/0x20 [ 238.796588][ T8847] __dev_change_flags+0x1db/0x6e0 [ 238.801453][ T8847] ? dev_get_flags+0x1e0/0x1e0 [ 238.806037][ T8847] ? selinux_capable+0x2f1/0x430 [ 238.810846][ T8847] ? selinux_capset+0xf0/0xf0 [ 238.815332][ T8847] dev_change_flags+0x8c/0x1a0 [ 238.819922][ T8847] dev_ifsioc+0x115/0xae0 [ 238.824088][ T8847] ? dev_ioctl+0xb40/0xb40 [ 238.828341][ T8847] ? dev_get_by_name_rcu+0xc5/0xf0 [ 238.833284][ T8847] dev_ioctl+0x526/0xb40 [ 238.837364][ T8847] sock_do_ioctl+0x295/0x3a0 [ 238.841792][ T8847] ? sock_show_fdinfo+0xa0/0xa0 [ 238.846475][ T8847] ? kernel_write+0x3d0/0x3d0 [ 238.850991][ T8847] ? selinux_file_ioctl+0x3cc/0x540 [ 238.856023][ T8847] sock_ioctl+0x4a6/0x760 [ 238.860188][ T8847] ? sock_poll+0x340/0x340 [ 238.864446][ T8847] ? security_file_ioctl+0x84/0xb0 [ 238.869387][ T8847] ? sock_poll+0x340/0x340 [ 238.873642][ T8847] __se_sys_ioctl+0x114/0x190 [ 238.878155][ T8847] __x64_sys_ioctl+0x7b/0x90 [ 238.882582][ T8847] do_syscall_64+0x34/0x70 [ 238.886836][ T8847] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 238.892562][ T8847] RIP: 0033:0x7fe0521cd9f9 [ 238.896816][ T8847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.916254][ T8847] RSP: 002b:00007fe050e4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.924502][ T8847] RAX: ffffffffffffffda RBX: 00007fe05235bf80 RCX: 00007fe0521cd9f9 [ 238.932311][ T8847] RDX: 0000000020000080 RSI: 0000000000008914 RDI: 000000000000000a [ 238.940120][ T8847] RBP: 00007fe050e4d090 R08: 0000000000000000 R09: 0000000000000000 [ 238.947939][ T8847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.955745][ T8847] R13: 0000000000000000 R14: 00007fe05235bf80 R15: 00007ffe18180eb8 [ 238.974336][ T8847] vxcan1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 238.987155][ T8847] device vxcan1 entered promiscuous mode [ 239.061147][ T8853] device macsec0 left promiscuous mode [ 239.205252][ T8854] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.222549][ T8854] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.231066][ T8854] device bridge_slave_0 entered promiscuous mode [ 239.256041][ T8867] device syzkaller0 entered promiscuous mode [ 239.265540][ T8854] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.276523][ T8854] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.287367][ T8854] device bridge_slave_1 entered promiscuous mode [ 239.428509][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 239.437447][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 239.464812][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 239.473419][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 239.481791][ T948] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.488659][ T948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.495865][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 239.504022][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 239.512328][ T948] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.519204][ T948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.529853][ T8891] syz.2.2963[8891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.529913][ T8891] syz.2.2963[8891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.561146][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 239.581411][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 239.590541][ T956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 239.624377][ T295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 239.638480][ T295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 239.647556][ T295] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 239.656423][ T295] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 239.676234][ T8854] device veth0_vlan entered promiscuous mode [ 239.699759][ T8854] device veth1_macvtap entered promiscuous mode [ 239.719651][ T8904] FAULT_INJECTION: forcing a failure. [ 239.719651][ T8904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.732562][ T8904] CPU: 1 PID: 8904 Comm: syz.1.2970 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 239.743606][ T8904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 239.753494][ T8904] Call Trace: [ 239.756638][ T8904] dump_stack_lvl+0x1e2/0x24b [ 239.761143][ T8904] ? bfq_pos_tree_add_move+0x43b/0x43b [ 239.766436][ T8904] ? shmem_getpage_gfp+0x2226/0x2480 [ 239.771560][ T8904] dump_stack+0x15/0x17 [ 239.775546][ T8904] should_fail+0x3c6/0x510 [ 239.779803][ T8904] should_fail_usercopy+0x1a/0x20 [ 239.784668][ T8904] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 239.790565][ T8904] ? shmem_getpage+0xa0/0xa0 [ 239.794989][ T8904] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 239.800739][ T8904] ? memzero_page+0x100/0x100 [ 239.805236][ T8904] generic_perform_write+0x34c/0x570 [ 239.810361][ T8904] ? grab_cache_page_write_begin+0xa0/0xa0 [ 239.815992][ T8904] ? file_remove_privs+0x570/0x570 [ 239.820944][ T8904] ? __kasan_check_write+0x14/0x20 [ 239.825887][ T8904] __generic_file_write_iter+0x23c/0x560 [ 239.831355][ T8904] ? generic_write_checks+0x3b9/0x470 [ 239.836561][ T8904] generic_file_write_iter+0xaf/0x1c0 [ 239.841767][ T8904] vfs_write+0xb4c/0xe70 [ 239.845850][ T8904] ? kernel_write+0x3d0/0x3d0 [ 239.850363][ T8904] ? mutex_trylock+0xa0/0xa0 [ 239.854789][ T8904] ? __fdget_pos+0x2e7/0x3a0 [ 239.859210][ T8904] ? ksys_write+0x77/0x2c0 [ 239.863463][ T8904] ksys_write+0x199/0x2c0 [ 239.867633][ T8904] ? __ia32_sys_read+0x90/0x90 [ 239.872234][ T8904] ? debug_smp_processor_id+0x17/0x20 [ 239.877437][ T8904] __x64_sys_write+0x7b/0x90 [ 239.881866][ T8904] do_syscall_64+0x34/0x70 [ 239.886117][ T8904] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 239.891845][ T8904] RIP: 0033:0x7fe1741d49f9 [ 239.896101][ T8904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.915536][ T8904] RSP: 002b:00007fe172e54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 239.923783][ T8904] RAX: ffffffffffffffda RBX: 00007fe174362f80 RCX: 00007fe1741d49f9 [ 239.931596][ T8904] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000006 [ 239.939411][ T8904] RBP: 00007fe172e54090 R08: 0000000000000000 R09: 0000000000000000 [ 239.947220][ T8904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 239.955027][ T8904] R13: 0000000000000000 R14: 00007fe174362f80 R15: 00007fff9fd960b8 [ 239.978395][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 239.987768][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 239.996350][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 240.005150][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 240.021589][ T948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 240.404977][ T8950] device vxcan1 entered promiscuous mode [ 240.811054][ T8962] device pim6reg1 entered promiscuous mode [ 241.559026][ T9012] device pim6reg1 entered promiscuous mode [ 242.833565][ T9043] FAULT_INJECTION: forcing a failure. [ 242.833565][ T9043] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 242.869663][ T9043] CPU: 0 PID: 9043 Comm: syz.2.3016 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 242.880770][ T9043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 242.890660][ T9043] Call Trace: [ 242.893796][ T9043] dump_stack_lvl+0x1e2/0x24b [ 242.898308][ T9043] ? panic+0x812/0x812 [ 242.902218][ T9043] ? bfq_pos_tree_add_move+0x43b/0x43b [ 242.907501][ T9043] ? vsnprintf+0x1b96/0x1c70 [ 242.911928][ T9043] dump_stack+0x15/0x17 [ 242.915914][ T9043] should_fail+0x3c6/0x510 [ 242.920168][ T9043] should_fail_usercopy+0x1a/0x20 [ 242.925030][ T9043] _copy_to_user+0x20/0x90 [ 242.929283][ T9043] bpf_verifier_vlog+0x1ab/0x330 [ 242.934053][ T9043] __btf_verifier_log+0xd1/0x120 [ 242.938829][ T9043] ? bpf_verifier_vlog+0x1b8/0x330 [ 242.943777][ T9043] ? btf_check_sec_info+0x4f0/0x4f0 [ 242.948819][ T9043] ? btf_parse_hdr+0x1d5/0x770 [ 242.953411][ T9043] ? memcpy+0x56/0x70 [ 242.957226][ T9043] btf_parse_hdr+0x342/0x770 [ 242.961659][ T9043] btf_new_fd+0x487/0x9c0 [ 242.965825][ T9043] __se_sys_bpf+0x1aed/0x11cb0 [ 242.970426][ T9043] ? stack_trace_save+0x113/0x1c0 [ 242.975283][ T9043] ? terminate_walk+0x407/0x4f0 [ 242.980057][ T9043] ? stack_trace_snprint+0xf0/0xf0 [ 242.985004][ T9043] ? kmem_cache_free+0xa9/0x1e0 [ 242.989688][ T9043] ? kmem_cache_free+0xa9/0x1e0 [ 242.994376][ T9043] ? kasan_set_track+0x5d/0x70 [ 242.998976][ T9043] ? __x64_sys_bpf+0x90/0x90 [ 243.003402][ T9043] ? __kasan_slab_free+0x11/0x20 [ 243.008173][ T9043] ? slab_free_freelist_hook+0xc0/0x190 [ 243.013557][ T9043] ? kmem_cache_free+0xa9/0x1e0 [ 243.018257][ T9043] ? putname+0xe7/0x140 [ 243.022234][ T9043] ? do_sys_openat2+0x1fc/0x710 [ 243.026920][ T9043] ? __x64_sys_openat+0x243/0x290 [ 243.031794][ T9043] ? do_syscall_64+0x34/0x70 [ 243.036226][ T9043] ? _kstrtoull+0x3a0/0x4a0 [ 243.040646][ T9043] ? kstrtouint_from_user+0x20a/0x2a0 [ 243.045854][ T9043] ? kstrtol_from_user+0x310/0x310 [ 243.050795][ T9043] ? memset+0x35/0x40 [ 243.054611][ T9043] ? __fsnotify_parent+0x4b9/0x6c0 [ 243.059562][ T9043] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 243.066156][ T9043] ? proc_fail_nth_write+0x20b/0x290 [ 243.071277][ T9043] ? proc_fail_nth_read+0x210/0x210 [ 243.076310][ T9043] ? security_file_permission+0x86/0xb0 [ 243.081690][ T9043] ? rw_verify_area+0x1c3/0x360 [ 243.086377][ T9043] ? preempt_count_add+0x92/0x1a0 [ 243.091237][ T9043] ? vfs_write+0x852/0xe70 [ 243.095493][ T9043] ? kmem_cache_free+0xa9/0x1e0 [ 243.100181][ T9043] ? kernel_write+0x3d0/0x3d0 [ 243.104692][ T9043] ? __kasan_check_write+0x14/0x20 [ 243.109635][ T9043] ? mutex_lock+0xa5/0x110 [ 243.113886][ T9043] ? mutex_trylock+0xa0/0xa0 [ 243.118324][ T9043] ? __kasan_check_write+0x14/0x20 [ 243.123262][ T9043] ? fput_many+0x160/0x1b0 [ 243.127524][ T9043] ? debug_smp_processor_id+0x17/0x20 [ 243.132773][ T9043] __x64_sys_bpf+0x7b/0x90 [ 243.136976][ T9043] do_syscall_64+0x34/0x70 [ 243.141231][ T9043] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 243.146958][ T9043] RIP: 0033:0x7f8b047129f9 [ 243.151218][ T9043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.170652][ T9043] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 243.178895][ T9043] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 243.186709][ T9043] RDX: 0000000000000020 RSI: 0000000020004680 RDI: 0000000000000012 [ 243.194517][ T9043] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 243.202327][ T9043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 243.210142][ T9043] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 243.247128][ T9039] device syzkaller0 entered promiscuous mode [ 243.413246][ T9048] syz.4.3017 uses obsolete (PF_INET,SOCK_PACKET) [ 243.587627][ T9055] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.594900][ T9055] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.640847][ T9060] device bridge_slave_1 left promiscuous mode [ 243.646972][ T9060] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.714398][ T9060] device bridge_slave_0 left promiscuous mode [ 243.729230][ T9060] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.171086][ T9065] device syzkaller0 entered promiscuous mode [ 245.110658][ T9087] FAULT_INJECTION: forcing a failure. [ 245.110658][ T9087] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 245.162881][ T9087] CPU: 0 PID: 9087 Comm: syz.4.3031 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 245.174071][ T9087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 245.183965][ T9087] Call Trace: [ 245.187097][ T9087] dump_stack_lvl+0x1e2/0x24b [ 245.191606][ T9087] ? bfq_pos_tree_add_move+0x43b/0x43b [ 245.196903][ T9087] dump_stack+0x15/0x17 [ 245.200897][ T9087] should_fail+0x3c6/0x510 [ 245.205147][ T9087] should_fail_usercopy+0x1a/0x20 [ 245.210009][ T9087] _copy_to_user+0x20/0x90 [ 245.214267][ T9087] simple_read_from_buffer+0xc7/0x150 [ 245.219484][ T9087] proc_fail_nth_read+0x1a3/0x210 [ 245.224327][ T9087] ? proc_fault_inject_write+0x390/0x390 [ 245.229795][ T9087] ? security_file_permission+0x86/0xb0 [ 245.235179][ T9087] ? rw_verify_area+0x1c3/0x360 [ 245.239951][ T9087] ? proc_fault_inject_write+0x390/0x390 [ 245.245418][ T9087] vfs_read+0x200/0xba0 [ 245.249411][ T9087] ? kernel_read+0x70/0x70 [ 245.253662][ T9087] ? __kasan_check_write+0x14/0x20 [ 245.258608][ T9087] ? mutex_lock+0xa5/0x110 [ 245.262866][ T9087] ? mutex_trylock+0xa0/0xa0 [ 245.267293][ T9087] ? __fdget_pos+0x2e7/0x3a0 [ 245.271715][ T9087] ? ksys_read+0x77/0x2c0 [ 245.275887][ T9087] ksys_read+0x199/0x2c0 [ 245.279964][ T9087] ? vfs_write+0xe70/0xe70 [ 245.284216][ T9087] ? debug_smp_processor_id+0x17/0x20 [ 245.289425][ T9087] __x64_sys_read+0x7b/0x90 [ 245.293767][ T9087] do_syscall_64+0x34/0x70 [ 245.298019][ T9087] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.303735][ T9087] RIP: 0033:0x7f44dbec843c [ 245.307993][ T9087] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 245.327425][ T9087] RSP: 002b:00007f44dab49030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 245.335673][ T9087] RAX: ffffffffffffffda RBX: 00007f44dc057f80 RCX: 00007f44dbec843c [ 245.343492][ T9087] RDX: 000000000000000f RSI: 00007f44dab490a0 RDI: 0000000000000006 [ 245.351298][ T9087] RBP: 00007f44dab49090 R08: 0000000000000000 R09: 0000000000000000 [ 245.359108][ T9087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.366919][ T9087] R13: 0000000000000000 R14: 00007f44dc057f80 R15: 00007ffc725d2fb8 [ 245.455479][ T9103] FAULT_INJECTION: forcing a failure. [ 245.455479][ T9103] name failslab, interval 1, probability 0, space 0, times 0 [ 245.477385][ T9103] CPU: 1 PID: 9103 Comm: syz.3.3039 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 245.488493][ T9103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 245.498385][ T9103] Call Trace: [ 245.501517][ T9103] dump_stack_lvl+0x1e2/0x24b [ 245.506024][ T9103] ? bfq_pos_tree_add_move+0x43b/0x43b [ 245.511322][ T9103] ? pcpu_memcg_post_alloc_hook+0x1c8/0x360 [ 245.517045][ T9103] dump_stack+0x15/0x17 [ 245.521038][ T9103] should_fail+0x3c6/0x510 [ 245.525291][ T9103] ? selinux_tun_dev_alloc_security+0x51/0x140 [ 245.531287][ T9103] __should_failslab+0xa4/0xe0 [ 245.535880][ T9103] should_failslab+0x9/0x20 [ 245.540224][ T9103] kmem_cache_alloc_trace+0x3a/0x2e0 [ 245.545342][ T9103] selinux_tun_dev_alloc_security+0x51/0x140 [ 245.551170][ T9103] security_tun_dev_alloc_security+0x62/0x90 [ 245.556988][ T9103] tun_net_init+0x1c8/0x550 [ 245.561321][ T9103] register_netdevice+0x346/0x13f0 [ 245.566267][ T9103] ? __kasan_kmalloc+0x9/0x10 [ 245.570771][ T9103] ? xdp_rxq_info_reg+0xec/0x270 [ 245.575551][ T9103] ? netif_stacked_transfer_operstate+0x240/0x240 [ 245.581800][ T9103] tun_set_iff+0x816/0xdb0 [ 245.586052][ T9103] __tun_chr_ioctl+0x8b3/0x2260 [ 245.590733][ T9103] ? tun_flow_create+0x320/0x320 [ 245.595508][ T9103] ? __fget_files+0x31e/0x380 [ 245.600026][ T9103] tun_chr_ioctl+0x2a/0x40 [ 245.604272][ T9103] ? tun_chr_poll+0x670/0x670 [ 245.608872][ T9103] __se_sys_ioctl+0x114/0x190 [ 245.613473][ T9103] __x64_sys_ioctl+0x7b/0x90 [ 245.617896][ T9103] do_syscall_64+0x34/0x70 [ 245.622157][ T9103] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.627881][ T9103] RIP: 0033:0x7f3853a449f9 [ 245.632135][ T9103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.651570][ T9103] RSP: 002b:00007f38526c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 245.659817][ T9103] RAX: ffffffffffffffda RBX: 00007f3853bd2f80 RCX: 00007f3853a449f9 [ 245.667630][ T9103] RDX: 0000000020000100 RSI: 00000000400454ca RDI: 0000000000000004 [ 245.675438][ T9103] RBP: 00007f38526c4090 R08: 0000000000000000 R09: 0000000000000000 [ 245.683253][ T9103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.691063][ T9103] R13: 0000000000000000 R14: 00007f3853bd2f80 R15: 00007ffd7ea1bf38 [ 245.882195][ T9118] Y­4`Ò˜: renamed from lo [ 246.705433][ T9140] device pim6reg1 entered promiscuous mode [ 246.876950][ T9156] device pim6reg1 entered promiscuous mode [ 246.882999][ T9156] FAULT_INJECTION: forcing a failure. [ 246.882999][ T9156] name failslab, interval 1, probability 0, space 0, times 0 [ 246.895467][ T9156] CPU: 0 PID: 9156 Comm: syz.2.3057 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 246.906505][ T9156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 246.916391][ T9156] Call Trace: [ 246.919528][ T9156] dump_stack_lvl+0x1e2/0x24b [ 246.924037][ T9156] ? panic+0x812/0x812 [ 246.927941][ T9156] ? bfq_pos_tree_add_move+0x43b/0x43b [ 246.933325][ T9156] ? pcpu_alloc+0xfa0/0x1420 [ 246.937747][ T9156] dump_stack+0x15/0x17 [ 246.941749][ T9156] should_fail+0x3c6/0x510 [ 246.945997][ T9156] ? __alloc_skb+0x80/0x510 [ 246.950333][ T9156] __should_failslab+0xa4/0xe0 [ 246.954936][ T9156] should_failslab+0x9/0x20 [ 246.959288][ T9156] kmem_cache_alloc+0x3d/0x2e0 [ 246.963875][ T9156] __alloc_skb+0x80/0x510 [ 246.968038][ T9156] ? ip6_route_add+0x27/0x130 [ 246.972553][ T9156] ? addrconf_add_dev+0x415/0x610 [ 246.977415][ T9156] ? addrconf_notify+0x8c5/0xe90 [ 246.982193][ T9156] ? raw_notifier_call_chain+0x8c/0xf0 [ 246.987485][ T9156] inet6_rt_notify+0x2db/0x550 [ 246.992086][ T9156] ? do_syscall_64+0x34/0x70 [ 246.996507][ T9156] ? rt6_nh_dump_exceptions+0x650/0x650 [ 247.001892][ T9156] fib6_add+0x233e/0x3d20 [ 247.006059][ T9156] ? skb_gro_incr_csum_unnecessary+0x260/0x260 [ 247.012041][ T9156] ? ipv6_addr_prefix+0x42/0x180 [ 247.016929][ T9156] ? fib6_update_sernum_stub+0x1a0/0x1a0 [ 247.022375][ T9156] ? __kasan_check_write+0x14/0x20 [ 247.027321][ T9156] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 247.032188][ T9156] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 247.037218][ T9156] ip6_route_add+0x8a/0x130 [ 247.041554][ T9156] addrconf_add_dev+0x415/0x610 [ 247.046240][ T9156] ? local_bh_enable+0x30/0x30 [ 247.050836][ T9156] ? addrconf_permanent_addr+0xb40/0xba0 [ 247.056315][ T9156] ? igmpv3_del_delrec+0x740/0x740 [ 247.061255][ T9156] ? __kasan_check_read+0x11/0x20 [ 247.066115][ T9156] addrconf_dev_config+0x231/0x5a0 [ 247.071062][ T9156] ? __kasan_check_write+0x14/0x20 [ 247.076007][ T9156] ? mutex_lock+0xa5/0x110 [ 247.080263][ T9156] ? init_loopback+0x1c0/0x1c0 [ 247.084862][ T9156] ? macsec_notify+0x101/0x4c0 [ 247.089464][ T9156] ? addrconf_link_ready+0xfb/0x1e0 [ 247.094499][ T9156] addrconf_notify+0x8c5/0xe90 [ 247.099102][ T9156] raw_notifier_call_chain+0x8c/0xf0 [ 247.104215][ T9156] __dev_notify_flags+0x304/0x610 [ 247.109086][ T9156] ? __dev_change_flags+0x6e0/0x6e0 [ 247.114109][ T9156] ? __dev_change_flags+0x56c/0x6e0 [ 247.119146][ T9156] ? dev_get_flags+0x1e0/0x1e0 [ 247.123744][ T9156] ? selinux_capset+0xf0/0xf0 [ 247.128256][ T9156] dev_change_flags+0xf0/0x1a0 [ 247.132858][ T9156] dev_ifsioc+0x115/0xae0 [ 247.137027][ T9156] ? dev_ioctl+0xb40/0xb40 [ 247.141277][ T9156] ? dev_get_by_name_rcu+0xc5/0xf0 [ 247.146226][ T9156] dev_ioctl+0x526/0xb40 [ 247.150306][ T9156] sock_do_ioctl+0x295/0x3a0 [ 247.154734][ T9156] ? sock_show_fdinfo+0xa0/0xa0 [ 247.159421][ T9156] ? kernel_write+0x3d0/0x3d0 [ 247.163931][ T9156] ? selinux_file_ioctl+0x3cc/0x540 [ 247.168968][ T9156] sock_ioctl+0x4a6/0x760 [ 247.173132][ T9156] ? sock_poll+0x340/0x340 [ 247.177388][ T9156] ? security_file_ioctl+0x84/0xb0 [ 247.182330][ T9156] ? sock_poll+0x340/0x340 [ 247.186584][ T9156] __se_sys_ioctl+0x114/0x190 [ 247.191093][ T9156] __x64_sys_ioctl+0x7b/0x90 [ 247.195524][ T9156] do_syscall_64+0x34/0x70 [ 247.199777][ T9156] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 247.205500][ T9156] RIP: 0033:0x7f8b047129f9 [ 247.209753][ T9156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.229195][ T9156] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.237454][ T9156] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 247.245258][ T9156] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 0000000000000005 [ 247.253067][ T9156] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 247.260880][ T9156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 247.268686][ T9156] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 247.346831][ T9161] device syzkaller0 entered promiscuous mode [ 248.105349][ T9194] device syzkaller0 entered promiscuous mode [ 248.164386][ T9202] FAULT_INJECTION: forcing a failure. [ 248.164386][ T9202] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 248.177545][ T9202] CPU: 1 PID: 9202 Comm: syz.2.3074 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 248.188634][ T9202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 248.198521][ T9202] Call Trace: [ 248.201660][ T9202] dump_stack_lvl+0x1e2/0x24b [ 248.206170][ T9202] ? bfq_pos_tree_add_move+0x43b/0x43b [ 248.211464][ T9202] ? shmem_getpage_gfp+0x2226/0x2480 [ 248.216586][ T9202] dump_stack+0x15/0x17 [ 248.220574][ T9202] should_fail+0x3c6/0x510 [ 248.224831][ T9202] should_fail_usercopy+0x1a/0x20 [ 248.229692][ T9202] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 248.235598][ T9202] ? shmem_getpage+0xa0/0xa0 [ 248.240017][ T9202] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 248.245744][ T9202] ? memzero_page+0x100/0x100 [ 248.250268][ T9202] generic_perform_write+0x34c/0x570 [ 248.255384][ T9202] ? grab_cache_page_write_begin+0xa0/0xa0 [ 248.261108][ T9202] ? file_remove_privs+0x570/0x570 [ 248.266059][ T9202] ? __kasan_check_write+0x14/0x20 [ 248.271013][ T9202] __generic_file_write_iter+0x23c/0x560 [ 248.276476][ T9202] ? generic_write_checks+0x3b9/0x470 [ 248.281685][ T9202] generic_file_write_iter+0xaf/0x1c0 [ 248.286887][ T9202] vfs_write+0xb4c/0xe70 [ 248.291058][ T9202] ? kernel_write+0x3d0/0x3d0 [ 248.295570][ T9202] ? mutex_trylock+0xa0/0xa0 [ 248.300000][ T9202] ? __fdget_pos+0x2e7/0x3a0 [ 248.304418][ T9202] ? ksys_write+0x77/0x2c0 [ 248.308755][ T9202] ksys_write+0x199/0x2c0 [ 248.312916][ T9202] ? __ia32_sys_read+0x90/0x90 [ 248.317517][ T9202] ? debug_smp_processor_id+0x17/0x20 [ 248.322720][ T9202] __x64_sys_write+0x7b/0x90 [ 248.327146][ T9202] do_syscall_64+0x34/0x70 [ 248.331403][ T9202] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 248.337126][ T9202] RIP: 0033:0x7f8b047129f9 [ 248.341383][ T9202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.360821][ T9202] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 248.369066][ T9202] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 248.376875][ T9202] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008 [ 248.384686][ T9202] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 248.392498][ T9202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 248.400308][ T9202] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 248.426250][ T9194] device syzkaller0 left promiscuous mode [ 248.448466][ T9209] syz.2.3077[9209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 248.448521][ T9209] syz.2.3077[9209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 248.509010][ T9213] device syzkaller0 entered promiscuous mode [ 248.528792][ T9218] device syzkaller0 left promiscuous mode [ 248.551252][ T9218] FAULT_INJECTION: forcing a failure. [ 248.551252][ T9218] name failslab, interval 1, probability 0, space 0, times 0 [ 248.572140][ T9224] FAULT_INJECTION: forcing a failure. [ 248.572140][ T9224] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 248.585244][ T9224] CPU: 1 PID: 9224 Comm: syz.1.3084 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 248.596268][ T9224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 248.606159][ T9224] Call Trace: [ 248.609378][ T9224] dump_stack_lvl+0x1e2/0x24b [ 248.613879][ T9224] ? bfq_pos_tree_add_move+0x43b/0x43b [ 248.619179][ T9224] ? shmem_getpage_gfp+0x2226/0x2480 [ 248.624314][ T9224] dump_stack+0x15/0x17 [ 248.628302][ T9224] should_fail+0x3c6/0x510 [ 248.632558][ T9224] should_fail_usercopy+0x1a/0x20 [ 248.637404][ T9224] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 248.643309][ T9224] ? shmem_getpage+0xa0/0xa0 [ 248.647727][ T9224] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 248.653469][ T9224] ? memzero_page+0x100/0x100 [ 248.657975][ T9224] generic_perform_write+0x34c/0x570 [ 248.663101][ T9224] ? grab_cache_page_write_begin+0xa0/0xa0 [ 248.668733][ T9224] ? file_remove_privs+0x570/0x570 [ 248.673683][ T9224] ? __kasan_check_write+0x14/0x20 [ 248.678637][ T9224] __generic_file_write_iter+0x23c/0x560 [ 248.684187][ T9224] ? generic_write_checks+0x3b9/0x470 [ 248.689394][ T9224] generic_file_write_iter+0xaf/0x1c0 [ 248.694596][ T9224] vfs_write+0xb4c/0xe70 [ 248.699115][ T9224] ? kernel_write+0x3d0/0x3d0 [ 248.703625][ T9224] ? mutex_trylock+0xa0/0xa0 [ 248.708052][ T9224] ? __fdget_pos+0x2e7/0x3a0 [ 248.712477][ T9224] ? ksys_write+0x77/0x2c0 [ 248.716729][ T9224] ksys_write+0x199/0x2c0 [ 248.720898][ T9224] ? __ia32_sys_read+0x90/0x90 [ 248.725495][ T9224] ? debug_smp_processor_id+0x17/0x20 [ 248.730705][ T9224] __x64_sys_write+0x7b/0x90 [ 248.735130][ T9224] do_syscall_64+0x34/0x70 [ 248.739385][ T9224] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 248.745109][ T9224] RIP: 0033:0x7fe1741d49f9 [ 248.749363][ T9224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.769193][ T9224] RSP: 002b:00007fe172e54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 248.777428][ T9224] RAX: ffffffffffffffda RBX: 00007fe174362f80 RCX: 00007fe1741d49f9 [ 248.785238][ T9224] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008 [ 248.793051][ T9224] RBP: 00007fe172e54090 R08: 0000000000000000 R09: 0000000000000000 [ 248.800859][ T9224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.808846][ T9224] R13: 0000000000000000 R14: 00007fe174362f80 R15: 00007fff9fd960b8 [ 248.833202][ T9218] CPU: 1 PID: 9218 Comm: syz.3.3079 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 248.844312][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 248.854200][ T9218] Call Trace: [ 248.857336][ T9218] dump_stack_lvl+0x1e2/0x24b [ 248.861844][ T9218] ? bfq_pos_tree_add_move+0x43b/0x43b [ 248.867136][ T9218] dump_stack+0x15/0x17 [ 248.871128][ T9218] should_fail+0x3c6/0x510 [ 248.875380][ T9218] ? rtmsg_ifinfo_build_skb+0x7f/0x180 [ 248.880676][ T9218] __should_failslab+0xa4/0xe0 [ 248.885272][ T9218] should_failslab+0x9/0x20 [ 248.889611][ T9218] __kmalloc_track_caller+0x5f/0x320 [ 248.894732][ T9218] ? kmem_cache_alloc+0x168/0x2e0 [ 248.899592][ T9218] ? __alloc_skb+0x80/0x510 [ 248.903934][ T9218] ? rtmsg_ifinfo_build_skb+0x7f/0x180 [ 248.909240][ T9218] __alloc_skb+0xbc/0x510 [ 248.913393][ T9218] ? if_nlmsg_size+0x59c/0x5f0 [ 248.918068][ T9218] rtmsg_ifinfo_build_skb+0x7f/0x180 [ 248.923213][ T9218] rtmsg_ifinfo+0x78/0x120 [ 248.927456][ T9218] __dev_notify_flags+0xdd/0x610 [ 248.932233][ T9218] ? __dev_change_flags+0x6e0/0x6e0 [ 248.937277][ T9218] ? __dev_change_flags+0x56c/0x6e0 [ 248.942307][ T9218] ? dev_get_flags+0x1e0/0x1e0 [ 248.946903][ T9218] ? selinux_capable+0x2f1/0x430 [ 248.951677][ T9218] ? selinux_capset+0xf0/0xf0 [ 248.956181][ T9218] dev_change_flags+0xf0/0x1a0 [ 248.960797][ T9218] dev_ifsioc+0x115/0xae0 [ 248.965046][ T9218] ? dev_ioctl+0xb40/0xb40 [ 248.969291][ T9218] ? dev_get_by_name_rcu+0xc5/0xf0 [ 248.974234][ T9218] dev_ioctl+0x526/0xb40 [ 248.978316][ T9218] sock_do_ioctl+0x295/0x3a0 [ 248.982801][ T9218] ? sock_show_fdinfo+0xa0/0xa0 [ 248.987459][ T9218] ? kernel_write+0x3d0/0x3d0 [ 248.991951][ T9218] ? selinux_file_ioctl+0x3cc/0x540 [ 248.996977][ T9218] sock_ioctl+0x4a6/0x760 [ 249.001139][ T9218] ? sock_poll+0x340/0x340 [ 249.005393][ T9218] ? security_file_ioctl+0x84/0xb0 [ 249.010337][ T9218] ? sock_poll+0x340/0x340 [ 249.014851][ T9218] __se_sys_ioctl+0x114/0x190 [ 249.019367][ T9218] __x64_sys_ioctl+0x7b/0x90 [ 249.023791][ T9218] do_syscall_64+0x34/0x70 [ 249.028048][ T9218] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 249.033772][ T9218] RIP: 0033:0x7f3853a449f9 [ 249.038044][ T9218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.057479][ T9218] RSP: 002b:00007f38526a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.065713][ T9218] RAX: ffffffffffffffda RBX: 00007f3853bd3058 RCX: 00007f3853a449f9 [ 249.073518][ T9218] RDX: 0000000020002280 RSI: 0000000000008914 RDI: 0000000000000006 [ 249.081331][ T9218] RBP: 00007f38526a3090 R08: 0000000000000000 R09: 0000000000000000 [ 249.089142][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 249.097072][ T9218] R13: 0000000000000000 R14: 00007f3853bd3058 R15: 00007ffd7ea1bf38 [ 249.206770][ T9241] device syzkaller0 entered promiscuous mode [ 249.239239][ T9240] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.246495][ T9240] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.274657][ T9241] device syzkaller0 left promiscuous mode [ 249.306035][ T9240] device bridge_slave_1 left promiscuous mode [ 249.312252][ T9240] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.322248][ T9240] device bridge_slave_0 left promiscuous mode [ 249.328357][ T9240] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.452436][ T9250] device pim6reg1 entered promiscuous mode [ 249.997568][ T9272] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.007731][ T9272] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.042837][ T9272] device bridge_slave_0 entered promiscuous mode [ 250.086736][ T9272] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.105943][ T9272] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.140438][ T9272] device bridge_slave_1 entered promiscuous mode [ 250.802653][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 250.816089][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.825992][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.849627][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.857776][ T964] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.864651][ T964] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.889273][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.897561][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.897596][ T9307] FAULT_INJECTION: forcing a failure. [ 250.897596][ T9307] name failslab, interval 1, probability 0, space 0, times 0 [ 250.917980][ T9307] CPU: 1 PID: 9307 Comm: syz.0.3112 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 250.919442][ T964] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.929071][ T9307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 250.935965][ T964] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.945807][ T9307] Call Trace: [ 250.945840][ T9307] dump_stack_lvl+0x1e2/0x24b [ 250.960501][ T9307] ? bfq_pos_tree_add_move+0x43b/0x43b [ 250.965795][ T9307] ? vfs_write+0x852/0xe70 [ 250.970049][ T9307] dump_stack+0x15/0x17 [ 250.974036][ T9307] should_fail+0x3c6/0x510 [ 250.978293][ T9307] ? getname_flags+0xba/0x520 [ 250.982815][ T9307] __should_failslab+0xa4/0xe0 [ 250.987417][ T9307] should_failslab+0x9/0x20 [ 250.991745][ T9307] kmem_cache_alloc+0x3d/0x2e0 [ 250.996345][ T9307] getname_flags+0xba/0x520 [ 251.000686][ T9307] do_mkdirat+0xbb/0x2c0 [ 251.004756][ T9307] ? do_mknodat+0x450/0x450 [ 251.009099][ T9307] ? debug_smp_processor_id+0x17/0x20 [ 251.014312][ T9307] __x64_sys_mkdirat+0x7b/0x90 [ 251.018905][ T9307] do_syscall_64+0x34/0x70 [ 251.023163][ T9307] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 251.028887][ T9307] RIP: 0033:0x7fe0521cd9f9 [ 251.033138][ T9307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.052583][ T9307] RSP: 002b:00007fe050e4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 251.060824][ T9307] RAX: ffffffffffffffda RBX: 00007fe05235bf80 RCX: 00007fe0521cd9f9 [ 251.068640][ T9307] RDX: 00000000000001ff RSI: 0000000020000b80 RDI: ffffffffffffffff [ 251.076450][ T9307] RBP: 00007fe050e4d090 R08: 0000000000000000 R09: 0000000000000000 [ 251.084258][ T9307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 251.092071][ T9307] R13: 0000000000000000 R14: 00007fe05235bf80 R15: 00007ffe18180eb8 [ 251.140807][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 251.148327][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.166777][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.200046][ T9312] syz.0.3114[9312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.200108][ T9312] syz.0.3114[9312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.220748][ T9312] syz.0.3114[9312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.232808][ T9312] syz.0.3114[9312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.249278][ T965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 251.431599][ T9272] device veth0_vlan entered promiscuous mode [ 251.438244][ T8194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 251.469034][ T8194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 251.540668][ T502] device veth0_vlan left promiscuous mode [ 251.607288][ T9272] device veth1_macvtap entered promiscuous mode [ 251.618074][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 251.626038][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 251.633869][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 251.642729][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 251.652455][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 251.713346][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 251.722442][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 251.784057][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 251.797090][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 252.896793][ T9342] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.912303][ T9342] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.929862][ T9342] device bridge_slave_0 entered promiscuous mode [ 252.977176][ T9342] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.992965][ T9342] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.002443][ T9342] device bridge_slave_1 entered promiscuous mode [ 253.275964][ T9342] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.282957][ T9342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.290044][ T9342] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.296804][ T9342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.390367][ T965] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.403138][ T965] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.411397][ T24] audit: type=1400 audit(1723137890.440:161): avc: denied { create } for pid=9375 comm="syz.2.3136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 253.470223][ T8194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 253.477559][ T8194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 253.523342][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 253.540285][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 253.548286][ T8190] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.555161][ T8190] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.565494][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 253.586626][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.595046][ T8190] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.601930][ T8190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.609791][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 253.617820][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 253.626062][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 253.634284][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 253.649612][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 253.657899][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 253.671032][ T9342] device veth0_vlan entered promiscuous mode [ 253.679970][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 253.687934][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 253.706593][ T1832] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 253.715010][ T1832] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 253.726026][ T9342] device veth1_macvtap entered promiscuous mode [ 253.734247][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 253.743193][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 253.751564][ T8191] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 253.775551][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 253.784141][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 253.792810][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 253.801996][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 254.815156][ T9415] device pim6reg1 entered promiscuous mode [ 256.203611][ T9470] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.211010][ T9470] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.329215][ T9485] device bridge_slave_1 left promiscuous mode [ 256.399964][ T9485] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.424696][ T9485] device bridge_slave_0 left promiscuous mode [ 256.439258][ T9485] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.489650][ T9498] FAULT_INJECTION: forcing a failure. [ 256.489650][ T9498] name failslab, interval 1, probability 0, space 0, times 0 [ 256.552739][ T9498] CPU: 0 PID: 9498 Comm: syz.0.3181 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 256.563852][ T9498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 256.573920][ T9498] Call Trace: [ 256.577144][ T9498] dump_stack_lvl+0x1e2/0x24b [ 256.581645][ T9498] ? panic+0x812/0x812 [ 256.585552][ T9498] ? bfq_pos_tree_add_move+0x43b/0x43b [ 256.591041][ T9498] ? avc_has_perm_noaudit+0x117/0x240 [ 256.596229][ T9498] dump_stack+0x15/0x17 [ 256.600221][ T9498] should_fail+0x3c6/0x510 [ 256.604489][ T9498] ? __get_vm_area_node+0x116/0x470 [ 256.609592][ T9498] __should_failslab+0xa4/0xe0 [ 256.614199][ T9498] should_failslab+0x9/0x20 [ 256.618530][ T9498] kmem_cache_alloc_trace+0x3a/0x2e0 [ 256.623665][ T9498] __get_vm_area_node+0x116/0x470 [ 256.628514][ T9498] __vmalloc_node_range+0xdc/0x7c0 [ 256.633457][ T9498] ? bpf_prog_alloc_no_stats+0x39/0x2a0 [ 256.638836][ T9498] ? 0xffffffffa0028000 [ 256.642833][ T9498] ? bpf_prog_alloc_no_stats+0x39/0x2a0 [ 256.648215][ T9498] __vmalloc+0x7a/0x90 [ 256.652133][ T9498] ? bpf_prog_alloc_no_stats+0x39/0x2a0 [ 256.657501][ T9498] bpf_prog_alloc_no_stats+0x39/0x2a0 [ 256.662707][ T9498] bpf_prog_alloc+0x21/0x1e0 [ 256.667134][ T9498] __se_sys_bpf+0x9856/0x11cb0 [ 256.671739][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 256.676423][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 256.681105][ T9498] ? kasan_set_track+0x5d/0x70 [ 256.685707][ T9498] ? __x64_sys_bpf+0x90/0x90 [ 256.690143][ T9498] ? __kasan_slab_free+0x11/0x20 [ 256.694906][ T9498] ? slab_free_freelist_hook+0xc0/0x190 [ 256.700292][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 256.704974][ T9498] ? putname+0xe7/0x140 [ 256.709053][ T9498] ? do_sys_openat2+0x1fc/0x710 [ 256.713739][ T9498] ? __x64_sys_openat+0x243/0x290 [ 256.718600][ T9498] ? do_syscall_64+0x34/0x70 [ 256.723033][ T9498] ? _kstrtoull+0x3a0/0x4a0 [ 256.727373][ T9498] ? memset+0x35/0x40 [ 256.731190][ T9498] ? __fsnotify_parent+0x4b9/0x6c0 [ 256.736137][ T9498] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 256.742731][ T9498] ? proc_fail_nth_write+0x20b/0x290 [ 256.747853][ T9498] ? proc_fail_nth_read+0x210/0x210 [ 256.752900][ T9498] ? security_file_permission+0x86/0xb0 [ 256.758272][ T9498] ? rw_verify_area+0x1c3/0x360 [ 256.762959][ T9498] ? preempt_count_add+0x92/0x1a0 [ 256.767835][ T9498] ? vfs_write+0x852/0xe70 [ 256.772073][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 256.776759][ T9498] ? kernel_write+0x3d0/0x3d0 [ 256.781274][ T9498] ? __kasan_check_write+0x14/0x20 [ 256.786216][ T9498] ? mutex_lock+0xa5/0x110 [ 256.790490][ T9498] ? mutex_trylock+0xa0/0xa0 [ 256.794903][ T9498] ? __kasan_check_write+0x14/0x20 [ 256.799838][ T9498] ? fput_many+0x160/0x1b0 [ 256.804104][ T9498] ? debug_smp_processor_id+0x17/0x20 [ 256.809300][ T9498] __x64_sys_bpf+0x7b/0x90 [ 256.813552][ T9498] do_syscall_64+0x34/0x70 [ 256.817820][ T9498] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 256.823532][ T9498] RIP: 0033:0x7fb680c5e9f9 [ 256.827788][ T9498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.847229][ T9498] RSP: 002b:00007fb67f8de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 256.855474][ T9498] RAX: ffffffffffffffda RBX: 00007fb680decf80 RCX: 00007fb680c5e9f9 [ 256.863286][ T9498] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 256.871103][ T9498] RBP: 00007fb67f8de090 R08: 0000000000000000 R09: 0000000000000000 [ 256.878902][ T9498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 256.886802][ T9498] R13: 0000000000000000 R14: 00007fb680decf80 R15: 00007ffe95747578 [ 257.101388][ T9498] warn_alloc: 1 callbacks suppressed [ 257.101409][ T9498] syz.0.3181: vmalloc: allocation failure: 4096 bytes, mode:0x100dc0(GFP_USER|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0 [ 257.129232][ T9498] CPU: 1 PID: 9498 Comm: syz.0.3181 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 257.140334][ T9498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 257.150225][ T9498] Call Trace: [ 257.153359][ T9498] dump_stack_lvl+0x1e2/0x24b [ 257.157867][ T9498] ? wake_up_klogd+0xb8/0xf0 [ 257.162294][ T9498] ? bfq_pos_tree_add_move+0x43b/0x43b [ 257.167590][ T9498] ? pr_cont_kernfs_name+0xf0/0x100 [ 257.172617][ T9498] dump_stack+0x15/0x17 [ 257.176615][ T9498] warn_alloc+0x21a/0x390 [ 257.180779][ T9498] ? __get_vm_area_node+0x116/0x470 [ 257.185813][ T9498] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 257.191195][ T9498] ? __kasan_kmalloc+0x9/0x10 [ 257.195711][ T9498] ? __get_vm_area_node+0x34b/0x470 [ 257.200741][ T9498] __vmalloc_node_range+0x287/0x7c0 [ 257.205772][ T9498] ? 0xffffffffa0028000 [ 257.209769][ T9498] ? bpf_prog_alloc_no_stats+0x39/0x2a0 [ 257.215149][ T9498] __vmalloc+0x7a/0x90 [ 257.219056][ T9498] ? bpf_prog_alloc_no_stats+0x39/0x2a0 [ 257.224439][ T9498] bpf_prog_alloc_no_stats+0x39/0x2a0 [ 257.229647][ T9498] bpf_prog_alloc+0x21/0x1e0 [ 257.234071][ T9498] __se_sys_bpf+0x9856/0x11cb0 [ 257.238681][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 257.243361][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 257.248041][ T9498] ? kasan_set_track+0x5d/0x70 [ 257.252643][ T9498] ? __x64_sys_bpf+0x90/0x90 [ 257.257069][ T9498] ? __kasan_slab_free+0x11/0x20 [ 257.261845][ T9498] ? slab_free_freelist_hook+0xc0/0x190 [ 257.267224][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 257.271910][ T9498] ? putname+0xe7/0x140 [ 257.275903][ T9498] ? do_sys_openat2+0x1fc/0x710 [ 257.280590][ T9498] ? __x64_sys_openat+0x243/0x290 [ 257.285449][ T9498] ? do_syscall_64+0x34/0x70 [ 257.289879][ T9498] ? _kstrtoull+0x3a0/0x4a0 [ 257.294221][ T9498] ? memset+0x35/0x40 [ 257.298037][ T9498] ? __fsnotify_parent+0x4b9/0x6c0 [ 257.302987][ T9498] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 257.309577][ T9498] ? proc_fail_nth_write+0x20b/0x290 [ 257.314697][ T9498] ? proc_fail_nth_read+0x210/0x210 [ 257.319734][ T9498] ? security_file_permission+0x86/0xb0 [ 257.325112][ T9498] ? rw_verify_area+0x1c3/0x360 [ 257.329802][ T9498] ? preempt_count_add+0x92/0x1a0 [ 257.334747][ T9498] ? vfs_write+0x852/0xe70 [ 257.339001][ T9498] ? kmem_cache_free+0xa9/0x1e0 [ 257.343687][ T9498] ? kernel_write+0x3d0/0x3d0 [ 257.348201][ T9498] ? __kasan_check_write+0x14/0x20 [ 257.353269][ T9498] ? mutex_lock+0xa5/0x110 [ 257.357521][ T9498] ? mutex_trylock+0xa0/0xa0 [ 257.361956][ T9498] ? __kasan_check_write+0x14/0x20 [ 257.366895][ T9498] ? fput_many+0x160/0x1b0 [ 257.371158][ T9498] ? debug_smp_processor_id+0x17/0x20 [ 257.376358][ T9498] __x64_sys_bpf+0x7b/0x90 [ 257.380608][ T9498] do_syscall_64+0x34/0x70 [ 257.384865][ T9498] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 257.390590][ T9498] RIP: 0033:0x7fb680c5e9f9 [ 257.394845][ T9498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.414283][ T9498] RSP: 002b:00007fb67f8de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 257.422526][ T9498] RAX: ffffffffffffffda RBX: 00007fb680decf80 RCX: 00007fb680c5e9f9 [ 257.430340][ T9498] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 257.438322][ T9498] RBP: 00007fb67f8de090 R08: 0000000000000000 R09: 0000000000000000 [ 257.446136][ T9498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.453949][ T9498] R13: 0000000000000000 R14: 00007fb680decf80 R15: 00007ffe95747578 [ 257.470490][ T9498] Mem-Info: [ 257.473528][ T9498] active_anon:91 inactive_anon:9654 isolated_anon:0 [ 257.473528][ T9498] active_file:24418 inactive_file:2729 isolated_file:0 [ 257.473528][ T9498] unevictable:0 dirty:416 writeback:0 [ 257.473528][ T9498] slab_reclaimable:6875 slab_unreclaimable:73576 [ 257.473528][ T9498] mapped:24948 shmem:149 pagetables:589 bounce:0 [ 257.473528][ T9498] free:1569840 free_pcp:880 free_cma:0 [ 257.510342][ T9498] Node 0 active_anon:364kB inactive_anon:38616kB active_file:97672kB inactive_file:10916kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:99792kB dirty:1664kB writeback:0kB shmem:596kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:6816kB all_unreclaimable? no [ 257.540838][ T9498] DMA32 free:2983352kB min:62624kB low:78280kB high:93936kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2984772kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:1420kB local_pcp:52kB free_cma:0kB [ 257.572998][ T9498] lowmem_reserve[]: 0 3941 3941 [ 257.577872][ T9498] Normal free:3296048kB min:84828kB low:106032kB high:127236kB reserved_highatomic:0KB active_anon:364kB inactive_anon:38716kB active_file:97672kB inactive_file:10916kB unevictable:0kB writepending:1612kB present:5242880kB managed:4035856kB mlocked:0kB pagetables:2208kB bounce:0kB free_pcp:1824kB local_pcp:1280kB free_cma:0kB [ 257.629823][ T9498] lowmem_reserve[]: 0 0 0 [ 257.634015][ T9498] DMA32: 6*4kB (UM) 4*8kB (M) 4*16kB (M) 6*32kB (UM) 8*64kB (UM) 5*128kB (UM) 6*256kB (UM) 5*512kB (M) 6*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2983352kB [ 257.649920][ T9498] Normal: 177*4kB (UME) 182*8kB (UME) 769*16kB (UME) 676*32kB (UME) 798*64kB (UME) 411*128kB (UME) 200*256kB (UME) 102*512kB (UME) 66*1024kB (UME) 18*2048kB (UME) 720*4096kB (M) = 3296772kB [ 257.673503][ T9498] 27458 total pagecache pages [ 257.678015][ T9498] 162 pages in swap cache [ 257.684649][ T9498] Swap cache stats: add 34982, delete 34820, find 149/167 [ 257.692041][ T9498] Free swap = 124348kB [ 257.696165][ T9498] Total swap = 124996kB [ 257.700942][ T9498] 2097051 pages RAM [ 257.705139][ T9498] 0 pages HighMem/MovableOnly [ 257.710171][ T9498] 341894 pages reserved [ 257.714239][ T9498] 0 pages cma reserved [ 258.418972][ T9559] FAULT_INJECTION: forcing a failure. [ 258.418972][ T9559] name failslab, interval 1, probability 0, space 0, times 0 [ 258.545230][ T9559] CPU: 0 PID: 9559 Comm: syz.4.3202 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 258.556473][ T9559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 258.566369][ T9559] Call Trace: [ 258.569502][ T9559] dump_stack_lvl+0x1e2/0x24b [ 258.574011][ T9559] ? bfq_pos_tree_add_move+0x43b/0x43b [ 258.579305][ T9559] ? find_next_bit+0xc7/0x100 [ 258.583822][ T9559] ? cpumask_next+0x11/0x30 [ 258.588169][ T9559] dump_stack+0x15/0x17 [ 258.592144][ T9559] should_fail+0x3c6/0x510 [ 258.596397][ T9559] ? cpu_map_update_elem+0x5e7/0xe30 [ 258.601527][ T9559] __should_failslab+0xa4/0xe0 [ 258.606119][ T9559] should_failslab+0x9/0x20 [ 258.610463][ T9559] kmem_cache_alloc_trace+0x3a/0x2e0 [ 258.615588][ T9559] cpu_map_update_elem+0x5e7/0xe30 [ 258.620528][ T9559] ? cpu_map_lookup_elem+0x100/0x100 [ 258.625666][ T9559] bpf_map_update_value+0x1a8/0x420 [ 258.630689][ T9559] __se_sys_bpf+0x7687/0x11cb0 [ 258.635288][ T9559] ? stack_trace_save+0x113/0x1c0 [ 258.640141][ T9559] ? terminate_walk+0x407/0x4f0 [ 258.644853][ T9559] ? stack_trace_snprint+0xf0/0xf0 [ 258.649780][ T9559] ? kmem_cache_free+0xa9/0x1e0 [ 258.654462][ T9559] ? kmem_cache_free+0xa9/0x1e0 [ 258.659155][ T9559] ? kasan_set_track+0x5d/0x70 [ 258.663750][ T9559] ? __x64_sys_bpf+0x90/0x90 [ 258.668264][ T9559] ? __kasan_slab_free+0x11/0x20 [ 258.673042][ T9559] ? slab_free_freelist_hook+0xc0/0x190 [ 258.678416][ T9559] ? kmem_cache_free+0xa9/0x1e0 [ 258.683106][ T9559] ? putname+0xe7/0x140 [ 258.687097][ T9559] ? do_sys_openat2+0x1fc/0x710 [ 258.691781][ T9559] ? __x64_sys_openat+0x243/0x290 [ 258.696644][ T9559] ? do_syscall_64+0x34/0x70 [ 258.701074][ T9559] ? _kstrtoull+0x3a0/0x4a0 [ 258.705409][ T9559] ? kstrtouint_from_user+0x20a/0x2a0 [ 258.710619][ T9559] ? kstrtol_from_user+0x310/0x310 [ 258.715567][ T9559] ? memset+0x35/0x40 [ 258.719401][ T9559] ? __fsnotify_parent+0x4b9/0x6c0 [ 258.724337][ T9559] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 258.730931][ T9559] ? proc_fail_nth_write+0x20b/0x290 [ 258.736068][ T9559] ? proc_fail_nth_read+0x210/0x210 [ 258.741088][ T9559] ? security_file_permission+0x86/0xb0 [ 258.746469][ T9559] ? rw_verify_area+0x1c3/0x360 [ 258.751151][ T9559] ? preempt_count_add+0x92/0x1a0 [ 258.756010][ T9559] ? vfs_write+0x852/0xe70 [ 258.760269][ T9559] ? kmem_cache_free+0x1c0/0x1e0 [ 258.765039][ T9559] ? kernel_write+0x3d0/0x3d0 [ 258.769549][ T9559] ? __kasan_check_write+0x14/0x20 [ 258.774499][ T9559] ? mutex_lock+0xa5/0x110 [ 258.778748][ T9559] ? mutex_trylock+0xa0/0xa0 [ 258.783181][ T9559] ? __kasan_check_write+0x14/0x20 [ 258.788127][ T9559] ? fput_many+0x160/0x1b0 [ 258.792386][ T9559] ? debug_smp_processor_id+0x17/0x20 [ 258.797590][ T9559] __x64_sys_bpf+0x7b/0x90 [ 258.801852][ T9559] do_syscall_64+0x34/0x70 [ 258.806101][ T9559] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 258.811820][ T9559] RIP: 0033:0x7f44dbec99f9 [ 258.816071][ T9559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.835600][ T9559] RSP: 002b:00007f44dab28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 258.843844][ T9559] RAX: ffffffffffffffda RBX: 00007f44dc058058 RCX: 00007f44dbec99f9 [ 258.851656][ T9559] RDX: 0000000000000020 RSI: 0000000020000940 RDI: 0000000000000002 [ 258.859695][ T9559] RBP: 00007f44dab28090 R08: 0000000000000000 R09: 0000000000000000 [ 258.867498][ T9559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.875314][ T9559] R13: 0000000000000000 R14: 00007f44dc058058 R15: 00007ffc725d2fb8 [ 259.040575][ T9578] FAULT_INJECTION: forcing a failure. [ 259.040575][ T9578] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.083936][ T9578] CPU: 0 PID: 9578 Comm: syz.3.3208 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 259.095044][ T9578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 259.104940][ T9578] Call Trace: [ 259.108071][ T9578] dump_stack_lvl+0x1e2/0x24b [ 259.112577][ T9578] ? bfq_pos_tree_add_move+0x43b/0x43b [ 259.117873][ T9578] dump_stack+0x15/0x17 [ 259.121867][ T9578] should_fail+0x3c6/0x510 [ 259.126134][ T9578] should_fail_usercopy+0x1a/0x20 [ 259.130982][ T9578] _copy_to_user+0x20/0x90 [ 259.135356][ T9578] simple_read_from_buffer+0xc7/0x150 [ 259.140546][ T9578] proc_fail_nth_read+0x1a3/0x210 [ 259.145411][ T9578] ? proc_fault_inject_write+0x390/0x390 [ 259.150883][ T9578] ? security_file_permission+0x86/0xb0 [ 259.156263][ T9578] ? rw_verify_area+0x1c3/0x360 [ 259.160946][ T9578] ? proc_fault_inject_write+0x390/0x390 [ 259.166405][ T9578] vfs_read+0x200/0xba0 [ 259.170518][ T9578] ? kernel_read+0x70/0x70 [ 259.174763][ T9578] ? __kasan_check_write+0x14/0x20 [ 259.179708][ T9578] ? mutex_lock+0xa5/0x110 [ 259.183956][ T9578] ? mutex_trylock+0xa0/0xa0 [ 259.188395][ T9578] ? __fdget_pos+0x2e7/0x3a0 [ 259.192826][ T9578] ? ksys_read+0x77/0x2c0 [ 259.197014][ T9578] ksys_read+0x199/0x2c0 [ 259.201066][ T9578] ? vfs_write+0xe70/0xe70 [ 259.205340][ T9578] ? debug_smp_processor_id+0x17/0x20 [ 259.210520][ T9578] __x64_sys_read+0x7b/0x90 [ 259.214853][ T9578] do_syscall_64+0x34/0x70 [ 259.219118][ T9578] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 259.224969][ T9578] RIP: 0033:0x7f3853a4343c [ 259.229214][ T9578] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 259.248665][ T9578] RSP: 002b:00007f38526c4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 259.256910][ T9578] RAX: ffffffffffffffda RBX: 00007f3853bd2f80 RCX: 00007f3853a4343c [ 259.265019][ T9578] RDX: 000000000000000f RSI: 00007f38526c40a0 RDI: 0000000000000005 [ 259.272833][ T9578] RBP: 00007f38526c4090 R08: 0000000000000000 R09: 0000000000000000 [ 259.281011][ T9578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.288827][ T9578] R13: 0000000000000000 R14: 00007f3853bd2f80 R15: 00007ffd7ea1bf38 [ 259.542694][ T9603] device syzkaller0 entered promiscuous mode [ 259.733496][ T9626] FAULT_INJECTION: forcing a failure. [ 259.733496][ T9626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.746487][ T9626] CPU: 1 PID: 9626 Comm: syz.4.3226 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 259.757581][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 259.767664][ T9626] Call Trace: [ 259.770799][ T9626] dump_stack_lvl+0x1e2/0x24b [ 259.775314][ T9626] ? bfq_pos_tree_add_move+0x43b/0x43b [ 259.780599][ T9626] ? shmem_getpage_gfp+0x2230/0x2480 [ 259.785731][ T9626] dump_stack+0x15/0x17 [ 259.789713][ T9626] should_fail+0x3c6/0x510 [ 259.794067][ T9626] should_fail_usercopy+0x1a/0x20 [ 259.798925][ T9626] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 259.804835][ T9626] ? shmem_getpage+0xa0/0xa0 [ 259.809255][ T9626] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 259.814986][ T9626] ? memzero_page+0x100/0x100 [ 259.819504][ T9626] generic_perform_write+0x34c/0x570 [ 259.824628][ T9626] ? grab_cache_page_write_begin+0xa0/0xa0 [ 259.830345][ T9626] ? file_remove_privs+0x570/0x570 [ 259.835292][ T9626] ? __kasan_check_write+0x14/0x20 [ 259.840240][ T9626] __generic_file_write_iter+0x23c/0x560 [ 259.845711][ T9626] ? generic_write_checks+0x3b9/0x470 [ 259.850921][ T9626] generic_file_write_iter+0xaf/0x1c0 [ 259.856123][ T9626] vfs_write+0xb4c/0xe70 [ 259.860198][ T9626] ? kernel_write+0x3d0/0x3d0 [ 259.864712][ T9626] ? mutex_trylock+0xa0/0xa0 [ 259.869133][ T9626] ? __fdget_pos+0x2e7/0x3a0 [ 259.873555][ T9626] ? ksys_write+0x77/0x2c0 [ 259.877808][ T9626] ksys_write+0x199/0x2c0 [ 259.881978][ T9626] ? __ia32_sys_read+0x90/0x90 [ 259.886576][ T9626] ? debug_smp_processor_id+0x17/0x20 [ 259.891782][ T9626] __x64_sys_write+0x7b/0x90 [ 259.896211][ T9626] do_syscall_64+0x34/0x70 [ 259.900550][ T9626] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 259.906277][ T9626] RIP: 0033:0x7f44dbec99f9 [ 259.910534][ T9626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.929971][ T9626] RSP: 002b:00007f44dab49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 259.938228][ T9626] RAX: ffffffffffffffda RBX: 00007f44dc057f80 RCX: 00007f44dbec99f9 [ 259.946039][ T9626] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000007 [ 259.953841][ T9626] RBP: 00007f44dab49090 R08: 0000000000000000 R09: 0000000000000000 [ 259.961650][ T9626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 259.969461][ T9626] R13: 0000000000000000 R14: 00007f44dc057f80 R15: 00007ffc725d2fb8 [ 260.126618][ T9646] syz.4.3232[9646] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 260.126663][ T9646] syz.4.3232[9646] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 260.604121][ T9682] device pim6reg1 entered promiscuous mode [ 260.705224][ T9677] device syzkaller0 entered promiscuous mode [ 260.752377][ T9705] FAULT_INJECTION: forcing a failure. [ 260.752377][ T9705] name failslab, interval 1, probability 0, space 0, times 0 [ 260.860370][ T9705] CPU: 1 PID: 9705 Comm: syz.4.3248 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 260.871571][ T9705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 260.881457][ T9705] Call Trace: [ 260.884593][ T9705] dump_stack_lvl+0x1e2/0x24b [ 260.889098][ T9705] ? panic+0x812/0x812 [ 260.893003][ T9705] ? bfq_pos_tree_add_move+0x43b/0x43b [ 260.898299][ T9705] ? avc_has_perm+0x14d/0x400 [ 260.902820][ T9705] ? memcpy+0x56/0x70 [ 260.906630][ T9705] dump_stack+0x15/0x17 [ 260.910623][ T9705] should_fail+0x3c6/0x510 [ 260.914877][ T9705] ? __alloc_skb+0x80/0x510 [ 260.919222][ T9705] __should_failslab+0xa4/0xe0 [ 260.923814][ T9705] should_failslab+0x9/0x20 [ 260.928150][ T9705] kmem_cache_alloc+0x3d/0x2e0 [ 260.932753][ T9705] __alloc_skb+0x80/0x510 [ 260.936925][ T9705] alloc_skb_with_frags+0xa1/0x570 [ 260.941867][ T9705] ? is_bpf_text_address+0x172/0x190 [ 260.946986][ T9705] sock_alloc_send_pskb+0x915/0xa50 [ 260.952025][ T9705] ? sock_kzfree_s+0x60/0x60 [ 260.956448][ T9705] ? stack_trace_save+0x113/0x1c0 [ 260.961308][ T9705] ? terminate_walk+0x407/0x4f0 [ 260.965991][ T9705] ? stack_trace_snprint+0xf0/0xf0 [ 260.970946][ T9705] tun_get_user+0xe90/0x38f0 [ 260.975366][ T9705] ? _kstrtoull+0x3a0/0x4a0 [ 260.979707][ T9705] ? tun_do_read+0x1f60/0x1f60 [ 260.984303][ T9705] ? kstrtouint_from_user+0x20a/0x2a0 [ 260.989514][ T9705] ? kstrtol_from_user+0x310/0x310 [ 260.994463][ T9705] ? avc_policy_seqno+0x1b/0x70 [ 260.999149][ T9705] ? selinux_file_permission+0x2bb/0x560 [ 261.004619][ T9705] ? fsnotify_perm+0x67/0x4e0 [ 261.009132][ T9705] tun_chr_write_iter+0x1a8/0x250 [ 261.013988][ T9705] vfs_write+0xb4c/0xe70 [ 261.018077][ T9705] ? kernel_write+0x3d0/0x3d0 [ 261.022589][ T9705] ? __fdget_pos+0x209/0x3a0 [ 261.027008][ T9705] ? ksys_write+0x77/0x2c0 [ 261.031262][ T9705] ksys_write+0x199/0x2c0 [ 261.035430][ T9705] ? __ia32_sys_read+0x90/0x90 [ 261.040030][ T9705] ? debug_smp_processor_id+0x17/0x20 [ 261.045233][ T9705] __x64_sys_write+0x7b/0x90 [ 261.049660][ T9705] do_syscall_64+0x34/0x70 [ 261.053914][ T9705] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 261.059639][ T9705] RIP: 0033:0x7f44dbec99f9 [ 261.063898][ T9705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.083333][ T9705] RSP: 002b:00007f44dab49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 261.091582][ T9705] RAX: ffffffffffffffda RBX: 00007f44dc057f80 RCX: 00007f44dbec99f9 [ 261.099390][ T9705] RDX: 000000000000fdef RSI: 0000000020000300 RDI: 00000000000000c8 [ 261.107201][ T9705] RBP: 00007f44dab49090 R08: 0000000000000000 R09: 0000000000000000 [ 261.115017][ T9705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 261.122824][ T9705] R13: 0000000000000000 R14: 00007f44dc057f80 R15: 00007ffc725d2fb8 [ 262.404175][ T9769] device team_slave_1 entered promiscuous mode [ 262.424815][ T962] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 262.444870][ T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 262.674796][ T9775] device pim6reg1 entered promiscuous mode [ 263.118735][ T9785] device syzkaller0 entered promiscuous mode [ 263.703913][ T9799] device wg2 entered promiscuous mode [ 263.820180][ T9803] device syzkaller0 entered promiscuous mode [ 264.510449][ T9835] device team_slave_1 entered promiscuous mode [ 264.562818][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 264.589469][ T964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 264.633428][ T9838] syz.2.3292[9838] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 264.633514][ T9838] syz.2.3292[9838] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 264.663622][ T9838] syz.2.3292[9838] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 264.675886][ T9838] syz.2.3292[9838] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 264.694466][ T9838] syz.2.3292[9838] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 267.991393][ T9953] device syzkaller0 entered promiscuous mode [ 268.502456][ T9973] device pim6reg1 entered promiscuous mode [ 268.974901][ T9994] device syzkaller0 entered promiscuous mode [ 269.035119][ T9995] device veth1_macvtap entered promiscuous mode [ 269.377959][T10008] device syzkaller0 entered promiscuous mode [ 269.828782][T10029] device veth1_macvtap left promiscuous mode [ 270.280114][T10046] device syzkaller0 entered promiscuous mode [ 270.601797][T10055] device syzkaller0 entered promiscuous mode [ 271.943227][T10083] device syzkaller0 entered promiscuous mode [ 272.674227][T10107] device sit0 entered promiscuous mode [ 272.950037][T10126] device syzkaller0 entered promiscuous mode [ 273.219185][T10142] device veth1_macvtap left promiscuous mode [ 273.273682][T10147] device veth1_macvtap left promiscuous mode [ 274.088856][T10187] device veth1_macvtap left promiscuous mode [ 274.813526][T10218] syz.0.3426[10218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 274.813608][T10218] syz.0.3426[10218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 275.689270][T10238] device sit0 entered promiscuous mode [ 276.387116][T10250] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.394348][T10250] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.527449][T10250] device bridge_slave_1 left promiscuous mode [ 276.629377][T10250] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.739981][T10250] device bridge_slave_0 left promiscuous mode [ 276.746194][T10250] bridge0: port 1(bridge_slave_0) entered disabled state [ 282.743977][T10408] FAULT_INJECTION: forcing a failure. [ 282.743977][T10408] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.905351][T10408] CPU: 1 PID: 10408 Comm: syz.4.3491 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 282.916554][T10408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 282.926564][T10408] Call Trace: [ 282.929699][T10408] dump_stack_lvl+0x1e2/0x24b [ 282.934223][T10408] ? panic+0x812/0x812 [ 282.938117][T10408] ? bfq_pos_tree_add_move+0x43b/0x43b [ 282.943407][T10408] ? vsnprintf+0x1b96/0x1c70 [ 282.947839][T10408] dump_stack+0x15/0x17 [ 282.951836][T10408] should_fail+0x3c6/0x510 [ 282.956094][T10408] should_fail_usercopy+0x1a/0x20 [ 282.960952][T10408] _copy_to_user+0x20/0x90 [ 282.965195][T10408] bpf_verifier_vlog+0x1ab/0x330 [ 282.969975][T10408] __btf_verifier_log+0xd1/0x120 [ 282.974761][T10408] ? bpf_verifier_vlog+0x1b8/0x330 [ 282.979791][T10408] ? btf_check_sec_info+0x4f0/0x4f0 [ 282.984821][T10408] ? btf_parse_hdr+0x1d5/0x770 [ 282.989431][T10408] ? memcpy+0x56/0x70 [ 282.993322][T10408] btf_parse_hdr+0x36d/0x770 [ 282.997838][T10408] btf_new_fd+0x487/0x9c0 [ 283.002009][T10408] __se_sys_bpf+0x1aed/0x11cb0 [ 283.006603][T10408] ? stack_trace_save+0x113/0x1c0 [ 283.011462][T10408] ? terminate_walk+0x407/0x4f0 [ 283.016324][T10408] ? stack_trace_snprint+0xf0/0xf0 [ 283.021276][T10408] ? kmem_cache_free+0xa9/0x1e0 [ 283.025959][T10408] ? kmem_cache_free+0xa9/0x1e0 [ 283.030640][T10408] ? kasan_set_track+0x5d/0x70 [ 283.035243][T10408] ? __x64_sys_bpf+0x90/0x90 [ 283.039669][T10408] ? __kasan_slab_free+0x11/0x20 [ 283.044443][T10408] ? slab_free_freelist_hook+0xc0/0x190 [ 283.049826][T10408] ? kmem_cache_free+0xa9/0x1e0 [ 283.054602][T10408] ? putname+0xe7/0x140 [ 283.058587][T10408] ? do_sys_openat2+0x1fc/0x710 [ 283.063277][T10408] ? __x64_sys_openat+0x243/0x290 [ 283.068134][T10408] ? do_syscall_64+0x34/0x70 [ 283.072655][T10408] ? _kstrtoull+0x3a0/0x4a0 [ 283.076991][T10408] ? kstrtouint_from_user+0x20a/0x2a0 [ 283.082205][T10408] ? kstrtol_from_user+0x310/0x310 [ 283.087148][T10408] ? memset+0x35/0x40 [ 283.090971][T10408] ? __fsnotify_parent+0x4b9/0x6c0 [ 283.095917][T10408] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 283.102509][T10408] ? proc_fail_nth_write+0x20b/0x290 [ 283.107630][T10408] ? proc_fail_nth_read+0x210/0x210 [ 283.112664][T10408] ? security_file_permission+0x86/0xb0 [ 283.118042][T10408] ? rw_verify_area+0x1c3/0x360 [ 283.122734][T10408] ? preempt_count_add+0x92/0x1a0 [ 283.127595][T10408] ? __kasan_check_write+0x14/0x20 [ 283.132539][T10408] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 283.137835][T10408] ? _raw_spin_lock+0x1b0/0x1b0 [ 283.142522][T10408] ? htab_map_hash+0x3a7/0x7e0 [ 283.147123][T10408] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 283.152764][T10408] ? htab_lru_map_delete_elem+0x1b6/0x320 [ 283.158319][T10408] ? bpf_trace_run2+0xf4/0x280 [ 283.162923][T10408] ? __bpf_trace_sys_enter+0x62/0x70 [ 283.168035][T10408] __x64_sys_bpf+0x7b/0x90 [ 283.172292][T10408] do_syscall_64+0x34/0x70 [ 283.176543][T10408] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 283.182273][T10408] RIP: 0033:0x7f44dbec99f9 [ 283.186522][T10408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.205966][T10408] RSP: 002b:00007f44dab49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 283.214209][T10408] RAX: ffffffffffffffda RBX: 00007f44dc057f80 RCX: 00007f44dbec99f9 [ 283.222015][T10408] RDX: 0000000000000020 RSI: 0000000020004680 RDI: 0000000000000012 [ 283.229830][T10408] RBP: 00007f44dab49090 R08: 0000000000000000 R09: 0000000000000000 [ 283.237645][T10408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 283.245451][T10408] R13: 0000000000000000 R14: 00007f44dc057f80 R15: 00007ffc725d2fb8 [ 283.812252][T10430] device syzkaller0 entered promiscuous mode [ 284.825485][T10462] device syzkaller0 entered promiscuous mode [ 286.596910][T10534] FAULT_INJECTION: forcing a failure. [ 286.596910][T10534] name failslab, interval 1, probability 0, space 0, times 0 [ 286.639271][T10534] CPU: 1 PID: 10534 Comm: syz.0.3537 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 286.650466][T10534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 286.660361][T10534] Call Trace: [ 286.663492][T10534] dump_stack_lvl+0x1e2/0x24b [ 286.668017][T10534] ? panic+0x812/0x812 [ 286.671914][T10534] ? bfq_pos_tree_add_move+0x43b/0x43b [ 286.677201][T10534] ? __kasan_check_write+0x14/0x20 [ 286.682158][T10534] ? calc_wheel_index+0x16b/0xa40 [ 286.687006][T10534] ? tun_chr_ioctl+0x2a/0x40 [ 286.691433][T10534] ? __se_sys_ioctl+0x114/0x190 [ 286.696124][T10534] dump_stack+0x15/0x17 [ 286.700113][T10534] should_fail+0x3c6/0x510 [ 286.704373][T10534] ? kvmalloc_node+0x82/0x130 [ 286.708882][T10534] __should_failslab+0xa4/0xe0 [ 286.713480][T10534] should_failslab+0x9/0x20 [ 286.717819][T10534] __kmalloc+0x60/0x330 [ 286.721816][T10534] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 286.727460][T10534] kvmalloc_node+0x82/0x130 [ 286.731794][T10534] tun_attach+0x8a9/0x1560 [ 286.736049][T10534] ? mod_timer_pending+0x30/0x30 [ 286.740823][T10534] ? selinux_tun_dev_alloc_security+0x51/0x140 [ 286.746816][T10534] tun_net_init+0x411/0x550 [ 286.751154][T10534] register_netdevice+0x346/0x13f0 [ 286.756097][T10534] ? __kasan_kmalloc+0x9/0x10 [ 286.760610][T10534] ? xdp_rxq_info_reg+0xec/0x270 [ 286.765394][T10534] ? netif_stacked_transfer_operstate+0x240/0x240 [ 286.771639][T10534] tun_set_iff+0x816/0xdb0 [ 286.775895][T10534] __tun_chr_ioctl+0x8b3/0x2260 [ 286.780578][T10534] ? tun_flow_create+0x320/0x320 [ 286.785350][T10534] ? __fget_files+0x31e/0x380 [ 286.789869][T10534] tun_chr_ioctl+0x2a/0x40 [ 286.794108][T10534] ? tun_chr_poll+0x670/0x670 [ 286.798622][T10534] __se_sys_ioctl+0x114/0x190 [ 286.803224][T10534] __x64_sys_ioctl+0x7b/0x90 [ 286.807652][T10534] do_syscall_64+0x34/0x70 [ 286.811906][T10534] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 286.817630][T10534] RIP: 0033:0x7fb680c5e9f9 [ 286.821885][T10534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.841326][T10534] RSP: 002b:00007fb67f8de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.849567][T10534] RAX: ffffffffffffffda RBX: 00007fb680decf80 RCX: 00007fb680c5e9f9 [ 286.857377][T10534] RDX: 0000000020000100 RSI: 00000000400454ca RDI: 0000000000000004 [ 286.865191][T10534] RBP: 00007fb67f8de090 R08: 0000000000000000 R09: 0000000000000000 [ 286.873010][T10534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.880813][T10534] R13: 0000000000000000 R14: 00007fb680decf80 R15: 00007ffe95747578 [ 288.090695][T10570] device syzkaller0 entered promiscuous mode [ 288.666028][T10603] device pim6reg1 entered promiscuous mode [ 288.682122][T10603] FAULT_INJECTION: forcing a failure. [ 288.682122][T10603] name failslab, interval 1, probability 0, space 0, times 0 [ 288.775620][T10603] CPU: 0 PID: 10603 Comm: syz.2.3556 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 288.786907][T10603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 288.796800][T10603] Call Trace: [ 288.799934][T10603] dump_stack_lvl+0x1e2/0x24b [ 288.804438][T10603] ? panic+0x812/0x812 [ 288.808342][T10603] ? bfq_pos_tree_add_move+0x43b/0x43b [ 288.813640][T10603] dump_stack+0x15/0x17 [ 288.817630][T10603] should_fail+0x3c6/0x510 [ 288.821891][T10603] ? fib6_info_alloc+0x33/0xe0 [ 288.826490][T10603] __should_failslab+0xa4/0xe0 [ 288.831090][T10603] should_failslab+0x9/0x20 [ 288.835427][T10603] __kmalloc+0x60/0x330 [ 288.839420][T10603] fib6_info_alloc+0x33/0xe0 [ 288.843847][T10603] ip6_route_info_create+0x4b7/0x1440 [ 288.849058][T10603] ip6_route_add+0x27/0x130 [ 288.853395][T10603] addrconf_add_dev+0x415/0x610 [ 288.858076][T10603] ? local_bh_enable+0x30/0x30 [ 288.862677][T10603] ? addrconf_permanent_addr+0xb40/0xba0 [ 288.868250][T10603] ? igmpv3_del_delrec+0x740/0x740 [ 288.873179][T10603] ? __kasan_check_read+0x11/0x20 [ 288.878047][T10603] addrconf_dev_config+0x231/0x5a0 [ 288.882991][T10603] ? __kasan_check_write+0x14/0x20 [ 288.887934][T10603] ? mutex_lock+0xa5/0x110 [ 288.892193][T10603] ? init_loopback+0x1c0/0x1c0 [ 288.896787][T10603] ? macsec_notify+0x101/0x4c0 [ 288.901388][T10603] ? addrconf_link_ready+0xfb/0x1e0 [ 288.906417][T10603] addrconf_notify+0x8c5/0xe90 [ 288.911043][T10603] raw_notifier_call_chain+0x8c/0xf0 [ 288.916143][T10603] __dev_notify_flags+0x304/0x610 [ 288.921006][T10603] ? __dev_change_flags+0x6e0/0x6e0 [ 288.926050][T10603] ? __dev_change_flags+0x56c/0x6e0 [ 288.931075][T10603] ? dev_get_flags+0x1e0/0x1e0 [ 288.935670][T10603] ? copy_regset_to_user+0x210/0x210 [ 288.940794][T10603] dev_change_flags+0xf0/0x1a0 [ 288.945395][T10603] dev_ifsioc+0x115/0xae0 [ 288.949557][T10603] ? dev_ioctl+0xb40/0xb40 [ 288.953814][T10603] dev_ioctl+0x526/0xb40 [ 288.957888][T10603] sock_do_ioctl+0x295/0x3a0 [ 288.962318][T10603] ? sock_show_fdinfo+0xa0/0xa0 [ 288.967000][T10603] ? kernel_write+0x3d0/0x3d0 [ 288.971518][T10603] ? selinux_file_ioctl+0x3cc/0x540 [ 288.976558][T10603] sock_ioctl+0x4a6/0x760 [ 288.980851][T10603] ? sock_poll+0x340/0x340 [ 288.985103][T10603] ? security_file_ioctl+0x84/0xb0 [ 288.990200][T10603] ? sock_poll+0x340/0x340 [ 288.994446][T10603] __se_sys_ioctl+0x114/0x190 [ 288.998956][T10603] __x64_sys_ioctl+0x7b/0x90 [ 289.003388][T10603] do_syscall_64+0x34/0x70 [ 289.007725][T10603] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 289.013456][T10603] RIP: 0033:0x7f8b047129f9 [ 289.017697][T10603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.037143][T10603] RSP: 002b:00007f8b03371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 289.045389][T10603] RAX: ffffffffffffffda RBX: 00007f8b048a1058 RCX: 00007f8b047129f9 [ 289.053193][T10603] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 0000000000000005 [ 289.061097][T10603] RBP: 00007f8b03371090 R08: 0000000000000000 R09: 0000000000000000 [ 289.068911][T10603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 289.076741][T10603] R13: 0000000000000000 R14: 00007f8b048a1058 R15: 00007fff7a53b7f8 [ 289.430840][T10630] FAULT_INJECTION: forcing a failure. [ 289.430840][T10630] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 289.549570][T10630] CPU: 1 PID: 10630 Comm: syz.2.3563 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 289.560764][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 289.570653][T10630] Call Trace: [ 289.573792][T10630] dump_stack_lvl+0x1e2/0x24b [ 289.578411][T10630] ? bfq_pos_tree_add_move+0x43b/0x43b [ 289.583832][T10630] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 289.589685][T10630] dump_stack+0x15/0x17 [ 289.593674][T10630] should_fail+0x3c6/0x510 [ 289.597929][T10630] should_fail_alloc_page+0x52/0x60 [ 289.602963][T10630] __alloc_pages_nodemask+0x1b3/0xaf0 [ 289.608190][T10630] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 289.613551][T10630] ? __kasan_kmalloc+0x9/0x10 [ 289.618056][T10630] ? __vmalloc_node_range+0x2a9/0x7c0 [ 289.623266][T10630] __vmalloc_node_range+0x36c/0x7c0 [ 289.628299][T10630] bpf_map_area_alloc+0xd9/0xf0 [ 289.633069][T10630] ? prealloc_init+0x13b/0x7f0 [ 289.637669][T10630] prealloc_init+0x13b/0x7f0 [ 289.642648][T10630] ? __kmalloc+0x1aa/0x330 [ 289.646921][T10630] htab_map_alloc+0x68d/0x950 [ 289.651421][T10630] __se_sys_bpf+0x620f/0x11cb0 [ 289.656016][T10630] ? stack_trace_save+0x113/0x1c0 [ 289.660880][T10630] ? terminate_walk+0x407/0x4f0 [ 289.665561][T10630] ? stack_trace_snprint+0xf0/0xf0 [ 289.670509][T10630] ? kmem_cache_free+0xa9/0x1e0 [ 289.675193][T10630] ? kmem_cache_free+0xa9/0x1e0 [ 289.679879][T10630] ? kasan_set_track+0x5d/0x70 [ 289.684475][T10630] ? __x64_sys_bpf+0x90/0x90 [ 289.688908][T10630] ? __kasan_slab_free+0x11/0x20 [ 289.693688][T10630] ? slab_free_freelist_hook+0xc0/0x190 [ 289.699060][T10630] ? kmem_cache_free+0xa9/0x1e0 [ 289.703836][T10630] ? putname+0xe7/0x140 [ 289.707830][T10630] ? do_sys_openat2+0x1fc/0x710 [ 289.712513][T10630] ? __x64_sys_openat+0x243/0x290 [ 289.717372][T10630] ? do_syscall_64+0x34/0x70 [ 289.721799][T10630] ? _kstrtoull+0x3a0/0x4a0 [ 289.726138][T10630] ? kstrtouint_from_user+0x20a/0x2a0 [ 289.731348][T10630] ? kstrtol_from_user+0x310/0x310 [ 289.736293][T10630] ? memset+0x35/0x40 [ 289.740547][T10630] ? __fsnotify_parent+0x4b9/0x6c0 [ 289.745500][T10630] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 289.752096][T10630] ? proc_fail_nth_write+0x20b/0x290 [ 289.757229][T10630] ? proc_fail_nth_read+0x210/0x210 [ 289.762247][T10630] ? security_file_permission+0x86/0xb0 [ 289.767625][T10630] ? rw_verify_area+0x1c3/0x360 [ 289.772315][T10630] ? preempt_count_add+0x92/0x1a0 [ 289.777174][T10630] ? vfs_write+0x852/0xe70 [ 289.781428][T10630] ? kmem_cache_free+0xa9/0x1e0 [ 289.786197][T10630] ? kernel_write+0x3d0/0x3d0 [ 289.790719][T10630] ? __kasan_check_write+0x14/0x20 [ 289.795658][T10630] ? mutex_lock+0xa5/0x110 [ 289.799913][T10630] ? mutex_trylock+0xa0/0xa0 [ 289.804345][T10630] ? __kasan_check_write+0x14/0x20 [ 289.809284][T10630] ? fput_many+0x160/0x1b0 [ 289.813545][T10630] ? debug_smp_processor_id+0x17/0x20 [ 289.818746][T10630] __x64_sys_bpf+0x7b/0x90 [ 289.823000][T10630] do_syscall_64+0x34/0x70 [ 289.827250][T10630] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 289.833069][T10630] RIP: 0033:0x7f8b047129f9 [ 289.837320][T10630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.856758][T10630] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 289.865006][T10630] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 289.872816][T10630] RDX: 0000000000000048 RSI: 0000000020000840 RDI: 0000000000000000 [ 289.880631][T10630] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 289.888438][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 289.896306][T10630] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 291.491489][T10664] device syzkaller0 entered promiscuous mode [ 291.504650][T10678] syz.0.3582[10678] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 291.504736][T10678] syz.0.3582[10678] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 291.532171][T10677] FAULT_INJECTION: forcing a failure. [ 291.532171][T10677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 291.556310][T10677] CPU: 0 PID: 10677 Comm: syz.1.3581 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 291.567405][T10677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 291.577292][T10677] Call Trace: [ 291.580436][T10677] dump_stack_lvl+0x1e2/0x24b [ 291.584941][T10677] ? bfq_pos_tree_add_move+0x43b/0x43b [ 291.590325][T10677] ? shmem_getpage_gfp+0x2226/0x2480 [ 291.595464][T10677] dump_stack+0x15/0x17 [ 291.599435][T10677] should_fail+0x3c6/0x510 [ 291.603687][T10677] should_fail_usercopy+0x1a/0x20 [ 291.608549][T10677] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 291.614451][T10677] ? shmem_getpage+0xa0/0xa0 [ 291.618975][T10677] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 291.624695][T10677] ? memzero_page+0x100/0x100 [ 291.629207][T10677] generic_perform_write+0x34c/0x570 [ 291.634329][T10677] ? grab_cache_page_write_begin+0xa0/0xa0 [ 291.639964][T10677] ? file_remove_privs+0x570/0x570 [ 291.644915][T10677] ? __kasan_check_write+0x14/0x20 [ 291.649860][T10677] __generic_file_write_iter+0x23c/0x560 [ 291.655330][T10677] ? generic_write_checks+0x3b9/0x470 [ 291.660539][T10677] generic_file_write_iter+0xaf/0x1c0 [ 291.665742][T10677] vfs_write+0xb4c/0xe70 [ 291.669826][T10677] ? kernel_write+0x3d0/0x3d0 [ 291.674334][T10677] ? mutex_trylock+0xa0/0xa0 [ 291.678763][T10677] ? __fdget_pos+0x2e7/0x3a0 [ 291.683188][T10677] ? ksys_write+0x77/0x2c0 [ 291.687440][T10677] ksys_write+0x199/0x2c0 [ 291.691610][T10677] ? __ia32_sys_read+0x90/0x90 [ 291.696211][T10677] ? debug_smp_processor_id+0x17/0x20 [ 291.701415][T10677] __x64_sys_write+0x7b/0x90 [ 291.705942][T10677] do_syscall_64+0x34/0x70 [ 291.710182][T10677] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 291.715905][T10677] RIP: 0033:0x7fe4546f39f9 [ 291.720163][T10677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.739738][T10677] RSP: 002b:00007fe453373038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 291.747976][T10677] RAX: ffffffffffffffda RBX: 00007fe454881f80 RCX: 00007fe4546f39f9 [ 291.755927][T10677] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008 [ 291.763736][T10677] RBP: 00007fe453373090 R08: 0000000000000000 R09: 0000000000000000 [ 291.771549][T10677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 291.779354][T10677] R13: 0000000000000000 R14: 00007fe454881f80 R15: 00007ffe61bc3388 [ 291.908700][T10684] device syzkaller0 entered promiscuous mode [ 291.982453][T10688] device syzkaller0 entered promiscuous mode [ 292.028452][T10688] device syzkaller0 left promiscuous mode [ 292.044263][T10688] FAULT_INJECTION: forcing a failure. [ 292.044263][T10688] name failslab, interval 1, probability 0, space 0, times 0 [ 292.068302][T10688] CPU: 1 PID: 10688 Comm: syz.1.3587 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 292.079498][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 292.089407][T10688] Call Trace: [ 292.092522][T10688] dump_stack_lvl+0x1e2/0x24b [ 292.097034][T10688] ? bfq_pos_tree_add_move+0x43b/0x43b [ 292.102325][T10688] ? skb_trim+0x90/0x1b0 [ 292.106404][T10688] dump_stack+0x15/0x17 [ 292.110396][T10688] should_fail+0x3c6/0x510 [ 292.114648][T10688] ? netlink_trim+0x19b/0x230 [ 292.119162][T10688] __should_failslab+0xa4/0xe0 [ 292.123763][T10688] should_failslab+0x9/0x20 [ 292.128105][T10688] __kmalloc_track_caller+0x5f/0x320 [ 292.133219][T10688] ? netlink_trim+0x19b/0x230 [ 292.137737][T10688] pskb_expand_head+0x12b/0x1180 [ 292.142532][T10688] netlink_trim+0x19b/0x230 [ 292.146849][T10688] netlink_broadcast_filtered+0x66/0x1270 [ 292.152403][T10688] ? __kasan_check_write+0x14/0x20 [ 292.157346][T10688] ? rtmsg_ifinfo_build_skb+0xd4/0x180 [ 292.162649][T10688] nlmsg_notify+0x101/0x1c0 [ 292.166979][T10688] rtmsg_ifinfo+0xe7/0x120 [ 292.171230][T10688] __dev_notify_flags+0xdd/0x610 [ 292.176006][T10688] ? __dev_change_flags+0x6e0/0x6e0 [ 292.181472][T10688] ? __dev_change_flags+0x56c/0x6e0 [ 292.186507][T10688] ? dev_get_flags+0x1e0/0x1e0 [ 292.191106][T10688] ? selinux_capset+0xf0/0xf0 [ 292.195613][T10688] dev_change_flags+0xf0/0x1a0 [ 292.200218][T10688] dev_ifsioc+0x115/0xae0 [ 292.204379][T10688] ? dev_ioctl+0xb40/0xb40 [ 292.208634][T10688] ? dev_get_by_name_rcu+0xc5/0xf0 [ 292.213581][T10688] dev_ioctl+0x526/0xb40 [ 292.217661][T10688] sock_do_ioctl+0x295/0x3a0 [ 292.222090][T10688] ? sock_show_fdinfo+0xa0/0xa0 [ 292.226775][T10688] ? kernel_write+0x3d0/0x3d0 [ 292.231292][T10688] ? selinux_file_ioctl+0x3cc/0x540 [ 292.236408][T10688] sock_ioctl+0x4a6/0x760 [ 292.240584][T10688] ? sock_poll+0x340/0x340 [ 292.244829][T10688] ? security_file_ioctl+0x84/0xb0 [ 292.249771][T10688] ? sock_poll+0x340/0x340 [ 292.254030][T10688] __se_sys_ioctl+0x114/0x190 [ 292.258540][T10688] __x64_sys_ioctl+0x7b/0x90 [ 292.262969][T10688] do_syscall_64+0x34/0x70 [ 292.267218][T10688] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 292.272944][T10688] RIP: 0033:0x7fe4546f39f9 [ 292.277202][T10688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.296637][T10688] RSP: 002b:00007fe453373038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 292.304884][T10688] RAX: ffffffffffffffda RBX: 00007fe454881f80 RCX: 00007fe4546f39f9 [ 292.312696][T10688] RDX: 0000000020002280 RSI: 0000000000008914 RDI: 0000000000000006 [ 292.320506][T10688] RBP: 00007fe453373090 R08: 0000000000000000 R09: 0000000000000000 [ 292.328318][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 292.336128][T10688] R13: 0000000000000000 R14: 00007fe454881f80 R15: 00007ffe61bc3388 [ 293.679861][T10742] device pim6reg1 entered promiscuous mode [ 296.942721][T10835] device pim6reg1 entered promiscuous mode [ 296.950244][T10835] FAULT_INJECTION: forcing a failure. [ 296.950244][T10835] name failslab, interval 1, probability 0, space 0, times 0 [ 296.963152][T10835] CPU: 0 PID: 10835 Comm: syz.0.3638 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 296.974417][T10835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 296.984312][T10835] Call Trace: [ 296.987444][T10835] dump_stack_lvl+0x1e2/0x24b [ 296.991952][T10835] ? bfq_pos_tree_add_move+0x43b/0x43b [ 296.997259][T10835] ? exc_page_fault+0x33d/0x5b0 [ 297.002029][T10835] dump_stack+0x15/0x17 [ 297.006008][T10835] should_fail+0x3c6/0x510 [ 297.010259][T10835] ? ipv6_add_addr+0x419/0xd40 [ 297.014857][T10835] __should_failslab+0xa4/0xe0 [ 297.019459][T10835] should_failslab+0x9/0x20 [ 297.023794][T10835] kmem_cache_alloc_trace+0x3a/0x2e0 [ 297.028918][T10835] ipv6_add_addr+0x419/0xd40 [ 297.033430][T10835] ? ipv6_generate_stable_address+0x650/0x650 [ 297.039334][T10835] addrconf_add_linklocal+0x318/0x9e0 [ 297.044538][T10835] ? perf_sched_cb_inc+0x260/0x260 [ 297.049487][T10835] ? inet6_addr_del+0x550/0x550 [ 297.054174][T10835] ? finish_task_switch+0x130/0x5a0 [ 297.059206][T10835] ? switch_mm_irqs_off+0x71b/0x9a0 [ 297.064238][T10835] ? __switch_to_asm+0x34/0x60 [ 297.068839][T10835] ? __schedule+0xbee/0x1330 [ 297.073268][T10835] ? release_firmware_map_entry+0x18d/0x18d [ 297.078998][T10835] ? memcpy+0x56/0x70 [ 297.083001][T10835] ? ipv6_generate_eui64+0x7ad/0x1090 [ 297.088192][T10835] addrconf_addr_gen+0x572/0xd00 [ 297.092968][T10835] ? addrconf_sysctl_register+0x1a0/0x1a0 [ 297.098523][T10835] ? preempt_schedule_thunk+0x16/0x18 [ 297.103731][T10835] ? fib6_add+0x3160/0x3d20 [ 297.108071][T10835] ? __kasan_check_write+0x14/0x20 [ 297.113018][T10835] ? ip6_route_add+0x102/0x130 [ 297.117616][T10835] ? addrconf_add_dev+0x415/0x610 [ 297.122479][T10835] ? local_bh_enable+0x30/0x30 [ 297.127074][T10835] ? addrconf_permanent_addr+0xb40/0xba0 [ 297.132549][T10835] ? igmpv3_del_delrec+0x740/0x740 [ 297.137494][T10835] ? __kasan_check_read+0x11/0x20 [ 297.142354][T10835] addrconf_dev_config+0x342/0x5a0 [ 297.147301][T10835] ? __kasan_check_write+0x14/0x20 [ 297.152248][T10835] ? init_loopback+0x1c0/0x1c0 [ 297.156855][T10835] ? macsec_notify+0x101/0x4c0 [ 297.161453][T10835] ? addrconf_link_ready+0xfb/0x1e0 [ 297.166571][T10835] addrconf_notify+0x8c5/0xe90 [ 297.171170][T10835] raw_notifier_call_chain+0x8c/0xf0 [ 297.176299][T10835] __dev_notify_flags+0x304/0x610 [ 297.181153][T10835] ? __dev_change_flags+0x6e0/0x6e0 [ 297.186301][T10835] ? __dev_change_flags+0x56c/0x6e0 [ 297.191331][T10835] ? dev_get_flags+0x1e0/0x1e0 [ 297.195928][T10835] ? selinux_capable+0x2f1/0x430 [ 297.200703][T10835] ? selinux_capset+0xf0/0xf0 [ 297.205216][T10835] dev_change_flags+0xf0/0x1a0 [ 297.209817][T10835] dev_ifsioc+0x115/0xae0 [ 297.213981][T10835] ? dev_ioctl+0xb40/0xb40 [ 297.218252][T10835] ? dev_get_by_name_rcu+0xc5/0xf0 [ 297.223189][T10835] dev_ioctl+0x526/0xb40 [ 297.227270][T10835] sock_do_ioctl+0x295/0x3a0 [ 297.231699][T10835] ? sock_show_fdinfo+0xa0/0xa0 [ 297.236376][T10835] ? kernel_write+0x3d0/0x3d0 [ 297.240894][T10835] ? selinux_file_ioctl+0x3cc/0x540 [ 297.245925][T10835] sock_ioctl+0x4a6/0x760 [ 297.250089][T10835] ? sock_poll+0x340/0x340 [ 297.254343][T10835] ? security_file_ioctl+0x84/0xb0 [ 297.259289][T10835] ? sock_poll+0x340/0x340 [ 297.263538][T10835] __se_sys_ioctl+0x114/0x190 [ 297.268051][T10835] __x64_sys_ioctl+0x7b/0x90 [ 297.272480][T10835] do_syscall_64+0x34/0x70 [ 297.276733][T10835] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 297.282459][T10835] RIP: 0033:0x7fb680c5e9f9 [ 297.286713][T10835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.306157][T10835] RSP: 002b:00007fb67f8de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.314401][T10835] RAX: ffffffffffffffda RBX: 00007fb680decf80 RCX: 00007fb680c5e9f9 [ 297.322208][T10835] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 0000000000000009 [ 297.330020][T10835] RBP: 00007fb67f8de090 R08: 0000000000000000 R09: 0000000000000000 [ 297.337832][T10835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 297.345683][T10835] R13: 0000000000000000 R14: 00007fb680decf80 R15: 00007ffe95747578 [ 299.180956][T10902] device pim6reg1 entered promiscuous mode [ 303.011772][T10981] device syzkaller0 entered promiscuous mode [ 303.459363][ T15] syzkaller0: tun_net_xmit 76 [ 303.468700][ T15] syzkaller0: tun_net_xmit 48 [ 303.474418][T11007] syzkaller0: create flow: hash 2235806456 index 3 [ 303.499526][ C0] syzkaller0: tun_net_xmit 76 [ 303.525901][T11004] syzkaller0: delete flow: hash 2235806456 index 3 [ 304.058213][T11030] tap0: tun_chr_ioctl cmd 1074025675 [ 304.080644][T11030] tap0: persist enabled [ 304.115023][T11034] tap0: tun_chr_ioctl cmd 1074025675 [ 304.159332][T11034] tap0: persist disabled [ 304.582045][T11057] device pim6reg1 entered promiscuous mode [ 304.735287][T11062] FAULT_INJECTION: forcing a failure. [ 304.735287][T11062] name failslab, interval 1, probability 0, space 0, times 0 [ 304.845613][T11062] CPU: 0 PID: 11062 Comm: syz.2.3720 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 304.856821][T11062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 304.866703][T11062] Call Trace: [ 304.869834][T11062] dump_stack_lvl+0x1e2/0x24b [ 304.874342][T11062] ? bfq_pos_tree_add_move+0x43b/0x43b [ 304.879640][T11062] dump_stack+0x15/0x17 [ 304.883626][T11062] should_fail+0x3c6/0x510 [ 304.887881][T11062] ? kvmalloc_node+0x82/0x130 [ 304.892395][T11062] __should_failslab+0xa4/0xe0 [ 304.896994][T11062] should_failslab+0x9/0x20 [ 304.901334][T11062] __kmalloc+0x60/0x330 [ 304.905325][T11062] kvmalloc_node+0x82/0x130 [ 304.909667][T11062] cpu_map_update_elem+0x69b/0xe30 [ 304.914614][T11062] ? cpu_map_lookup_elem+0x100/0x100 [ 304.919735][T11062] bpf_map_update_value+0x1a8/0x420 [ 304.924767][T11062] __se_sys_bpf+0x7687/0x11cb0 [ 304.929368][T11062] ? stack_trace_save+0x113/0x1c0 [ 304.934226][T11062] ? terminate_walk+0x407/0x4f0 [ 304.938912][T11062] ? stack_trace_snprint+0xf0/0xf0 [ 304.943865][T11062] ? kmem_cache_free+0xa9/0x1e0 [ 304.948680][T11062] ? kmem_cache_free+0xa9/0x1e0 [ 304.953367][T11062] ? kasan_set_track+0x5d/0x70 [ 304.957967][T11062] ? __x64_sys_bpf+0x90/0x90 [ 304.962390][T11062] ? __kasan_slab_free+0x11/0x20 [ 304.967163][T11062] ? slab_free_freelist_hook+0xc0/0x190 [ 304.972547][T11062] ? kmem_cache_free+0xa9/0x1e0 [ 304.977234][T11062] ? putname+0xe7/0x140 [ 304.981227][T11062] ? do_sys_openat2+0x1fc/0x710 [ 304.985913][T11062] ? __x64_sys_openat+0x243/0x290 [ 304.990774][T11062] ? do_syscall_64+0x34/0x70 [ 304.995199][T11062] ? _kstrtoull+0x3a0/0x4a0 [ 304.999541][T11062] ? kstrtouint_from_user+0x20a/0x2a0 [ 305.004748][T11062] ? kstrtol_from_user+0x310/0x310 [ 305.009695][T11062] ? memset+0x35/0x40 [ 305.013518][T11062] ? __fsnotify_parent+0x4b9/0x6c0 [ 305.018465][T11062] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 305.025063][T11062] ? proc_fail_nth_write+0x20b/0x290 [ 305.030181][T11062] ? proc_fail_nth_read+0x210/0x210 [ 305.035213][T11062] ? security_file_permission+0x86/0xb0 [ 305.040595][T11062] ? rw_verify_area+0x1c3/0x360 [ 305.045281][T11062] ? preempt_count_add+0x92/0x1a0 [ 305.050139][T11062] ? vfs_write+0x852/0xe70 [ 305.054396][T11062] ? kmem_cache_free+0xa9/0x1e0 [ 305.059083][T11062] ? kernel_write+0x3d0/0x3d0 [ 305.063594][T11062] ? __kasan_check_write+0x14/0x20 [ 305.068540][T11062] ? mutex_lock+0xa5/0x110 [ 305.072790][T11062] ? mutex_trylock+0xa0/0xa0 [ 305.077222][T11062] ? __kasan_check_write+0x14/0x20 [ 305.082168][T11062] ? fput_many+0x160/0x1b0 [ 305.086428][T11062] ? debug_smp_processor_id+0x17/0x20 [ 305.091630][T11062] __x64_sys_bpf+0x7b/0x90 [ 305.095881][T11062] do_syscall_64+0x34/0x70 [ 305.100135][T11062] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 305.105861][T11062] RIP: 0033:0x7f8b047129f9 [ 305.110117][T11062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.129553][T11062] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 305.137805][T11062] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 305.145607][T11062] RDX: 0000000000000020 RSI: 0000000020000940 RDI: 0000000000000002 [ 305.153418][T11062] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 305.161230][T11062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.169042][T11062] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 305.522264][T11089] syz.3.3729[11089] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.522324][T11089] syz.3.3729[11089] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 306.056058][T11105] ¯Ê®¸}p: renamed from pim6reg1 [ 307.135589][T11139] FAULT_INJECTION: forcing a failure. [ 307.135589][T11139] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 307.184290][T11139] CPU: 0 PID: 11139 Comm: syz.1.3746 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 307.195485][T11139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 307.205374][T11139] Call Trace: [ 307.208510][T11139] dump_stack_lvl+0x1e2/0x24b [ 307.213018][T11139] ? bfq_pos_tree_add_move+0x43b/0x43b [ 307.218312][T11139] dump_stack+0x15/0x17 [ 307.222303][T11139] should_fail+0x3c6/0x510 [ 307.226557][T11139] should_fail_alloc_page+0x52/0x60 [ 307.231591][T11139] __alloc_pages_nodemask+0x1b3/0xaf0 [ 307.236796][T11139] ? do_syscall_64+0x34/0x70 [ 307.241239][T11139] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 307.247144][T11139] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 307.252511][T11139] ? avc_has_perm_noaudit+0x117/0x240 [ 307.257800][T11139] shmem_alloc_page+0x257/0x420 [ 307.262484][T11139] ? put_page+0xd0/0xd0 [ 307.266476][T11139] ? slab_post_alloc_hook+0x61/0x2f0 [ 307.271602][T11139] ? percpu_counter_add_batch+0x13d/0x160 [ 307.277154][T11139] shmem_alloc_and_acct_page+0x395/0x8e0 [ 307.282626][T11139] ? shmem_swapin_page+0x1950/0x1950 [ 307.287744][T11139] ? find_get_entry+0x44c/0x4c0 [ 307.292428][T11139] ? page_cache_prev_miss+0x410/0x410 [ 307.297642][T11139] ? down_read_trylock+0x179/0x1d0 [ 307.302584][T11139] ? find_lock_entry+0x1df/0x200 [ 307.307355][T11139] shmem_getpage_gfp+0x891/0x2480 [ 307.312215][T11139] ? __kasan_check_write+0x14/0x20 [ 307.317171][T11139] ? shmem_getpage+0xa0/0xa0 [ 307.321594][T11139] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 307.327318][T11139] shmem_write_begin+0xca/0x1b0 [ 307.332008][T11139] generic_perform_write+0x2cd/0x570 [ 307.337128][T11139] ? grab_cache_page_write_begin+0xa0/0xa0 [ 307.342766][T11139] ? file_remove_privs+0x570/0x570 [ 307.347719][T11139] ? __kasan_check_write+0x14/0x20 [ 307.352667][T11139] __generic_file_write_iter+0x23c/0x560 [ 307.358127][T11139] ? generic_write_checks+0x3b9/0x470 [ 307.363338][T11139] generic_file_write_iter+0xaf/0x1c0 [ 307.368542][T11139] vfs_write+0xb4c/0xe70 [ 307.372620][T11139] ? putname+0xe7/0x140 [ 307.376615][T11139] ? __traceiter_kmem_cache_free+0x2e/0x50 [ 307.382265][T11139] ? kernel_write+0x3d0/0x3d0 [ 307.386771][T11139] ? mutex_trylock+0xa0/0xa0 [ 307.391200][T11139] ? __fdget_pos+0x2e7/0x3a0 [ 307.395618][T11139] ? ksys_write+0x77/0x2c0 [ 307.399874][T11139] ksys_write+0x199/0x2c0 [ 307.404040][T11139] ? __ia32_sys_read+0x90/0x90 [ 307.408644][T11139] ? debug_smp_processor_id+0x17/0x20 [ 307.413850][T11139] __x64_sys_write+0x7b/0x90 [ 307.418274][T11139] do_syscall_64+0x34/0x70 [ 307.422531][T11139] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 307.428256][T11139] RIP: 0033:0x7fe4546f39f9 [ 307.432510][T11139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.451948][T11139] RSP: 002b:00007fe453373038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.460192][T11139] RAX: ffffffffffffffda RBX: 00007fe454881f80 RCX: 00007fe4546f39f9 [ 307.468005][T11139] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000007 [ 307.475812][T11139] RBP: 00007fe453373090 R08: 0000000000000000 R09: 0000000000000000 [ 307.483625][T11139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 307.491442][T11139] R13: 0000000000000000 R14: 00007fe454881f80 R15: 00007ffe61bc3388 [ 310.659488][T11246] FAULT_INJECTION: forcing a failure. [ 310.659488][T11246] name failslab, interval 1, probability 0, space 0, times 0 [ 310.857861][T11246] CPU: 0 PID: 11246 Comm: syz.1.3787 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 310.869058][T11246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 310.878946][T11246] Call Trace: [ 310.882083][T11246] dump_stack_lvl+0x1e2/0x24b [ 310.886615][T11246] ? bfq_pos_tree_add_move+0x43b/0x43b [ 310.891891][T11246] dump_stack+0x15/0x17 [ 310.895878][T11246] should_fail+0x3c6/0x510 [ 310.900133][T11246] ? alloc_fdtable+0x93/0x260 [ 310.904648][T11246] __should_failslab+0xa4/0xe0 [ 310.909248][T11246] should_failslab+0x9/0x20 [ 310.913585][T11246] kmem_cache_alloc_trace+0x3a/0x2e0 [ 310.918708][T11246] ? _raw_spin_lock+0xa4/0x1b0 [ 310.923308][T11246] alloc_fdtable+0x93/0x260 [ 310.927656][T11246] dup_fd+0x759/0xb00 [ 310.931474][T11246] copy_files+0xe6/0x200 [ 310.935546][T11246] ? perf_event_attrs+0x30/0x30 [ 310.940234][T11246] ? dup_task_struct+0xc30/0xc30 [ 310.945011][T11246] ? security_task_alloc+0xf9/0x130 [ 310.950038][T11246] copy_process+0x10ac/0x3340 [ 310.954555][T11246] ? proc_fail_nth_write+0x20b/0x290 [ 310.959678][T11246] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 310.964627][T11246] ? vfs_write+0x852/0xe70 [ 310.968871][T11246] ? kmem_cache_free+0x1c0/0x1e0 [ 310.973645][T11246] kernel_clone+0x21e/0x9e0 [ 310.977987][T11246] ? __kasan_check_write+0x14/0x20 [ 310.982929][T11246] ? create_io_thread+0x1e0/0x1e0 [ 310.987796][T11246] __x64_sys_clone+0x23f/0x290 [ 310.992405][T11246] ? __do_sys_vfork+0x130/0x130 [ 310.997085][T11246] ? debug_smp_processor_id+0x17/0x20 [ 311.002288][T11246] do_syscall_64+0x34/0x70 [ 311.006540][T11246] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 311.012264][T11246] RIP: 0033:0x7fe4546f39f9 [ 311.016524][T11246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.035964][T11246] RSP: 002b:00007fe453372fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 311.044207][T11246] RAX: ffffffffffffffda RBX: 00007fe454881f80 RCX: 00007fe4546f39f9 [ 311.052020][T11246] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 311.059827][T11246] RBP: 00007fe453373090 R08: 0000000000000000 R09: 0000000000000000 [ 311.067638][T11246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.075453][T11246] R13: 0000000000000000 R14: 00007fe454881f80 R15: 00007ffe61bc3388 [ 311.626286][T11268] device syzkaller0 entered promiscuous mode [ 312.981106][ T24] audit: type=1400 audit(1723137950.010:162): avc: denied { append } for pid=75 comm="syslogd" name="messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 313.169236][ T24] audit: type=1400 audit(1723137950.010:163): avc: denied { open } for pid=75 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 313.297915][ T24] audit: type=1400 audit(1723137950.010:164): avc: denied { getattr } for pid=75 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 314.612323][T11345] device sit0 entered promiscuous mode [ 319.192249][T11485] syz.4.3874[11485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.192341][T11485] syz.4.3874[11485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.275707][T11485] syz.4.3874[11485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.303860][T11485] syz.4.3874[11485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.416836][T11485] syz.4.3874[11485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 323.341567][T11616] device veth1_macvtap entered promiscuous mode [ 330.392843][T11836] device sit0 left promiscuous mode [ 330.878472][T11841] device sit0 entered promiscuous mode [ 332.624805][T11891] syz.1.4023[11891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.626897][T11891] syz.1.4023[11891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.690623][T11899] syz.4.4024[11899] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.741003][T11899] syz.4.4024[11899] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 334.222089][T11961] device sit0 left promiscuous mode [ 334.362215][T11962] device sit0 entered promiscuous mode [ 339.601493][T12180] device veth0_vlan left promiscuous mode [ 339.643406][T12180] device veth0_vlan entered promiscuous mode [ 339.669160][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 339.677318][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 339.757919][ T8190] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 341.832564][T12242] syz.1.4154[12242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.835977][T12242] syz.1.4154[12242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.172636][T12248] syz.1.4154[12248] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.299247][T12248] syz.1.4154[12248] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.202527][T12399] FAULT_INJECTION: forcing a failure. [ 347.202527][T12399] name failslab, interval 1, probability 0, space 0, times 0 [ 347.425396][T12399] CPU: 1 PID: 12399 Comm: syz.2.4211 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 347.436592][T12399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 347.446567][T12399] Call Trace: [ 347.449705][T12399] dump_stack_lvl+0x1e2/0x24b [ 347.454214][T12399] ? panic+0x812/0x812 [ 347.458116][T12399] ? bfq_pos_tree_add_move+0x43b/0x43b [ 347.463415][T12399] ? avc_has_perm+0x14d/0x400 [ 347.467925][T12399] ? memcpy+0x56/0x70 [ 347.471742][T12399] dump_stack+0x15/0x17 [ 347.475735][T12399] should_fail+0x3c6/0x510 [ 347.479991][T12399] ? __alloc_skb+0x80/0x510 [ 347.484331][T12399] __should_failslab+0xa4/0xe0 [ 347.488928][T12399] should_failslab+0x9/0x20 [ 347.493350][T12399] kmem_cache_alloc+0x3d/0x2e0 [ 347.497964][T12399] __alloc_skb+0x80/0x510 [ 347.502135][T12399] alloc_skb_with_frags+0xa1/0x570 [ 347.507079][T12399] ? is_bpf_text_address+0x172/0x190 [ 347.512202][T12399] sock_alloc_send_pskb+0x915/0xa50 [ 347.517240][T12399] ? sock_kzfree_s+0x60/0x60 [ 347.521658][T12399] ? stack_trace_save+0x113/0x1c0 [ 347.526519][T12399] ? terminate_walk+0x407/0x4f0 [ 347.531206][T12399] ? stack_trace_snprint+0xf0/0xf0 [ 347.536156][T12399] tun_get_user+0xe90/0x38f0 [ 347.540582][T12399] ? kmem_cache_free+0xa9/0x1e0 [ 347.545265][T12399] ? do_sys_openat2+0x1fc/0x710 [ 347.549951][T12399] ? _kstrtoull+0x3a0/0x4a0 [ 347.554293][T12399] ? tun_do_read+0x1f60/0x1f60 [ 347.558984][T12399] ? kstrtouint_from_user+0x20a/0x2a0 [ 347.564221][T12399] ? kstrtol_from_user+0x310/0x310 [ 347.569148][T12399] ? htab_map_hash+0x320/0x7e0 [ 347.573738][T12399] ? avc_policy_seqno+0x1b/0x70 [ 347.578423][T12399] ? selinux_file_permission+0x2bb/0x560 [ 347.583897][T12399] ? fsnotify_perm+0x67/0x4e0 [ 347.588405][T12399] tun_chr_write_iter+0x1a8/0x250 [ 347.593266][T12399] vfs_write+0xb4c/0xe70 [ 347.597345][T12399] ? kernel_write+0x3d0/0x3d0 [ 347.601858][T12399] ? __fdget_pos+0x209/0x3a0 [ 347.606281][T12399] ? ksys_write+0x77/0x2c0 [ 347.610533][T12399] ksys_write+0x199/0x2c0 [ 347.614700][T12399] ? __ia32_sys_read+0x90/0x90 [ 347.619390][T12399] ? debug_smp_processor_id+0x17/0x20 [ 347.624590][T12399] __x64_sys_write+0x7b/0x90 [ 347.629018][T12399] do_syscall_64+0x34/0x70 [ 347.633275][T12399] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 347.638995][T12399] RIP: 0033:0x7f8b047129f9 [ 347.643255][T12399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.662864][T12399] RSP: 002b:00007f8b03392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 347.671480][T12399] RAX: ffffffffffffffda RBX: 00007f8b048a0f80 RCX: 00007f8b047129f9 [ 347.679371][T12399] RDX: 000000000000fdef RSI: 0000000020000100 RDI: 00000000000000c8 [ 347.687349][T12399] RBP: 00007f8b03392090 R08: 0000000000000000 R09: 0000000000000000 [ 347.695245][T12399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.703057][T12399] R13: 0000000000000000 R14: 00007f8b048a0f80 R15: 00007fff7a53b7f8 [ 355.606275][T12629] device sit0 entered promiscuous mode [ 357.804845][T12683] device sit0 left promiscuous mode [ 358.625006][T12691] device sit0 entered promiscuous mode [ 359.765663][T12760] FAULT_INJECTION: forcing a failure. [ 359.765663][T12760] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 359.814317][T12760] CPU: 1 PID: 12760 Comm: syz.1.4346 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 359.825518][T12760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 359.835500][T12760] Call Trace: [ 359.838632][T12760] dump_stack_lvl+0x1e2/0x24b [ 359.843141][T12760] ? bfq_pos_tree_add_move+0x43b/0x43b [ 359.848451][T12760] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 359.855027][T12760] dump_stack+0x15/0x17 [ 359.859024][T12760] should_fail+0x3c6/0x510 [ 359.863275][T12760] should_fail_usercopy+0x1a/0x20 [ 359.868138][T12760] _copy_from_user+0x20/0xd0 [ 359.872559][T12760] br_ioctl_deviceless_stub+0x19a/0x7b0 [ 359.878027][T12760] ? br_handle_local_finish+0x1f0/0x1f0 [ 359.883406][T12760] ? __kasan_check_write+0x14/0x20 [ 359.888349][T12760] ? mutex_lock+0xa5/0x110 [ 359.892604][T12760] ? mutex_trylock+0xa0/0xa0 [ 359.897032][T12760] ? selinux_file_ioctl+0x3cc/0x540 [ 359.902065][T12760] ? br_handle_local_finish+0x1f0/0x1f0 [ 359.907447][T12760] sock_ioctl+0x2f7/0x760 [ 359.911611][T12760] ? sock_poll+0x340/0x340 [ 359.915867][T12760] ? security_file_ioctl+0x84/0xb0 [ 359.920814][T12760] ? sock_poll+0x340/0x340 [ 359.925074][T12760] __se_sys_ioctl+0x114/0x190 [ 359.929579][T12760] __x64_sys_ioctl+0x7b/0x90 [ 359.934007][T12760] do_syscall_64+0x34/0x70 [ 359.938260][T12760] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 359.943985][T12760] RIP: 0033:0x7fe4546f39f9 [ 359.948238][T12760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.967678][T12760] RSP: 002b:00007fe453373038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.975926][T12760] RAX: ffffffffffffffda RBX: 00007fe454881f80 RCX: 00007fe4546f39f9 [ 359.983735][T12760] RDX: 0000000020000900 RSI: 00000000000089a1 RDI: 0000000000000009 [ 359.991545][T12760] RBP: 00007fe453373090 R08: 0000000000000000 R09: 0000000000000000 [ 359.999356][T12760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.007168][T12760] R13: 0000000000000000 R14: 00007fe454881f80 R15: 00007ffe61bc3388 [ 370.134658][T13009] syz.1.4435[13009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.134745][T13009] syz.1.4435[13009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.262578][T13009] syz.1.4435[13009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.380629][T13013] syz.1.4435[13013] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.443085][T13013] syz.1.4435[13013] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 371.346483][T13042] syz.4.4449[13042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 371.422424][T13042] syz.4.4449[13042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 375.719495][T13196] syz.3.4493[13196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 375.731217][T13196] syz.3.4493[13196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.837570][T13227] FAULT_INJECTION: forcing a failure. [ 376.837570][T13227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 376.861693][T13227] CPU: 1 PID: 13227 Comm: syz.3.4499 Tainted: G W 5.10.222-syzkaller-01494-gfd58936f3c1f #0 [ 376.872808][T13227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 376.882701][T13227] Call Trace: [ 376.885836][T13227] dump_stack_lvl+0x1e2/0x24b [ 376.890351][T13227] ? bfq_pos_tree_add_move+0x43b/0x43b [ 376.895642][T13227] ? shmem_getpage_gfp+0x2226/0x2480 [ 376.900767][T13227] dump_stack+0x15/0x17 [ 376.904753][T13227] should_fail+0x3c6/0x510 [ 376.909013][T13227] should_fail_usercopy+0x1a/0x20 [ 376.913866][T13227] iov_iter_copy_from_user_atomic+0x391/0xd80 [ 376.919768][T13227] ? shmem_getpage+0xa0/0xa0 [ 376.924195][T13227] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 376.929914][T13227] ? memzero_page+0x100/0x100 [ 376.934430][T13227] generic_perform_write+0x34c/0x570 [ 376.939552][T13227] ? grab_cache_page_write_begin+0xa0/0xa0 [ 376.945188][T13227] ? file_remove_privs+0x570/0x570 [ 376.950146][T13227] ? __kasan_check_write+0x14/0x20 [ 376.955085][T13227] __generic_file_write_iter+0x23c/0x560 [ 376.960584][T13227] ? generic_write_checks+0x3b9/0x470 [ 376.965850][T13227] generic_file_write_iter+0xaf/0x1c0 [ 376.971140][T13227] vfs_write+0xb4c/0xe70 [ 376.975223][T13227] ? kernel_write+0x3d0/0x3d0 [ 376.979848][T13227] ? mutex_trylock+0xa0/0xa0 [ 376.984362][T13227] ? __fdget_pos+0x2e7/0x3a0 [ 376.988782][T13227] ? ksys_write+0x77/0x2c0 [ 376.993036][T13227] ksys_write+0x199/0x2c0 [ 376.997203][T13227] ? __ia32_sys_read+0x90/0x90 [ 377.001807][T13227] ? debug_smp_processor_id+0x17/0x20 [ 377.007098][T13227] __x64_sys_write+0x7b/0x90 [ 377.011523][T13227] do_syscall_64+0x34/0x70 [ 377.015780][T13227] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 377.021503][T13227] RIP: 0033:0x7f3853a449f9 [ 377.025759][T13227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.045197][T13227] RSP: 002b:00007f38526c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 377.053443][T13227] RAX: ffffffffffffffda RBX: 00007f3853bd2f80 RCX: 00007f3853a449f9 [ 377.061257][T13227] RDX: 0000000000043451 RSI: 0000000020000200 RDI: 0000000000000008 [ 377.069067][T13227] RBP: 00007f38526c4090 R08: 0000000000000000 R09: 0000000000000000 [ 377.076877][T13227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 377.084686][T13227] R13: 0000000000000000 R14: 00007f3853bd2f80 R15: 00007ffd7ea1bf38 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: repeatedly failed to execute the program proc=4 req=4459 state=3 status=67 (errno 32: Broken pipe) [ 380.220791][ T110] device veth0_vlan left promiscuous mode