last executing test programs: 1.776617523s ago: executing program 4 (id=9331): bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001180)={0xffffffffffffffff, &(0x7f0000000080)="39877237ac7e70ae083d60932b6d62f720c02a7cc2c5ea6b8996b5f410da932f28528f0240c9d354b546f22f0773d967de27590e1b0ee92d167ec39035685f0be471dff4", 0x0}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='1-0'], 0x31) 1.776293723s ago: executing program 4 (id=9332): perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x2a8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x8, 0x0, 0xd, 0x668}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008d8dff"}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@var={0x4, 0x0, 0x0, 0xe, 0x4}]}}, 0x0, 0x2a}, 0x28) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r1, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) 1.541489257s ago: executing program 4 (id=9337): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x9, 0x4, 0x8, 0xd}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 1.495817228s ago: executing program 4 (id=9342): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001a40)=ANY=[@ANYBLOB="b70200000f000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000010000006a0a00fe00000000850000000d000000bf0000000000000095000000000000005ecefab8f2e85c6c1ca711fc206bb8ad6ec561750379585e5a076d839240d29ce1f378ab3d790ec8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bd04000000000000009c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5f683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891184604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee8a1d4046930548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e101d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe151acc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394b9ba1a836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429ba63903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589eec11969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6d6fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f25005798ca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e279595ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9958fad67ccaba76408da35c9f1534c8bd48bbdf9594e8b4ce73f01dd1f9033c8aea8734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb3b379e221a5318849b6b0679b5d65ab855fc9f1d10022cc20603480ffb1e3392fad690ce56aaa717e56fd55aec3d9d6671f55d7bc33830a4095497586e8d15c2a32d3176d45b783cb27112a69c14134488b6dd302c3e92a7e659351b610ed5ba022f92d4bf26b0a5c10a3c8eb0fabdf0017995ea0c06b41fe6dda769729328d6ee80ab3b4aeeeee7926575d526431184b2034b5cdacc8eaab03cf45af6ec451f65705d8a4375d559e4c3ad80e942d237616d8f2fdd5afe4fdf21478228d9f6299bf67cf1e62fc11c285e18fb65eeb657bc7375401bb175f6d2625195ce8647945dbdfb7eacc06a24832d155059b0f0c36b9433eff190f4c4c160f0484d4d39f5f92e8bd49ad3df23b961fe7bf9e506c5098ca79deb7906257e4ce9035f3a6b29453ee41640ade8b5916f38d19ab6f2fd51a9fd9a2559411967460952acf5c549e5466ee2d8563397a5f028486220fae69611d9bc0f1a68d31ad1a4e387de687ab1537bd46703e4e5ae0f096f731916628bf743a49ea7b7d22c04d738ca439343aaab682d45dc91187e9ff08005358e1f3d864f36ee590fb0da9c958f15f9105c41add43a7c28874e58c31a7acb0467e0bd97f2ccd78615b5144267772381e7498bb98d9e8a3f98b505e5c9645e19d011dd86a1dc134fa4b21ff8ec2d054ae7e0044b4700cd54ce392c2ee515e86070f2df561c15f331a1babfa60504410fa56a848ba1f501c8eb0bd6856451d150cfaf95d6dc889be27e8915bb3670fc76bcbeb390f3cefb5429c84907a92c6eab2b15758194ece4b1461f622510bcff5c0f8354637856f94d71a0841180e78a3a837ae7847c479f5c9c54859cb85393f190042a5dc31197f2c463be8affe29869d71df330b3466fc79b3488b4a2a3e2aae9af6421cd0902347103f2384bf08e5230b37297b668be11b4428b9a8e8c259afa6c73dd87fcc165b2fea66a180bf048530a5849f849d37aca6874cb1d50defdb90b3da04a575db38825db87f6bb0013a5dabcc0e9783aaac0cbb5d6fc437f1e77bf69cae31a213ca2b90ece8cc70fa320c9ffd05618e7a6e6cf8ada6b3e62557174b6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe40, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f0080047e0ffff00124000633a77fbac141416e000030b94029f034d2f87e589ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x6b, 0x60000000}, 0x2c) 1.445251708s ago: executing program 4 (id=9344): r0 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000440)='cpu>-2||!') 1.388676699s ago: executing program 4 (id=9346): bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000280), 0x9) r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000c40), 0x12) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_config_ext={0x7, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) socketpair(0x6, 0x4, 0xb1a, &(0x7f0000000080)) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20) write$cgroup_pid(r4, &(0x7f0000000080), 0x12) 1.034449015s ago: executing program 1 (id=9373): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x4000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x10, 0x0, 0x14, &(0x7f0000000040)) 1.033980895s ago: executing program 1 (id=9374): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="06000000040000000400000002"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) 1.020244675s ago: executing program 1 (id=9376): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@func_proto, @func={0x3, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x5f, 0x2e, 0x2e]}}, &(0x7f0000000b80)=""/230, 0x35, 0xe6, 0x1}, 0x28) 968.952686ms ago: executing program 1 (id=9378): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000000c0)=0x1) r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb0, 0xb0, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x5, 0x2}}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x43, 0x0, 0x34, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x3, 0x1000}}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0x4}, {0xd, 0x1}, {0xb, 0x4}, {0xe}]}, @const={0x5, 0x0, 0x0, 0xa, 0x1}, @union={0x2, 0x1, 0x0, 0x5, 0x1, 0x6, [{0xa, 0x1, 0x4}]}, @enum={0x7, 0x1, 0x0, 0x6, 0x4, [{0x2, 0xf64}]}, @const={0xf, 0x0, 0x0, 0xa, 0x5}]}}, &(0x7f0000000380)=""/177, 0xca, 0xb1, 0x1, 0x200, 0x10000, @value=r0}, 0x28) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000000f000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffe}, 0x15f}, 0x48) 521.757902ms ago: executing program 0 (id=9404): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001000), 0xc}, 0xa01}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) 439.382874ms ago: executing program 0 (id=9406): perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x109a42, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) close(r0) 438.732203ms ago: executing program 2 (id=9408): perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x3, 0x3, 0xfffffffc}, {0x81, 0x0, 0x2, 0xfffffffc}, {0x34, 0x0, 0x0, 0xffffffff}, {0x60}, {0x6, 0x2}]}) 373.005815ms ago: executing program 3 (id=9410): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffff52fc}, 0x5f) 372.742775ms ago: executing program 3 (id=9411): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8d}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 372.537755ms ago: executing program 3 (id=9412): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=@framed={{}, [@printk={@lu, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc) 362.403695ms ago: executing program 0 (id=9413): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @func_proto, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, &(0x7f00000005c0)=""/240, 0x3e, 0xf0, 0x1}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xd, '\x00', 0x0, r0, 0x3, 0x3}, 0x8f) 352.027175ms ago: executing program 3 (id=9414): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 330.679105ms ago: executing program 0 (id=9415): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000240)={0x2, &(0x7f0000000100)=[{0x20, 0x40, 0x7, 0xfffff018}, {0x6, 0x2, 0x4, 0x4}]}) 330.299925ms ago: executing program 2 (id=9416): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000, 0x1}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x13, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 261.107726ms ago: executing program 2 (id=9417): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x4, 0x5, 0x7}]}]}, {0x0, [0x5f, 0x61, 0x5f, 0x2e]}}, 0x0, 0x36}, 0x28) 260.891026ms ago: executing program 3 (id=9418): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x100600, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfdd9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x108000, 0x0, 0x0, 0x0, 0x0, 0x0) 260.765976ms ago: executing program 2 (id=9419): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) close(r0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, &(0x7f0000000180), 0x0}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x5, &(0x7f00000002c0), 0x4) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) 260.518286ms ago: executing program 3 (id=9420): syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000070000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) syz_clone(0x160480, 0x0, 0x0, 0x0, 0x0, 0x0) close(0x3) 260.228836ms ago: executing program 0 (id=9421): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x8, 0x6}, 0x50) 254.639746ms ago: executing program 2 (id=9422): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x7, 0x9, 0x0, 0x0, 0xf7c}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x6, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 175.560547ms ago: executing program 0 (id=9423): bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001000), 0xc}, 0xa01}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) 148.814998ms ago: executing program 32 (id=9423): bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001000), 0xc}, 0xa01}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) 104.860149ms ago: executing program 1 (id=9425): bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) close(0x3) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r2, 0x4) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000500)={r3, r1, 0x4, r1}, 0x10) 1.4878ms ago: executing program 1 (id=9426): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x7, 0xc, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x18000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x38}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.22219ms ago: executing program 33 (id=9426): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x7, 0xc, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x18000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x38}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 114.52µs ago: executing program 2 (id=9427): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETLINK(r0, 0x400454cd, 0x10e) 0s ago: executing program 34 (id=9427): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETLINK(r0, 0x400454cd, 0x10e) kernel console output (not intermixed with test programs): 00 [ 889.097131][T22563] ? ___sys_sendmsg+0x260/0x260 [ 889.101985][T22563] ? syscall_trace_enter+0x108/0x170 [ 889.107362][T22563] do_syscall_64+0x31/0x40 [ 889.111784][T22563] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 889.117666][T22563] RIP: 0033:0x7fea363dc929 [ 889.122078][T22563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 889.141692][T22563] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 889.150104][T22563] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 889.158067][T22563] RDX: 0000000000000000 RSI: 00002000000008c0 RDI: 0000000000000006 [ 889.166034][T22563] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 889.174007][T22563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 889.181979][T22563] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 889.580284][T22567] device sit0 left promiscuous mode [ 889.634020][T22567] device sit0 entered promiscuous mode [ 890.562771][T22582] device sit0 left promiscuous mode [ 890.621753][T22578] device wg2 entered promiscuous mode [ 890.655902][T22591] FAULT_INJECTION: forcing a failure. [ 890.655902][T22591] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 890.689332][T22582] device sit0 entered promiscuous mode [ 890.819404][T22591] CPU: 0 PID: 22591 Comm: syz.4.7503 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 890.830788][T22591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 890.840835][T22591] Call Trace: [ 890.844133][T22591] __dump_stack+0x21/0x24 [ 890.848469][T22591] dump_stack_lvl+0x169/0x1d8 [ 890.853157][T22591] ? show_regs_print_info+0x18/0x18 [ 890.858362][T22591] ? __alloc_pages_nodemask+0x268/0x5f0 [ 890.863910][T22591] ? __kernel_text_address+0xa0/0x100 [ 890.869274][T22591] dump_stack+0x15/0x1c [ 890.873431][T22591] should_fail+0x3c1/0x510 [ 890.877863][T22591] should_fail_usercopy+0x1a/0x20 [ 890.882874][T22591] copy_page_from_iter+0x381/0x6c0 [ 890.887974][T22591] tun_get_user+0x7b2/0x3090 [ 890.892556][T22591] ? tun_do_read+0x1c00/0x1c00 [ 890.897393][T22591] ? kstrtouint_from_user+0x1a0/0x200 [ 890.902756][T22591] ? __fsnotify_parent+0x5f5/0x6c0 [ 890.907854][T22591] ? avc_policy_seqno+0x1b/0x70 [ 890.912705][T22591] ? selinux_file_permission+0x2a5/0x510 [ 890.918326][T22591] ? fsnotify_perm+0x66/0x4b0 [ 890.922992][T22591] tun_chr_write_iter+0x1bf/0x270 [ 890.928192][T22591] vfs_write+0x725/0xd60 [ 890.932610][T22591] ? __bpf_trace_kmem_free+0x6f/0x90 [ 890.937982][T22591] ? kernel_write+0x3c0/0x3c0 [ 890.942646][T22591] ? __fget_files+0x2c4/0x320 [ 890.947314][T22591] ? __fdget_pos+0x1f7/0x380 [ 890.951888][T22591] ? ksys_write+0x71/0x240 [ 890.956292][T22591] ksys_write+0x140/0x240 [ 890.960608][T22591] ? __ia32_sys_read+0x90/0x90 [ 890.965389][T22591] ? fpu__clear_all+0x20/0x20 [ 890.970062][T22591] __x64_sys_write+0x7b/0x90 [ 890.974643][T22591] do_syscall_64+0x31/0x40 [ 890.979111][T22591] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 890.984990][T22591] RIP: 0033:0x7fee285e5929 [ 890.989403][T22591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 891.009088][T22591] RSP: 002b:00007fee26c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 891.017493][T22591] RAX: ffffffffffffffda RBX: 00007fee2880cfa0 RCX: 00007fee285e5929 [ 891.025452][T22591] RDX: 000000000000000e RSI: 0000200000000000 RDI: 00000000000000c8 [ 891.033604][T22591] RBP: 00007fee26c4e090 R08: 0000000000000000 R09: 0000000000000000 [ 891.041566][T22591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 891.049613][T22591] R13: 0000000000000000 R14: 00007fee2880cfa0 R15: 00007ffd345536e8 [ 891.616893][T22619] FAULT_INJECTION: forcing a failure. [ 891.616893][T22619] name failslab, interval 1, probability 0, space 0, times 0 [ 891.630934][T22613] FAULT_INJECTION: forcing a failure. [ 891.630934][T22613] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 891.751763][T22619] CPU: 1 PID: 22619 Comm: syz.2.7514 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 891.763144][T22619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 891.773172][T22619] Call Trace: [ 891.776438][T22619] __dump_stack+0x21/0x24 [ 891.780740][T22619] dump_stack_lvl+0x169/0x1d8 [ 891.785390][T22619] ? show_regs_print_info+0x18/0x18 [ 891.790561][T22619] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 891.796708][T22619] dump_stack+0x15/0x1c [ 891.800851][T22619] should_fail+0x3c1/0x510 [ 891.805247][T22619] ? alloc_vmap_area+0x16b/0x1870 [ 891.810246][T22619] __should_failslab+0xa4/0xe0 [ 891.814983][T22619] should_failslab+0x9/0x20 [ 891.819457][T22619] kmem_cache_alloc+0x3d/0x2e0 [ 891.824194][T22619] alloc_vmap_area+0x16b/0x1870 [ 891.829017][T22619] ? vm_map_ram+0x9c0/0x9c0 [ 891.833493][T22619] ? kmem_cache_alloc_trace+0x184/0x2e0 [ 891.839007][T22619] ? __get_vm_area_node+0x113/0x450 [ 891.844176][T22619] __get_vm_area_node+0x147/0x450 [ 891.849171][T22619] __vmalloc_node_range+0xe0/0x780 [ 891.854250][T22619] ? reuseport_array_alloc+0x16e/0x260 [ 891.859680][T22619] ? bpf_map_charge_init+0x17c/0x240 [ 891.864937][T22619] ? bpf_map_charge_init+0x1a9/0x240 [ 891.870193][T22619] bpf_map_area_alloc+0xd5/0xe0 [ 891.875015][T22619] ? reuseport_array_alloc+0x16e/0x260 [ 891.880441][T22619] reuseport_array_alloc+0x16e/0x260 [ 891.885694][T22619] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 891.891832][T22619] ? reuseport_array_alloc_check+0x90/0x90 [ 891.897625][T22619] ? array_map_alloc_check+0x284/0x390 [ 891.903062][T22619] map_create+0x441/0x2190 [ 891.907451][T22619] __se_sys_bpf+0x203/0x680 [ 891.911923][T22619] ? __x64_sys_bpf+0x90/0x90 [ 891.916485][T22619] ? __irq_exit_rcu+0x40/0x150 [ 891.921225][T22619] __x64_sys_bpf+0x7b/0x90 [ 891.925614][T22619] do_syscall_64+0x31/0x40 [ 891.930092][T22619] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 891.935966][T22619] RIP: 0033:0x7f161a977929 [ 891.940429][T22619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 891.960043][T22619] RSP: 002b:00007f1618fe0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 891.968431][T22619] RAX: ffffffffffffffda RBX: 00007f161ab9efa0 RCX: 00007f161a977929 [ 891.976376][T22619] RDX: 0000000000000050 RSI: 0000200000000300 RDI: 0000000000000000 [ 891.984320][T22619] RBP: 00007f1618fe0090 R08: 0000000000000000 R09: 0000000000000000 [ 891.992264][T22619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 892.000207][T22619] R13: 0000000000000000 R14: 00007f161ab9efa0 R15: 00007ffc5ca043e8 [ 892.033766][T22613] CPU: 1 PID: 22613 Comm: syz.4.7511 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 892.045583][T22613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 892.055636][T22613] Call Trace: [ 892.058926][T22613] __dump_stack+0x21/0x24 [ 892.063251][T22613] dump_stack_lvl+0x169/0x1d8 [ 892.067947][T22613] ? show_regs_print_info+0x18/0x18 [ 892.073139][T22613] ? slab_post_alloc_hook+0x5d/0x2f0 [ 892.078423][T22613] ? __alloc_skb+0x9e/0x520 [ 892.082910][T22613] ? alloc_skb_with_frags+0xa2/0x560 [ 892.088179][T22613] ? sock_alloc_send_pskb+0x853/0x980 [ 892.093538][T22613] ? tun_chr_write_iter+0x1bf/0x270 [ 892.098838][T22613] dump_stack+0x15/0x1c [ 892.102977][T22613] should_fail+0x3c1/0x510 [ 892.107383][T22613] should_fail_alloc_page+0x4f/0x60 [ 892.112583][T22613] __alloc_pages_nodemask+0x109/0x5f0 [ 892.118004][T22613] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 892.123553][T22613] kmalloc_order+0x4c/0x160 [ 892.128053][T22613] ? slab_post_alloc_hook+0x7d/0x2f0 [ 892.133327][T22613] kmalloc_order_trace+0x16/0x80 [ 892.138251][T22613] __kmalloc_track_caller+0x1d7/0x320 [ 892.143612][T22613] ? __alloc_skb+0x9e/0x520 [ 892.148103][T22613] ? alloc_skb_with_frags+0xa2/0x560 [ 892.153373][T22613] __alloc_skb+0xdc/0x520 [ 892.157706][T22613] alloc_skb_with_frags+0xa2/0x560 [ 892.162806][T22613] sock_alloc_send_pskb+0x853/0x980 [ 892.167994][T22613] ? sock_kzfree_s+0x60/0x60 [ 892.172583][T22613] ? __kasan_check_write+0x14/0x20 [ 892.177681][T22613] ? _raw_spin_lock+0x8e/0xe0 [ 892.182346][T22613] ? _raw_spin_trylock_bh+0x130/0x130 [ 892.187708][T22613] tun_get_user+0x4bd/0x3090 [ 892.192282][T22613] ? __pcpu_freelist_pop+0x4b6/0x4d0 [ 892.197555][T22613] ? tun_do_read+0x1c00/0x1c00 [ 892.202311][T22613] ? kstrtouint_from_user+0x1a0/0x200 [ 892.208271][T22613] ? __bpf_get_stackid+0x7b9/0x960 [ 892.213371][T22613] ? __fsnotify_parent+0x5f5/0x6c0 [ 892.218474][T22613] ? avc_policy_seqno+0x1b/0x70 [ 892.223310][T22613] ? selinux_file_permission+0x2a5/0x510 [ 892.228928][T22613] ? fsnotify_perm+0x66/0x4b0 [ 892.233600][T22613] tun_chr_write_iter+0x1bf/0x270 [ 892.238621][T22613] vfs_write+0x725/0xd60 [ 892.242851][T22613] ? kernel_write+0x3c0/0x3c0 [ 892.247516][T22613] ? __fget_files+0x2c4/0x320 [ 892.252196][T22613] ? __fdget_pos+0x1f7/0x380 [ 892.256772][T22613] ? ksys_write+0x71/0x240 [ 892.261175][T22613] ksys_write+0x140/0x240 [ 892.265493][T22613] ? __ia32_sys_read+0x90/0x90 [ 892.270343][T22613] ? fpu__clear_all+0x20/0x20 [ 892.275009][T22613] __x64_sys_write+0x7b/0x90 [ 892.279592][T22613] do_syscall_64+0x31/0x40 [ 892.284002][T22613] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 892.289878][T22613] RIP: 0033:0x7fee285e5929 [ 892.294282][T22613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 892.314772][T22613] RSP: 002b:00007fee26c2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 892.323174][T22613] RAX: ffffffffffffffda RBX: 00007fee2880d080 RCX: 00007fee285e5929 [ 892.331137][T22613] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8 [ 892.339097][T22613] RBP: 00007fee26c2d090 R08: 0000000000000000 R09: 0000000000000000 [ 892.347058][T22613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 892.355032][T22613] R13: 0000000000000000 R14: 00007fee2880d080 R15: 00007ffd345536e8 [ 892.522557][T22631] device veth0_vlan left promiscuous mode [ 892.612561][T22631] device veth0_vlan entered promiscuous mode [ 893.481832][T22650] device sit0 left promiscuous mode [ 893.604721][T22651] device sit0 entered promiscuous mode [ 894.320247][T22656] device sit0 left promiscuous mode [ 894.377128][T22657] device sit0 entered promiscuous mode [ 894.727798][T22672] device sit0 entered promiscuous mode [ 894.976850][T22691] device pim6reg1 entered promiscuous mode [ 895.354966][T22704] device sit0 left promiscuous mode [ 895.433040][T22704] device sit0 entered promiscuous mode [ 895.753660][T22726] device syzkaller0 entered promiscuous mode [ 895.838512][T22732] device sit0 left promiscuous mode [ 895.878083][T22732] device sit0 entered promiscuous mode [ 896.754971][T22745] device syzkaller0 entered promiscuous mode [ 897.542243][T22769] device pim6reg1 entered promiscuous mode [ 897.548964][T22772] device sit0 left promiscuous mode [ 897.558699][T22770] device sit0 left promiscuous mode [ 897.569529][T22772] device sit0 entered promiscuous mode [ 897.580920][T22770] device sit0 entered promiscuous mode [ 897.631008][T22774] device sit0 left promiscuous mode [ 897.685916][T22774] device sit0 entered promiscuous mode [ 898.429198][T22783] device syzkaller0 entered promiscuous mode [ 898.451762][T22788] device pim6reg1 entered promiscuous mode [ 898.691602][T22806] device sit0 left promiscuous mode [ 898.826458][T22807] device sit0 entered promiscuous mode [ 899.032051][T22820] device sit0 left promiscuous mode [ 899.057877][T22826] device pim6reg1 entered promiscuous mode [ 899.407064][T22820] device sit0 entered promiscuous mode [ 899.830049][T22828] device pim6reg1 entered promiscuous mode [ 900.022241][T22852] device sit0 left promiscuous mode [ 901.616677][T22891] device sit0 left promiscuous mode [ 901.758176][T22897] device sit0 left promiscuous mode [ 901.771116][T22895] device pim6reg1 entered promiscuous mode [ 901.825885][T22897] device sit0 entered promiscuous mode [ 902.631904][T22907] device sit0 entered promiscuous mode [ 903.483153][T22924] device sit0 left promiscuous mode [ 903.601908][T22930] device pim6reg1 entered promiscuous mode [ 903.794883][T22942] device sit0 left promiscuous mode [ 903.918697][T22942] device sit0 entered promiscuous mode [ 904.737804][T22950] device wg2 entered promiscuous mode [ 905.031076][T22971] device pim6reg1 entered promiscuous mode [ 905.324488][T22989] device sit0 left promiscuous mode [ 905.336930][T22989] device sit0 entered promiscuous mode [ 905.365942][T22988] device sit0 entered promiscuous mode [ 906.308529][T22991] device syzkaller0 entered promiscuous mode [ 906.404617][T22996] device sit0 left promiscuous mode [ 906.589092][T23001] device sit0 left promiscuous mode [ 906.620740][T22997] device sit0 entered promiscuous mode [ 907.060762][T23003] device sit0 entered promiscuous mode [ 907.812236][T23031] device sit0 entered promiscuous mode [ 908.635322][T23047] device pim6reg1 entered promiscuous mode [ 909.786331][T23071] device sit0 left promiscuous mode [ 909.932388][T23075] device sit0 entered promiscuous mode [ 910.994814][T23090] FAULT_INJECTION: forcing a failure. [ 910.994814][T23090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 911.160638][T23092] device pim6reg1 entered promiscuous mode [ 911.170277][T23090] CPU: 0 PID: 23090 Comm: syz.1.7680 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 911.181658][T23090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 911.191790][T23090] Call Trace: [ 911.195077][T23090] __dump_stack+0x21/0x24 [ 911.199399][T23090] dump_stack_lvl+0x169/0x1d8 [ 911.204071][T23090] ? show_regs_print_info+0x18/0x18 [ 911.209249][T23090] ? vfs_write+0xac8/0xd60 [ 911.213735][T23090] dump_stack+0x15/0x1c [ 911.217871][T23090] should_fail+0x3c1/0x510 [ 911.222307][T23090] should_fail_usercopy+0x1a/0x20 [ 911.227335][T23090] _copy_from_user+0x20/0xd0 [ 911.231916][T23090] __se_sys_bpf+0x181/0x680 [ 911.236444][T23090] ? __x64_sys_bpf+0x90/0x90 [ 911.241192][T23090] ? fpu__clear_all+0x20/0x20 [ 911.245863][T23090] __x64_sys_bpf+0x7b/0x90 [ 911.250785][T23090] do_syscall_64+0x31/0x40 [ 911.255188][T23090] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 911.261145][T23090] RIP: 0033:0x7fd55a91b929 [ 911.265617][T23090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 911.285389][T23090] RSP: 002b:00007fd558f84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 911.294429][T23090] RAX: ffffffffffffffda RBX: 00007fd55ab42fa0 RCX: 00007fd55a91b929 [ 911.302400][T23090] RDX: 0000000000000038 RSI: 0000200000000280 RDI: 0000000000000019 [ 911.310358][T23090] RBP: 00007fd558f84090 R08: 0000000000000000 R09: 0000000000000000 [ 911.319200][T23090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 911.327884][T23090] R13: 0000000000000000 R14: 00007fd55ab42fa0 R15: 00007ffd95d6faa8 [ 911.390355][T23096] device wg2 left promiscuous mode [ 911.497545][T23096] device wg2 entered promiscuous mode [ 911.522327][T23102] device syzkaller0 entered promiscuous mode [ 913.214107][T23127] device pim6reg1 entered promiscuous mode [ 913.669282][T23137] device pim6reg1 entered promiscuous mode [ 913.710699][T23139] device wg2 entered promiscuous mode [ 913.716876][T23141] syz.4.7697[23141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 913.716933][T23141] syz.4.7697[23141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 916.317744][T23177] device wg2 entered promiscuous mode [ 917.599858][T23201] device sit0 left promiscuous mode [ 917.697470][T23202] device sit0 entered promiscuous mode [ 918.246999][T23220] device sit0 left promiscuous mode [ 918.435188][T23223] device sit0 entered promiscuous mode [ 919.056650][T23228] device sit0 left promiscuous mode [ 919.077295][T23229] device sit0 entered promiscuous mode [ 920.076786][T23255] device sit0 left promiscuous mode [ 920.212143][T23261] device sit0 entered promiscuous mode [ 921.114994][T23269] device sit0 left promiscuous mode [ 921.251779][T23273] device sit0 left promiscuous mode [ 921.381966][T23269] device sit0 entered promiscuous mode [ 921.899756][T23274] device sit0 entered promiscuous mode [ 923.102379][T23294] device sit0 left promiscuous mode [ 923.265932][T23296] device sit0 entered promiscuous mode [ 924.013501][T23304] syz.0.7750[23304] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 924.013555][T23304] syz.0.7750[23304] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 924.026512][T23301] device wg2 left promiscuous mode [ 924.344288][T23311] device sit0 left promiscuous mode [ 924.538240][T23314] device sit0 entered promiscuous mode [ 925.169483][T23322] device sit0 left promiscuous mode [ 925.274193][T23323] device sit0 entered promiscuous mode [ 926.107280][T23342] device sit0 left promiscuous mode [ 926.386413][T23345] device sit0 entered promiscuous mode [ 928.124609][T23364] device sit0 left promiscuous mode [ 928.303605][T23364] device sit0 entered promiscuous mode [ 929.177239][T23378] device sit0 left promiscuous mode [ 929.402471][T23380] device sit0 entered promiscuous mode [ 930.289956][T23385] device sit0 left promiscuous mode [ 930.316775][T23386] device sit0 entered promiscuous mode [ 931.903212][T23407] device sit0 left promiscuous mode [ 931.967711][T23408] device sit0 entered promiscuous mode [ 932.767158][T23414] device pim6reg1 entered promiscuous mode [ 933.305436][T23427] device sit0 left promiscuous mode [ 933.423357][T23427] device sit0 entered promiscuous mode [ 933.889247][T23452] device pim6reg1 entered promiscuous mode [ 934.290963][T23468] syz.4.7805[23468] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 934.291015][T23468] syz.4.7805[23468] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 935.077605][T23489] device sit0 left promiscuous mode [ 935.099593][T23491] device sit0 left promiscuous mode [ 935.135626][T23489] device sit0 entered promiscuous mode [ 935.865063][T23491] device sit0 entered promiscuous mode [ 936.115652][T23512] device sit0 left promiscuous mode [ 936.137547][T23512] device sit0 entered promiscuous mode [ 937.082584][T23545] device sit0 left promiscuous mode [ 937.094707][T23547] syz.1.7836[23547] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 937.094743][T23547] syz.1.7836[23547] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 937.132467][T23545] device sit0 entered promiscuous mode [ 938.019311][T23569] FAULT_INJECTION: forcing a failure. [ 938.019311][T23569] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 938.227849][T23569] CPU: 1 PID: 23569 Comm: syz.3.7845 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 938.239239][T23569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 938.249473][T23569] Call Trace: [ 938.253194][T23569] __dump_stack+0x21/0x24 [ 938.258646][T23569] dump_stack_lvl+0x169/0x1d8 [ 938.263486][T23569] ? show_regs_print_info+0x18/0x18 [ 938.268667][T23569] ? vfs_write+0xac8/0xd60 [ 938.273064][T23569] dump_stack+0x15/0x1c [ 938.277191][T23569] should_fail+0x3c1/0x510 [ 938.281581][T23569] should_fail_usercopy+0x1a/0x20 [ 938.286620][T23569] _copy_from_user+0x20/0xd0 [ 938.291618][T23569] __se_sys_bpf+0x181/0x680 [ 938.296092][T23569] ? __x64_sys_bpf+0x90/0x90 [ 938.300670][T23569] ? fpu__clear_all+0x20/0x20 [ 938.305318][T23569] __x64_sys_bpf+0x7b/0x90 [ 938.309707][T23569] do_syscall_64+0x31/0x40 [ 938.314096][T23569] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 938.319955][T23569] RIP: 0033:0x7f28e5e7a929 [ 938.324346][T23569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 938.343923][T23569] RSP: 002b:00007f28e44e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 938.352310][T23569] RAX: ffffffffffffffda RBX: 00007f28e60a1fa0 RCX: 00007f28e5e7a929 [ 938.360256][T23569] RDX: 0000000000000038 RSI: 0000200000000280 RDI: 0000000000000019 [ 938.368199][T23569] RBP: 00007f28e44e3090 R08: 0000000000000000 R09: 0000000000000000 [ 938.376144][T23569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 938.384176][T23569] R13: 0000000000000000 R14: 00007f28e60a1fa0 R15: 00007ffff6c3ed88 [ 938.910634][T23593] FAULT_INJECTION: forcing a failure. [ 938.910634][T23593] name failslab, interval 1, probability 0, space 0, times 0 [ 938.945474][T23593] CPU: 1 PID: 23593 Comm: syz.0.7854 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 938.956852][T23593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 938.966896][T23593] Call Trace: [ 938.970175][T23593] __dump_stack+0x21/0x24 [ 938.974523][T23593] dump_stack_lvl+0x169/0x1d8 [ 938.979191][T23593] ? thaw_kernel_threads+0x220/0x220 [ 938.984704][T23593] ? show_regs_print_info+0x18/0x18 [ 938.989977][T23593] dump_stack+0x15/0x1c [ 938.994124][T23593] should_fail+0x3c1/0x510 [ 938.998611][T23593] ? __delayacct_tsk_init+0x2c/0xa0 [ 939.003796][T23593] __should_failslab+0xa4/0xe0 [ 939.008547][T23593] should_failslab+0x9/0x20 [ 939.013044][T23593] kmem_cache_alloc+0x3d/0x2e0 [ 939.017792][T23593] ? __kasan_check_write+0x14/0x20 [ 939.022893][T23593] __delayacct_tsk_init+0x2c/0xa0 [ 939.027898][T23593] copy_process+0x9f3/0x32c0 [ 939.032472][T23593] ? memset+0x35/0x40 [ 939.036443][T23593] ? proc_fail_nth_read+0x210/0x210 [ 939.041722][T23593] ? __pidfd_prepare+0x150/0x150 [ 939.046645][T23593] ? rw_verify_area+0x1c0/0x360 [ 939.051497][T23593] ? vfs_write+0xac8/0xd60 [ 939.055907][T23593] ? __bpf_trace_kmem_free+0x6f/0x90 [ 939.061409][T23593] kernel_clone+0x23f/0x940 [ 939.065916][T23593] ? kernel_write+0x3c0/0x3c0 [ 939.070609][T23593] ? create_io_thread+0x130/0x130 [ 939.075617][T23593] ? mutex_lock+0x8c/0xe0 [ 939.079944][T23593] __x64_sys_clone+0x176/0x1d0 [ 939.084693][T23593] ? __ia32_sys_vfork+0xf0/0xf0 [ 939.089552][T23593] ? ksys_write+0x1eb/0x240 [ 939.094135][T23593] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 939.100227][T23593] do_syscall_64+0x31/0x40 [ 939.104638][T23593] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 939.110523][T23593] RIP: 0033:0x7fea363dc929 [ 939.114929][T23593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 939.134613][T23593] RSP: 002b:00007fea34a44fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 939.143014][T23593] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 939.150974][T23593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 939.159192][T23593] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 939.167218][T23593] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 939.175272][T23593] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 941.043231][T23661] device sit0 left promiscuous mode [ 941.076753][T23661] device sit0 entered promiscuous mode [ 941.739009][T23685] FAULT_INJECTION: forcing a failure. [ 941.739009][T23685] name failslab, interval 1, probability 0, space 0, times 0 [ 941.793797][T23686] device syzkaller0 entered promiscuous mode [ 941.823791][T23685] CPU: 0 PID: 23685 Comm: syz.1.7885 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 941.835176][T23685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 941.845221][T23685] Call Trace: [ 941.848505][T23685] __dump_stack+0x21/0x24 [ 941.852820][T23685] dump_stack_lvl+0x169/0x1d8 [ 941.857480][T23685] ? thaw_kernel_threads+0x220/0x220 [ 941.862749][T23685] ? show_regs_print_info+0x18/0x18 [ 941.868042][T23685] dump_stack+0x15/0x1c [ 941.872189][T23685] should_fail+0x3c1/0x510 [ 941.876595][T23685] ? __alloc_skb+0x9e/0x520 [ 941.881092][T23685] __should_failslab+0xa4/0xe0 [ 941.885843][T23685] should_failslab+0x9/0x20 [ 941.890330][T23685] kmem_cache_alloc+0x3d/0x2e0 [ 941.895078][T23685] __alloc_skb+0x9e/0x520 [ 941.899395][T23685] alloc_skb_with_frags+0xa2/0x560 [ 941.904579][T23685] sock_alloc_send_pskb+0x853/0x980 [ 941.909763][T23685] ? is_bpf_text_address+0x177/0x190 [ 941.915031][T23685] ? __kernel_text_address+0xa0/0x100 [ 941.920387][T23685] ? sock_kzfree_s+0x60/0x60 [ 941.924963][T23685] ? stack_trace_save+0x98/0xe0 [ 941.929810][T23685] tun_get_user+0x4bd/0x3090 [ 941.934387][T23685] ? __x64_sys_openat+0x136/0x160 [ 941.939405][T23685] ? tun_do_read+0x1c00/0x1c00 [ 941.944164][T23685] ? kstrtouint_from_user+0x1a0/0x200 [ 941.949547][T23685] ? __fsnotify_parent+0x5f5/0x6c0 [ 941.954650][T23685] ? avc_policy_seqno+0x1b/0x70 [ 941.959488][T23685] ? selinux_file_permission+0x2a5/0x510 [ 941.965126][T23685] ? fsnotify_perm+0x66/0x4b0 [ 941.969807][T23685] tun_chr_write_iter+0x1bf/0x270 [ 941.974817][T23685] vfs_write+0x725/0xd60 [ 941.979062][T23685] ? __kasan_slab_free+0x11/0x20 [ 941.984054][T23685] ? kernel_write+0x3c0/0x3c0 [ 941.988721][T23685] ? __fget_files+0x2c4/0x320 [ 941.993388][T23685] ? __fdget_pos+0x1f7/0x380 [ 941.997965][T23685] ? ksys_write+0x71/0x240 [ 942.002713][T23685] ksys_write+0x140/0x240 [ 942.007030][T23685] ? __ia32_sys_read+0x90/0x90 [ 942.011783][T23685] ? fpu__clear_all+0x20/0x20 [ 942.016446][T23685] __x64_sys_write+0x7b/0x90 [ 942.021022][T23685] do_syscall_64+0x31/0x40 [ 942.025426][T23685] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 942.031332][T23685] RIP: 0033:0x7fd55a91b929 [ 942.035739][T23685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.055446][T23685] RSP: 002b:00007fd558f63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 942.063875][T23685] RAX: ffffffffffffffda RBX: 00007fd55ab43080 RCX: 00007fd55a91b929 [ 942.071935][T23685] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8 [ 942.079899][T23685] RBP: 00007fd558f63090 R08: 0000000000000000 R09: 0000000000000000 [ 942.087861][T23685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 942.095949][T23685] R13: 0000000000000000 R14: 00007fd55ab43080 R15: 00007ffd95d6faa8 [ 942.144119][T23694] FAULT_INJECTION: forcing a failure. [ 942.144119][T23694] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 942.176101][T23694] CPU: 0 PID: 23694 Comm: syz.0.7888 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 942.187491][T23694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 942.197539][T23694] Call Trace: [ 942.200830][T23694] __dump_stack+0x21/0x24 [ 942.205162][T23694] dump_stack_lvl+0x169/0x1d8 [ 942.209831][T23694] ? show_regs_print_info+0x18/0x18 [ 942.215018][T23694] ? slab_post_alloc_hook+0x5d/0x2f0 [ 942.220287][T23694] ? __alloc_skb+0x9e/0x520 [ 942.224779][T23694] ? alloc_skb_with_frags+0xa2/0x560 [ 942.230105][T23694] ? sock_alloc_send_pskb+0x853/0x980 [ 942.235541][T23694] ? tun_chr_write_iter+0x1bf/0x270 [ 942.240736][T23694] dump_stack+0x15/0x1c [ 942.245107][T23694] should_fail+0x3c1/0x510 [ 942.249536][T23694] should_fail_alloc_page+0x4f/0x60 [ 942.254730][T23694] __alloc_pages_nodemask+0x109/0x5f0 [ 942.260100][T23694] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 942.265644][T23694] kmalloc_order+0x4c/0x160 [ 942.270146][T23694] ? slab_post_alloc_hook+0x7d/0x2f0 [ 942.275424][T23694] kmalloc_order_trace+0x16/0x80 [ 942.280341][T23694] __kmalloc_track_caller+0x1d7/0x320 [ 942.285699][T23694] ? __alloc_skb+0x9e/0x520 [ 942.290179][T23694] ? alloc_skb_with_frags+0xa2/0x560 [ 942.295437][T23694] __alloc_skb+0xdc/0x520 [ 942.299743][T23694] alloc_skb_with_frags+0xa2/0x560 [ 942.304827][T23694] sock_alloc_send_pskb+0x853/0x980 [ 942.309995][T23694] ? is_bpf_text_address+0x177/0x190 [ 942.315253][T23694] ? __kernel_text_address+0xa0/0x100 [ 942.320598][T23694] ? sock_kzfree_s+0x60/0x60 [ 942.325172][T23694] ? stack_trace_save+0x98/0xe0 [ 942.329997][T23694] tun_get_user+0x4bd/0x3090 [ 942.334561][T23694] ? __x64_sys_openat+0x136/0x160 [ 942.339573][T23694] ? tun_do_read+0x1c00/0x1c00 [ 942.344309][T23694] ? kstrtouint_from_user+0x1a0/0x200 [ 942.349673][T23694] ? __fsnotify_parent+0x5f5/0x6c0 [ 942.354755][T23694] ? avc_policy_seqno+0x1b/0x70 [ 942.359576][T23694] ? selinux_file_permission+0x2a5/0x510 [ 942.365202][T23694] ? fsnotify_perm+0x66/0x4b0 [ 942.369854][T23694] tun_chr_write_iter+0x1bf/0x270 [ 942.374866][T23694] vfs_write+0x725/0xd60 [ 942.379081][T23694] ? __kasan_slab_free+0x11/0x20 [ 942.383989][T23694] ? kernel_write+0x3c0/0x3c0 [ 942.388640][T23694] ? __fget_files+0x2c4/0x320 [ 942.393382][T23694] ? __fdget_pos+0x1f7/0x380 [ 942.397947][T23694] ? ksys_write+0x71/0x240 [ 942.402336][T23694] ksys_write+0x140/0x240 [ 942.406670][T23694] ? __ia32_sys_read+0x90/0x90 [ 942.411411][T23694] ? fpu__clear_all+0x20/0x20 [ 942.416076][T23694] __x64_sys_write+0x7b/0x90 [ 942.420641][T23694] do_syscall_64+0x31/0x40 [ 942.425045][T23694] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 942.430912][T23694] RIP: 0033:0x7fea363dc929 [ 942.435305][T23694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.454885][T23694] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 942.463360][T23694] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 942.471308][T23694] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 00000000000000c8 [ 942.479270][T23694] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 942.487263][T23694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 942.495226][T23694] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 943.436288][T23742] FAULT_INJECTION: forcing a failure. [ 943.436288][T23742] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 943.490346][T23742] CPU: 1 PID: 23742 Comm: syz.4.7905 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 943.501774][T23742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 943.511930][T23742] Call Trace: [ 943.515236][T23742] __dump_stack+0x21/0x24 [ 943.519567][T23742] dump_stack_lvl+0x169/0x1d8 [ 943.524253][T23742] ? show_regs_print_info+0x18/0x18 [ 943.529443][T23742] dump_stack+0x15/0x1c [ 943.533672][T23742] should_fail+0x3c1/0x510 [ 943.538079][T23742] should_fail_alloc_page+0x4f/0x60 [ 943.543276][T23742] __alloc_pages_nodemask+0x109/0x5f0 [ 943.548652][T23742] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 943.554289][T23742] ? __kmalloc+0x1a7/0x330 [ 943.558692][T23742] ? __vmalloc_node_range+0x29f/0x780 [ 943.564057][T23742] __vmalloc_node_range+0x353/0x780 [ 943.569269][T23742] bpf_map_area_alloc+0xd5/0xe0 [ 943.574116][T23742] ? prealloc_init+0x147/0x810 [ 943.578875][T23742] prealloc_init+0x147/0x810 [ 943.583462][T23742] ? __kmalloc+0x1a7/0x330 [ 943.587867][T23742] htab_map_alloc+0x688/0x970 [ 943.592532][T23742] map_create+0x441/0x2190 [ 943.596935][T23742] __se_sys_bpf+0x203/0x680 [ 943.601421][T23742] ? __x64_sys_bpf+0x90/0x90 [ 943.605998][T23742] ? fpu__clear_all+0x20/0x20 [ 943.610661][T23742] __x64_sys_bpf+0x7b/0x90 [ 943.615072][T23742] do_syscall_64+0x31/0x40 [ 943.619562][T23742] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 943.625443][T23742] RIP: 0033:0x7fee285e5929 [ 943.629839][T23742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 943.649427][T23742] RSP: 002b:00007fee26c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 943.657824][T23742] RAX: ffffffffffffffda RBX: 00007fee2880cfa0 RCX: 00007fee285e5929 [ 943.665857][T23742] RDX: 0000000000000050 RSI: 0000200000000740 RDI: 0000000000000000 [ 943.673817][T23742] RBP: 00007fee26c4e090 R08: 0000000000000000 R09: 0000000000000000 [ 943.681762][T23742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 943.689708][T23742] R13: 0000000000000000 R14: 00007fee2880cfa0 R15: 00007ffd345536e8 [ 943.974986][T23748] device sit0 left promiscuous mode [ 944.522633][T23786] FAULT_INJECTION: forcing a failure. [ 944.522633][T23786] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 944.551675][T23786] CPU: 1 PID: 23786 Comm: syz.4.7920 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 944.563059][T23786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 944.573105][T23786] Call Trace: [ 944.576388][T23786] __dump_stack+0x21/0x24 [ 944.580710][T23786] dump_stack_lvl+0x169/0x1d8 [ 944.585378][T23786] ? show_regs_print_info+0x18/0x18 [ 944.590562][T23786] dump_stack+0x15/0x1c [ 944.594710][T23786] should_fail+0x3c1/0x510 [ 944.599124][T23786] should_fail_usercopy+0x1a/0x20 [ 944.604134][T23786] copy_page_from_iter+0x381/0x6c0 [ 944.609242][T23786] pipe_write+0x914/0x1890 [ 944.613656][T23786] ? pipe_write+0x151/0x1890 [ 944.618322][T23786] ? pipe_read+0xfe0/0xfe0 [ 944.622741][T23786] ? fsnotify_perm+0x66/0x4b0 [ 944.627403][T23786] ? security_file_permission+0x83/0xa0 [ 944.632939][T23786] ? iov_iter_init+0x3f/0x120 [ 944.637601][T23786] vfs_write+0x725/0xd60 [ 944.641828][T23786] ? __kasan_slab_free+0x11/0x20 [ 944.646752][T23786] ? kernel_write+0x3c0/0x3c0 [ 944.651427][T23786] ? __fget_files+0x2c4/0x320 [ 944.656099][T23786] ? __fdget_pos+0x1f7/0x380 [ 944.660682][T23786] ? ksys_write+0x71/0x240 [ 944.665090][T23786] ksys_write+0x140/0x240 [ 944.669409][T23786] ? __ia32_sys_read+0x90/0x90 [ 944.674168][T23786] ? fpu__clear_all+0x20/0x20 [ 944.678836][T23786] __x64_sys_write+0x7b/0x90 [ 944.683407][T23786] do_syscall_64+0x31/0x40 [ 944.687826][T23786] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 944.693706][T23786] RIP: 0033:0x7fee285e5929 [ 944.698121][T23786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 944.717723][T23786] RSP: 002b:00007fee26c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 944.726123][T23786] RAX: ffffffffffffffda RBX: 00007fee2880cfa0 RCX: 00007fee285e5929 [ 944.734515][T23786] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000000 [ 944.742471][T23786] RBP: 00007fee26c4e090 R08: 0000000000000000 R09: 0000000000000000 [ 944.750422][T23786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 944.758367][T23786] R13: 0000000000000000 R14: 00007fee2880cfa0 R15: 00007ffd345536e8 [ 945.261037][T23819] FAULT_INJECTION: forcing a failure. [ 945.261037][T23819] name failslab, interval 1, probability 0, space 0, times 0 [ 945.273798][T23819] CPU: 1 PID: 23819 Comm: syz.1.7932 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 945.285331][T23819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 945.295388][T23819] Call Trace: [ 945.298682][T23819] __dump_stack+0x21/0x24 [ 945.303000][T23819] dump_stack_lvl+0x169/0x1d8 [ 945.307675][T23819] ? show_regs_print_info+0x18/0x18 [ 945.312855][T23819] ? __xfrm_sk_clone_policy+0x680/0x680 [ 945.318371][T23819] dump_stack+0x15/0x1c [ 945.322499][T23819] should_fail+0x3c1/0x510 [ 945.326888][T23819] ? ip_tunnel_xmit+0x19a5/0x2280 [ 945.331887][T23819] __should_failslab+0xa4/0xe0 [ 945.336624][T23819] should_failslab+0x9/0x20 [ 945.341102][T23819] __kmalloc_track_caller+0x5f/0x320 [ 945.346359][T23819] ? ip_route_output_flow+0x1d2/0x2d0 [ 945.351702][T23819] ? ip_local_out+0x96/0xb0 [ 945.356179][T23819] ? ip_tunnel_xmit+0x19a5/0x2280 [ 945.361189][T23819] pskb_expand_head+0x123/0x1110 [ 945.366110][T23819] ? tnl_update_pmtu+0x518/0xbc0 [ 945.371022][T23819] ip_tunnel_xmit+0x19a5/0x2280 [ 945.375851][T23819] ? tnl_update_pmtu+0xbc0/0xbc0 [ 945.380761][T23819] ? skb_network_protocol+0x5b8/0x770 [ 945.386115][T23819] ? gre_build_header+0x229/0x790 [ 945.391110][T23819] ipgre_xmit+0x7c0/0xb30 [ 945.395417][T23819] dev_hard_start_xmit+0x244/0x670 [ 945.400500][T23819] __dev_queue_xmit+0x1446/0x2540 [ 945.405499][T23819] ? dev_queue_xmit+0x20/0x20 [ 945.410146][T23819] ? __kasan_check_write+0x14/0x20 [ 945.415251][T23819] ? skb_release_data+0x3b3/0x670 [ 945.420270][T23819] ? skb_ensure_writable+0x2e7/0x460 [ 945.425540][T23819] ? __kasan_check_write+0x14/0x20 [ 945.430628][T23819] ? pskb_expand_head+0xb28/0x1110 [ 945.435726][T23819] dev_queue_xmit+0x17/0x20 [ 945.440200][T23819] __bpf_redirect+0x699/0xe30 [ 945.444855][T23819] bpf_clone_redirect+0x242/0x380 [ 945.449861][T23819] bpf_prog_973cd02a7a0e8181+0x56/0x634 [ 945.455391][T23819] ? sk_get_meminfo+0x90/0x490 [ 945.460126][T23819] ? bpf_prog_test_run_skb+0x31d/0x10b0 [ 945.465659][T23819] ? bpf_prog_test_run+0x350/0x3c0 [ 945.470741][T23819] ? __se_sys_bpf+0x49f/0x680 [ 945.475388][T23819] ? __x64_sys_bpf+0x7b/0x90 [ 945.479952][T23819] ? do_syscall_64+0x31/0x40 [ 945.484514][T23819] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 945.490577][T23819] ? __kasan_check_read+0x11/0x20 [ 945.495572][T23819] ? bpf_test_timer_continue+0x147/0x410 [ 945.501175][T23819] bpf_test_run+0x310/0x9b0 [ 945.505654][T23819] ? convert___skb_to_skb+0x4f0/0x4f0 [ 945.511006][T23819] ? eth_get_headlen+0x1f0/0x1f0 [ 945.515919][T23819] ? convert___skb_to_skb+0x41/0x4f0 [ 945.521175][T23819] bpf_prog_test_run_skb+0x9c2/0x10b0 [ 945.526530][T23819] ? __bpf_prog_test_run_raw_tp+0x240/0x240 [ 945.532410][T23819] bpf_prog_test_run+0x350/0x3c0 [ 945.537323][T23819] __se_sys_bpf+0x49f/0x680 [ 945.541798][T23819] ? __x64_sys_bpf+0x90/0x90 [ 945.546365][T23819] ? fpu__clear_all+0x20/0x20 [ 945.551035][T23819] __x64_sys_bpf+0x7b/0x90 [ 945.555432][T23819] do_syscall_64+0x31/0x40 [ 945.559829][T23819] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 945.565698][T23819] RIP: 0033:0x7fd55a91b929 [ 945.570089][T23819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 945.589669][T23819] RSP: 002b:00007fd558f84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 945.598054][T23819] RAX: ffffffffffffffda RBX: 00007fd55ab42fa0 RCX: 00007fd55a91b929 [ 945.606003][T23819] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a [ 945.613950][T23819] RBP: 00007fd558f84090 R08: 0000000000000000 R09: 0000000000000000 [ 945.621899][T23819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 945.629842][T23819] R13: 0000000000000000 R14: 00007fd55ab42fa0 R15: 00007ffd95d6faa8 [ 945.705003][T23811] device sit0 left promiscuous mode [ 945.888241][T23822] device syzkaller0 entered promiscuous mode [ 945.897848][T23824] device sit0 left promiscuous mode [ 945.918389][T23825] device sit0 entered promiscuous mode [ 947.385136][T23871] syz.3.7947[23871] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 947.385191][T23871] syz.3.7947[23871] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 947.406960][T23869] device sit0 entered promiscuous mode [ 948.557916][T23900] syz.2.7958[23900] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 948.557977][T23900] syz.2.7958[23900] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 950.222449][T23949] FAULT_INJECTION: forcing a failure. [ 950.222449][T23949] name failslab, interval 1, probability 0, space 0, times 0 [ 950.430599][T23949] CPU: 0 PID: 23949 Comm: syz.0.7978 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 950.441985][T23949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 950.452029][T23949] Call Trace: [ 950.455314][T23949] __dump_stack+0x21/0x24 [ 950.459641][T23949] dump_stack_lvl+0x169/0x1d8 [ 950.464305][T23949] ? thaw_kernel_threads+0x220/0x220 [ 950.469577][T23949] ? show_regs_print_info+0x18/0x18 [ 950.474769][T23949] dump_stack+0x15/0x1c [ 950.478912][T23949] should_fail+0x3c1/0x510 [ 950.483314][T23949] ? __get_vm_area_node+0x113/0x450 [ 950.488503][T23949] __should_failslab+0xa4/0xe0 [ 950.493254][T23949] should_failslab+0x9/0x20 [ 950.497741][T23949] kmem_cache_alloc_trace+0x3a/0x2e0 [ 950.503010][T23949] ? __perf_event_task_sched_in+0x1fb/0x280 [ 950.508890][T23949] __get_vm_area_node+0x113/0x450 [ 950.513908][T23949] __vmalloc_node_range+0xe0/0x780 [ 950.519004][T23949] ? bpf_prog_alloc_no_stats+0x3b/0x250 [ 950.524537][T23949] ? bpf_prog_alloc_no_stats+0x3b/0x250 [ 950.530067][T23949] __vmalloc+0x79/0x90 [ 950.534121][T23949] ? bpf_prog_alloc_no_stats+0x3b/0x250 [ 950.539651][T23949] bpf_prog_alloc_no_stats+0x3b/0x250 [ 950.545006][T23949] ? bpf_prog_alloc+0x17/0x1f0 [ 950.549754][T23949] bpf_prog_alloc+0x21/0x1f0 [ 950.554333][T23949] bpf_prog_load+0x71d/0x1420 [ 950.558995][T23949] ? map_freeze+0x320/0x320 [ 950.563508][T23949] ? irqentry_exit+0x56/0x60 [ 950.568091][T23949] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 950.573883][T23949] ? selinux_bpf+0xc7/0xf0 [ 950.578287][T23949] ? security_bpf+0x82/0xa0 [ 950.582784][T23949] __se_sys_bpf+0x442/0x680 [ 950.587285][T23949] ? __x64_sys_bpf+0x90/0x90 [ 950.591873][T23949] ? debug_smp_processor_id+0x17/0x20 [ 950.597237][T23949] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 950.603299][T23949] __x64_sys_bpf+0x7b/0x90 [ 950.607704][T23949] do_syscall_64+0x31/0x40 [ 950.612127][T23949] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 950.618008][T23949] RIP: 0033:0x7fea363dc929 [ 950.622413][T23949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 950.642012][T23949] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 950.650437][T23949] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 950.658398][T23949] RDX: 0000000000000023 RSI: 0000200000000300 RDI: 0000000000000005 [ 950.666365][T23949] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 950.674324][T23949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 950.682281][T23949] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 950.988693][T23962] device sit0 left promiscuous mode [ 951.106407][T23963] device sit0 entered promiscuous mode [ 951.166386][T23949] syz.0.7978: vmalloc: allocation failure: 4096 bytes, mode:0x100dc0(GFP_USER|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0 [ 951.334941][T23949] CPU: 0 PID: 23949 Comm: syz.0.7978 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 951.346323][T23949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 951.356376][T23949] Call Trace: [ 951.359667][T23949] __dump_stack+0x21/0x24 [ 951.363996][T23949] dump_stack_lvl+0x169/0x1d8 [ 951.368663][T23949] ? show_regs_print_info+0x18/0x18 [ 951.373854][T23949] ? pr_cont_kernfs_name+0xe3/0xf0 [ 951.379019][T23949] dump_stack+0x15/0x1c [ 951.383172][T23949] warn_alloc+0x1b0/0x1d0 [ 951.387590][T23949] ? __get_vm_area_node+0x113/0x450 [ 951.392783][T23949] ? zone_watermark_ok_safe+0x250/0x250 [ 951.398423][T23949] ? __get_vm_area_node+0x345/0x450 [ 951.403609][T23949] __vmalloc_node_range+0x27d/0x780 [ 951.408800][T23949] ? bpf_prog_alloc_no_stats+0x3b/0x250 [ 951.414332][T23949] __vmalloc+0x79/0x90 [ 951.418400][T23949] ? bpf_prog_alloc_no_stats+0x3b/0x250 [ 951.423978][T23949] bpf_prog_alloc_no_stats+0x3b/0x250 [ 951.429333][T23949] ? bpf_prog_alloc+0x17/0x1f0 [ 951.434079][T23949] bpf_prog_alloc+0x21/0x1f0 [ 951.438655][T23949] bpf_prog_load+0x71d/0x1420 [ 951.443323][T23949] ? map_freeze+0x320/0x320 [ 951.447812][T23949] ? irqentry_exit+0x56/0x60 [ 951.452385][T23949] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 951.458206][T23949] ? selinux_bpf+0xc7/0xf0 [ 951.462604][T23949] ? security_bpf+0x82/0xa0 [ 951.467092][T23949] __se_sys_bpf+0x442/0x680 [ 951.471582][T23949] ? __x64_sys_bpf+0x90/0x90 [ 951.476166][T23949] ? debug_smp_processor_id+0x17/0x20 [ 951.481531][T23949] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 951.487581][T23949] __x64_sys_bpf+0x7b/0x90 [ 951.491984][T23949] do_syscall_64+0x31/0x40 [ 951.496398][T23949] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 951.502274][T23949] RIP: 0033:0x7fea363dc929 [ 951.506677][T23949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 951.526270][T23949] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 951.534677][T23949] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 951.542734][T23949] RDX: 0000000000000023 RSI: 0000200000000300 RDI: 0000000000000005 [ 951.550780][T23949] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 951.558743][T23949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 951.566705][T23949] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 951.735674][T23949] Mem-Info: [ 951.738849][T23949] active_anon:39 inactive_anon:37237 isolated_anon:0 [ 951.738849][T23949] active_file:26396 inactive_file:3128 isolated_file:0 [ 951.738849][T23949] unevictable:0 dirty:64 writeback:0 [ 951.738849][T23949] slab_reclaimable:7425 slab_unreclaimable:76307 [ 951.738849][T23949] mapped:30344 shmem:23480 pagetables:631 bounce:0 [ 951.738849][T23949] free:1528621 free_pcp:1385 free_cma:0 [ 951.797426][T23971] device sit0 entered promiscuous mode [ 951.806720][T23949] Node 0 active_anon:156kB inactive_anon:141748kB active_file:105584kB inactive_file:12512kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:121376kB dirty:256kB writeback:0kB shmem:86920kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4736kB all_unreclaimable? no [ 952.333081][T23949] DMA32 free:2985936kB min:62668kB low:78332kB high:93996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2988824kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:2888kB local_pcp:1452kB free_cma:0kB [ 952.362192][T23949] lowmem_reserve[]: 0 3941 3941 [ 952.367085][T23949] Normal free:3222040kB min:84784kB low:105980kB high:127176kB reserved_highatomic:0KB active_anon:156kB inactive_anon:55856kB active_file:105584kB inactive_file:12512kB unevictable:0kB writepending:288kB present:5242880kB managed:4036368kB mlocked:0kB pagetables:2360kB bounce:0kB free_pcp:2976kB local_pcp:1500kB free_cma:0kB [ 952.398330][T23949] lowmem_reserve[]: 0 0 0 [ 952.404216][T23949] DMA32: 6*4kB (UM) 3*8kB (M) 4*16kB (M) 9*32kB (UM) 9*64kB (UM) 6*128kB (UM) 7*256kB (UM) 5*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 725*4096kB (M) = 2985936kB [ 952.420508][T23949] Normal: 1404*4kB (UME) 1002*8kB (UME) 1104*16kB (UME) 881*32kB (UME) 604*64kB (UME) 316*128kB (UME) 181*256kB (UME) 102*512kB (UM) 41*1024kB (UM) 15*2048kB (UME) 711*4096kB (UM) = 3222112kB [ 952.439701][T23949] 29800 total pagecache pages [ 952.444606][T23949] 0 pages in swap cache [ 952.448749][T23949] Swap cache stats: add 0, delete 0, find 0/0 [ 952.455142][T23949] Free swap = 124996kB [ 952.459299][T23949] Total swap = 124996kB [ 952.463639][T23949] 2097051 pages RAM [ 952.467685][T23949] 0 pages HighMem/MovableOnly [ 952.472469][T23949] 340753 pages reserved [ 952.476607][T23949] 0 pages cma reserved [ 952.510981][T23977] Â: renamed from pim6reg1 [ 952.986411][T23995] GPL: port 1(erspan0) entered blocking state [ 952.995542][T23995] GPL: port 1(erspan0) entered disabled state [ 953.010692][T23995] device erspan0 entered promiscuous mode [ 954.057881][T24064] FAULT_INJECTION: forcing a failure. [ 954.057881][T24064] name failslab, interval 1, probability 0, space 0, times 0 [ 954.070823][T24064] CPU: 0 PID: 24064 Comm: syz.0.8016 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 954.082181][T24064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 954.092232][T24064] Call Trace: [ 954.095514][T24064] __dump_stack+0x21/0x24 [ 954.099829][T24064] dump_stack_lvl+0x169/0x1d8 [ 954.104492][T24064] ? thaw_kernel_threads+0x220/0x220 [ 954.109764][T24064] ? show_regs_print_info+0x18/0x18 [ 954.114951][T24064] ? __kasan_check_write+0x14/0x20 [ 954.120047][T24064] ? skb_release_data+0x3b3/0x670 [ 954.125066][T24064] dump_stack+0x15/0x1c [ 954.129214][T24064] should_fail+0x3c1/0x510 [ 954.133623][T24064] ? skb_clone+0x1e9/0x380 [ 954.138025][T24064] __should_failslab+0xa4/0xe0 [ 954.142778][T24064] should_failslab+0x9/0x20 [ 954.147266][T24064] kmem_cache_alloc+0x3d/0x2e0 [ 954.152078][T24064] ? __bpf_redirect+0x6a7/0xe30 [ 954.156919][T24064] skb_clone+0x1e9/0x380 [ 954.161145][T24064] bpf_clone_redirect+0xa7/0x380 [ 954.166073][T24064] bpf_prog_6893982b85ceadf7+0x56/0x670 [ 954.171601][T24064] ? sk_common_release+0x250/0x2c0 [ 954.176714][T24064] ? bpf_prog_test_run_skb+0x31d/0x10b0 [ 954.182246][T24064] ? bpf_prog_test_run+0x350/0x3c0 [ 954.187432][T24064] ? __se_sys_bpf+0x49f/0x680 [ 954.192100][T24064] ? __x64_sys_bpf+0x7b/0x90 [ 954.196680][T24064] ? do_syscall_64+0x31/0x40 [ 954.201260][T24064] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 954.207585][T24064] ? __kasan_check_read+0x11/0x20 [ 954.212594][T24064] ? bpf_test_timer_continue+0x147/0x410 [ 954.218214][T24064] bpf_test_run+0x310/0x9b0 [ 954.222703][T24064] ? convert___skb_to_skb+0x4f0/0x4f0 [ 954.228065][T24064] ? eth_get_headlen+0x1f0/0x1f0 [ 954.232993][T24064] ? convert___skb_to_skb+0x41/0x4f0 [ 954.238266][T24064] bpf_prog_test_run_skb+0x9c2/0x10b0 [ 954.243627][T24064] ? __bpf_prog_test_run_raw_tp+0x240/0x240 [ 954.249507][T24064] bpf_prog_test_run+0x350/0x3c0 [ 954.254435][T24064] __se_sys_bpf+0x49f/0x680 [ 954.258923][T24064] ? __x64_sys_bpf+0x90/0x90 [ 954.263498][T24064] ? fpu__clear_all+0x20/0x20 [ 954.268164][T24064] __x64_sys_bpf+0x7b/0x90 [ 954.272577][T24064] do_syscall_64+0x31/0x40 [ 954.276984][T24064] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 954.282862][T24064] RIP: 0033:0x7fea363dc929 [ 954.287266][T24064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 954.306902][T24064] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 954.315309][T24064] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 954.323269][T24064] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a [ 954.331230][T24064] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 954.339194][T24064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 954.347156][T24064] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 954.452425][T24078] device pim6reg1 entered promiscuous mode [ 954.873144][T24105] device wg2 entered promiscuous mode [ 955.287529][T24121] FAULT_INJECTION: forcing a failure. [ 955.287529][T24121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 955.352749][T24121] CPU: 0 PID: 24121 Comm: syz.0.8035 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 955.364126][T24121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 955.374161][T24121] Call Trace: [ 955.377430][T24121] __dump_stack+0x21/0x24 [ 955.381740][T24121] dump_stack_lvl+0x169/0x1d8 [ 955.386391][T24121] ? show_regs_print_info+0x18/0x18 [ 955.391559][T24121] dump_stack+0x15/0x1c [ 955.396748][T24121] should_fail+0x3c1/0x510 [ 955.401156][T24121] should_fail_usercopy+0x1a/0x20 [ 955.406701][T24121] strncpy_from_user+0x24/0x2e0 [ 955.411533][T24121] bpf_prog_load+0x15d/0x1420 [ 955.416192][T24121] ? kvm_sched_clock_read+0x18/0x40 [ 955.421367][T24121] ? sched_clock+0x3a/0x40 [ 955.425758][T24121] ? sched_clock_cpu+0x1b/0x3d0 [ 955.430577][T24121] ? sched_clock+0x3a/0x40 [ 955.434963][T24121] ? sched_clock_cpu+0x1b/0x3d0 [ 955.439791][T24121] ? map_freeze+0x320/0x320 [ 955.444266][T24121] ? __irq_exit_rcu+0x40/0x150 [ 955.449004][T24121] ? __se_sys_bpf+0x1e4/0x680 [ 955.453649][T24121] __se_sys_bpf+0x442/0x680 [ 955.458122][T24121] ? __x64_sys_bpf+0x90/0x90 [ 955.462690][T24121] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 955.468815][T24121] __x64_sys_bpf+0x7b/0x90 [ 955.473206][T24121] do_syscall_64+0x31/0x40 [ 955.477594][T24121] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 955.483455][T24121] RIP: 0033:0x7fea363dc929 [ 955.487856][T24121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 955.507430][T24121] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 955.515826][T24121] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 955.523769][T24121] RDX: 0000000000000048 RSI: 0000200000000200 RDI: 0000000000000005 [ 955.531719][T24121] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 955.539663][T24121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 955.547605][T24121] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 955.887102][T24158] device pim6reg1 entered promiscuous mode [ 955.903555][T24156] device pim6reg1 entered promiscuous mode [ 957.110084][T24210] FAULT_INJECTION: forcing a failure. [ 957.110084][T24210] name failslab, interval 1, probability 0, space 0, times 0 [ 957.122773][T24210] CPU: 0 PID: 24210 Comm: syz.2.8069 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 957.134122][T24210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 957.144169][T24210] Call Trace: [ 957.147448][T24210] __dump_stack+0x21/0x24 [ 957.151759][T24210] dump_stack_lvl+0x169/0x1d8 [ 957.156426][T24210] ? thaw_kernel_threads+0x220/0x220 [ 957.161693][T24210] ? show_regs_print_info+0x18/0x18 [ 957.166885][T24210] ? __kasan_check_write+0x14/0x20 [ 957.171980][T24210] ? skb_release_data+0x3b3/0x670 [ 957.176998][T24210] dump_stack+0x15/0x1c [ 957.181157][T24210] should_fail+0x3c1/0x510 [ 957.185567][T24210] ? skb_clone+0x1e9/0x380 [ 957.189975][T24210] __should_failslab+0xa4/0xe0 [ 957.194727][T24210] should_failslab+0x9/0x20 [ 957.199220][T24210] kmem_cache_alloc+0x3d/0x2e0 [ 957.210428][T24210] ? __bpf_redirect+0x6a7/0xe30 [ 957.215280][T24210] skb_clone+0x1e9/0x380 [ 957.219520][T24210] bpf_clone_redirect+0xa7/0x380 [ 957.224453][T24210] bpf_prog_6893982b85ceadf7+0x56/0x23c [ 957.229992][T24210] ? sk_common_release+0x250/0x2c0 [ 957.235088][T24210] ? bpf_prog_test_run_skb+0x31d/0x10b0 [ 957.240607][T24210] ? bpf_prog_test_run+0x350/0x3c0 [ 957.245784][T24210] ? __se_sys_bpf+0x49f/0x680 [ 957.250463][T24210] ? __x64_sys_bpf+0x7b/0x90 [ 957.255032][T24210] ? do_syscall_64+0x31/0x40 [ 957.259597][T24210] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 957.265648][T24210] ? __kasan_check_read+0x11/0x20 [ 957.270645][T24210] ? bpf_test_timer_continue+0x147/0x410 [ 957.276250][T24210] bpf_test_run+0x310/0x9b0 [ 957.280763][T24210] ? convert___skb_to_skb+0x4f0/0x4f0 [ 957.286498][T24210] ? eth_get_headlen+0x1f0/0x1f0 [ 957.291411][T24210] ? convert___skb_to_skb+0x41/0x4f0 [ 957.296667][T24210] bpf_prog_test_run_skb+0x9c2/0x10b0 [ 957.302810][T24210] ? __bpf_prog_test_run_raw_tp+0x240/0x240 [ 957.308674][T24210] bpf_prog_test_run+0x350/0x3c0 [ 957.313582][T24210] __se_sys_bpf+0x49f/0x680 [ 957.318055][T24210] ? __x64_sys_bpf+0x90/0x90 [ 957.322625][T24210] ? fpu__clear_all+0x20/0x20 [ 957.327273][T24210] __x64_sys_bpf+0x7b/0x90 [ 957.331661][T24210] do_syscall_64+0x31/0x40 [ 957.336050][T24210] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 957.341989][T24210] RIP: 0033:0x7f161a977929 [ 957.346381][T24210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 957.365965][T24210] RSP: 002b:00007f1618fe0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 957.374372][T24210] RAX: ffffffffffffffda RBX: 00007f161ab9efa0 RCX: 00007f161a977929 [ 957.382324][T24210] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a [ 957.390269][T24210] RBP: 00007f1618fe0090 R08: 0000000000000000 R09: 0000000000000000 [ 957.398214][T24210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 957.406183][T24210] R13: 0000000000000000 R14: 00007f161ab9efa0 R15: 00007ffc5ca043e8 [ 959.047374][T24233] device syzkaller0 entered promiscuous mode [ 959.638370][T24240] device sit0 left promiscuous mode [ 959.767643][T24238] device sit0 entered promiscuous mode [ 960.526004][T24255] device sit0 left promiscuous mode [ 960.801290][T24255] device sit0 entered promiscuous mode [ 964.213729][T24368] FAULT_INJECTION: forcing a failure. [ 964.213729][T24368] name failslab, interval 1, probability 0, space 0, times 0 [ 964.259389][T24368] CPU: 1 PID: 24368 Comm: syz.4.8124 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 964.270821][T24368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 964.281129][T24368] Call Trace: [ 964.284544][T24368] __dump_stack+0x21/0x24 [ 964.288863][T24368] dump_stack_lvl+0x169/0x1d8 [ 964.293532][T24368] ? thaw_kernel_threads+0x220/0x220 [ 964.298803][T24368] ? slab_post_alloc_hook+0x5d/0x2f0 [ 964.304599][T24368] ? show_regs_print_info+0x18/0x18 [ 964.309784][T24368] ? new_inode_pseudo+0x91/0x210 [ 964.314799][T24368] ? proc_pid_make_inode+0x27/0x1d0 [ 964.320250][T24368] ? proc_pident_instantiate+0x69/0x2b0 [ 964.325783][T24368] ? proc_pident_lookup+0x1c0/0x270 [ 964.330970][T24368] ? path_openat+0x1127/0x3160 [ 964.335807][T24368] ? do_filp_open+0x1b3/0x3e0 [ 964.340470][T24368] ? do_sys_openat2+0x14c/0x6d0 [ 964.345398][T24368] dump_stack+0x15/0x1c [ 964.349798][T24368] should_fail+0x3c1/0x510 [ 964.354246][T24368] ? __alloc_skb+0x9e/0x520 [ 964.358732][T24368] __should_failslab+0xa4/0xe0 [ 964.363484][T24368] should_failslab+0x9/0x20 [ 964.367976][T24368] kmem_cache_alloc+0x3d/0x2e0 [ 964.372727][T24368] __alloc_skb+0x9e/0x520 [ 964.377041][T24368] ? avc_has_perm+0x234/0x360 [ 964.381707][T24368] tipc_msg_build+0xd0/0xc90 [ 964.386281][T24368] ? avc_has_perm_noaudit+0x240/0x240 [ 964.391639][T24368] __tipc_sendstream+0x93f/0x1740 [ 964.396658][T24368] ? tsk_advance_rx_queue+0x700/0x700 [ 964.402013][T24368] ? wait_woken+0x180/0x180 [ 964.406502][T24368] ? kasan_set_track+0x5b/0x70 [ 964.411250][T24368] ? kasan_set_track+0x4a/0x70 [ 964.415995][T24368] tipc_send_packet+0x7c/0xa0 [ 964.420654][T24368] ? tipc_sk_send_ack+0x630/0x630 [ 964.426192][T24368] ____sys_sendmsg+0x5a2/0x8c0 [ 964.430942][T24368] ? __sys_sendmsg_sock+0x40/0x40 [ 964.435951][T24368] ? import_iovec+0x7c/0xb0 [ 964.440436][T24368] ___sys_sendmsg+0x1f0/0x260 [ 964.445096][T24368] ? __sys_sendmsg+0x250/0x250 [ 964.449941][T24368] ? rw_verify_area+0x1c0/0x360 [ 964.454776][T24368] ? __fdget+0x1a1/0x230 [ 964.459001][T24368] __x64_sys_sendmsg+0x1e2/0x2a0 [ 964.463916][T24368] ? fput+0x1a/0x20 [ 964.467703][T24368] ? ___sys_sendmsg+0x260/0x260 [ 964.472539][T24368] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 964.478589][T24368] do_syscall_64+0x31/0x40 [ 964.483000][T24368] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 964.488873][T24368] RIP: 0033:0x7fee285e5929 [ 964.493273][T24368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 964.513467][T24368] RSP: 002b:00007fee26c4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 964.521861][T24368] RAX: ffffffffffffffda RBX: 00007fee2880cfa0 RCX: 00007fee285e5929 [ 964.529813][T24368] RDX: 0000000000000000 RSI: 00002000000008c0 RDI: 0000000000000006 [ 964.537764][T24368] RBP: 00007fee26c4e090 R08: 0000000000000000 R09: 0000000000000000 [ 964.545718][T24368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 964.553757][T24368] R13: 0000000000000000 R14: 00007fee2880cfa0 R15: 00007ffd345536e8 [ 964.809221][T24394] FAULT_INJECTION: forcing a failure. [ 964.809221][T24394] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 964.861677][T24394] CPU: 0 PID: 24394 Comm: syz.0.8134 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 964.873060][T24394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 964.883113][T24394] Call Trace: [ 964.886401][T24394] __dump_stack+0x21/0x24 [ 964.890744][T24394] dump_stack_lvl+0x169/0x1d8 [ 964.895424][T24394] ? show_regs_print_info+0x18/0x18 [ 964.900614][T24394] dump_stack+0x15/0x1c [ 964.904751][T24394] should_fail+0x3c1/0x510 [ 964.909153][T24394] should_fail_alloc_page+0x4f/0x60 [ 964.914342][T24394] __alloc_pages_nodemask+0x109/0x5f0 [ 964.919697][T24394] ? _kstrtoull+0x3c0/0x4d0 [ 964.924197][T24394] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 964.929750][T24394] ? kstrtouint_from_user+0x1a0/0x200 [ 964.935122][T24394] ? memset+0x35/0x40 [ 964.939111][T24394] ? __fsnotify_parent+0x5f5/0x6c0 [ 964.944220][T24394] ? avc_policy_seqno+0x1b/0x70 [ 964.949168][T24394] __get_free_pages+0xe/0x30 [ 964.953753][T24394] mem_rw+0x8a/0x600 [ 964.957653][T24394] mem_write+0x33/0x40 [ 964.961716][T24394] ? mem_read+0x40/0x40 [ 964.965888][T24394] vfs_write+0x32d/0xd60 [ 964.970219][T24394] ? __kasan_slab_free+0x11/0x20 [ 964.975152][T24394] ? kernel_write+0x3c0/0x3c0 [ 964.979937][T24394] ? __kasan_check_write+0x14/0x20 [ 964.985046][T24394] ? mutex_lock+0x8c/0xe0 [ 964.989367][T24394] ? mutex_trylock+0xa0/0xa0 [ 964.993952][T24394] ? __fget_files+0x2c4/0x320 [ 964.998626][T24394] ? __fdget_pos+0x2d2/0x380 [ 965.003227][T24394] ? ksys_write+0x71/0x240 [ 965.007644][T24394] ksys_write+0x140/0x240 [ 965.011965][T24394] ? __ia32_sys_read+0x90/0x90 [ 965.016728][T24394] ? fpu__clear_all+0x20/0x20 [ 965.021403][T24394] __x64_sys_write+0x7b/0x90 [ 965.025988][T24394] do_syscall_64+0x31/0x40 [ 965.030397][T24394] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 965.036280][T24394] RIP: 0033:0x7fea363dc929 [ 965.040679][T24394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 965.060266][T24394] RSP: 002b:00007fea34a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 965.068648][T24394] RAX: ffffffffffffffda RBX: 00007fea36603fa0 RCX: 00007fea363dc929 [ 965.076620][T24394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 965.084562][T24394] RBP: 00007fea34a45090 R08: 0000000000000000 R09: 0000000000000000 [ 965.092502][T24394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 965.100439][T24394] R13: 0000000000000000 R14: 00007fea36603fa0 R15: 00007ffc9cdd16a8 [ 966.126090][T24425] FAULT_INJECTION: forcing a failure. [ 966.126090][T24425] name failslab, interval 1, probability 0, space 0, times 0 [ 966.138724][T24425] CPU: 0 PID: 24425 Comm: syz.1.8142 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 966.150065][T24425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 966.160094][T24425] Call Trace: [ 966.163367][T24425] __dump_stack+0x21/0x24 [ 966.167667][T24425] dump_stack_lvl+0x169/0x1d8 [ 966.172314][T24425] ? show_regs_print_info+0x18/0x18 [ 966.177481][T24425] dump_stack+0x15/0x1c [ 966.181623][T24425] should_fail+0x3c1/0x510 [ 966.186011][T24425] ? __alloc_skb+0x9e/0x520 [ 966.190485][T24425] __should_failslab+0xa4/0xe0 [ 966.195225][T24425] should_failslab+0x9/0x20 [ 966.199727][T24425] kmem_cache_alloc+0x3d/0x2e0 [ 966.204465][T24425] ? unwind_get_return_address+0x4d/0x90 [ 966.210072][T24425] __alloc_skb+0x9e/0x520 [ 966.214377][T24425] ? __kasan_check_write+0x14/0x20 [ 966.219462][T24425] __napi_alloc_skb+0x158/0x2e0 [ 966.224322][T24425] napi_get_frags+0x6b/0x170 [ 966.228884][T24425] tun_get_user+0xa2c/0x3090 [ 966.233606][T24425] ? ____kasan_slab_free+0x125/0x160 [ 966.238876][T24425] ? __kasan_slab_free+0x11/0x20 [ 966.243791][T24425] ? putname+0xfe/0x150 [ 966.247920][T24425] ? __x64_sys_openat+0x136/0x160 [ 966.252945][T24425] ? tun_do_read+0x1c00/0x1c00 [ 966.257679][T24425] ? kstrtouint_from_user+0x1a0/0x200 [ 966.263021][T24425] ? __fsnotify_parent+0x5f5/0x6c0 [ 966.268105][T24425] ? avc_policy_seqno+0x1b/0x70 [ 966.273012][T24425] ? selinux_file_permission+0x2a5/0x510 [ 966.278630][T24425] ? fsnotify_perm+0x66/0x4b0 [ 966.283290][T24425] tun_chr_write_iter+0x1bf/0x270 [ 966.288291][T24425] vfs_write+0x725/0xd60 [ 966.292508][T24425] ? kernel_write+0x3c0/0x3c0 [ 966.297163][T24425] ? __fget_files+0x2c4/0x320 [ 966.301828][T24425] ? __fdget_pos+0x1f7/0x380 [ 966.306390][T24425] ? ksys_write+0x71/0x240 [ 966.310774][T24425] ksys_write+0x140/0x240 [ 966.315078][T24425] ? __ia32_sys_read+0x90/0x90 [ 966.319810][T24425] ? fpu__clear_all+0x20/0x20 [ 966.324592][T24425] __x64_sys_write+0x7b/0x90 [ 966.329262][T24425] do_syscall_64+0x31/0x40 [ 966.333656][T24425] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 966.339522][T24425] RIP: 0033:0x7fd55a91b929 [ 966.343908][T24425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 966.363484][T24425] RSP: 002b:00007fd558f84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 966.371871][T24425] RAX: ffffffffffffffda RBX: 00007fd55ab42fa0 RCX: 00007fd55a91b929 [ 966.379913][T24425] RDX: 000000000000fdef RSI: 0000200000000440 RDI: 0000000000000003 [ 966.387879][T24425] RBP: 00007fd558f84090 R08: 0000000000000000 R09: 0000000000000000 [ 966.395829][T24425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 966.403781][T24425] R13: 0000000000000000 R14: 00007fd55ab42fa0 R15: 00007ffd95d6faa8 [ 968.185369][T24449] device syzkaller0 entered promiscuous mode [ 968.784118][ T24] audit: type=1400 audit(1750954258.770:165): avc: denied { create } for pid=24453 comm="syz.3.8150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 968.912873][T24456] FAULT_INJECTION: forcing a failure. [ 968.912873][T24456] name failslab, interval 1, probability 0, space 0, times 0 [ 969.042976][T24456] CPU: 0 PID: 24456 Comm: syz.1.8151 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 969.056049][T24456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 969.066281][T24456] Call Trace: [ 969.069566][T24456] __dump_stack+0x21/0x24 [ 969.073903][T24456] dump_stack_lvl+0x169/0x1d8 [ 969.078569][T24456] ? thaw_kernel_threads+0x220/0x220 [ 969.084454][T24456] ? show_regs_print_info+0x18/0x18 [ 969.089644][T24456] dump_stack+0x15/0x1c [ 969.093790][T24456] should_fail+0x3c1/0x510 [ 969.098201][T24456] ? __build_skb+0x2d/0x310 [ 969.102868][T24456] __should_failslab+0xa4/0xe0 [ 969.107617][T24456] should_failslab+0x9/0x20 [ 969.112104][T24456] kmem_cache_alloc+0x3d/0x2e0 [ 969.116858][T24456] __build_skb+0x2d/0x310 [ 969.121205][T24456] build_skb+0x24/0x200 [ 969.125345][T24456] ? tun_get_user+0x7ff/0x3090 [ 969.130188][T24456] tun_get_user+0x818/0x3090 [ 969.134808][T24456] ? tun_do_read+0x1c00/0x1c00 [ 969.139671][T24456] ? kstrtouint_from_user+0x1a0/0x200 [ 969.145208][T24456] ? __fsnotify_parent+0x5f5/0x6c0 [ 969.150322][T24456] ? avc_policy_seqno+0x1b/0x70 [ 969.155164][T24456] ? selinux_file_permission+0x2a5/0x510 [ 969.160789][T24456] ? fsnotify_perm+0x66/0x4b0 [ 969.165464][T24456] tun_chr_write_iter+0x1bf/0x270 [ 969.170489][T24456] vfs_write+0x725/0xd60 [ 969.174717][T24456] ? kernel_write+0x3c0/0x3c0 [ 969.179381][T24456] ? __fget_files+0x2c4/0x320 [ 969.184052][T24456] ? __fdget_pos+0x1f7/0x380 [ 969.188724][T24456] ? ksys_write+0x71/0x240 [ 969.193251][T24456] ksys_write+0x140/0x240 [ 969.197762][T24456] ? __ia32_sys_read+0x90/0x90 [ 969.203135][T24456] ? fpu__clear_all+0x20/0x20 [ 969.207805][T24456] __x64_sys_write+0x7b/0x90 [ 969.212656][T24456] do_syscall_64+0x31/0x40 [ 969.217076][T24456] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 969.223071][T24456] RIP: 0033:0x7fd55a91b929 [ 969.227595][T24456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 969.247487][T24456] RSP: 002b:00007fd558f84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 969.256284][T24456] RAX: ffffffffffffffda RBX: 00007fd55ab42fa0 RCX: 00007fd55a91b929 [ 969.264514][T24456] RDX: 000000000000000e RSI: 0000200000000000 RDI: 00000000000000c8 [ 969.272777][T24456] RBP: 00007fd558f84090 R08: 0000000000000000 R09: 0000000000000000 [ 969.280744][T24456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 969.288717][T24456] R13: 0000000000000000 R14: 00007fd55ab42fa0 R15: 00007ffd95d6faa8 [ 970.876829][T24478] device pim6reg1 entered promiscuous mode [ 971.044207][T24482] device sit0 left promiscuous mode [ 971.726626][T24482] device sit0 entered promiscuous mode [ 972.447410][T24519] device pim6reg1 entered promiscuous mode [ 972.984326][T24525] device sit0 left promiscuous mode [ 973.042986][T24527] device sit0 left promiscuous mode [ 973.067420][T24528] device sit0 entered promiscuous mode [ 973.720893][T24529] device sit0 entered promiscuous mode [ 973.944385][T24549] device pim6reg1 entered promiscuous mode [ 974.290299][T24566] device pim6reg1 entered promiscuous mode [ 975.006542][T24579] device sit0 left promiscuous mode [ 975.029489][T24579] device sit0 entered promiscuous mode [ 975.717368][T24598] device pim6reg1 entered promiscuous mode [ 976.563703][T24615] device sit0 left promiscuous mode [ 976.858294][T24620] device sit0 entered promiscuous mode [ 977.118010][T24626] device sit0 left promiscuous mode [ 977.142152][T24628] device sit0 entered promiscuous mode [ 977.521090][T24638] device pim6reg1 entered promiscuous mode [ 978.800900][T24672] device sit0 left promiscuous mode [ 978.944117][T24674] device sit0 entered promiscuous mode [ 980.506881][T24713] device sit0 left promiscuous mode [ 980.714830][T24716] device sit0 entered promiscuous mode [ 983.929094][T24761] device sit0 left promiscuous mode [ 983.954822][T24762] device sit0 entered promiscuous mode [ 985.170656][T24793] syz.0.8272[24793] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 985.170720][T24793] syz.0.8272[24793] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 986.074875][T24806] device sit0 left promiscuous mode [ 986.320649][T24809] device sit0 entered promiscuous mode [ 987.041739][T24815] device sit0 left promiscuous mode [ 987.076879][T24802] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.093610][T24802] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.101286][T24802] device bridge_slave_0 entered promiscuous mode [ 987.123470][T24818] device sit0 entered promiscuous mode [ 987.875883][T24802] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.887990][T24802] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.895615][T24802] device bridge_slave_1 entered promiscuous mode [ 987.915003][T24829] syz.2.8283[24829] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 987.915057][T24829] syz.2.8283[24829] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 988.252253][T24840] device sit0 left promiscuous mode [ 988.421828][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 988.444656][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 988.520501][T24840] device sit0 entered promiscuous mode [ 989.030554][T24849] device sit0 left promiscuous mode [ 989.051220][T24849] device sit0 entered promiscuous mode [ 989.078942][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 989.092048][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 989.101058][T12559] bridge0: port 1(bridge_slave_0) entered blocking state [ 989.108210][T12559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 989.116193][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 989.127443][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 989.139604][T12559] bridge0: port 2(bridge_slave_1) entered blocking state [ 989.146686][T12559] bridge0: port 2(bridge_slave_1) entered forwarding state [ 989.211829][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 989.219820][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 989.230225][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 989.239955][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 989.248454][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 989.257219][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 989.265929][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 989.278156][T24802] device veth0_vlan entered promiscuous mode [ 989.292263][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 989.305675][T24865] syz.1.8297[24865] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 989.305731][T24865] syz.1.8297[24865] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 989.305773][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 989.339244][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 989.347453][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 989.362968][ T9] device bridge_slave_1 left promiscuous mode [ 989.369328][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 989.377098][ T9] device bridge_slave_0 left promiscuous mode [ 989.383690][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 989.508665][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 989.520933][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 989.543925][T24802] device veth1_macvtap entered promiscuous mode [ 989.568446][T24868] GPL: port 1(erspan0) entered blocking state [ 989.575743][T24868] GPL: port 1(erspan0) entered disabled state [ 989.630703][T24868] device erspan0 entered promiscuous mode [ 989.738418][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 989.752021][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 989.760972][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 989.771554][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 989.780814][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 990.171948][T24883] device sit0 left promiscuous mode [ 990.396414][T24886] device sit0 entered promiscuous mode [ 990.895457][T24915] device sit0 left promiscuous mode [ 990.940251][T24915] device sit0 entered promiscuous mode [ 991.552075][T24941] syz.2.8321[24941] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.552131][T24941] syz.2.8321[24941] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 992.920196][T24980] device sit0 left promiscuous mode [ 993.342051][T24982] device sit0 entered promiscuous mode [ 993.846691][T24985] device sit0 left promiscuous mode [ 993.877898][T24987] device sit0 entered promiscuous mode [ 994.154480][T25002] syz.4.8340[25002] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 994.154538][T25002] syz.4.8340[25002] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 994.256433][T25006] device sit0 entered promiscuous mode [ 994.833644][T25008] device sit0 left promiscuous mode [ 994.861297][T25011] device sit0 entered promiscuous mode [ 994.941802][T25023] device sit0 left promiscuous mode [ 995.007239][T25023] device sit0 entered promiscuous mode [ 996.272004][T25063] syz.4.8361[25063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 996.272058][T25063] syz.4.8361[25063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 996.377230][T25068] device sit0 left promiscuous mode [ 996.504440][T25068] device sit0 entered promiscuous mode [ 997.260801][T25091] device sit0 left promiscuous mode [ 997.277433][T25097] syz.4.8373[25097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.277489][T25097] syz.4.8373[25097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.284922][T25091] device sit0 entered promiscuous mode [ 998.122451][T25122] device sit0 left promiscuous mode [ 998.224130][T25128] syz.0.8386[25128] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 998.224185][T25128] syz.0.8386[25128] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 998.257438][T25126] device sit0 entered promiscuous mode [ 999.139839][T25162] device sit0 left promiscuous mode [ 999.178713][T25162] device sit0 entered promiscuous mode [ 1000.010584][T25177] device sit0 left promiscuous mode [ 1000.034129][T25178] device sit0 entered promiscuous mode [ 1000.309219][T25207] device sit0 left promiscuous mode [ 1000.506828][T25210] device sit0 entered promiscuous mode [ 1001.273334][T25223] device sit0 left promiscuous mode [ 1001.294604][T25223] device sit0 entered promiscuous mode [ 1001.599206][T25244] FAULT_INJECTION: forcing a failure. [ 1001.599206][T25244] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1001.644361][T25244] CPU: 1 PID: 25244 Comm: syz.0.8423 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1001.656085][T25244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1001.666140][T25244] Call Trace: [ 1001.669430][T25244] __dump_stack+0x21/0x24 [ 1001.673754][T25244] dump_stack_lvl+0x169/0x1d8 [ 1001.678418][T25244] ? show_regs_print_info+0x18/0x18 [ 1001.683606][T25244] dump_stack+0x15/0x1c [ 1001.687749][T25244] should_fail+0x3c1/0x510 [ 1001.692160][T25244] should_fail_alloc_page+0x4f/0x60 [ 1001.697353][T25244] __alloc_pages_nodemask+0x109/0x5f0 [ 1001.702718][T25244] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1001.708253][T25244] ? sched_clock+0x3a/0x40 [ 1001.712655][T25244] ? sched_clock_cpu+0x1b/0x3d0 [ 1001.717510][T25244] ? sched_clock+0x3a/0x40 [ 1001.721913][T25244] ? sched_clock_cpu+0x1b/0x3d0 [ 1001.726755][T25244] __get_free_pages+0xe/0x30 [ 1001.731331][T25244] kasan_populate_vmalloc_pte+0x29/0x120 [ 1001.736951][T25244] __apply_to_page_range+0x74e/0x9e0 [ 1001.742313][T25244] ? kasan_populate_vmalloc+0x70/0x70 [ 1001.747679][T25244] ? kasan_populate_vmalloc+0x70/0x70 [ 1001.753046][T25244] apply_to_page_range+0x3b/0x50 [ 1001.757983][T25244] kasan_populate_vmalloc+0x60/0x70 [ 1001.763182][T25244] alloc_vmap_area+0x1734/0x1870 [ 1001.768138][T25244] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 1001.773953][T25244] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1001.780019][T25244] ? vm_map_ram+0x9c0/0x9c0 [ 1001.784622][T25244] ? kmem_cache_alloc_trace+0x18d/0x2e0 [ 1001.790688][T25244] ? kmem_cache_alloc_trace+0x184/0x2e0 [ 1001.796234][T25244] ? selinux_capable+0x29c/0x380 [ 1001.801180][T25244] ? __get_vm_area_node+0x113/0x450 [ 1001.806379][T25244] __get_vm_area_node+0x147/0x450 [ 1001.811400][T25244] __vmalloc_node_range+0xe0/0x780 [ 1001.816591][T25244] ? reuseport_array_alloc+0x16e/0x260 [ 1001.822039][T25244] ? cap_capable+0x19c/0x220 [ 1001.826626][T25244] bpf_map_area_alloc+0xd5/0xe0 [ 1001.831479][T25244] ? reuseport_array_alloc+0x16e/0x260 [ 1001.837054][T25244] reuseport_array_alloc+0x16e/0x260 [ 1001.842503][T25244] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1001.849451][T25244] ? reuseport_array_alloc_check+0x90/0x90 [ 1001.855258][T25244] ? array_map_alloc_check+0x284/0x390 [ 1001.860722][T25244] map_create+0x441/0x2190 [ 1001.865132][T25244] __se_sys_bpf+0x203/0x680 [ 1001.869637][T25244] ? __x64_sys_bpf+0x90/0x90 [ 1001.874226][T25244] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1001.880387][T25244] __x64_sys_bpf+0x7b/0x90 [ 1001.884804][T25244] do_syscall_64+0x31/0x40 [ 1001.889221][T25244] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1001.895103][T25244] RIP: 0033:0x7f1db571e929 [ 1001.899513][T25244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.919197][T25244] RSP: 002b:00007f1db3d87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1001.927603][T25244] RAX: ffffffffffffffda RBX: 00007f1db5945fa0 RCX: 00007f1db571e929 [ 1001.935566][T25244] RDX: 0000000000000050 RSI: 0000200000000300 RDI: 0000000000000000 [ 1001.943531][T25244] RBP: 00007f1db3d87090 R08: 0000000000000000 R09: 0000000000000000 [ 1001.951496][T25244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1001.959457][T25244] R13: 0000000000000000 R14: 00007f1db5945fa0 R15: 00007fffd545f4d8 [ 1002.154397][T25252] device sit0 left promiscuous mode [ 1002.255382][T25252] device sit0 entered promiscuous mode [ 1003.079296][T25286] device sit0 left promiscuous mode [ 1003.098443][T25286] device sit0 entered promiscuous mode [ 1003.884251][T25284] device syzkaller0 entered promiscuous mode [ 1003.997227][T25305] device pim6reg1 entered promiscuous mode [ 1004.057384][T25314] device sit0 left promiscuous mode [ 1004.073357][T25314] device sit0 entered promiscuous mode [ 1004.157542][T25316] FAULT_INJECTION: forcing a failure. [ 1004.157542][T25316] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.293271][T25316] CPU: 1 PID: 25316 Comm: syz.3.8448 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1004.305114][T25316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1004.315893][T25316] Call Trace: [ 1004.319183][T25316] __dump_stack+0x21/0x24 [ 1004.323526][T25316] dump_stack_lvl+0x169/0x1d8 [ 1004.328193][T25316] ? show_regs_print_info+0x18/0x18 [ 1004.333389][T25316] ? sched_clock+0x3a/0x40 [ 1004.337808][T25316] dump_stack+0x15/0x1c [ 1004.341966][T25316] should_fail+0x3c1/0x510 [ 1004.346498][T25316] ? sock_alloc_inode+0x1b/0xb0 [ 1004.351350][T25316] __should_failslab+0xa4/0xe0 [ 1004.356122][T25316] should_failslab+0x9/0x20 [ 1004.360621][T25316] kmem_cache_alloc+0x3d/0x2e0 [ 1004.365394][T25316] ? sockfs_init_fs_context+0xb0/0xb0 [ 1004.370757][T25316] sock_alloc_inode+0x1b/0xb0 [ 1004.375439][T25316] ? sockfs_init_fs_context+0xb0/0xb0 [ 1004.380806][T25316] new_inode_pseudo+0x62/0x210 [ 1004.385590][T25316] __sock_create+0x12c/0x770 [ 1004.390173][T25316] __sys_socketpair+0x218/0x590 [ 1004.395186][T25316] __x64_sys_socketpair+0x9b/0xb0 [ 1004.400242][T25316] do_syscall_64+0x31/0x40 [ 1004.404659][T25316] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1004.410551][T25316] RIP: 0033:0x7f28e5e7a929 [ 1004.414960][T25316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1004.434683][T25316] RSP: 002b:00007f28e44e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1004.443087][T25316] RAX: ffffffffffffffda RBX: 00007f28e60a1fa0 RCX: 00007f28e5e7a929 [ 1004.451047][T25316] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 1004.459031][T25316] RBP: 00007f28e44e3090 R08: 0000000000000000 R09: 0000000000000000 [ 1004.467426][T25316] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001 [ 1004.475611][T25316] R13: 0000000000000000 R14: 00007f28e60a1fa0 R15: 00007ffff6c3ed88 [ 1004.932059][T25316] socket: no more sockets [ 1005.266324][T25338] device sit0 left promiscuous mode [ 1005.289789][T25340] device sit0 entered promiscuous mode [ 1006.372451][T25364] device sit0 left promiscuous mode [ 1006.411656][T25364] device sit0 entered promiscuous mode [ 1008.084475][T25409] Â: renamed from pim6reg1 [ 1008.688408][T25437] device sit0 left promiscuous mode [ 1008.744971][T25437] device sit0 entered promiscuous mode [ 1010.583336][T25474] device veth0_vlan left promiscuous mode [ 1010.606024][T25474] device veth0_vlan entered promiscuous mode [ 1010.614353][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1010.626268][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1010.642087][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1014.781834][T25557] device wg2 left promiscuous mode [ 1014.899548][T25557] device wg2 entered promiscuous mode [ 1015.054933][T25565] device sit0 left promiscuous mode [ 1015.088242][T25565] device sit0 entered promiscuous mode [ 1017.650277][ T501] device erspan0 left promiscuous mode [ 1017.662783][ T501] GPL: port 1(erspan0) entered disabled state [ 1017.680192][T25656] device sit0 left promiscuous mode [ 1017.791559][T25656] device sit0 entered promiscuous mode [ 1018.637887][T25650] bridge0: port 1(bridge_slave_0) entered blocking state [ 1018.659289][T25650] bridge0: port 1(bridge_slave_0) entered disabled state [ 1018.677390][T25650] device bridge_slave_0 entered promiscuous mode [ 1018.688941][T25650] bridge0: port 2(bridge_slave_1) entered blocking state [ 1018.702240][T25650] bridge0: port 2(bridge_slave_1) entered disabled state [ 1018.719930][T25650] device bridge_slave_1 entered promiscuous mode [ 1018.875767][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1018.892845][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1018.908124][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1018.922177][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1018.944950][T12559] bridge0: port 1(bridge_slave_0) entered blocking state [ 1018.952284][T12559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1019.028820][T12559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1019.078766][T25701] device sit0 left promiscuous mode [ 1019.098057][ T501] device veth1 left promiscuous mode [ 1019.103833][ T501] kfree: port 1(veth1) entered disabled state [ 1019.568156][T25701] device sit0 entered promiscuous mode [ 1019.847571][T25705] syz.3.8584[25705] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1019.847628][T25705] syz.3.8584[25705] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1019.929093][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1019.949738][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1019.967847][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 1019.974940][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1019.982775][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1019.997928][T25710] device sit0 left promiscuous mode [ 1020.026443][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1020.034855][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1020.148558][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1020.176301][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1020.204967][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1020.214632][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1020.240165][T25710] device sit0 entered promiscuous mode [ 1020.811181][T25650] device veth0_vlan entered promiscuous mode [ 1020.836942][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1020.848909][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1020.951978][T25650] device veth1_macvtap entered promiscuous mode [ 1020.959422][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1020.983092][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1021.002125][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1021.114649][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1021.217587][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1021.415507][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1021.565959][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1022.203190][T25758] device sit0 entered promiscuous mode [ 1022.992522][T25777] FAULT_INJECTION: forcing a failure. [ 1022.992522][T25777] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1023.204568][T25777] CPU: 0 PID: 25777 Comm: syz.0.8609 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1023.215955][T25777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1023.226001][T25777] Call Trace: [ 1023.229275][T25777] __dump_stack+0x21/0x24 [ 1023.233576][T25777] dump_stack_lvl+0x169/0x1d8 [ 1023.238224][T25777] ? show_regs_print_info+0x18/0x18 [ 1023.243400][T25777] dump_stack+0x15/0x1c [ 1023.247533][T25777] should_fail+0x3c1/0x510 [ 1023.251954][T25777] should_fail_usercopy+0x1a/0x20 [ 1023.256947][T25777] _copy_from_iter+0x1d1/0x9f0 [ 1023.261690][T25777] ? __check_object_size+0x2f4/0x3c0 [ 1023.266943][T25777] skb_copy_datagram_from_iter+0xfa/0x6b0 [ 1023.272634][T25777] ? skb_put+0x10e/0x1f0 [ 1023.276860][T25777] unix_stream_sendmsg+0x729/0xbd0 [ 1023.281946][T25777] ? unix_show_fdinfo+0xa0/0xa0 [ 1023.286769][T25777] ? kasan_set_track+0x5b/0x70 [ 1023.291504][T25777] ? kasan_set_track+0x4a/0x70 [ 1023.296241][T25777] ? security_socket_sendmsg+0x82/0xa0 [ 1023.302277][T25777] ? unix_show_fdinfo+0xa0/0xa0 [ 1023.307098][T25777] ____sys_sendmsg+0x5a2/0x8c0 [ 1023.311836][T25777] ? __sys_sendmsg_sock+0x40/0x40 [ 1023.316834][T25777] ? import_iovec+0x7c/0xb0 [ 1023.321306][T25777] ___sys_sendmsg+0x1f0/0x260 [ 1023.325964][T25777] ? __sys_sendmsg+0x250/0x250 [ 1023.330697][T25777] ? rw_verify_area+0x1c0/0x360 [ 1023.335524][T25777] ? __fdget+0x1a1/0x230 [ 1023.339740][T25777] __x64_sys_sendmsg+0x1e2/0x2a0 [ 1023.344649][T25777] ? fput+0x1a/0x20 [ 1023.348453][T25777] ? ___sys_sendmsg+0x260/0x260 [ 1023.353336][T25777] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 1023.359395][T25777] do_syscall_64+0x31/0x40 [ 1023.363806][T25777] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1023.369685][T25777] RIP: 0033:0x7f1db571e929 [ 1023.374105][T25777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1023.393790][T25777] RSP: 002b:00007f1db3d66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1023.402207][T25777] RAX: ffffffffffffffda RBX: 00007f1db5946080 RCX: 00007f1db571e929 [ 1023.410172][T25777] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1023.418206][T25777] RBP: 00007f1db3d66090 R08: 0000000000000000 R09: 0000000000000000 [ 1023.426293][T25777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1023.434256][T25777] R13: 0000000000000001 R14: 00007f1db5946080 R15: 00007fffd545f4d8 [ 1023.834578][T25792] device sit0 left promiscuous mode [ 1023.928147][T25795] device sit0 left promiscuous mode [ 1023.994287][T25792] device sit0 entered promiscuous mode [ 1024.071839][T25802] device sit0 entered promiscuous mode [ 1024.539397][T25829] FAULT_INJECTION: forcing a failure. [ 1024.539397][T25829] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.552249][T25829] CPU: 1 PID: 25829 Comm: syz.1.8628 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1024.563898][T25829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1024.574134][T25829] Call Trace: [ 1024.577517][T25829] __dump_stack+0x21/0x24 [ 1024.581930][T25829] dump_stack_lvl+0x169/0x1d8 [ 1024.586602][T25829] ? thaw_kernel_threads+0x220/0x220 [ 1024.591877][T25829] ? show_regs_print_info+0x18/0x18 [ 1024.597097][T25829] dump_stack+0x15/0x1c [ 1024.601256][T25829] should_fail+0x3c1/0x510 [ 1024.605760][T25829] ? tipc_msg_reverse+0x228/0x900 [ 1024.610774][T25829] __should_failslab+0xa4/0xe0 [ 1024.615530][T25829] should_failslab+0x9/0x20 [ 1024.620022][T25829] __kmalloc_track_caller+0x5f/0x320 [ 1024.625300][T25829] ? kmem_cache_alloc+0x165/0x2e0 [ 1024.630400][T25829] ? __alloc_skb+0x9e/0x520 [ 1024.634974][T25829] ? tipc_msg_reverse+0x228/0x900 [ 1024.640035][T25829] __alloc_skb+0xdc/0x520 [ 1024.644357][T25829] tipc_msg_reverse+0x228/0x900 [ 1024.649210][T25829] tipc_sk_filter_rcv+0xca0/0x3850 [ 1024.654335][T25829] ? tipc_sk_dump+0xfc0/0xfc0 [ 1024.659203][T25829] ? __kasan_check_write+0x14/0x20 [ 1024.664319][T25829] ? _raw_spin_lock_bh+0x8e/0xe0 [ 1024.669251][T25829] ? __kasan_slab_alloc+0x69/0xf0 [ 1024.674269][T25829] tipc_sk_rcv+0x7cc/0x1ef0 [ 1024.678790][T25829] ? __skb_queue_purge+0x170/0x170 [ 1024.683894][T25829] ? iov_iter_advance+0x2a6/0x750 [ 1024.688912][T25829] ? tipc_msg_build+0xd0/0xc90 [ 1024.693692][T25829] ? __kmalloc_track_caller+0x181/0x320 [ 1024.699751][T25829] tipc_node_xmit+0x256/0xcd0 [ 1024.704416][T25829] ? __alloc_skb+0x38b/0x520 [ 1024.709161][T25829] ? __check_object_size+0x8e/0x3c0 [ 1024.714471][T25829] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 1024.720032][T25829] ? avc_has_perm_noaudit+0x240/0x240 [ 1024.725416][T25829] __tipc_sendstream+0xafa/0x1740 [ 1024.730592][T25829] ? tsk_advance_rx_queue+0x700/0x700 [ 1024.735969][T25829] ? wait_woken+0x180/0x180 [ 1024.740586][T25829] ? kasan_set_track+0x5b/0x70 [ 1024.745504][T25829] ? kasan_set_track+0x4a/0x70 [ 1024.750434][T25829] tipc_sendstream+0x55/0x70 [ 1024.755014][T25829] ? tipc_getsockopt+0x4c0/0x4c0 [ 1024.760377][T25829] ____sys_sendmsg+0x5a2/0x8c0 [ 1024.765135][T25829] ? __sys_sendmsg_sock+0x40/0x40 [ 1024.770164][T25829] ? import_iovec+0x7c/0xb0 [ 1024.774683][T25829] ___sys_sendmsg+0x1f0/0x260 [ 1024.779489][T25829] ? __sys_sendmsg+0x250/0x250 [ 1024.784368][T25829] ? rw_verify_area+0x1c0/0x360 [ 1024.789240][T25829] ? __fdget+0x1a1/0x230 [ 1024.793599][T25829] __x64_sys_sendmsg+0x1e2/0x2a0 [ 1024.798537][T25829] ? fput+0x1a/0x20 [ 1024.802345][T25829] ? ___sys_sendmsg+0x260/0x260 [ 1024.807638][T25829] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 1024.813704][T25829] do_syscall_64+0x31/0x40 [ 1024.818226][T25829] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1024.824550][T25829] RIP: 0033:0x7fd55a91b929 [ 1024.829020][T25829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1024.849366][T25829] RSP: 002b:00007fd558f84038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1024.857796][T25829] RAX: ffffffffffffffda RBX: 00007fd55ab42fa0 RCX: 00007fd55a91b929 [ 1024.865773][T25829] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000005 [ 1024.873742][T25829] RBP: 00007fd558f84090 R08: 0000000000000000 R09: 0000000000000000 [ 1024.881719][T25829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1024.890134][T25829] R13: 0000000000000000 R14: 00007fd55ab42fa0 R15: 00007ffd95d6faa8 [ 1025.213209][T25856] device sit0 left promiscuous mode [ 1025.443230][T25856] device sit0 entered promiscuous mode [ 1025.578441][T25872] device sit0 left promiscuous mode [ 1025.637280][T25872] device sit0 entered promiscuous mode [ 1026.733011][T25923] device sit0 left promiscuous mode [ 1026.757068][T25925] device sit0 entered promiscuous mode [ 1027.471468][T25955] device pim6reg1 entered promiscuous mode [ 1027.497477][T25963] device sit0 left promiscuous mode [ 1027.525526][T25963] device sit0 entered promiscuous mode [ 1028.010651][T25971] device sit0 left promiscuous mode [ 1028.104863][T25975] device sit0 entered promiscuous mode [ 1029.258838][T26016] device sit0 left promiscuous mode [ 1029.509993][T26019] device sit0 entered promiscuous mode [ 1031.324853][T26068] device sit0 left promiscuous mode [ 1031.539290][T26069] device sit0 entered promiscuous mode [ 1032.129521][T26086] device sit0 left promiscuous mode [ 1032.322755][T26093] device sit0 entered promiscuous mode [ 1033.259343][T26115] device sit0 left promiscuous mode [ 1033.492327][T26118] device sit0 entered promiscuous mode [ 1034.887443][T26130] bridge0: port 1(bridge_slave_0) entered blocking state [ 1034.899914][T26130] bridge0: port 1(bridge_slave_0) entered disabled state [ 1034.920295][T26130] device bridge_slave_0 entered promiscuous mode [ 1034.975985][T26145] device sit0 left promiscuous mode [ 1034.986350][T26130] bridge0: port 2(bridge_slave_1) entered blocking state [ 1034.993509][T26130] bridge0: port 2(bridge_slave_1) entered disabled state [ 1035.003978][T26130] device bridge_slave_1 entered promiscuous mode [ 1035.055301][T26145] device sit0 entered promiscuous mode [ 1036.100747][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1036.108572][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1036.118890][ T501] device erspan0 left promiscuous mode [ 1036.124933][ T501] GPL: port 1(erspan0) entered disabled state [ 1036.194660][T26170] device syzkaller0 entered promiscuous mode [ 1036.216463][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1036.228815][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1036.237938][ T4584] bridge0: port 1(bridge_slave_0) entered blocking state [ 1036.245024][ T4584] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1036.252662][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1036.261090][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1036.269997][ T4584] bridge0: port 2(bridge_slave_1) entered blocking state [ 1036.277072][ T4584] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1036.305558][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1036.324523][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1036.347247][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1036.400250][T26181] device sit0 left promiscuous mode [ 1036.438587][ T501] device veth1_macvtap left promiscuous mode [ 1036.570976][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1036.582211][T26181] device sit0 entered promiscuous mode [ 1036.629985][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1036.659297][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1036.666865][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1036.691452][T26130] device veth0_vlan entered promiscuous mode [ 1036.708795][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1036.723803][T26130] device veth1_macvtap entered promiscuous mode [ 1036.744948][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1036.754264][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1036.808382][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1036.825417][ T4584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1037.683415][T26222] device sit0 left promiscuous mode [ 1037.878112][T26225] device sit0 entered promiscuous mode [ 1038.715843][T26240] syz.1.8775[26240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1038.715899][T26240] syz.1.8775[26240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1039.085989][T26252] device sit0 left promiscuous mode [ 1039.313193][T26252] device sit0 entered promiscuous mode [ 1039.341473][T26272] FAULT_INJECTION: forcing a failure. [ 1039.341473][T26272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1039.440447][T26272] CPU: 0 PID: 26272 Comm: syz.4.8785 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1039.451828][T26272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1039.461871][T26272] Call Trace: [ 1039.465151][T26272] __dump_stack+0x21/0x24 [ 1039.469475][T26272] dump_stack_lvl+0x169/0x1d8 [ 1039.474140][T26272] ? show_regs_print_info+0x18/0x18 [ 1039.479329][T26272] dump_stack+0x15/0x1c [ 1039.483481][T26272] should_fail+0x3c1/0x510 [ 1039.487898][T26272] should_fail_usercopy+0x1a/0x20 [ 1039.493000][T26272] _copy_from_user+0x20/0xd0 [ 1039.498028][T26272] __se_sys_bpf+0x181/0x680 [ 1039.502519][T26272] ? __x64_sys_bpf+0x90/0x90 [ 1039.507311][T26272] ? bpf_trace_run2+0xb8/0x200 [ 1039.512195][T26272] __x64_sys_bpf+0x7b/0x90 [ 1039.516699][T26272] do_syscall_64+0x31/0x40 [ 1039.521121][T26272] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1039.527018][T26272] RIP: 0033:0x7fee285e5929 [ 1039.531421][T26272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1039.551205][T26272] RSP: 002b:00007fee26c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1039.559622][T26272] RAX: ffffffffffffffda RBX: 00007fee2880cfa0 RCX: 00007fee285e5929 [ 1039.567590][T26272] RDX: 0000000000000050 RSI: 0000200000000300 RDI: 0008000000000000 [ 1039.575546][T26272] RBP: 00007fee26c4e090 R08: 0000000000000000 R09: 0000000000000000 [ 1039.583515][T26272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1039.591481][T26272] R13: 0000000000000000 R14: 00007fee2880cfa0 R15: 00007ffd345536e8 [ 1040.170543][T26299] syz.4.8792[26299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1040.170594][T26299] syz.4.8792[26299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1040.383749][T26311] device sit0 left promiscuous mode [ 1040.525447][T26318] device sit0 entered promiscuous mode [ 1041.458439][T26332] syz.3.8803[26332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1041.458496][T26332] syz.3.8803[26332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1041.533588][T26329] device sit0 entered promiscuous mode [ 1044.339352][T26397] device sit0 left promiscuous mode [ 1044.370975][T26398] device sit0 left promiscuous mode [ 1045.079745][T26397] device sit0 entered promiscuous mode [ 1045.096493][T26399] device sit0 entered promiscuous mode [ 1046.298403][T26432] device sit0 left promiscuous mode [ 1046.324802][T26434] device sit0 entered promiscuous mode [ 1046.771053][T26445] syz.3.8840[26445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1046.771110][T26445] syz.3.8840[26445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1046.831860][T26441] device sit0 left promiscuous mode [ 1048.489225][T26480] device sit0 left promiscuous mode [ 1048.868046][T26477] device sit0 entered promiscuous mode [ 1049.310167][T26496] device sit0 left promiscuous mode [ 1049.344014][T26496] device sit0 entered promiscuous mode [ 1050.858185][T26534] device sit0 left promiscuous mode [ 1051.184825][T26534] device sit0 entered promiscuous mode [ 1051.494894][T26549] FAULT_INJECTION: forcing a failure. [ 1051.494894][T26549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1051.605676][T26549] CPU: 0 PID: 26549 Comm: syz.3.8875 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1051.617053][T26549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1051.627275][T26549] Call Trace: [ 1051.630563][T26549] __dump_stack+0x21/0x24 [ 1051.634888][T26549] dump_stack_lvl+0x169/0x1d8 [ 1051.639838][T26549] ? show_regs_print_info+0x18/0x18 [ 1051.645034][T26549] dump_stack+0x15/0x1c [ 1051.649178][T26549] should_fail+0x3c1/0x510 [ 1051.653680][T26549] should_fail_usercopy+0x1a/0x20 [ 1051.658694][T26549] _copy_from_user+0x20/0xd0 [ 1051.663291][T26549] __se_sys_bpf+0x181/0x680 [ 1051.667787][T26549] ? __x64_sys_bpf+0x90/0x90 [ 1051.672482][T26549] ? bpf_trace_run2+0xb8/0x200 [ 1051.678555][T26549] __x64_sys_bpf+0x7b/0x90 [ 1051.683237][T26549] do_syscall_64+0x31/0x40 [ 1051.687649][T26549] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1051.693720][T26549] RIP: 0033:0x7f28e5e7a929 [ 1051.698109][T26549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1051.717687][T26549] RSP: 002b:00007f28e44e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1051.726077][T26549] RAX: ffffffffffffffda RBX: 00007f28e60a1fa0 RCX: 00007f28e5e7a929 [ 1051.734157][T26549] RDX: 0000000000000020 RSI: 0000200000000200 RDI: 0000000000000015 [ 1051.742252][T26549] RBP: 00007f28e44e3090 R08: 0000000000000000 R09: 0000000000000000 [ 1051.750284][T26549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1051.758228][T26549] R13: 0000000000000000 R14: 00007f28e60a1fa0 R15: 00007ffff6c3ed88 [ 1052.994286][T26587] device sit0 left promiscuous mode [ 1053.054989][T26591] device sit0 entered promiscuous mode [ 1054.087744][T26622] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.094893][T26622] bridge0: port 1(bridge_slave_0) entered disabled state [ 1054.102769][T26622] device bridge0 left promiscuous mode [ 1054.110214][T26622] device bridge_slave_1 left promiscuous mode [ 1054.119308][T26622] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.127362][T26622] device bridge_slave_0 left promiscuous mode [ 1054.134158][T26622] bridge0: port 1(bridge_slave_0) entered disabled state [ 1054.226804][T26630] device sit0 left promiscuous mode [ 1054.239644][T26633] device sit0 entered promiscuous mode [ 1054.263532][T26634] device sit0 entered promiscuous mode [ 1055.282167][T26640] device sit0 left promiscuous mode [ 1055.308337][T26645] device sit0 entered promiscuous mode [ 1055.954957][T26648] device sit0 left promiscuous mode [ 1056.041950][T26648] device sit0 entered promiscuous mode [ 1056.945599][T26673] device sit0 left promiscuous mode [ 1057.042831][T26673] device sit0 entered promiscuous mode [ 1057.492022][T26687] device sit0 left promiscuous mode [ 1057.635706][T26689] device sit0 entered promiscuous mode [ 1059.590220][T26720] device sit0 left promiscuous mode [ 1059.758129][T26722] device sit0 entered promiscuous mode [ 1060.122466][T26733] device sit0 left promiscuous mode [ 1060.138962][T26724] device sit0 left promiscuous mode [ 1060.155320][T26726] device sit0 entered promiscuous mode [ 1060.190662][T26728] device sit0 left promiscuous mode [ 1060.201837][T26730] device sit0 entered promiscuous mode [ 1060.260766][T26733] device sit0 entered promiscuous mode [ 1060.913424][T26748] syz.2.8943[26748] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1060.913483][T26748] syz.2.8943[26748] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1061.742974][T26770] device sit0 left promiscuous mode [ 1061.917387][T26779] syz.1.8955[26779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1061.917445][T26779] syz.1.8955[26779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1061.959330][T26772] device sit0 entered promiscuous mode [ 1063.472814][T26815] syz.2.8967[26815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1063.472874][T26815] syz.2.8967[26815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1063.491242][T26817] device sit0 left promiscuous mode [ 1063.616188][T26817] device sit0 entered promiscuous mode [ 1063.947180][T26825] device syzkaller0 entered promiscuous mode [ 1064.083562][T26834] device sit0 left promiscuous mode [ 1064.242994][T26836] device sit0 entered promiscuous mode [ 1064.883434][T26845] device sit0 left promiscuous mode [ 1065.146440][T26845] device sit0 entered promiscuous mode [ 1066.036470][T26871] device sit0 left promiscuous mode [ 1066.074098][T26873] device sit0 left promiscuous mode [ 1066.084496][T26871] device sit0 entered promiscuous mode [ 1066.209033][T26873] device sit0 entered promiscuous mode [ 1067.660367][T26892] device sit0 left promiscuous mode [ 1067.880532][T26899] device sit0 entered promiscuous mode [ 1069.292820][T26934] FAULT_INJECTION: forcing a failure. [ 1069.292820][T26934] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1069.319610][T26934] CPU: 0 PID: 26934 Comm: syz.2.9009 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1069.331017][T26934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1069.341066][T26934] Call Trace: [ 1069.344351][T26934] __dump_stack+0x21/0x24 [ 1069.348671][T26934] dump_stack_lvl+0x169/0x1d8 [ 1069.353340][T26934] ? show_regs_print_info+0x18/0x18 [ 1069.358525][T26934] dump_stack+0x15/0x1c [ 1069.362680][T26934] should_fail+0x3c1/0x510 [ 1069.367092][T26934] should_fail_usercopy+0x1a/0x20 [ 1069.372108][T26934] strncpy_from_user+0x24/0x2e0 [ 1069.376965][T26934] ? kmem_cache_alloc+0x165/0x2e0 [ 1069.381966][T26934] ? getname_flags+0xb9/0x500 [ 1069.386815][T26934] getname_flags+0xf4/0x500 [ 1069.391301][T26934] do_mkdirat+0x4b/0x340 [ 1069.395518][T26934] __x64_sys_mkdir+0x60/0x70 [ 1069.400080][T26934] do_syscall_64+0x31/0x40 [ 1069.404495][T26934] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1069.411232][T26934] RIP: 0033:0x7f50332e4929 [ 1069.415737][T26934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1069.435786][T26934] RSP: 002b:00007f503194d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1069.444199][T26934] RAX: ffffffffffffffda RBX: 00007f503350bfa0 RCX: 00007f50332e4929 [ 1069.452166][T26934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1069.460128][T26934] RBP: 00007f503194d090 R08: 0000000000000000 R09: 0000000000000000 [ 1069.468094][T26934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1069.476055][T26934] R13: 0000000000000000 R14: 00007f503350bfa0 R15: 00007ffe10645338 [ 1069.643654][T26947] device sit0 left promiscuous mode [ 1069.661716][T26953] device sit0 entered promiscuous mode [ 1072.646254][T26985] syz.4.9025[26985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.646319][T26985] syz.4.9025[26985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.837380][T26991] device sit0 left promiscuous mode [ 1072.882586][T26994] device sit0 entered promiscuous mode [ 1073.455931][T26997] device sit0 left promiscuous mode [ 1073.796492][T26998] device sit0 entered promiscuous mode [ 1073.945986][T27003] device sit0 left promiscuous mode [ 1073.960192][T27004] device sit0 entered promiscuous mode [ 1076.144126][T27027] device sit0 left promiscuous mode [ 1076.144315][T27023] syz.1.9037[27023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1076.149408][T27023] syz.1.9037[27023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1076.425378][T27027] device sit0 entered promiscuous mode [ 1077.186185][T27054] device sit0 left promiscuous mode [ 1077.264948][T27057] device sit0 entered promiscuous mode [ 1078.209216][T27066] device syzkaller0 entered promiscuous mode [ 1078.221810][T27072] device sit0 left promiscuous mode [ 1078.267028][T27072] device sit0 entered promiscuous mode [ 1078.790684][T27077] device sit0 left promiscuous mode [ 1078.803747][T27081] device sit0 entered promiscuous mode [ 1079.063624][T27103] device sit0 left promiscuous mode [ 1079.156498][T27103] device sit0 entered promiscuous mode [ 1079.873067][T27111] device sit0 left promiscuous mode [ 1079.886742][T27112] device sit0 entered promiscuous mode [ 1080.286034][T27153] device sit0 left promiscuous mode [ 1080.312635][T27153] device sit0 entered promiscuous mode [ 1081.477253][T27173] bridge0: port 1(bridge_slave_0) entered disabled state [ 1081.496894][T27173] bridge0: port 1(bridge_slave_0) entered blocking state [ 1081.504888][T27173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1081.549779][T27180] syz.3.9096[27180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1081.549834][T27180] syz.3.9096[27180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1082.099082][T27208] device sit0 left promiscuous mode [ 1082.533879][T27225] syz.1.9113[27225] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1082.533936][T27225] syz.1.9113[27225] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1082.635478][T27234] device sit0 left promiscuous mode [ 1082.802848][T27234] device sit0 entered promiscuous mode [ 1083.766145][T27254] device sit0 left promiscuous mode [ 1083.791748][T27257] device sit0 entered promiscuous mode [ 1084.538719][T27265] syz.4.9128[27265] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1084.538774][T27265] syz.4.9128[27265] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1085.747632][T27286] device sit0 left promiscuous mode [ 1086.108794][T27295] device sit0 left promiscuous mode [ 1086.118427][T27294] device sit0 entered promiscuous mode [ 1086.162001][T27296] device sit0 entered promiscuous mode [ 1087.066084][T27312] device sit0 left promiscuous mode [ 1087.257201][T27314] device sit0 entered promiscuous mode [ 1089.092616][T27354] device sit0 left promiscuous mode [ 1089.152126][T27363] device sit0 entered promiscuous mode [ 1090.808368][T27403] device sit0 left promiscuous mode [ 1090.859863][T27403] device sit0 entered promiscuous mode [ 1091.694232][T27422] device sit0 left promiscuous mode [ 1091.715448][T27425] device sit0 left promiscuous mode [ 1091.729974][T27422] device sit0 entered promiscuous mode [ 1091.776997][T27425] device sit0 entered promiscuous mode [ 1092.437166][T27434] device sit0 left promiscuous mode [ 1092.463550][T27435] device sit0 entered promiscuous mode [ 1092.852247][T27457] FAULT_INJECTION: forcing a failure. [ 1092.852247][T27457] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1092.902478][T27457] CPU: 1 PID: 27457 Comm: syz.3.9191 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1092.913861][T27457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1092.923906][T27457] Call Trace: [ 1092.927190][T27457] __dump_stack+0x21/0x24 [ 1092.931503][T27457] dump_stack_lvl+0x169/0x1d8 [ 1092.936162][T27457] ? show_regs_print_info+0x18/0x18 [ 1092.941348][T27457] dump_stack+0x15/0x1c [ 1092.945491][T27457] should_fail+0x3c1/0x510 [ 1092.949897][T27457] should_fail_alloc_page+0x4f/0x60 [ 1092.955133][T27457] __alloc_pages_nodemask+0x109/0x5f0 [ 1092.960683][T27457] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1092.966308][T27457] ? __kmalloc+0x1a7/0x330 [ 1092.971148][T27457] ? __vmalloc_node_range+0x29f/0x780 [ 1092.976520][T27457] __vmalloc_node_range+0x353/0x780 [ 1092.981795][T27457] bpf_map_area_alloc+0xd5/0xe0 [ 1092.986634][T27457] ? prealloc_init+0x147/0x810 [ 1092.991381][T27457] prealloc_init+0x147/0x810 [ 1092.995956][T27457] ? __kmalloc+0x1a7/0x330 [ 1093.000356][T27457] htab_map_alloc+0x688/0x970 [ 1093.005025][T27457] map_create+0x441/0x2190 [ 1093.009424][T27457] __se_sys_bpf+0x203/0x680 [ 1093.013933][T27457] ? __x64_sys_bpf+0x90/0x90 [ 1093.018515][T27457] ? fpu__clear_all+0x20/0x20 [ 1093.023182][T27457] __x64_sys_bpf+0x7b/0x90 [ 1093.027596][T27457] do_syscall_64+0x31/0x40 [ 1093.032000][T27457] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1093.037886][T27457] RIP: 0033:0x7f28e5e7a929 [ 1093.042469][T27457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.062062][T27457] RSP: 002b:00007f28e44e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1093.070565][T27457] RAX: ffffffffffffffda RBX: 00007f28e60a1fa0 RCX: 00007f28e5e7a929 [ 1093.078530][T27457] RDX: 0000000000000050 RSI: 0000200000000740 RDI: 0000000000000000 [ 1093.086487][T27457] RBP: 00007f28e44e3090 R08: 0000000000000000 R09: 0000000000000000 [ 1093.094906][T27457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.102866][T27457] R13: 0000000000000000 R14: 00007f28e60a1fa0 R15: 00007ffff6c3ed88 [ 1093.184500][T27463] device sit0 left promiscuous mode [ 1093.194138][T27465] syz.2.9193[27465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1093.194194][T27465] syz.2.9193[27465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1093.231666][T27463] device sit0 entered promiscuous mode [ 1094.237113][T27506] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.291258][T27514] device sit0 left promiscuous mode [ 1094.358266][T27518] device sit0 entered promiscuous mode [ 1095.409363][T27546] device sit0 left promiscuous mode [ 1095.489851][T27546] device sit0 entered promiscuous mode [ 1096.300004][T27559] device sit0 left promiscuous mode [ 1096.324205][T27560] device sit0 entered promiscuous mode [ 1096.698011][T27574] FAULT_INJECTION: forcing a failure. [ 1096.698011][T27574] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1096.922556][T27574] CPU: 0 PID: 27574 Comm: syz.0.9233 Tainted: G W 5.10.238-syzkaller-00008-g59e9a7228857 #0 [ 1096.933942][T27574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1096.944168][T27574] Call Trace: [ 1096.947475][T27574] __dump_stack+0x21/0x24 [ 1096.951880][T27574] dump_stack_lvl+0x169/0x1d8 [ 1096.956543][T27574] ? show_regs_print_info+0x18/0x18 [ 1096.961824][T27574] ? unwind_get_return_address+0x4d/0x90 [ 1096.967447][T27574] dump_stack+0x15/0x1c [ 1096.971682][T27574] should_fail+0x3c1/0x510 [ 1096.976185][T27574] should_fail_alloc_page+0x4f/0x60 [ 1096.981367][T27574] __alloc_pages_nodemask+0x109/0x5f0 [ 1096.986737][T27574] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1096.992271][T27574] pipe_write+0x570/0x1890 [ 1096.996774][T27574] ? pipe_write+0x151/0x1890 [ 1097.001371][T27574] ? pipe_read+0xfe0/0xfe0 [ 1097.005879][T27574] ? fsnotify_perm+0x66/0x4b0 [ 1097.011417][T27574] ? security_file_permission+0x83/0xa0 [ 1097.016954][T27574] ? iov_iter_init+0x3f/0x120 [ 1097.021636][T27574] vfs_write+0x725/0xd60 [ 1097.025962][T27574] ? __kasan_slab_free+0x11/0x20 [ 1097.031319][T27574] ? kernel_write+0x3c0/0x3c0 [ 1097.036068][T27574] ? __fget_files+0x2c4/0x320 [ 1097.040737][T27574] ? __fdget_pos+0x1f7/0x380 [ 1097.045324][T27574] ? ksys_write+0x71/0x240 [ 1097.049725][T27574] ksys_write+0x140/0x240 [ 1097.054040][T27574] ? __ia32_sys_read+0x90/0x90 [ 1097.058803][T27574] ? fpu__clear_all+0x20/0x20 [ 1097.063473][T27574] __x64_sys_write+0x7b/0x90 [ 1097.068052][T27574] do_syscall_64+0x31/0x40 [ 1097.072462][T27574] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1097.078339][T27574] RIP: 0033:0x7f1db571e929 [ 1097.082741][T27574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1097.102730][T27574] RSP: 002b:00007f1db3d87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1097.111471][T27574] RAX: ffffffffffffffda RBX: 00007f1db5945fa0 RCX: 00007f1db571e929 [ 1097.119532][T27574] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000000 [ 1097.127672][T27574] RBP: 00007f1db3d87090 R08: 0000000000000000 R09: 0000000000000000 [ 1097.135642][T27574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1097.143616][T27574] R13: 0000000000000000 R14: 00007f1db5945fa0 R15: 00007fffd545f4d8 [ 1097.670521][T27596] device sit0 left promiscuous mode [ 1097.766405][T27599] device sit0 entered promiscuous mode [ 1099.734758][T27631] bridge0: port 1(bridge_slave_0) entered disabled state [ 1099.934678][T27637] device sit0 left promiscuous mode [ 1100.106409][T27638] device sit0 entered promiscuous mode [ 1100.614466][T27653] device sit0 entered promiscuous mode [ 1100.960690][T27664] device sit0 left promiscuous mode [ 1101.101342][T27666] device sit0 left promiscuous mode [ 1101.298008][T27673] device sit0 entered promiscuous mode [ 1102.051591][T27687] device sit0 left promiscuous mode [ 1102.088848][T27687] device sit0 entered promiscuous mode [ 1102.601858][T27693] device sit0 left promiscuous mode [ 1102.623325][T27695] device sit0 entered promiscuous mode [ 1103.728177][T27716] syz.0.9280[27716] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.728243][T27716] syz.0.9280[27716] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.901175][T27714] device sit0 entered promiscuous mode [ 1104.468376][T27713] device sit0 left promiscuous mode [ 1104.564385][T27726] device sit0 entered promiscuous mode [ 1104.637892][T27733] device sit0 left promiscuous mode [ 1104.908838][T27734] device sit0 entered promiscuous mode [ 1105.717367][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1105.742339][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 1105.749401][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1105.869930][T27752] device sit0 left promiscuous mode [ 1106.085044][T27756] device sit0 left promiscuous mode [ 1106.305838][T27758] device sit0 entered promiscuous mode [ 1107.152056][T27774] syz.2.9299[27774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1107.152113][T27774] syz.2.9299[27774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1107.862872][T27768] bridge0: port 1(bridge_slave_0) entered blocking state [ 1107.902451][T27768] bridge0: port 1(bridge_slave_0) entered disabled state [ 1107.934266][T27768] device bridge_slave_0 entered promiscuous mode [ 1107.961872][T27768] bridge0: port 2(bridge_slave_1) entered blocking state [ 1107.974699][T27768] bridge0: port 2(bridge_slave_1) entered disabled state [ 1107.982645][T27768] device bridge_slave_1 entered promiscuous mode [ 1108.021730][T27791] device sit0 left promiscuous mode [ 1108.070702][T27791] device sit0 entered promiscuous mode [ 1108.641641][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1108.657547][ T501] bridge0: port 1(bridge_slave_0) entered blocking state [ 1108.665029][ T501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1108.812682][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1108.844644][T27806] syz.2.9309[27806] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1108.844699][T27806] syz.2.9309[27806] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1108.881802][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1109.025317][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1109.052381][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1109.069033][ T501] bridge0: port 1(bridge_slave_0) entered blocking state [ 1109.076123][ T501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1109.098318][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1109.115859][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1109.125929][ T501] bridge0: port 2(bridge_slave_1) entered blocking state [ 1109.132996][ T501] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1109.140891][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1109.158154][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1109.168346][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1109.176841][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1109.203174][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1109.210884][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1109.229887][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1109.262316][T27768] device veth0_vlan entered promiscuous mode [ 1109.282441][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1109.301759][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1109.322053][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1109.329544][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1109.344593][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1109.353011][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1109.373104][T27768] device veth1_macvtap entered promiscuous mode [ 1109.407810][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1109.430574][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1109.457138][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1109.482209][ T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1109.653328][T12559] device bridge_slave_1 left promiscuous mode [ 1109.666929][T12559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1109.675250][T12559] device bridge_slave_0 left promiscuous mode [ 1109.695707][T12559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1109.703875][T12559] device veth1_macvtap left promiscuous mode [ 1110.187259][T27917] tap0: tun_chr_ioctl cmd 2147767520 [ 1110.224202][T27923] device syzkaller0 entered promiscuous mode [ 1110.292060][T27934] device sit0 entered promiscuous mode [ 1110.307044][T27934] device sit0 left promiscuous mode SYZFAIL: repeatedly failed to execute the program proc=5 req=9424 state=1 status=7 (errno 9: Bad file descriptor) [ 1111.458955][ T24] audit: type=1400 audit(1750954401.440:166): avc: denied { write } for pid=267 comm="syz-executor" path="pipe:[1767]" dev="pipefs" ino=1767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 1112.632446][T12559] device veth1 left promiscuous mode [ 1112.637885][T12559] kfree: port 1(veth1) entered disabled state [ 1112.644924][T12559] device bridge_slave_1 left promiscuous mode [ 1112.651133][T12559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.658747][T12559] device bridge_slave_0 left promiscuous mode [ 1112.664909][T12559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.672588][T12559] device bridge_slave_1 left promiscuous mode [ 1112.678668][T12559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.686514][T12559] device bridge_slave_0 left promiscuous mode [ 1112.692702][T12559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.700297][T12559] device bridge_slave_1 left promiscuous mode [ 1112.706549][T12559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.713912][T12559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.721678][T12559] device bridge_slave_1 left promiscuous mode [ 1112.727770][T12559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.735271][T12559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.743404][T12559] device veth1_macvtap left promiscuous mode [ 1112.749532][T12559] device veth1_macvtap left promiscuous mode [ 1112.755565][T12559] device veth0_vlan left promiscuous mode [ 1112.761399][T12559] device veth1_macvtap left promiscuous mode [ 1112.767491][T12559] device veth0_vlan left promiscuous mode [ 1112.773631][T12559] device veth1_macvtap left promiscuous mode [ 1112.779689][T12559] device veth1_macvtap left promiscuous mode [ 1112.785841][T12559] device veth0_vlan left promiscuous mode