last executing test programs: 1.486151209s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002023207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e749804d850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x7, &(0x7f0000000140)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit={0x95, 0x0, 0x7b00}, @call={0x85, 0x0, 0x0, 0x76}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x9b, &(0x7f0000000300)=""/155}, 0x80) 1.379031446s ago: executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10) openat$cgroup_freezer_state(r0, &(0x7f0000000840), 0x2, 0x0) r3 = openat$cgroup_freezer_state(r0, &(0x7f0000002b00), 0x2, 0x0) close(r3) 1.311605426s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f00000002c0)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="33a6b76d161a70ebbe5a8b821c93180000000000000000000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000740)='ext4_fc_track_inode\x00', r2}, 0x10) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000740)='ext4_fc_track_inode\x00', r1}, 0x10) write$cgroup_int(r6, &(0x7f00000000c0), 0x12) 1.192089535s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) 520.925339ms ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x4030582a, &(0x7f0000000040)) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128b000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388a92c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe485a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db2248bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000080d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830942eb83c24a44c48c6a5890f6441f14162e08fb3d964aa5ac94d9d5703749409deba3a702d4121547644dd581a2b34f9686dcd06"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffff21, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r9, &(0x7f0000000180), 0x40001) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff1a7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000140)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x10, '\x00', r8, 0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0xffffff9b, 0x7f}, 0x10, 0xffffffffffffffff, r7, 0x2, &(0x7f0000000500)=[r5, r5, r5, r9, r5], &(0x7f0000000540)=[{0x4, 0x1, 0xf, 0xb}, {0x2, 0x3, 0x2}], 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x10, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xa5, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@call={0x85, 0x0, 0x0, 0x92}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x30, '\x00', r8, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x3, 0x2, 0x1}, 0x10, 0xffffffffffffffff, r0, 0x1, 0x0, &(0x7f0000000300)=[{0x1, 0x62f, 0x2}], 0x10, 0x3ff}, 0x90) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f00000001c0)={0x3, &(0x7f0000000100)=[{}, {0x94, 0x0, 0x0, 0xffffffff}, {0x6}]}) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0xc0, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f00000004c0)={'veth0\x00', 0x800}) ioctl$TUNSETOFFLOAD(r3, 0x40047440, 0x2000000c) 492.163023ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r0}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) close(r1) 448.0559ms ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r3}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000)=0x80000) 403.738567ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000700000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) 403.465987ms ago: executing program 4: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, 0x0, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r1}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305829, &(0x7f0000000040)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) write$cgroup_subtree(r2, &(0x7f00000011c0)=ANY=[], 0x6) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r4, &(0x7f0000000200), 0x43451) 381.37133ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000018110000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907003675f3757f0086dd6317ce800000000000e0865a6596aff57b00000000000000000000000000ac1414"], 0xfe1b) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="0a00000000a3f500950004000000010045"], 0x0}, 0x90) socketpair(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) 379.21056ms ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={0xffffffffffffffff, 0x0, &(0x7f00000004c0)=""/200}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00'}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000000)=0x80000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1c, 0x80, 0x0, 0x0, 0x28c2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00', 0x1}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_vlan\x00', 0x400}) socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8922, &(0x7f0000000080)) 268.153698ms ago: executing program 2: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) write$cgroup_subtree(r2, 0x0, 0xfdef) 230.391364ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='ext4_mb_release_inode_pa\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='ext4_mb_release_inode_pa\x00', r3}, 0x10) write$cgroup_subtree(r2, 0x0, 0x32600) 228.291824ms ago: executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0xf, &(0x7f0000000680)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) close(0x3) 201.511308ms ago: executing program 0: r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000e40)=""/7, 0x2}, 0x20) 192.0236ms ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd072ea7fe4a8498f894bbb25ada9fa00c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e2946bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713ac84607e875de0bbd779cdb3b6a53c44ebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdbb6a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x4, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) ioctl$TUNSETOFFLOAD(r1, 0x40047451, 0x20000002) 176.437222ms ago: executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'syzkaller0\x00', 0x7101}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000409f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f01040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877e0319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab56000000000000002157e930eb0c322f2af9e3c6c425bfe7a9f95ed0094eb104948e15885ce8a6170c587b834fcd01aafa4076695173f8f737f3959d5482143748f8e6235cf660fc693badbdc6540c8c0b6b2465f979e95f0adeca67111bfe"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r1}, 0x10) write$cgroup_devices(r0, &(0x7f0000000200)=ANY=[], 0xffdd) 148.568116ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000003e7100000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200f1ff8500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ext4_es_find_extent_range_enter\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) 142.964098ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r0}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) close(r1) 110.262292ms ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xffffffff, 0x0}, 0x8) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0xffffffffffffffb9, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r5}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 93.271635ms ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r3}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000)=0x80000) 92.436635ms ago: executing program 0: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffc52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 82.749547ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000018110000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907003675f3757f0086dd6317ce800000000000e0865a6596aff57b00000000000000000000000000ac1414"], 0xfe1b) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="0a00000000a3f500950004000000010045"], 0x0}, 0x90) socketpair(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) 73.599688ms ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={0xffffffffffffffff, 0x0, &(0x7f00000004c0)=""/200}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00'}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000000)=0x80000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1c, 0x80, 0x0, 0x0, 0x28c2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00', 0x1}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_vlan\x00', 0x400}) socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8922, &(0x7f0000000080)) 69.672559ms ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xffd, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40286608, &(0x7f0000000540)) 50.972602ms ago: executing program 4: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_subtree(r0, &(0x7f0000004480)={[{0x0, 'net_cls'}]}, 0x20004489) 48.616782ms ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={0xffffffffffffffff, 0x0, &(0x7f00000004c0)=""/200}, 0x20) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7da2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='ext4_free_blocks\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) 43.007843ms ago: executing program 4: bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001b00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, 0x0, 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x1003}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r2}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000080)) 32.670504ms ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x940e, 0x1, 0x4}, 0x48) 0s ago: executing program 4: bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008400"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d) perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x58dc, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="b40000000000000069172c0000000000400000000000000095000000000000001a9ae282d2a5969a14c7e558dd7308efb50ccccd21239c915478a86ce052d982c8183c821f0101251317227f"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='io_uring_queue_async_work\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.126' (ED25519) to the list of known hosts. 2024/06/17 21:58:53 fuzzer started 2024/06/17 21:58:53 dialing manager at 10.128.0.163:30010 [ 19.268954][ T30] audit: type=1400 audit(1718661533.195:66): avc: denied { node_bind } for pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 19.272258][ T30] audit: type=1400 audit(1718661533.195:67): avc: denied { name_bind } for pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 19.294316][ T30] audit: type=1400 audit(1718661533.215:68): avc: denied { integrity } for pid=289 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 19.299968][ T289] cgroup: Unknown subsys name 'net' [ 19.332851][ T30] audit: type=1400 audit(1718661533.215:69): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.355607][ T30] audit: type=1400 audit(1718661533.215:70): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.355788][ T289] cgroup: Unknown subsys name 'devices' [ 19.377798][ T30] audit: type=1400 audit(1718661533.245:71): avc: denied { mounton } for pid=292 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.388754][ T291] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 19.407657][ T30] audit: type=1400 audit(1718661533.245:72): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.438911][ T30] audit: type=1400 audit(1718661533.255:73): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.458621][ T30] audit: type=1400 audit(1718661533.255:74): avc: denied { setattr } for pid=299 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.480713][ T290] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.482001][ T30] audit: type=1400 audit(1718661533.335:75): avc: denied { relabelto } for pid=291 comm="mkswap" name="swap-file" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.749118][ T289] cgroup: Unknown subsys name 'hugetlb' [ 19.754607][ T289] cgroup: Unknown subsys name 'rlimit' 2024/06/17 21:58:53 starting 5 executor processes [ 20.212136][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.219036][ T306] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.226143][ T306] device bridge_slave_0 entered promiscuous mode [ 20.239264][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.246112][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.253396][ T308] device bridge_slave_0 entered promiscuous mode [ 20.261057][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.268002][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.275097][ T308] device bridge_slave_1 entered promiscuous mode [ 20.281463][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.288341][ T306] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.295517][ T306] device bridge_slave_1 entered promiscuous mode [ 20.374010][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.380941][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.388138][ T307] device bridge_slave_0 entered promiscuous mode [ 20.394566][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.401527][ T309] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.408685][ T309] device bridge_slave_0 entered promiscuous mode [ 20.418803][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.425650][ T310] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.432917][ T310] device bridge_slave_0 entered promiscuous mode [ 20.439584][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.446416][ T310] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.453668][ T310] device bridge_slave_1 entered promiscuous mode [ 20.460020][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.466845][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.474074][ T307] device bridge_slave_1 entered promiscuous mode [ 20.480456][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.487347][ T309] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.494389][ T309] device bridge_slave_1 entered promiscuous mode [ 20.655235][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.662103][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.669221][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.675968][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.698042][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.704884][ T306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.711994][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.718775][ T306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.730614][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.737553][ T309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.744630][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.751446][ T309] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.771004][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.777867][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.784945][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.791765][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.816539][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.823412][ T310] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.830506][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.837298][ T310] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.857269][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.865463][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.874417][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.882034][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.889106][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.896443][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.904665][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.911815][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.919094][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.926088][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.934871][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.943229][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.950543][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.973912][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.982046][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.000036][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.008016][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.038097][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.045347][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.053827][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.062523][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.070551][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.077841][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.085039][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.092800][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.100524][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.108468][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.115298][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.122608][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.130531][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.137371][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.144499][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.152403][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.159263][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.166498][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.175459][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.182394][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.190976][ T306] device veth0_vlan entered promiscuous mode [ 21.201481][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.209318][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.223289][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.231664][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.239989][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.247730][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.255621][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.262994][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.276591][ T310] device veth0_vlan entered promiscuous mode [ 21.283924][ T309] device veth0_vlan entered promiscuous mode [ 21.296883][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.305288][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.313416][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.321161][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.329246][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.337361][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.345234][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.352136][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.359319][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.367515][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.375471][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.383416][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.391159][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.399065][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.406953][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.414372][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.423085][ T306] device veth1_macvtap entered promiscuous mode [ 21.434461][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.442124][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.450388][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.458398][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.465313][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.472755][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.480644][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.490163][ T309] device veth1_macvtap entered promiscuous mode [ 21.501780][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.509363][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.517641][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.533738][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.541792][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.551062][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.559146][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.567242][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.575036][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.587752][ T310] device veth1_macvtap entered promiscuous mode [ 21.598609][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.606092][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.615056][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.622924][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.631275][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.639483][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.647534][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.655645][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.663774][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.675847][ T307] device veth0_vlan entered promiscuous mode [ 21.687732][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.695431][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.707401][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.715433][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.724076][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.731598][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.746147][ T307] device veth1_macvtap entered promiscuous mode [ 21.766079][ T308] device veth0_vlan entered promiscuous mode [ 21.774597][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.783850][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.792105][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.800134][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.808213][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.815662][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.824528][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.832738][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.840518][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.866571][ T308] device veth1_macvtap entered promiscuous mode [ 21.875507][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.883088][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.891112][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.899205][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.907607][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.933739][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.943723][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.952075][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.960230][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.969043][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.977470][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.985985][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.994143][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.127266][ T358] syz-executor.1 (358) used greatest stack depth: 22064 bytes left [ 22.140638][ T362] device wg2 entered promiscuous mode [ 22.272829][ T396] device wg2 left promiscuous mode [ 22.308479][ T396] device wg2 entered promiscuous mode [ 22.388079][ C1] hrtimer: interrupt took 25787 ns [ 22.529193][ T430] device wg2 entered promiscuous mode [ 23.371569][ T484] device wg2 entered promiscuous mode [ 24.200721][ T568] device syzkaller0 entered promiscuous mode [ 24.810003][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 24.810017][ T30] audit: type=1400 audit(1718661538.735:115): avc: denied { ioctl } for pid=621 comm="syz-executor.3" path="/dev/ppp" dev="devtmpfs" ino=134 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 26.669906][ T815] syz-executor.3[815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 26.669970][ T815] syz-executor.3[815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 26.855142][ T830] device wg2 left promiscuous mode [ 26.979871][ T840] syz-executor.3[840] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 26.979937][ T840] syz-executor.3[840] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 27.118377][ T852] syz-executor.0[852] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 27.184219][ T852] syz-executor.0[852] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 27.727963][ T890] syz-executor.4[890] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 27.761860][ T890] syz-executor.4[890] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 27.988101][ T917] syz-executor.0[917] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 28.000722][ T917] syz-executor.0[917] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 30.184962][ T30] audit: type=1400 audit(1718661544.105:116): avc: denied { create } for pid=1026 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 31.140156][ T30] audit: type=1400 audit(1718661545.065:117): avc: denied { write } for pid=1080 comm="syz-executor.4" name="ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 31.252083][ T1090] device pim6reg1 entered promiscuous mode [ 32.002510][ T1149] device syzkaller0 entered promiscuous mode [ 32.179937][ T1188] device pim6reg1 entered promiscuous mode [ 32.321123][ T1207] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 0 (only 8 groups) [ 32.323237][ T1217] device syzkaller0 entered promiscuous mode [ 32.625741][ T1256] device sit0 entered promiscuous mode [ 32.872917][ T1273] device syzkaller0 entered promiscuous mode [ 33.183081][ T1315] device pim6reg1 entered promiscuous mode [ 33.192193][ T1314] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 0 (only 8 groups) [ 33.289754][ T1330] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 0 (only 8 groups) [ 33.768866][ T30] audit: type=1400 audit(1718661547.695:118): avc: denied { ioctl } for pid=1414 comm="syz-executor.3" path="uts:[4026532582]" dev="nsfs" ino=4026532582 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 33.898857][ T1436] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 0 (only 8 groups) [ 33.898961][ T1435] device team_slave_1 entered promiscuous mode [ 33.924747][ T625] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 33.934782][ T625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 34.066027][ T1462] syz-executor.4[1462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.066096][ T1462] syz-executor.4[1462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.097257][ T1457] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1 [ 34.231300][ T1471] device sit0 left promiscuous mode [ 34.468151][ T1480] device sit0 entered promiscuous mode [ 35.568616][ T1518] syz-executor.3[1518] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.568685][ T1518] syz-executor.3[1518] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.888992][ T1554] syz-executor.3[1554] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.900790][ T1554] syz-executor.3[1554] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.979994][ T1566] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 0 (only 8 groups) [ 136.017145][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 136.023610][ C1] rcu: 1-...!: (10000 ticks this GP) idle=ea5/1/0x4000000000000000 softirq=6391/6391 fqs=0 last_accelerate: 988e/bfa4 dyntick_enabled: 1 [ 136.037626][ C1] (t=10002 jiffies g=4237 q=355) [ 136.042482][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g4237 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 136.054539][ C1] rcu: Possible timer handling issue on cpu=1 timer-softirq=940 [ 136.062087][ C1] rcu: rcu_preempt kthread starved for 10004 jiffies! g4237 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 136.073211][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 136.083011][ C1] rcu: RCU grace-period kthread stack dump: [ 136.088740][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 136.097774][ C1] Call Trace: [ 136.100890][ C1] [ 136.103675][ C1] __schedule+0xccc/0x1590 [ 136.107911][ C1] ? __sched_text_start+0x8/0x8 [ 136.112609][ C1] ? __kasan_check_write+0x14/0x20 [ 136.117557][ C1] schedule+0x11f/0x1e0 [ 136.121544][ C1] schedule_timeout+0x18c/0x370 [ 136.126401][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 136.131436][ C1] ? console_conditional_schedule+0x30/0x30 [ 136.137162][ C1] ? update_process_times+0x200/0x200 [ 136.142368][ C1] ? prepare_to_swait_event+0x308/0x320 [ 136.147751][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 136.152350][ C1] ? debug_smp_processor_id+0x17/0x20 [ 136.157557][ C1] ? __note_gp_changes+0x4ab/0x920 [ 136.162503][ C1] ? rcu_gp_init+0xc30/0xc30 [ 136.166928][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 136.171963][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 136.176392][ C1] rcu_gp_kthread+0xa4/0x350 [ 136.180816][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 136.185505][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 136.190020][ C1] ? __kasan_check_read+0x11/0x20 [ 136.194884][ C1] ? __kthread_parkme+0xb2/0x200 [ 136.199652][ C1] kthread+0x421/0x510 [ 136.203561][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 136.208069][ C1] ? kthread_blkcg+0xd0/0xd0 [ 136.212493][ C1] ret_from_fork+0x1f/0x30 [ 136.216748][ C1] [ 136.219620][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 136.225782][ C1] NMI backtrace for cpu 1 [ 136.229956][ C1] CPU: 1 PID: 1574 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 136.240019][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 136.250979][ C1] Call Trace: [ 136.254099][ C1] [ 136.256788][ C1] dump_stack_lvl+0x151/0x1b7 [ 136.261311][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 136.266783][ C1] dump_stack+0x15/0x17 [ 136.270771][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 136.275538][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 136.281528][ C1] ? panic+0x751/0x751 [ 136.285430][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 136.291337][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 136.297153][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 136.303051][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 136.308781][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 136.314765][ C1] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 136.321544][ C1] print_cpu_stall+0x310/0x5f0 [ 136.326136][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 136.331179][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 136.337158][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 136.342215][ C1] update_process_times+0x198/0x200 [ 136.347238][ C1] tick_sched_timer+0x188/0x240 [ 136.351912][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 136.357293][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 136.362330][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 136.367272][ C1] ? clockevents_program_event+0x22f/0x300 [ 136.372913][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 136.378817][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 136.383593][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 136.389324][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 136.394787][ C1] [ 136.397564][ C1] [ 136.400342][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 136.406165][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 136.410937][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 136.430372][ C1] RSP: 0018:ffffc90000b76580 EFLAGS: 00000246 [ 136.436272][ C1] RAX: 0000000000000003 RBX: 1ffff9200016ecb4 RCX: ffffffff8154fb7f [ 136.444084][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888125fb5528 [ 136.451899][ C1] RBP: ffffc90000b76630 R08: dffffc0000000000 R09: ffffed1024bf6aa6 [ 136.459713][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 136.467519][ C1] R13: ffff888125fb5528 R14: 0000000000000003 R15: 1ffff9200016ecb8 [ 136.475333][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 136.481408][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 136.487395][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 136.492341][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 136.498417][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 136.504330][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 136.510619][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 136.515347][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 136.520377][ C1] sock_map_delete_elem+0x99/0x130 [ 136.525337][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 136.530702][ C1] bpf_trace_run4+0x13f/0x270 [ 136.535215][ C1] ? bpf_trace_run3+0x250/0x250 [ 136.539902][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 136.545196][ C1] __alloc_pages+0x3cb/0x8f0 [ 136.549622][ C1] ? prep_new_page+0x110/0x110 [ 136.554221][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 136.559689][ C1] ? stack_trace_save+0x113/0x1c0 [ 136.564558][ C1] __stack_depot_save+0x38d/0x470 [ 136.569418][ C1] stack_depot_save+0xe/0x10 [ 136.573837][ C1] save_stack+0x104/0x1e0 [ 136.578002][ C1] ? __reset_page_owner+0x190/0x190 [ 136.583036][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 136.587808][ C1] ? prep_new_page+0x1b/0x110 [ 136.592411][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 136.597963][ C1] ? __alloc_pages+0x27e/0x8f0 [ 136.602564][ C1] ? __stack_depot_save+0x38d/0x470 [ 136.607599][ C1] ? kasan_set_track+0x5d/0x70 [ 136.612198][ C1] ? kasan_set_free_info+0x23/0x40 [ 136.617146][ C1] ? ____kasan_slab_free+0x126/0x160 [ 136.622267][ C1] ? __kasan_slab_free+0x11/0x20 [ 136.627128][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 136.632509][ C1] ? kfree+0xc8/0x220 [ 136.636327][ C1] ? sock_map_unref+0x352/0x4d0 [ 136.641011][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 136.646135][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 136.651686][ C1] ? bpf_trace_run4+0x13f/0x270 [ 136.656376][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 136.661843][ C1] __set_page_owner+0x28/0x2e0 [ 136.666531][ C1] ? kernel_init_free_pages+0xda/0xf0 [ 136.671738][ C1] post_alloc_hook+0x1a3/0x1b0 [ 136.676341][ C1] prep_new_page+0x1b/0x110 [ 136.680683][ C1] get_page_from_freelist+0x3550/0x35d0 [ 136.686061][ C1] ? static_protections+0x5bc/0x6f0 [ 136.691104][ C1] ? lruvec_init+0x150/0x150 [ 136.695522][ C1] ? __alloc_pages+0x8f0/0x8f0 [ 136.700117][ C1] ? __alloc_pages_bulk+0xe40/0xe40 [ 136.705157][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 136.710018][ C1] __alloc_pages+0x27e/0x8f0 [ 136.714445][ C1] ? prep_new_page+0x110/0x110 [ 136.719044][ C1] ? stack_trace_save+0x113/0x1c0 [ 136.723908][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 136.728847][ C1] ? stack_trace_save+0x113/0x1c0 [ 136.733711][ C1] __stack_depot_save+0x38d/0x470 [ 136.738648][ C1] ? kfree+0xc8/0x220 [ 136.742387][ C1] kasan_set_track+0x5d/0x70 [ 136.746809][ C1] ? kasan_set_track+0x4b/0x70 [ 136.751414][ C1] ? kasan_set_free_info+0x23/0x40 [ 136.756356][ C1] ? ____kasan_slab_free+0x126/0x160 [ 136.761478][ C1] ? __kasan_slab_free+0x11/0x20 [ 136.766250][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 136.771631][ C1] ? kfree+0xc8/0x220 [ 136.775452][ C1] ? sock_map_unref+0x352/0x4d0 [ 136.780136][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 136.785286][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 136.790817][ C1] ? bpf_trace_run4+0x13f/0x270 [ 136.795547][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 136.800969][ C1] ? __alloc_pages+0x3cb/0x8f0 [ 136.805570][ C1] ? __get_free_pages+0x10/0x30 [ 136.810254][ C1] ? kasan_populate_vmalloc_pte+0x39/0x130 [ 136.815896][ C1] ? __apply_to_page_range+0x8dd/0xbe0 [ 136.821194][ C1] ? apply_to_page_range+0x3b/0x50 [ 136.826137][ C1] ? kasan_populate_vmalloc+0x65/0x70 [ 136.831345][ C1] ? alloc_vmap_area+0x192f/0x1a80 [ 136.836315][ C1] ? __get_vm_area_node+0x158/0x360 [ 136.841324][ C1] ? __vmalloc_node_range+0xe2/0x8d0 [ 136.846445][ C1] ? bpf_map_area_alloc+0xd9/0xf0 [ 136.851309][ C1] ? array_map_alloc+0x278/0x6d0 [ 136.856081][ C1] ? map_create+0x411/0x2050 [ 136.860509][ C1] ? __sys_bpf+0x296/0x760 [ 136.864758][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 136.869186][ C1] ? do_syscall_64+0x3d/0xb0 [ 136.873611][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 136.879518][ C1] kasan_set_free_info+0x23/0x40 [ 136.884288][ C1] ____kasan_slab_free+0x126/0x160 [ 136.889234][ C1] __kasan_slab_free+0x11/0x20 [ 136.893834][ C1] slab_free_freelist_hook+0xbd/0x190 [ 136.899041][ C1] ? sock_map_unref+0x352/0x4d0 [ 136.903730][ C1] kfree+0xc8/0x220 [ 136.907375][ C1] sock_map_unref+0x352/0x4d0 [ 136.911888][ C1] sock_map_delete_elem+0xc1/0x130 [ 136.916838][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 136.922216][ C1] bpf_trace_run4+0x13f/0x270 [ 136.926727][ C1] ? bpf_trace_run3+0x250/0x250 [ 136.931416][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 136.936708][ C1] __alloc_pages+0x3cb/0x8f0 [ 136.941316][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 136.945736][ C1] ? prep_new_page+0x110/0x110 [ 136.950337][ C1] __get_free_pages+0x10/0x30 [ 136.954848][ C1] kasan_populate_vmalloc_pte+0x39/0x130 [ 136.960338][ C1] ? __apply_to_page_range+0x8ca/0xbe0 [ 136.965613][ C1] __apply_to_page_range+0x8dd/0xbe0 [ 136.970733][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 136.975939][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 136.981150][ C1] apply_to_page_range+0x3b/0x50 [ 136.985920][ C1] kasan_populate_vmalloc+0x65/0x70 [ 136.990953][ C1] alloc_vmap_area+0x192f/0x1a80 [ 136.995730][ C1] ? vm_map_ram+0xa90/0xa90 [ 137.000077][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 137.005449][ C1] ? __get_vm_area_node+0x117/0x360 [ 137.010492][ C1] __get_vm_area_node+0x158/0x360 [ 137.015343][ C1] ? selinux_capset+0xf0/0xf0 [ 137.019858][ C1] __vmalloc_node_range+0xe2/0x8d0 [ 137.024803][ C1] ? array_map_alloc+0x278/0x6d0 [ 137.029576][ C1] ? bpf_link_settle+0xc0/0x150 [ 137.034275][ C1] ? cap_capable+0x1d2/0x270 [ 137.038695][ C1] bpf_map_area_alloc+0xd9/0xf0 [ 137.043378][ C1] ? array_map_alloc+0x278/0x6d0 [ 137.048418][ C1] array_map_alloc+0x278/0x6d0 [ 137.053019][ C1] map_create+0x411/0x2050 [ 137.057264][ C1] __sys_bpf+0x296/0x760 [ 137.061340][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 137.066554][ C1] ? __kasan_check_read+0x11/0x20 [ 137.071409][ C1] __x64_sys_bpf+0x7c/0x90 [ 137.075668][ C1] do_syscall_64+0x3d/0xb0 [ 137.079915][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 137.085644][ C1] RIP: 0033:0x7f5689670f29 [ 137.089909][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 137.109338][ C1] RSP: 002b:00007f56889eb0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 137.117583][ C1] RAX: ffffffffffffffda RBX: 00007f56897a7f80 RCX: 00007f5689670f29 [ 137.125423][ C1] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000000 [ 137.133207][ C1] RBP: 00007f56896e0074 R08: 0000000000000000 R09: 0000000000000000 [ 137.141021][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.148829][ C1] R13: 000000000000000b R14: 00007f56897a7f80 R15: 00007ffe59faa808 [ 137.156733][ C1] [ 137.159649][ C1] Sending NMI from CPU 1 to CPUs 0: [ 137.164693][ C0] NMI backtrace for cpu 0 [ 137.164704][ C0] CPU: 0 PID: 1564 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 137.164727][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 137.164736][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 137.164762][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 137.164773][ C0] RSP: 0018:ffffc90000a26f40 EFLAGS: 00000246 [ 137.164787][ C0] RAX: 0000000000000001 RBX: 1ffff92000144dec RCX: 1ffffffff0d1aa9c [ 137.164798][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7038ad4 [ 137.164808][ C0] RBP: ffffc90000a26ff0 R08: dffffc0000000000 R09: ffffed103ee0715b [ 137.164819][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 137.164829][ C0] R13: ffff8881f7038ad4 R14: 0000000000000001 R15: 1ffff92000144df0 [ 137.164839][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 137.164852][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.164866][ C0] CR2: 0000000100000000 CR3: 000000013234c000 CR4: 00000000003506b0 [ 137.164883][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 137.164891][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 137.164901][ C0] Call Trace: [ 137.164907][ C0] [ 137.164914][ C0] ? show_regs+0x58/0x60 [ 137.164929][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 137.164948][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 137.164966][ C0] ? kvm_wait+0x147/0x180 [ 137.164978][ C0] ? kvm_wait+0x147/0x180 [ 137.164992][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 137.165008][ C0] ? nmi_handle+0xa8/0x280 [ 137.165023][ C0] ? kvm_wait+0x147/0x180 [ 137.165036][ C0] ? default_do_nmi+0x69/0x160 [ 137.165052][ C0] ? exc_nmi+0xaf/0x120 [ 137.165066][ C0] ? end_repeat_nmi+0x16/0x31 [ 137.165088][ C0] ? kvm_wait+0x147/0x180 [ 137.165101][ C0] ? kvm_wait+0x147/0x180 [ 137.165115][ C0] ? kvm_wait+0x147/0x180 [ 137.165128][ C0] [ 137.165132][ C0] [ 137.165137][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 137.165152][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 137.165168][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 137.165188][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 137.165206][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 137.165224][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 137.165240][ C0] ? __kasan_check_write+0x14/0x20 [ 137.165255][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 137.165271][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 137.165288][ C0] sock_map_delete_elem+0x99/0x130 [ 137.165305][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 137.165318][ C0] bpf_trace_run4+0x13f/0x270 [ 137.165335][ C0] ? bpf_trace_run3+0x250/0x250 [ 137.165353][ C0] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 137.165369][ C0] __alloc_pages+0x3cb/0x8f0 [ 137.165385][ C0] ? page_remove_rmap+0xe36/0x1420 [ 137.165399][ C0] ? prep_new_page+0x110/0x110 [ 137.165413][ C0] ? page_remove_rmap+0xebe/0x1420 [ 137.165428][ C0] ? page_add_file_rmap+0x8e0/0x8e0 [ 137.165442][ C0] ? mark_page_accessed+0x56b/0xbf0 [ 137.165458][ C0] __get_free_pages+0x10/0x30 [ 137.165473][ C0] __tlb_remove_page_size+0x178/0x300 [ 137.165491][ C0] unmap_page_range+0x1226/0x1ed0 [ 137.165504][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 137.165525][ C0] ? mmu_notifier_invalidate_range_end+0xe0/0xe0 [ 137.165548][ C0] ? uprobe_munmap+0x18d/0x450 [ 137.165565][ C0] unmap_vmas+0x389/0x560 [ 137.165578][ C0] ? unmap_page_range+0x1ed0/0x1ed0 [ 137.165594][ C0] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 137.165611][ C0] exit_mmap+0x3e4/0x940 [ 137.165627][ C0] ? exit_aio+0x25e/0x3c0 [ 137.165639][ C0] ? vm_brk+0x30/0x30 [ 137.165653][ C0] ? mutex_unlock+0xb2/0x260 [ 137.165671][ C0] ? uprobe_clear_state+0x2cd/0x320 [ 137.165688][ C0] __mmput+0x95/0x310 [ 137.165704][ C0] mmput+0x5b/0x170 [ 137.165718][ C0] do_exit+0xb9c/0x2ca0 [ 137.165734][ C0] ? put_task_struct+0x80/0x80 [ 137.165749][ C0] ? __kasan_check_write+0x14/0x20 [ 137.165764][ C0] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 137.165780][ C0] ? _raw_spin_lock_irqsave+0x210/0x210 [ 137.165797][ C0] do_group_exit+0x141/0x310 [ 137.165818][ C0] get_signal+0x7a3/0x1630 [ 137.165836][ C0] arch_do_signal_or_restart+0xbd/0x1680 [ 137.165851][ C0] ? irqentry_exit+0x30/0x40 [ 137.165866][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 137.165882][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 137.165898][ C0] ? get_sigframe_size+0x10/0x10 [ 137.165911][ C0] ? __se_sys_futex+0x37b/0x3e0 [ 137.165929][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 137.165944][ C0] ? sched_clock+0x9/0x10 [ 137.165957][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 137.165973][ C0] exit_to_user_mode_loop+0xa0/0xe0 [ 137.165987][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 137.166002][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 137.166018][ C0] do_syscall_64+0x49/0xb0 [ 137.166032][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 137.166048][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 137.166062][ C0] RIP: 0033:0x7fb0027b9f29 [ 137.166072][ C0] Code: Unable to access opcode bytes at RIP 0x7fb0027b9eff. [ 137.166079][ C0] RSP: 002b:00007fb001b34178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 137.166094][ C0] RAX: 0000000000000001 RBX: 00007fb0028f0f88 RCX: 00007fb0027b9f29 [ 137.166104][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb0028f0f8c [ 137.166113][ C0] RBP: 00007fb0028f0f80 R08: 00007ffedb5f60b0 R09: 00007fb001b346c0 [ 137.166124][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0028f0f8c [ 137.166133][ C0] R13: 000000000000000b R14: 00007ffedb5de100 R15: 00007ffedb5de1e8 [ 137.166146][ C0] [ 137.166651][ C1] NMI backtrace for cpu 1 [ 137.724522][ C1] CPU: 1 PID: 1574 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 137.734689][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 137.744591][ C1] Call Trace: [ 137.747709][ C1] [ 137.750397][ C1] dump_stack_lvl+0x151/0x1b7 [ 137.754913][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 137.760387][ C1] ? cpumask_next+0x8a/0xb0 [ 137.764748][ C1] dump_stack+0x15/0x17 [ 137.768714][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 137.773482][ C1] ? init_x2apic_ldr+0x10/0x10 [ 137.778110][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 137.784071][ C1] ? irq_work_queue+0xd4/0x160 [ 137.788670][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 137.794575][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 137.800573][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 137.806474][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 137.812200][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 137.817147][ C1] print_cpu_stall+0x315/0x5f0 [ 137.821748][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 137.826784][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 137.832770][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 137.837804][ C1] update_process_times+0x198/0x200 [ 137.842837][ C1] tick_sched_timer+0x188/0x240 [ 137.847525][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 137.852932][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 137.858029][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 137.862973][ C1] ? clockevents_program_event+0x22f/0x300 [ 137.868617][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 137.874517][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 137.879293][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 137.885019][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 137.890487][ C1] [ 137.893262][ C1] [ 137.896048][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 137.901857][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 137.906629][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 137.926072][ C1] RSP: 0018:ffffc90000b76580 EFLAGS: 00000246 [ 137.931974][ C1] RAX: 0000000000000003 RBX: 1ffff9200016ecb4 RCX: ffffffff8154fb7f [ 137.939938][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888125fb5528 [ 137.947847][ C1] RBP: ffffc90000b76630 R08: dffffc0000000000 R09: ffffed1024bf6aa6 [ 137.955656][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 137.963901][ C1] R13: ffff888125fb5528 R14: 0000000000000003 R15: 1ffff9200016ecb8 [ 137.971716][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 137.977792][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 137.983776][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 137.988723][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 137.994799][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 138.000702][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 138.007058][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 138.011827][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 138.016877][ C1] sock_map_delete_elem+0x99/0x130 [ 138.021811][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 138.027277][ C1] bpf_trace_run4+0x13f/0x270 [ 138.031798][ C1] ? bpf_trace_run3+0x250/0x250 [ 138.036479][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 138.041779][ C1] __alloc_pages+0x3cb/0x8f0 [ 138.046200][ C1] ? prep_new_page+0x110/0x110 [ 138.050800][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 138.056265][ C1] ? stack_trace_save+0x113/0x1c0 [ 138.061124][ C1] __stack_depot_save+0x38d/0x470 [ 138.065985][ C1] stack_depot_save+0xe/0x10 [ 138.070411][ C1] save_stack+0x104/0x1e0 [ 138.074577][ C1] ? __reset_page_owner+0x190/0x190 [ 138.079610][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 138.084384][ C1] ? prep_new_page+0x1b/0x110 [ 138.088897][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 138.094453][ C1] ? __alloc_pages+0x27e/0x8f0 [ 138.099050][ C1] ? __stack_depot_save+0x38d/0x470 [ 138.104084][ C1] ? kasan_set_track+0x5d/0x70 [ 138.108685][ C1] ? kasan_set_free_info+0x23/0x40 [ 138.113633][ C1] ? ____kasan_slab_free+0x126/0x160 [ 138.118753][ C1] ? __kasan_slab_free+0x11/0x20 [ 138.123526][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 138.128907][ C1] ? kfree+0xc8/0x220 [ 138.132732][ C1] ? sock_map_unref+0x352/0x4d0 [ 138.137418][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 138.142539][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 138.148119][ C1] ? bpf_trace_run4+0x13f/0x270 [ 138.152774][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 138.158247][ C1] __set_page_owner+0x28/0x2e0 [ 138.162843][ C1] ? kernel_init_free_pages+0xda/0xf0 [ 138.168057][ C1] post_alloc_hook+0x1a3/0x1b0 [ 138.172654][ C1] prep_new_page+0x1b/0x110 [ 138.176993][ C1] get_page_from_freelist+0x3550/0x35d0 [ 138.182375][ C1] ? static_protections+0x5bc/0x6f0 [ 138.187408][ C1] ? lruvec_init+0x150/0x150 [ 138.191831][ C1] ? __alloc_pages+0x8f0/0x8f0 [ 138.196441][ C1] ? __alloc_pages_bulk+0xe40/0xe40 [ 138.201465][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 138.206328][ C1] __alloc_pages+0x27e/0x8f0 [ 138.210752][ C1] ? prep_new_page+0x110/0x110 [ 138.215352][ C1] ? stack_trace_save+0x113/0x1c0 [ 138.220214][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 138.225158][ C1] ? stack_trace_save+0x113/0x1c0 [ 138.230019][ C1] __stack_depot_save+0x38d/0x470 [ 138.234882][ C1] ? kfree+0xc8/0x220 [ 138.238697][ C1] kasan_set_track+0x5d/0x70 [ 138.243127][ C1] ? kasan_set_track+0x4b/0x70 [ 138.247725][ C1] ? kasan_set_free_info+0x23/0x40 [ 138.252759][ C1] ? ____kasan_slab_free+0x126/0x160 [ 138.257880][ C1] ? __kasan_slab_free+0x11/0x20 [ 138.262674][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 138.268125][ C1] ? kfree+0xc8/0x220 [ 138.271938][ C1] ? sock_map_unref+0x352/0x4d0 [ 138.276625][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 138.281748][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 138.287300][ C1] ? bpf_trace_run4+0x13f/0x270 [ 138.291987][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 138.297456][ C1] ? __alloc_pages+0x3cb/0x8f0 [ 138.302055][ C1] ? __get_free_pages+0x10/0x30 [ 138.306742][ C1] ? kasan_populate_vmalloc_pte+0x39/0x130 [ 138.312385][ C1] ? __apply_to_page_range+0x8dd/0xbe0 [ 138.317681][ C1] ? apply_to_page_range+0x3b/0x50 [ 138.322624][ C1] ? kasan_populate_vmalloc+0x65/0x70 [ 138.327833][ C1] ? alloc_vmap_area+0x192f/0x1a80 [ 138.332780][ C1] ? __get_vm_area_node+0x158/0x360 [ 138.337956][ C1] ? __vmalloc_node_range+0xe2/0x8d0 [ 138.343076][ C1] ? bpf_map_area_alloc+0xd9/0xf0 [ 138.347938][ C1] ? array_map_alloc+0x278/0x6d0 [ 138.352723][ C1] ? map_create+0x411/0x2050 [ 138.357150][ C1] ? __sys_bpf+0x296/0x760 [ 138.361395][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 138.365822][ C1] ? do_syscall_64+0x3d/0xb0 [ 138.370251][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 138.376150][ C1] kasan_set_free_info+0x23/0x40 [ 138.380916][ C1] ____kasan_slab_free+0x126/0x160 [ 138.385863][ C1] __kasan_slab_free+0x11/0x20 [ 138.390466][ C1] slab_free_freelist_hook+0xbd/0x190 [ 138.395670][ C1] ? sock_map_unref+0x352/0x4d0 [ 138.400790][ C1] kfree+0xc8/0x220 [ 138.404436][ C1] sock_map_unref+0x352/0x4d0 [ 138.408950][ C1] sock_map_delete_elem+0xc1/0x130 [ 138.413901][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 138.419280][ C1] bpf_trace_run4+0x13f/0x270 [ 138.423801][ C1] ? bpf_trace_run3+0x250/0x250 [ 138.428479][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 138.433772][ C1] __alloc_pages+0x3cb/0x8f0 [ 138.438197][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 138.442629][ C1] ? prep_new_page+0x110/0x110 [ 138.447226][ C1] __get_free_pages+0x10/0x30 [ 138.451826][ C1] kasan_populate_vmalloc_pte+0x39/0x130 [ 138.457292][ C1] ? __apply_to_page_range+0x8ca/0xbe0 [ 138.462601][ C1] __apply_to_page_range+0x8dd/0xbe0 [ 138.467706][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 138.472920][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 138.478121][ C1] apply_to_page_range+0x3b/0x50 [ 138.482896][ C1] kasan_populate_vmalloc+0x65/0x70 [ 138.487928][ C1] alloc_vmap_area+0x192f/0x1a80 [ 138.492704][ C1] ? vm_map_ram+0xa90/0xa90 [ 138.497043][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 138.502425][ C1] ? __get_vm_area_node+0x117/0x360 [ 138.507456][ C1] __get_vm_area_node+0x158/0x360 [ 138.512323][ C1] ? selinux_capset+0xf0/0xf0 [ 138.519227][ C1] __vmalloc_node_range+0xe2/0x8d0 [ 138.524118][ C1] ? array_map_alloc+0x278/0x6d0 [ 138.528895][ C1] ? bpf_link_settle+0xc0/0x150 [ 138.533668][ C1] ? cap_capable+0x1d2/0x270 [ 138.538094][ C1] bpf_map_area_alloc+0xd9/0xf0 [ 138.542782][ C1] ? array_map_alloc+0x278/0x6d0 [ 138.547561][ C1] array_map_alloc+0x278/0x6d0 [ 138.552167][ C1] map_create+0x411/0x2050 [ 138.556406][ C1] __sys_bpf+0x296/0x760 [ 138.560595][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 138.565804][ C1] ? __kasan_check_read+0x11/0x20 [ 138.570663][ C1] __x64_sys_bpf+0x7c/0x90 [ 138.574918][ C1] do_syscall_64+0x3d/0xb0 [ 138.579172][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 138.584899][ C1] RIP: 0033:0x7f5689670f29 [ 138.589153][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 138.608590][ C1] RSP: 002b:00007f56889eb0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 138.616852][ C1] RAX: ffffffffffffffda RBX: 00007f56897a7f80 RCX: 00007f5689670f29 [ 138.624645][ C1] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000000 [ 138.632457][ C1] RBP: 00007f56896e0074 R08: 0000000000000000 R09: 0000000000000000 [ 138.640268][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.648083][ C1] R13: 000000000000000b R14: 00007f56897a7f80 R15: 00007ffe59faa808 [ 138.656022][ C1] [ 287.063895][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.0:1564] [ 287.072422][ C0] Modules linked in: [ 287.076164][ C0] CPU: 0 PID: 1564 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 287.086233][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.096121][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 287.100887][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 287.120860][ C0] RSP: 0018:ffffc90000a26f40 EFLAGS: 00000246 [ 287.126848][ C0] RAX: 0000000000000001 RBX: 1ffff92000144dec RCX: 1ffffffff0d1aa9c [ 287.134652][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7038ad4 [ 287.142468][ C0] RBP: ffffc90000a26ff0 R08: dffffc0000000000 R09: ffffed103ee0715b [ 287.150272][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 287.158172][ C0] R13: ffff8881f7038ad4 R14: 0000000000000001 R15: 1ffff92000144df0 [ 287.165982][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 287.174746][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.181178][ C0] CR2: 0000000100000000 CR3: 000000013234c000 CR4: 00000000003506b0 [ 287.188984][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.196794][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.204610][ C0] Call Trace: [ 287.207731][ C0] [ 287.210424][ C0] ? show_regs+0x58/0x60 [ 287.214498][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 287.219450][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 287.224566][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 287.229777][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 287.234719][ C0] ? clockevents_program_event+0x22f/0x300 [ 287.240362][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 287.246272][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 287.251220][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 287.257115][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 287.262840][ C0] [ 287.265682][ C0] [ 287.268398][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.274394][ C0] ? kvm_wait+0x147/0x180 [ 287.278550][ C0] ? asm_common_interrupt+0x27/0x40 [ 287.283585][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 287.288534][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 287.294433][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 287.300683][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 287.305456][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 287.310494][ C0] ? __kasan_check_write+0x14/0x20 [ 287.315436][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 287.320036][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 287.325263][ C0] sock_map_delete_elem+0x99/0x130 [ 287.330193][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 287.335573][ C0] bpf_trace_run4+0x13f/0x270 [ 287.340084][ C0] ? bpf_trace_run3+0x250/0x250 [ 287.344770][ C0] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.350065][ C0] __alloc_pages+0x3cb/0x8f0 [ 287.354489][ C0] ? page_remove_rmap+0xe36/0x1420 [ 287.359445][ C0] ? prep_new_page+0x110/0x110 [ 287.364044][ C0] ? page_remove_rmap+0xebe/0x1420 [ 287.368988][ C0] ? page_add_file_rmap+0x8e0/0x8e0 [ 287.374027][ C0] ? mark_page_accessed+0x56b/0xbf0 [ 287.379057][ C0] __get_free_pages+0x10/0x30 [ 287.383958][ C0] __tlb_remove_page_size+0x178/0x300 [ 287.389155][ C0] unmap_page_range+0x1226/0x1ed0 [ 287.394015][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.400102][ C0] ? mmu_notifier_invalidate_range_end+0xe0/0xe0 [ 287.406256][ C0] ? uprobe_munmap+0x18d/0x450 [ 287.410855][ C0] unmap_vmas+0x389/0x560 [ 287.415021][ C0] ? unmap_page_range+0x1ed0/0x1ed0 [ 287.420052][ C0] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 287.425446][ C0] exit_mmap+0x3e4/0x940 [ 287.429518][ C0] ? exit_aio+0x25e/0x3c0 [ 287.433679][ C0] ? vm_brk+0x30/0x30 [ 287.437498][ C0] ? mutex_unlock+0xb2/0x260 [ 287.441927][ C0] ? uprobe_clear_state+0x2cd/0x320 [ 287.446962][ C0] __mmput+0x95/0x310 [ 287.450862][ C0] mmput+0x5b/0x170 [ 287.454508][ C0] do_exit+0xb9c/0x2ca0 [ 287.458502][ C0] ? put_task_struct+0x80/0x80 [ 287.463103][ C0] ? __kasan_check_write+0x14/0x20 [ 287.468051][ C0] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 287.473004][ C0] ? _raw_spin_lock_irqsave+0x210/0x210 [ 287.478377][ C0] do_group_exit+0x141/0x310 [ 287.482802][ C0] get_signal+0x7a3/0x1630 [ 287.487059][ C0] arch_do_signal_or_restart+0xbd/0x1680 [ 287.492635][ C0] ? irqentry_exit+0x30/0x40 [ 287.497060][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 287.502700][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.508691][ C0] ? get_sigframe_size+0x10/0x10 [ 287.513468][ C0] ? __se_sys_futex+0x37b/0x3e0 [ 287.518149][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 287.523194][ C0] ? sched_clock+0x9/0x10 [ 287.527354][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 287.532038][ C0] exit_to_user_mode_loop+0xa0/0xe0 [ 287.537074][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 287.542365][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 287.547752][ C0] do_syscall_64+0x49/0xb0 [ 287.552000][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 287.557648][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.563368][ C0] RIP: 0033:0x7fb0027b9f29 [ 287.567621][ C0] Code: Unable to access opcode bytes at RIP 0x7fb0027b9eff. [ 287.574825][ C0] RSP: 002b:00007fb001b34178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 287.583071][ C0] RAX: 0000000000000001 RBX: 00007fb0028f0f88 RCX: 00007fb0027b9f29 [ 287.590883][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb0028f0f8c [ 287.598690][ C0] RBP: 00007fb0028f0f80 R08: 00007ffedb5f60b0 R09: 00007fb001b346c0 [ 287.606503][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0028f0f8c [ 287.614313][ C0] R13: 000000000000000b R14: 00007ffedb5de100 R15: 00007ffedb5de1e8 [ 287.622129][ C0] [ 287.625000][ C0] Sending NMI from CPU 0 to CPUs 1: [ 287.630043][ C1] NMI backtrace for cpu 1 [ 287.630052][ C1] CPU: 1 PID: 1574 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 287.630069][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.630077][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 287.630097][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 287.630109][ C1] RSP: 0018:ffffc90000b76580 EFLAGS: 00000246 [ 287.630123][ C1] RAX: 0000000000000003 RBX: 1ffff9200016ecb4 RCX: ffffffff8154fb7f [ 287.630134][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888125fb5528 [ 287.630144][ C1] RBP: ffffc90000b76630 R08: dffffc0000000000 R09: ffffed1024bf6aa6 [ 287.630155][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 287.630165][ C1] R13: ffff888125fb5528 R14: 0000000000000003 R15: 1ffff9200016ecb8 [ 287.630175][ C1] FS: 00007f56889eb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 287.630188][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.630199][ C1] CR2: 0000001b2ed2b000 CR3: 0000000116126000 CR4: 00000000003506a0 [ 287.630212][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.630221][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.630230][ C1] Call Trace: [ 287.630235][ C1] [ 287.630240][ C1] ? show_regs+0x58/0x60 [ 287.630256][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 287.630274][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 287.630292][ C1] ? kvm_wait+0x147/0x180 [ 287.630305][ C1] ? kvm_wait+0x147/0x180 [ 287.630318][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.630334][ C1] ? nmi_handle+0xa8/0x280 [ 287.630349][ C1] ? kvm_wait+0x147/0x180 [ 287.630361][ C1] ? default_do_nmi+0x69/0x160 [ 287.630377][ C1] ? exc_nmi+0xaf/0x120 [ 287.630391][ C1] ? end_repeat_nmi+0x16/0x31 [ 287.630407][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 287.630426][ C1] ? kvm_wait+0x147/0x180 [ 287.630439][ C1] ? kvm_wait+0x147/0x180 [ 287.630452][ C1] ? kvm_wait+0x147/0x180 [ 287.630465][ C1] [ 287.630469][ C1] [ 287.630473][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.630488][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 287.630503][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 287.630520][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 287.630538][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 287.630557][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 287.630573][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 287.630591][ C1] sock_map_delete_elem+0x99/0x130 [ 287.630609][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 287.630622][ C1] bpf_trace_run4+0x13f/0x270 [ 287.630638][ C1] ? bpf_trace_run3+0x250/0x250 [ 287.630656][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.630672][ C1] __alloc_pages+0x3cb/0x8f0 [ 287.630689][ C1] ? prep_new_page+0x110/0x110 [ 287.630704][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.630719][ C1] ? stack_trace_save+0x113/0x1c0 [ 287.630736][ C1] __stack_depot_save+0x38d/0x470 [ 287.630754][ C1] stack_depot_save+0xe/0x10 [ 287.630766][ C1] save_stack+0x104/0x1e0 [ 287.630781][ C1] ? __reset_page_owner+0x190/0x190 [ 287.630794][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 287.630808][ C1] ? prep_new_page+0x1b/0x110 [ 287.630822][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 287.630838][ C1] ? __alloc_pages+0x27e/0x8f0 [ 287.630852][ C1] ? __stack_depot_save+0x38d/0x470 [ 287.630868][ C1] ? kasan_set_track+0x5d/0x70 [ 287.630881][ C1] ? kasan_set_free_info+0x23/0x40 [ 287.630895][ C1] ? ____kasan_slab_free+0x126/0x160 [ 287.630908][ C1] ? __kasan_slab_free+0x11/0x20 [ 287.630927][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 287.630943][ C1] ? kfree+0xc8/0x220 [ 287.630957][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.630972][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 287.630986][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 287.630997][ C1] ? bpf_trace_run4+0x13f/0x270 [ 287.631012][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.631028][ C1] __set_page_owner+0x28/0x2e0 [ 287.631041][ C1] ? kernel_init_free_pages+0xda/0xf0 [ 287.631057][ C1] post_alloc_hook+0x1a3/0x1b0 [ 287.631072][ C1] prep_new_page+0x1b/0x110 [ 287.631087][ C1] get_page_from_freelist+0x3550/0x35d0 [ 287.631106][ C1] ? static_protections+0x5bc/0x6f0 [ 287.631124][ C1] ? lruvec_init+0x150/0x150 [ 287.631140][ C1] ? __alloc_pages+0x8f0/0x8f0 [ 287.631156][ C1] ? __alloc_pages_bulk+0xe40/0xe40 [ 287.631171][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 287.631187][ C1] __alloc_pages+0x27e/0x8f0 [ 287.631202][ C1] ? prep_new_page+0x110/0x110 [ 287.631218][ C1] ? stack_trace_save+0x113/0x1c0 [ 287.631233][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 287.631247][ C1] ? stack_trace_save+0x113/0x1c0 [ 287.631262][ C1] __stack_depot_save+0x38d/0x470 [ 287.631279][ C1] ? kfree+0xc8/0x220 [ 287.631293][ C1] kasan_set_track+0x5d/0x70 [ 287.631306][ C1] ? kasan_set_track+0x4b/0x70 [ 287.631318][ C1] ? kasan_set_free_info+0x23/0x40 [ 287.631332][ C1] ? ____kasan_slab_free+0x126/0x160 [ 287.631346][ C1] ? __kasan_slab_free+0x11/0x20 [ 287.631359][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 287.631375][ C1] ? kfree+0xc8/0x220 [ 287.631389][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.631403][ C1] ? sock_map_delete_elem+0xc1/0x130 [ 287.631418][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 287.631429][ C1] ? bpf_trace_run4+0x13f/0x270 [ 287.631443][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.631457][ C1] ? __alloc_pages+0x3cb/0x8f0 [ 287.631472][ C1] ? __get_free_pages+0x10/0x30 [ 287.631486][ C1] ? kasan_populate_vmalloc_pte+0x39/0x130 [ 287.631501][ C1] ? __apply_to_page_range+0x8dd/0xbe0 [ 287.631515][ C1] ? apply_to_page_range+0x3b/0x50 [ 287.631528][ C1] ? kasan_populate_vmalloc+0x65/0x70 [ 287.631543][ C1] ? alloc_vmap_area+0x192f/0x1a80 [ 287.631557][ C1] ? __get_vm_area_node+0x158/0x360 [ 287.631570][ C1] ? __vmalloc_node_range+0xe2/0x8d0 [ 287.631584][ C1] ? bpf_map_area_alloc+0xd9/0xf0 [ 287.631597][ C1] ? array_map_alloc+0x278/0x6d0 [ 287.631613][ C1] ? map_create+0x411/0x2050 [ 287.631626][ C1] ? __sys_bpf+0x296/0x760 [ 287.631639][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 287.631652][ C1] ? do_syscall_64+0x3d/0xb0 [ 287.631665][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.631685][ C1] kasan_set_free_info+0x23/0x40 [ 287.631699][ C1] ____kasan_slab_free+0x126/0x160 [ 287.631714][ C1] __kasan_slab_free+0x11/0x20 [ 287.631727][ C1] slab_free_freelist_hook+0xbd/0x190 [ 287.631744][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.631759][ C1] kfree+0xc8/0x220 [ 287.631774][ C1] sock_map_unref+0x352/0x4d0 [ 287.631791][ C1] sock_map_delete_elem+0xc1/0x130 [ 287.631806][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xf04 [ 287.631818][ C1] bpf_trace_run4+0x13f/0x270 [ 287.631833][ C1] ? bpf_trace_run3+0x250/0x250 [ 287.631851][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 287.631866][ C1] __alloc_pages+0x3cb/0x8f0 [ 287.631881][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 287.631894][ C1] ? prep_new_page+0x110/0x110 [ 287.631917][ C1] __get_free_pages+0x10/0x30 [ 287.631932][ C1] kasan_populate_vmalloc_pte+0x39/0x130 [ 287.631947][ C1] ? __apply_to_page_range+0x8ca/0xbe0 [ 287.631961][ C1] __apply_to_page_range+0x8dd/0xbe0 [ 287.631976][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 287.631993][ C1] ? kasan_populate_vmalloc+0x70/0x70 [ 287.632008][ C1] apply_to_page_range+0x3b/0x50 [ 287.632022][ C1] kasan_populate_vmalloc+0x65/0x70 [ 287.632037][ C1] alloc_vmap_area+0x192f/0x1a80 [ 287.632055][ C1] ? vm_map_ram+0xa90/0xa90 [ 287.632068][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 287.632084][ C1] ? __get_vm_area_node+0x117/0x360 [ 287.632099][ C1] __get_vm_area_node+0x158/0x360 [ 287.632112][ C1] ? selinux_capset+0xf0/0xf0 [ 287.632129][ C1] __vmalloc_node_range+0xe2/0x8d0 [ 287.632142][ C1] ? array_map_alloc+0x278/0x6d0 [ 287.632157][ C1] ? bpf_link_settle+0xc0/0x150 [ 287.632171][ C1] ? cap_capable+0x1d2/0x270 [ 287.632187][ C1] bpf_map_area_alloc+0xd9/0xf0 [ 287.632200][ C1] ? array_map_alloc+0x278/0x6d0 [ 287.632216][ C1] array_map_alloc+0x278/0x6d0 [ 287.632232][ C1] map_create+0x411/0x2050 [ 287.632247][ C1] __sys_bpf+0x296/0x760 [ 287.632261][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 287.632277][ C1] ? __kasan_check_read+0x11/0x20 [ 287.632293][ C1] __x64_sys_bpf+0x7c/0x90 [ 287.632307][ C1] do_syscall_64+0x3d/0xb0 [ 287.632320][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.632355][ C1] RIP: 0033:0x7f5689670f29 [ 287.632375][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 287.632386][ C1] RSP: 002b:00007f56889eb0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 287.632400][ C1] RAX: ffffffffffffffda RBX: 00007f56897a7f80 RCX: 00007f5689670f29 [ 287.632411][ C1] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000000 [ 287.632420][ C1] RBP: 00007f56896e0074 R08: 0000000000000000 R09: 0000000000000000 [ 287.632429][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.632438][ C1] R13: 000000000000000b R14: 00007f56897a7f80 R15: 00007ffe59faa808 [ 287.632451][ C1]