last executing test programs:

6.696246914s ago: executing program 0 (id=6148):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000005000000ff0700000700000000000000", @ANYRES32=0x1, @ANYBLOB="0055de69e4e3a573190004000000000000000000c3a9b8c82fdbd2dbccfc1dc9454ad08306d0a1f13e2daf99ad503f8fffb9fa188cc73ce6f1b46ff887ad8d23fb", @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="00000000ffffffff00"/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, r1}, 0x38)

6.620122701s ago: executing program 0 (id=6149):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x80005670}, 0x0, 0x0, 0x0, 0x8f0eb3b4c5eaf566}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x4f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

4.747041565s ago: executing program 1 (id=6166):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x80005670}, 0x0, 0x0, 0x0, 0x8f0eb3b4c5eaf566}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x4f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f3ff0000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

4.391708086s ago: executing program 4 (id=6169):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xcc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x30060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000380)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r6, 0x4d}, 0xb)
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0xf)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x604102, 0x0)
close(r7)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb012018000000000000000000000000000000020000000000"], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1328, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
close(r10)
recvmsg$unix(r9, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)

4.076525723s ago: executing program 2 (id=6172):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x800000, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000780)=ANY=[@ANYRES16], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x5, 0xfffffffe, 0x0, 0x48}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x6, 0x6, 0x6, 0x3, 0x0, 0x0, 0x4a883, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3c, 0x2, @perf_config_ext={0x1000, 0x400}, 0x0, 0x6, 0x1, 0x9, 0x2, 0x6, 0x2, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x9, r4, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x65)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 3)
r6 = getpid()
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0xffff, 0x8000000, 0x0, 0x0, 0x1}, r6, 0x2, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0xfdef)

3.993099811s ago: executing program 3 (id=6174):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r7, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

3.592770726s ago: executing program 2 (id=6175):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8922, &(0x7f0000000080)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071123a00000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.559745109s ago: executing program 4 (id=6176):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x3, 0x5, 0x1000, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4008e00000000007714980000000000050000000075d9648e00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{r5}, &(0x7f0000000cc0), &(0x7f0000000d00)='%-5lx  \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r6}, 0x10)
syz_clone(0x8020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

3.512268643s ago: executing program 1 (id=6177):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e0000b55c0004007f1c00000000040000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000008000"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000e20668558ef2fac600000000000000000000181100008e17d9edcbd41c4d1dcb4bae5bbf2f824f389a8d2403483d9b34945f82a522364362773d21dc425a674d13c3f05e3b985d27979e00000000000000fcf6523c62", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000780)=ANY=[@ANYRES16], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x5, 0xfffffffe, 0x0, 0x48}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r0, 0x0, 0x1}, 0x18)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x6, 0x6, 0x6, 0x3, 0x0, 0x0, 0x4a883, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3c, 0x2, @perf_config_ext={0x1000, 0x400}, 0x0, 0x6, 0x1, 0x9, 0x2, 0x6, 0x2, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x9, r3, 0x9)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x1a, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffd}}, 0x0, 0x0, r4, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = getpid()
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0xffff, 0x8000000, 0x0, 0x0, 0x1}, r6, 0x2, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)

3.388416024s ago: executing program 2 (id=6178):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x800000, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000780)=ANY=[@ANYRES16], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x5, 0xfffffffe, 0x0, 0x48}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x6, 0x6, 0x6, 0x3, 0x0, 0x0, 0x4a883, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3c, 0x2, @perf_config_ext={0x1000, 0x400}, 0x0, 0x6, 0x1, 0x9, 0x2, 0x6, 0x2, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x9, r4, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x65)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = getpid()
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0xffff, 0x8000000, 0x0, 0x0, 0x1}, r6, 0x2, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0xfdef) (fail_nth: 3)

2.505200631s ago: executing program 4 (id=6179):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000680)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmsg(r6, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r7, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@jmp={0x5, 0x0, 0x6, 0x0, 0x5, 0x30, 0xfffffffffffffff0}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xcc, &(0x7f0000000580)=""/204, 0x0, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x1, 0x0, 0x6d4b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.297346579s ago: executing program 1 (id=6180):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x26e1, 0x0)
close(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1282, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x1a)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
write$cgroup_pid(r0, 0x0, 0x7ffffffff000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)

2.295637049s ago: executing program 3 (id=6181):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(r6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r8, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

2.077689879s ago: executing program 2 (id=6182):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

2.076738248s ago: executing program 3 (id=6183):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0900000004000000040000000500000000000000", @ANYRES32=r0, @ANYBLOB="00000000000000000000000000000000000000006cfe233d02000a3395cffab12c3a633edfacd8b486e367fb007e05e173803be547a4e85777c767b6c9f3b17c2a2da0603f5f59fa4d337b841b9a0bef2944693d2c0645d8722def01fa1bc90828567445f92328649cdee781974e021ed1c3c7931d213731850156a7629585", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRESDEC=r2, @ANYRES32=r2, @ANYRESDEC=r3, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r1)
recvmsg$unix(r0, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x40000062)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r3}, &(0x7f0000000280), &(0x7f0000000340)='%pS    \x00'}, 0x20)
r5 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x4000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={@cgroup=r6, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="84d7e2ff0dee34640b3943622607c2c4e777c31b94791959c1f4f6585a5f1a8caef3a901c40015ee93fba36a5b9fa077c26b649e896388d14c02ffc3dbd517c8c0826d3cb77ab6e1081bd1b0615a3f2fcd32e1210216443d9103aee2f4517e238e8b4b14d0ff3c394464886c9d32bd4f784112ad0d072c166bc4e9b9a9db69fe76fb9f3e3dd59eacab249e76e8c32fa3c379a5ec3840d27d3f62b1d75b2f64f0e5cd7595ab493c000000000000000000000000000000d83d1ef613804e35e07e69c2f86f29a46f2722f35d4ebea43300aba0db4c7b70d312d629cdf100ad6921d22e73702519ff7b4352561a133baeb6562e3559fac1928631e416c3ef140d72ba6bf97885e86f40cf19f7367dd906a074635d1c39f4b0a309", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.003188835s ago: executing program 3 (id=6184):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
close(r1)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

1.986971406s ago: executing program 0 (id=6185):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x800000, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000780)=ANY=[@ANYRES16], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x5, 0xfffffffe, 0x0, 0x48}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x6, 0x6, 0x6, 0x3, 0x0, 0x0, 0x4a883, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3c, 0x2, @perf_config_ext={0x1000, 0x400}, 0x0, 0x6, 0x1, 0x9, 0x2, 0x6, 0x2, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x9, r4, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x65)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = getpid()
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0xffff, 0x8000000, 0x0, 0x0, 0x1}, r6, 0x2, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0xfdef)

1.984410766s ago: executing program 1 (id=6186):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x70}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
socketpair$nbd(0x1, 0x1, 0x0, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async)
mkdir(0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
write$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080)={'vlan0', 0x32, 0x32}, 0x8) (async)
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
close(r0)

1.974116238s ago: executing program 2 (id=6187):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x80005670}, 0x0, 0x0, 0x0, 0x8f0eb3b4c5eaf566}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x4f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f3ff0000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

1.893203295s ago: executing program 1 (id=6188):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000040200"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x6, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r6}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000680)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000340)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/253, 0xfd}], 0x1}, 0x1f00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000007000000ff0f00000900000000000000", @ANYRES32, @ANYBLOB="10000000000000005c55000000000027e00693e1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

961.347186ms ago: executing program 4 (id=6189):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x3, 0x5, 0x1000, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4008e00000000007714980000000000050000000075d9648e00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e27b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{r5}, &(0x7f0000000cc0), &(0x7f0000000d00)='%-5lx  \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r6}, 0x10)
syz_clone(0x8020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

937.743038ms ago: executing program 3 (id=6190):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef)

899.920222ms ago: executing program 0 (id=6191):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@typedef={0x2}]}, {0x0, [0x0, 0x2e]}}, &(0x7f00000002c0)=""/4096, 0x28, 0x1000, 0x7, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0xe, 0x4, 0x8, 0x2008, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='kmem_cache_free\x00', r5, 0x0, 0x6}, 0x18)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r6, &(0x7f0000000180)=ANY=[], 0x66)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_queued\x00', 0x26e1, 0x0)
close(r9)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1282, 0x0)
ioctl$TUNSETOFFLOAD(r9, 0xc004743e, 0x20001400)
write$cgroup_subtree(r9, &(0x7f00000000c0)=ANY=[], 0x9)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x4, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x8914, &(0x7f0000000080))
write$cgroup_subtree(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd"], 0xfdef)

895.358712ms ago: executing program 4 (id=6192):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r7, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

883.233313ms ago: executing program 3 (id=6193):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r7, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

428.690773ms ago: executing program 0 (id=6194):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(r6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r8, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

119.4328ms ago: executing program 1 (id=6195):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x80005670}, 0x0, 0x0, 0x0, 0x8f0eb3b4c5eaf566}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x4f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

96.814332ms ago: executing program 0 (id=6196):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x26e1, 0x0)
close(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1282, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x1a)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
write$cgroup_pid(r0, 0x0, 0x7ffffffff000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x14, 0x4, 0x4, 0x10002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)

11.980799ms ago: executing program 4 (id=6197):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r6}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000680)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r8, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x16, 0x1, 0x1ff, 0xe025, 0x20c4, r3, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@jmp={0x5, 0x0, 0x6, 0x0, 0x5, 0x30, 0xfffffffffffffff0}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xcc, &(0x7f0000000580)=""/204, 0x0, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x1, 0x0, 0x6d4b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

0s ago: executing program 2 (id=6198):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ff ff f7 d8 64 89 01 48
[  546.412383][T14790] RSP: 002b:00007f4852231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  546.420633][T14790] RAX: ffffffffffffffda RBX: 00007f485376ff80 RCX: 00007f48535b7ef9
[  546.428631][T14790] RDX: 0000000000000000 RSI: 0000000020004440 RDI: 0000000000000007
[  546.436699][T14790] RBP: 00007f4852231090 R08: 0000000000000000 R09: 0000000000000000
[  546.445376][T14790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.453171][T14790] R13: 0000000000000000 R14: 00007f485376ff80 R15: 00007ffea61a4a28
[  546.461078][T14790]  </TASK>
[  547.397942][T14836] FAULT_INJECTION: forcing a failure.
[  547.397942][T14836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  547.512080][T14836] CPU: 0 PID: 14836 Comm: syz.0.5180 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  547.522411][T14836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  547.532563][T14836] Call Trace:
[  547.535695][T14836]  <TASK>
[  547.538513][T14836]  dump_stack_lvl+0x151/0x1c0
[  547.542992][T14836]  ? io_uring_drop_tctx_refs+0x190/0x190
[  547.548856][T14836]  dump_stack+0x15/0x20
[  547.553090][T14836]  should_fail+0x3c6/0x510
[  547.557440][T14836]  should_fail_usercopy+0x1a/0x20
[  547.562296][T14836]  _copy_to_user+0x20/0x90
[  547.566588][T14836]  simple_read_from_buffer+0xc7/0x150
[  547.571856][T14836]  proc_fail_nth_read+0x1a3/0x210
[  547.576717][T14836]  ? proc_fault_inject_write+0x390/0x390
[  547.582171][T14836]  ? fsnotify_perm+0x470/0x5d0
[  547.586864][T14836]  ? security_file_permission+0x86/0xb0
[  547.592328][T14836]  ? proc_fault_inject_write+0x390/0x390
[  547.598061][T14836]  vfs_read+0x27d/0xd40
[  547.602057][T14836]  ? kernel_read+0x1f0/0x1f0
[  547.606478][T14836]  ? __kasan_check_write+0x14/0x20
[  547.611525][T14836]  ? mutex_lock+0xb6/0x1e0
[  547.615852][T14836]  ? wait_for_completion_killable_timeout+0x10/0x10
[  547.622280][T14836]  ? __fdget_pos+0x2e7/0x3a0
[  547.626788][T14836]  ? ksys_read+0x77/0x2c0
[  547.630956][T14836]  ksys_read+0x199/0x2c0
[  547.635140][T14836]  ? vfs_write+0x1110/0x1110
[  547.639644][T14836]  ? debug_smp_processor_id+0x17/0x20
[  547.644995][T14836]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  547.651083][T14836]  __x64_sys_read+0x7b/0x90
[  547.655413][T14836]  x64_sys_call+0x28/0x9a0
[  547.659658][T14836]  do_syscall_64+0x3b/0xb0
[  547.664091][T14836]  ? clear_bhb_loop+0x35/0x90
[  547.668685][T14836]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  547.674901][T14836] RIP: 0033:0x7f0c5cb9e93c
[  547.679547][T14836] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  547.699641][T14836] RSP: 002b:00007f0c5b819030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  547.708512][T14836] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9e93c
[  547.716934][T14836] RDX: 000000000000000f RSI: 00007f0c5b8190a0 RDI: 0000000000000006
[  547.724847][T14836] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  547.732771][T14836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.741089][T14836] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  547.749041][T14836]  </TASK>
[  547.895593][T14848] FAULT_INJECTION: forcing a failure.
[  547.895593][T14848] name failslab, interval 1, probability 0, space 0, times 0
[  547.908710][T14848] CPU: 0 PID: 14848 Comm: syz.3.5185 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  547.918821][T14848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  547.929057][T14848] Call Trace:
[  547.932177][T14848]  <TASK>
[  547.934967][T14848]  dump_stack_lvl+0x151/0x1c0
[  547.939596][T14848]  ? io_uring_drop_tctx_refs+0x190/0x190
[  547.945073][T14848]  dump_stack+0x15/0x20
[  547.949105][T14848]  should_fail+0x3c6/0x510
[  547.953534][T14848]  __should_failslab+0xa4/0xe0
[  547.958228][T14848]  should_failslab+0x9/0x20
[  547.962910][T14848]  slab_pre_alloc_hook+0x37/0xd0
[  547.967695][T14848]  __kmalloc+0x6d/0x270
[  547.971774][T14848]  ? sk_prot_alloc+0xf9/0x330
[  547.976274][T14848]  sk_prot_alloc+0xf9/0x330
[  547.980708][T14848]  ? _copy_from_user+0x96/0xd0
[  547.985310][T14848]  sk_alloc+0x38/0x430
[  547.989315][T14848]  bpf_prog_test_run_skb+0x362/0x1420
[  547.995212][T14848]  ? __kasan_check_write+0x14/0x20
[  548.000159][T14848]  ? proc_fail_nth_write+0x20b/0x290
[  548.005279][T14848]  ? selinux_file_permission+0x2c4/0x570
[  548.010752][T14848]  ? proc_fail_nth_read+0x210/0x210
[  548.015879][T14848]  ? fsnotify_perm+0x6a/0x5d0
[  548.020650][T14848]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  548.026725][T14848]  ? __kasan_check_write+0x14/0x20
[  548.032064][T14848]  ? fput_many+0x160/0x1b0
[  548.036603][T14848]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  548.042650][T14848]  bpf_prog_test_run+0x3b0/0x630
[  548.047543][T14848]  ? bpf_prog_query+0x220/0x220
[  548.052353][T14848]  ? selinux_bpf+0xd2/0x100
[  548.056983][T14848]  ? security_bpf+0x82/0xb0
[  548.061483][T14848]  __sys_bpf+0x525/0x760
[  548.065656][T14848]  ? fput_many+0x160/0x1b0
[  548.069958][T14848]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  548.075222][T14848]  ? debug_smp_processor_id+0x17/0x20
[  548.080701][T14848]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  548.086769][T14848]  __x64_sys_bpf+0x7c/0x90
[  548.091120][T14848]  x64_sys_call+0x87f/0x9a0
[  548.095631][T14848]  do_syscall_64+0x3b/0xb0
[  548.099882][T14848]  ? clear_bhb_loop+0x35/0x90
[  548.104692][T14848]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  548.110683][T14848] RIP: 0033:0x7f98c803fef9
[  548.115199][T14848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.136106][T14848] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  548.144830][T14848] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  548.152994][T14848] RDX: 000000000000001e RSI: 0000000020000080 RDI: 000000000000000a
[  548.160968][T14848] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  548.168966][T14848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.176944][T14848] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  548.185111][T14848]  </TASK>
[  548.875956][T14885] FAULT_INJECTION: forcing a failure.
[  548.875956][T14885] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  548.890246][T14885] CPU: 0 PID: 14885 Comm: syz.2.5197 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  548.900174][T14885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  548.910153][T14885] Call Trace:
[  548.913363][T14885]  <TASK>
[  548.916145][T14885]  dump_stack_lvl+0x151/0x1c0
[  548.920824][T14885]  ? io_uring_drop_tctx_refs+0x190/0x190
[  548.926297][T14885]  ? arch_stack_walk+0xf3/0x140
[  548.930985][T14885]  dump_stack+0x15/0x20
[  548.934980][T14885]  should_fail+0x3c6/0x510
[  548.939322][T14885]  should_fail_alloc_page+0x5a/0x80
[  548.944355][T14885]  prepare_alloc_pages+0x15c/0x700
[  548.949388][T14885]  ? __alloc_pages_bulk+0xe40/0xe40
[  548.954542][T14885]  __alloc_pages+0x18c/0x8f0
[  548.958934][T14885]  ? x64_sys_call+0x1b0/0x9a0
[  548.963652][T14885]  ? prep_new_page+0x110/0x110
[  548.968662][T14885]  __get_free_pages+0x10/0x30
[  548.973180][T14885]  kasan_populate_vmalloc_pte+0x39/0x130
[  548.978810][T14885]  ? __apply_to_page_range+0x8ca/0xbe0
[  548.984197][T14885]  __apply_to_page_range+0x8dd/0xbe0
[  548.989409][T14885]  ? kasan_populate_vmalloc+0x70/0x70
[  548.994604][T14885]  ? kasan_populate_vmalloc+0x70/0x70
[  548.999809][T14885]  apply_to_page_range+0x3b/0x50
[  549.004583][T14885]  kasan_populate_vmalloc+0x65/0x70
[  549.009612][T14885]  alloc_vmap_area+0x192f/0x1a80
[  549.014451][T14885]  ? vm_map_ram+0xa90/0xa90
[  549.018730][T14885]  ? kmem_cache_alloc_trace+0x115/0x210
[  549.024109][T14885]  ? __get_vm_area_node+0x117/0x360
[  549.029235][T14885]  __get_vm_area_node+0x158/0x360
[  549.034286][T14885]  __vmalloc_node_range+0xe2/0x8d0
[  549.039231][T14885]  ? copy_process+0x5c4/0x3290
[  549.043830][T14885]  ? slab_post_alloc_hook+0x72/0x2c0
[  549.049040][T14885]  ? dup_task_struct+0x53/0xc60
[  549.053740][T14885]  ? dup_task_struct+0x53/0xc60
[  549.058589][T14885]  dup_task_struct+0x416/0xc60
[  549.063625][T14885]  ? copy_process+0x5c4/0x3290
[  549.068221][T14885]  ? __kasan_check_write+0x14/0x20
[  549.073436][T14885]  copy_process+0x5c4/0x3290
[  549.078030][T14885]  ? __kasan_check_write+0x14/0x20
[  549.083148][T14885]  ? selinux_file_permission+0x2c4/0x570
[  549.088817][T14885]  ? proc_fail_nth_read+0x210/0x210
[  549.094083][T14885]  ? fsnotify_perm+0x6a/0x5d0
[  549.098689][T14885]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  549.103630][T14885]  ? vfs_write+0x9ec/0x1110
[  549.107973][T14885]  kernel_clone+0x21e/0x9e0
[  549.112403][T14885]  ? __kasan_check_write+0x14/0x20
[  549.117432][T14885]  ? create_io_thread+0x1e0/0x1e0
[  549.122395][T14885]  __x64_sys_clone+0x23f/0x290
[  549.126983][T14885]  ? __do_sys_vfork+0x130/0x130
[  549.131760][T14885]  ? __bpf_trace_sys_enter+0x62/0x70
[  549.136884][T14885]  x64_sys_call+0x1b0/0x9a0
[  549.141223][T14885]  do_syscall_64+0x3b/0xb0
[  549.145575][T14885]  ? clear_bhb_loop+0x35/0x90
[  549.150064][T14885]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  549.155804][T14885] RIP: 0033:0x7f1d6f185ef9
[  549.160049][T14885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.180049][T14885] RSP: 002b:00007f1d6ddfefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  549.188281][T14885] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f185ef9
[  549.196380][T14885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024001000
[  549.204264][T14885] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  549.212082][T14885] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  549.219991][T14885] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  549.228080][T14885]  </TASK>
[  549.238812][T14885] syz.2.5197: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0
[  549.254262][T14885] CPU: 1 PID: 14885 Comm: syz.2.5197 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  549.264330][T14885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  549.274833][T14885] Call Trace:
[  549.277983][T14885]  <TASK>
[  549.280761][T14885]  dump_stack_lvl+0x151/0x1c0
[  549.285597][T14885]  ? io_uring_drop_tctx_refs+0x190/0x190
[  549.291146][T14885]  ? pr_cont_kernfs_name+0xf0/0x100
[  549.296349][T14885]  dump_stack+0x15/0x20
[  549.300439][T14885]  warn_alloc+0x21a/0x390
[  549.304608][T14885]  ? zone_watermark_ok_safe+0x270/0x270
[  549.310094][T14885]  ? __get_vm_area_node+0x16e/0x360
[  549.315215][T14885]  __vmalloc_node_range+0x2c1/0x8d0
[  549.320236][T14885]  ? slab_post_alloc_hook+0x72/0x2c0
[  549.325444][T14885]  ? dup_task_struct+0x53/0xc60
[  549.330331][T14885]  ? dup_task_struct+0x53/0xc60
[  549.335364][T14885]  dup_task_struct+0x416/0xc60
[  549.340160][T14885]  ? copy_process+0x5c4/0x3290
[  549.344763][T14885]  ? __kasan_check_write+0x14/0x20
[  549.349869][T14885]  copy_process+0x5c4/0x3290
[  549.354299][T14885]  ? __kasan_check_write+0x14/0x20
[  549.359254][T14885]  ? selinux_file_permission+0x2c4/0x570
[  549.364979][T14885]  ? proc_fail_nth_read+0x210/0x210
[  549.370007][T14885]  ? fsnotify_perm+0x6a/0x5d0
[  549.374522][T14885]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  549.379564][T14885]  ? vfs_write+0x9ec/0x1110
[  549.383992][T14885]  kernel_clone+0x21e/0x9e0
[  549.388357][T14885]  ? __kasan_check_write+0x14/0x20
[  549.393371][T14885]  ? create_io_thread+0x1e0/0x1e0
[  549.398319][T14885]  __x64_sys_clone+0x23f/0x290
[  549.402911][T14885]  ? __do_sys_vfork+0x130/0x130
[  549.407789][T14885]  ? __bpf_trace_sys_enter+0x62/0x70
[  549.413003][T14885]  x64_sys_call+0x1b0/0x9a0
[  549.417379][T14885]  do_syscall_64+0x3b/0xb0
[  549.421575][T14885]  ? clear_bhb_loop+0x35/0x90
[  549.426198][T14885]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  549.432024][T14885] RIP: 0033:0x7f1d6f185ef9
[  549.436505][T14885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.455938][T14885] RSP: 002b:00007f1d6ddfefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  549.464194][T14885] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f185ef9
[  549.472042][T14885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024001000
[  549.480004][T14885] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  549.488312][T14885] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  549.496178][T14885] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  549.504008][T14885]  </TASK>
[  549.507588][T14885] Mem-Info:
[  549.510547][T14885] active_anon:106 inactive_anon:8862 isolated_anon:0
[  549.510547][T14885]  active_file:20943 inactive_file:6341 isolated_file:0
[  549.510547][T14885]  unevictable:0 dirty:160 writeback:0
[  549.510547][T14885]  slab_reclaimable:6962 slab_unreclaimable:75192
[  549.510547][T14885]  mapped:21287 shmem:292 pagetables:527 bounce:0
[  549.510547][T14885]  kernel_misc_reclaimable:0
[  549.510547][T14885]  free:1549863 free_pcp:22241 free_cma:0
[  549.552367][T14885] Node 0 active_anon:424kB inactive_anon:35448kB active_file:83772kB inactive_file:25364kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:85148kB dirty:640kB writeback:0kB shmem:1168kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4244kB pagetables:2008kB all_unreclaimable? no
[  549.583299][T14885] DMA32 free:2974676kB min:62568kB low:78208kB high:93848kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2978984kB mlocked:0kB bounce:0kB free_pcp:4308kB local_pcp:4308kB free_cma:0kB
[  549.648851][T14885] lowmem_reserve[]: 0 3941 3941
[  549.654487][T14885] Normal free:3224648kB min:84884kB low:106104kB high:127324kB reserved_highatomic:0KB active_anon:424kB inactive_anon:28348kB active_file:83772kB inactive_file:25364kB unevictable:0kB writepending:640kB present:5242880kB managed:4035584kB mlocked:0kB bounce:0kB free_pcp:92624kB local_pcp:45624kB free_cma:0kB
[  549.684440][T14885] lowmem_reserve[]: 0 0 0
[  549.688633][T14885] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 723*4096kB (M) = 2974676kB
[  549.704893][T14885] Normal: 568*4kB (UM) 823*8kB (ME) 227*16kB (ME) 68*32kB (UM) 147*64kB (UME) 50*128kB (UME) 23*256kB (UME) 23*512kB (UME) 16*1024kB (UME) 7*2048kB (UME) 768*4096kB (UM) = 3224584kB
[  549.724124][T14885] 27526 total pagecache pages
[  549.728643][T14885] 0 pages in swap cache
[  549.733160][T14885] Swap cache stats: add 0, delete 0, find 0/0
[  549.739247][T14885] Free swap  = 124996kB
[  549.743732][T14885] Total swap = 124996kB
[  549.747704][T14885] 2097051 pages RAM
[  549.751351][T14885] 0 pages HighMem/MovableOnly
[  549.763021][T14885] 343409 pages reserved
[  549.767166][T14885] 0 pages cma reserved
[  550.977313][T14932] syz.1.5212[14932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  550.980559][T14932] syz.1.5212[14932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.200336][   T30] audit: type=1400 audit(1725994579.329:140): avc:  denied  { create } for  pid=14935 comm="syz.1.5213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  551.762302][T14959] FAULT_INJECTION: forcing a failure.
[  551.762302][T14959] name failslab, interval 1, probability 0, space 0, times 0
[  551.814891][   T30] audit: type=1400 audit(1725994579.949:141): avc:  denied  { create } for  pid=14960 comm="syz.0.5225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  551.822101][T14959] CPU: 1 PID: 14959 Comm: syz.2.5224 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  551.844774][T14959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  551.855120][T14959] Call Trace:
[  551.858320][T14959]  <TASK>
[  551.861085][T14959]  dump_stack_lvl+0x151/0x1c0
[  551.865602][T14959]  ? io_uring_drop_tctx_refs+0x190/0x190
[  551.871073][T14959]  ? avc_denied+0x1b0/0x1b0
[  551.875410][T14959]  dump_stack+0x15/0x20
[  551.879411][T14959]  should_fail+0x3c6/0x510
[  551.883660][T14959]  __should_failslab+0xa4/0xe0
[  551.888250][T14959]  ? __alloc_skb+0xbe/0x550
[  551.892691][T14959]  should_failslab+0x9/0x20
[  551.897136][T14959]  slab_pre_alloc_hook+0x37/0xd0
[  551.901992][T14959]  ? __alloc_skb+0xbe/0x550
[  551.906415][T14959]  kmem_cache_alloc+0x44/0x200
[  551.911021][T14959]  __alloc_skb+0xbe/0x550
[  551.915352][T14959]  alloc_skb_with_frags+0xa6/0x680
[  551.920330][T14959]  ? 0xffffffffa0028000
[  551.924306][T14959]  ? is_bpf_text_address+0x172/0x190
[  551.929417][T14959]  sock_alloc_send_pskb+0x915/0xa50
[  551.934457][T14959]  ? sock_kzfree_s+0x60/0x60
[  551.938881][T14959]  ? stack_trace_save+0x113/0x1c0
[  551.943921][T14959]  ? stack_trace_snprint+0xf0/0xf0
[  551.948871][T14959]  tun_get_user+0xf1b/0x3aa0
[  551.953293][T14959]  ? __x64_sys_openat+0x1b0/0x290
[  551.958228][T14959]  ? x64_sys_call+0x6bf/0x9a0
[  551.962739][T14959]  ? _kstrtoull+0x3a0/0x4a0
[  551.967080][T14959]  ? tun_do_read+0x2010/0x2010
[  551.971680][T14959]  ? kstrtouint_from_user+0x20a/0x2a0
[  551.976898][T14959]  ? kstrtol_from_user+0x310/0x310
[  551.981934][T14959]  ? avc_policy_seqno+0x1b/0x70
[  551.986880][T14959]  ? selinux_file_permission+0x2c4/0x570
[  551.992720][T14959]  tun_chr_write_iter+0x1e1/0x2e0
[  551.997594][T14959]  vfs_write+0xd5d/0x1110
[  552.001932][T14959]  ? putname+0xfa/0x150
[  552.005936][T14959]  ? file_end_write+0x1c0/0x1c0
[  552.010615][T14959]  ? __fdget_pos+0x209/0x3a0
[  552.015052][T14959]  ? ksys_write+0x77/0x2c0
[  552.019602][T14959]  ksys_write+0x199/0x2c0
[  552.024121][T14959]  ? __ia32_sys_read+0x90/0x90
[  552.029056][T14959]  ? debug_smp_processor_id+0x17/0x20
[  552.034436][T14959]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  552.040339][T14959]  __x64_sys_write+0x7b/0x90
[  552.044860][T14959]  x64_sys_call+0x2f/0x9a0
[  552.049299][T14959]  do_syscall_64+0x3b/0xb0
[  552.053657][T14959]  ? clear_bhb_loop+0x35/0x90
[  552.058417][T14959]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  552.064586][T14959] RIP: 0033:0x7f1d6f185ef9
[  552.068843][T14959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.088542][T14959] RSP: 002b:00007f1d6ddff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  552.096866][T14959] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f185ef9
[  552.104763][T14959] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 00000000000000c8
[  552.112602][T14959] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  552.120387][T14959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.128373][T14959] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  552.136275][T14959]  </TASK>
[  552.239359][   T30] audit: type=1400 audit(1725994580.369:142): avc:  denied  { write } for  pid=14969 comm="syz.0.5227" name="net" dev="proc" ino=63107 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  552.331090][   T30] audit: type=1400 audit(1725994580.369:143): avc:  denied  { add_name } for  pid=14969 comm="syz.0.5227" name="blkio.throttle.io_service_bytes_recursive" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  552.500615][   T30] audit: type=1400 audit(1725994580.369:144): avc:  denied  { create } for  pid=14969 comm="syz.0.5227" name="blkio.throttle.io_service_bytes_recursive" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  552.537004][   T30] audit: type=1400 audit(1725994580.369:145): avc:  denied  { associate } for  pid=14969 comm="syz.0.5227" name="blkio.throttle.io_service_bytes_recursive" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  552.719516][T14984] FAULT_INJECTION: forcing a failure.
[  552.719516][T14984] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  552.733004][T14984] CPU: 1 PID: 14984 Comm: syz.3.5233 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  552.742965][T14984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  552.752948][T14984] Call Trace:
[  552.756071][T14984]  <TASK>
[  552.758846][T14984]  dump_stack_lvl+0x151/0x1c0
[  552.763364][T14984]  ? io_uring_drop_tctx_refs+0x190/0x190
[  552.768836][T14984]  dump_stack+0x15/0x20
[  552.772820][T14984]  should_fail+0x3c6/0x510
[  552.777072][T14984]  should_fail_alloc_page+0x5a/0x80
[  552.782108][T14984]  prepare_alloc_pages+0x15c/0x700
[  552.787059][T14984]  ? __alloc_pages_bulk+0xe40/0xe40
[  552.792091][T14984]  __alloc_pages+0x18c/0x8f0
[  552.796537][T14984]  ? prep_new_page+0x110/0x110
[  552.801115][T14984]  ? __kasan_kmalloc_large+0xad/0xc0
[  552.806232][T14984]  kmalloc_order+0x4a/0x160
[  552.810573][T14984]  kmalloc_order_trace+0x1a/0xb0
[  552.815347][T14984]  __kmalloc+0x19c/0x270
[  552.819428][T14984]  kvmalloc_node+0x1f0/0x4d0
[  552.823851][T14984]  ? vm_mmap+0xb0/0xb0
[  552.827756][T14984]  ? __kasan_check_write+0x14/0x20
[  552.832791][T14984]  ? _copy_from_user+0x96/0xd0
[  552.837391][T14984]  map_lookup_and_delete_elem+0x51f/0x8d0
[  552.842951][T14984]  __sys_bpf+0x4ce/0x760
[  552.847464][T14984]  ? fput_many+0x160/0x1b0
[  552.851719][T14984]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  552.857025][T14984]  ? debug_smp_processor_id+0x17/0x20
[  552.862313][T14984]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  552.868388][T14984]  __x64_sys_bpf+0x7c/0x90
[  552.872736][T14984]  x64_sys_call+0x87f/0x9a0
[  552.877155][T14984]  do_syscall_64+0x3b/0xb0
[  552.881504][T14984]  ? clear_bhb_loop+0x35/0x90
[  552.886016][T14984]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  552.891747][T14984] RIP: 0033:0x7f98c803fef9
[  552.895998][T14984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.915735][T14984] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  552.924240][T14984] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  552.932143][T14984] RDX: 0000000000000020 RSI: 00000000200000c0 RDI: 0000000000000015
[  552.939953][T14984] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  552.947758][T14984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.955565][T14984] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  552.963748][T14984]  </TASK>
[  553.186748][T15004] FAULT_INJECTION: forcing a failure.
[  553.186748][T15004] name failslab, interval 1, probability 0, space 0, times 0
[  553.199646][T15004] CPU: 0 PID: 15004 Comm: syz.2.5239 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  553.209596][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  553.219579][T15004] Call Trace:
[  553.222703][T15004]  <TASK>
[  553.225604][T15004]  dump_stack_lvl+0x151/0x1c0
[  553.230080][T15004]  ? io_uring_drop_tctx_refs+0x190/0x190
[  553.235559][T15004]  dump_stack+0x15/0x20
[  553.239536][T15004]  should_fail+0x3c6/0x510
[  553.243878][T15004]  __should_failslab+0xa4/0xe0
[  553.248572][T15004]  ? radix_tree_node_alloc+0x80/0x3c0
[  553.253807][T15004]  should_failslab+0x9/0x20
[  553.258136][T15004]  slab_pre_alloc_hook+0x37/0xd0
[  553.262900][T15004]  ? radix_tree_node_alloc+0x80/0x3c0
[  553.268401][T15004]  kmem_cache_alloc+0x44/0x200
[  553.273594][T15004]  ? tipc_group_create+0x420/0x660
[  553.278652][T15004]  radix_tree_node_alloc+0x80/0x3c0
[  553.283777][T15004]  idr_get_free+0x2b6/0xa90
[  553.288130][T15004]  idr_alloc+0x1a0/0x2f0
[  553.292186][T15004]  ? idr_alloc_u32+0x320/0x320
[  553.296783][T15004]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  553.301655][T15004]  ? kmem_cache_alloc_trace+0x115/0x210
[  553.307123][T15004]  ? tipc_conn_alloc+0x5a/0x460
[  553.311810][T15004]  tipc_conn_alloc+0x286/0x460
[  553.316403][T15004]  tipc_topsrv_kern_subscr+0x1f6/0x490
[  553.321705][T15004]  ? conn_put+0x310/0x310
[  553.325876][T15004]  ? __kasan_kmalloc+0x9/0x10
[  553.330384][T15004]  ? kmem_cache_alloc_trace+0x115/0x210
[  553.335754][T15004]  ? tipc_group_create+0x9c/0x660
[  553.340704][T15004]  tipc_group_create+0x420/0x660
[  553.345655][T15004]  tipc_sk_join+0x22f/0x8a0
[  553.350185][T15004]  ? __tipc_sendstream+0x1310/0x1310
[  553.355455][T15004]  ? selinux_socket_setsockopt+0x260/0x360
[  553.361469][T15004]  ? __kasan_check_write+0x14/0x20
[  553.366502][T15004]  ? _copy_from_user+0x96/0xd0
[  553.371277][T15004]  tipc_setsockopt+0x794/0xb80
[  553.375978][T15004]  ? tipc_shutdown+0x400/0x400
[  553.380666][T15004]  ? security_socket_setsockopt+0x82/0xb0
[  553.386329][T15004]  ? tipc_shutdown+0x400/0x400
[  553.391114][T15004]  __sys_setsockopt+0x4dc/0x840
[  553.395804][T15004]  ? __ia32_sys_recv+0xb0/0xb0
[  553.400411][T15004]  ? debug_smp_processor_id+0x17/0x20
[  553.405702][T15004]  __x64_sys_setsockopt+0xbf/0xd0
[  553.410558][T15004]  x64_sys_call+0x1a2/0x9a0
[  553.414979][T15004]  do_syscall_64+0x3b/0xb0
[  553.419247][T15004]  ? clear_bhb_loop+0x35/0x90
[  553.423754][T15004]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  553.429915][T15004] RIP: 0033:0x7f1d6f185ef9
[  553.434355][T15004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.454547][T15004] RSP: 002b:00007f1d6ddff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  553.463132][T15004] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f185ef9
[  553.471798][T15004] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000007
[  553.479940][T15004] RBP: 00007f1d6ddff090 R08: 00000000000004bd R09: 0000000000000000
[  553.487743][T15004] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  553.495626][T15004] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  553.503447][T15004]  </TASK>
[  554.133147][T15035] FAULT_INJECTION: forcing a failure.
[  554.133147][T15035] name failslab, interval 1, probability 0, space 0, times 0
[  554.146254][T15035] CPU: 1 PID: 15035 Comm: syz.0.5252 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  554.156151][T15035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  554.166134][T15035] Call Trace:
[  554.169370][T15035]  <TASK>
[  554.172667][T15035]  dump_stack_lvl+0x151/0x1c0
[  554.177268][T15035]  ? io_uring_drop_tctx_refs+0x190/0x190
[  554.182858][T15035]  ? memset+0x35/0x40
[  554.186677][T15035]  ? bpf_probe_read_user+0x67/0x70
[  554.191623][T15035]  dump_stack+0x15/0x20
[  554.195612][T15035]  should_fail+0x3c6/0x510
[  554.199873][T15035]  __should_failslab+0xa4/0xe0
[  554.204470][T15035]  ? __alloc_skb+0xbe/0x550
[  554.208805][T15035]  should_failslab+0x9/0x20
[  554.213148][T15035]  slab_pre_alloc_hook+0x37/0xd0
[  554.218106][T15035]  ? __alloc_skb+0xbe/0x550
[  554.222442][T15035]  kmem_cache_alloc+0x44/0x200
[  554.227044][T15035]  __alloc_skb+0xbe/0x550
[  554.231303][T15035]  tipc_msg_create+0x4c/0x530
[  554.235812][T15035]  tipc_sk_send_ack+0x119/0x630
[  554.240585][T15035]  ? tsk_advance_rx_queue+0x10a/0x260
[  554.245792][T15035]  tipc_recvmsg+0xc88/0x13b0
[  554.250224][T15035]  ? tipc_send_packet+0xa0/0xa0
[  554.255035][T15035]  ? security_socket_recvmsg+0x87/0xb0
[  554.260408][T15035]  ? tipc_send_packet+0xa0/0xa0
[  554.265216][T15035]  ____sys_recvmsg+0x286/0x530
[  554.269948][T15035]  ? __sys_recvmsg_sock+0x50/0x50
[  554.274823][T15035]  ? import_iovec+0xe5/0x120
[  554.279373][T15035]  ___sys_recvmsg+0x1ec/0x690
[  554.284022][T15035]  ? __sys_recvmsg+0x260/0x260
[  554.288660][T15035]  ? __fdget+0x1bc/0x240
[  554.292820][T15035]  __x64_sys_recvmsg+0x1dc/0x2b0
[  554.297619][T15035]  ? ___sys_recvmsg+0x690/0x690
[  554.302283][T15035]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  554.308383][T15035]  ? exit_to_user_mode_prepare+0x39/0xa0
[  554.314087][T15035]  x64_sys_call+0x171/0x9a0
[  554.318507][T15035]  do_syscall_64+0x3b/0xb0
[  554.323069][T15035]  ? clear_bhb_loop+0x35/0x90
[  554.327670][T15035]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  554.333390][T15035] RIP: 0033:0x7f0c5cb9fef9
[  554.337752][T15035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.357388][T15035] RSP: 002b:00007f0c5b819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  554.366015][T15035] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9fef9
[  554.373889][T15035] RDX: 0000000000000000 RSI: 0000000020000900 RDI: 0000000000000007
[  554.382050][T15035] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  554.390135][T15035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.397930][T15035] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  554.405999][T15035]  </TASK>
[  554.501623][T15048] FAULT_INJECTION: forcing a failure.
[  554.501623][T15048] name failslab, interval 1, probability 0, space 0, times 0
[  554.514136][T15048] CPU: 0 PID: 15048 Comm: syz.3.5255 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  554.523992][T15048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  554.533983][T15048] Call Trace:
[  554.537110][T15048]  <TASK>
[  554.539951][T15048]  dump_stack_lvl+0x151/0x1c0
[  554.544606][T15048]  ? io_uring_drop_tctx_refs+0x190/0x190
[  554.550728][T15048]  dump_stack+0x15/0x20
[  554.555234][T15048]  should_fail+0x3c6/0x510
[  554.559486][T15048]  __should_failslab+0xa4/0xe0
[  554.564359][T15048]  ? radix_tree_node_alloc+0x80/0x3c0
[  554.569565][T15048]  should_failslab+0x9/0x20
[  554.573993][T15048]  slab_pre_alloc_hook+0x37/0xd0
[  554.578770][T15048]  ? radix_tree_node_alloc+0x80/0x3c0
[  554.583975][T15048]  kmem_cache_alloc+0x44/0x200
[  554.588573][T15048]  ? tipc_group_create+0x420/0x660
[  554.593535][T15048]  radix_tree_node_alloc+0x80/0x3c0
[  554.598645][T15048]  idr_get_free+0x2b6/0xa90
[  554.603175][T15048]  idr_alloc+0x1a0/0x2f0
[  554.607582][T15048]  ? idr_alloc_u32+0x320/0x320
[  554.612182][T15048]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  554.617092][T15048]  ? kmem_cache_alloc_trace+0x115/0x210
[  554.622423][T15048]  ? tipc_conn_alloc+0x5a/0x460
[  554.627385][T15048]  tipc_conn_alloc+0x286/0x460
[  554.632187][T15048]  tipc_topsrv_kern_subscr+0x1f6/0x490
[  554.637784][T15048]  ? conn_put+0x310/0x310
[  554.642124][T15048]  ? __kasan_kmalloc+0x9/0x10
[  554.646640][T15048]  ? kmem_cache_alloc_trace+0x115/0x210
[  554.652055][T15048]  ? tipc_group_create+0x9c/0x660
[  554.657005][T15048]  tipc_group_create+0x420/0x660
[  554.661866][T15048]  tipc_sk_join+0x22f/0x8a0
[  554.666361][T15048]  ? __tipc_sendstream+0x1310/0x1310
[  554.672281][T15048]  ? selinux_socket_setsockopt+0x260/0x360
[  554.678176][T15048]  ? __kasan_check_write+0x14/0x20
[  554.683364][T15048]  ? _copy_from_user+0x96/0xd0
[  554.688043][T15048]  tipc_setsockopt+0x794/0xb80
[  554.692741][T15048]  ? tipc_shutdown+0x400/0x400
[  554.697427][T15048]  ? security_socket_setsockopt+0x82/0xb0
[  554.703263][T15048]  ? tipc_shutdown+0x400/0x400
[  554.708208][T15048]  __sys_setsockopt+0x4dc/0x840
[  554.713420][T15048]  ? __ia32_sys_recv+0xb0/0xb0
[  554.718316][T15048]  ? debug_smp_processor_id+0x17/0x20
[  554.723488][T15048]  __x64_sys_setsockopt+0xbf/0xd0
[  554.728351][T15048]  x64_sys_call+0x1a2/0x9a0
[  554.732894][T15048]  do_syscall_64+0x3b/0xb0
[  554.737236][T15048]  ? clear_bhb_loop+0x35/0x90
[  554.741741][T15048]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  554.747466][T15048] RIP: 0033:0x7f98c803fef9
[  554.751846][T15048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.771582][T15048] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  554.779826][T15048] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  554.787637][T15048] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000009
[  554.795536][T15048] RBP: 00007f98c6cb9090 R08: 00000000000004bd R09: 0000000000000000
[  554.803341][T15048] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  554.811155][T15048] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  554.818975][T15048]  </TASK>
[  556.590856][T15108] FAULT_INJECTION: forcing a failure.
[  556.590856][T15108] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.615372][T15108] CPU: 0 PID: 15108 Comm: syz.3.5278 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  556.625374][T15108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  556.636184][T15108] Call Trace:
[  556.639826][T15108]  <TASK>
[  556.642807][T15108]  dump_stack_lvl+0x151/0x1c0
[  556.647296][T15108]  ? io_uring_drop_tctx_refs+0x190/0x190
[  556.652923][T15108]  ? kstrtouint_from_user+0x20a/0x2a0
[  556.658967][T15108]  dump_stack+0x15/0x20
[  556.663033][T15108]  should_fail+0x3c6/0x510
[  556.667311][T15108]  should_fail_usercopy+0x1a/0x20
[  556.672486][T15108]  _copy_to_user+0x20/0x90
[  556.677038][T15108]  simple_read_from_buffer+0xc7/0x150
[  556.682516][T15108]  proc_fail_nth_read+0x1a3/0x210
[  556.687399][T15108]  ? proc_fault_inject_write+0x390/0x390
[  556.692957][T15108]  ? fsnotify_perm+0x470/0x5d0
[  556.697729][T15108]  ? security_file_permission+0x86/0xb0
[  556.703196][T15108]  ? proc_fault_inject_write+0x390/0x390
[  556.708845][T15108]  vfs_read+0x27d/0xd40
[  556.712924][T15108]  ? kernel_read+0x1f0/0x1f0
[  556.717408][T15108]  ? __kasan_check_write+0x14/0x20
[  556.722524][T15108]  ? mutex_lock+0xb6/0x1e0
[  556.726860][T15108]  ? wait_for_completion_killable_timeout+0x10/0x10
[  556.733283][T15108]  ? __fdget_pos+0x2e7/0x3a0
[  556.737717][T15108]  ? ksys_read+0x77/0x2c0
[  556.741985][T15108]  ksys_read+0x199/0x2c0
[  556.746147][T15108]  ? vfs_write+0x1110/0x1110
[  556.750577][T15108]  ? debug_smp_processor_id+0x17/0x20
[  556.755868][T15108]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  556.762053][T15108]  __x64_sys_read+0x7b/0x90
[  556.766470][T15108]  x64_sys_call+0x28/0x9a0
[  556.770752][T15108]  do_syscall_64+0x3b/0xb0
[  556.774980][T15108]  ? clear_bhb_loop+0x35/0x90
[  556.779576][T15108]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  556.785440][T15108] RIP: 0033:0x7f98c803e93c
[  556.789743][T15108] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  556.810171][T15108] RSP: 002b:00007f98c6cb9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  556.818728][T15108] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803e93c
[  556.826704][T15108] RDX: 000000000000000f RSI: 00007f98c6cb90a0 RDI: 0000000000000007
[  556.834601][T15108] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  556.842679][T15108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.850656][T15108] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  556.858492][T15108]  </TASK>
[  559.176098][T15141] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.183231][T15141] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.190371][T15141] device bridge_slave_0 entered promiscuous mode
[  559.197592][T15141] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.204955][T15141] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.212425][T15141] device bridge_slave_1 entered promiscuous mode
[  559.432683][T15162] device sit0 left promiscuous mode
[  559.561558][T15141] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.568598][T15141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.575974][T15141] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.582938][T15141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.696409][T15163] device sit0 entered promiscuous mode
[  560.195752][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[  560.204425][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  560.263251][T15170] device sit0 left promiscuous mode
[  560.332001][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  560.339692][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  560.349267][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  560.358685][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  560.367075][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[  560.374412][  T312] bridge0: port 1(bridge_slave_0) entered forwarding state
[  560.382083][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  560.391145][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  560.399843][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[  560.406833][  T312] bridge0: port 2(bridge_slave_1) entered forwarding state
[  560.415146][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  560.424508][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  560.436695][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  560.444935][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  560.489724][T15170] device sit0 entered promiscuous mode
[  560.785862][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  560.822543][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  560.831121][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  560.870883][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  560.881239][T15141] device veth0_vlan entered promiscuous mode
[  560.889219][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  560.897109][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  561.051040][T15141] device veth1_macvtap entered promiscuous mode
[  561.166780][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  561.175434][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  561.183817][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  561.191300][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  561.199735][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  561.208600][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  561.216783][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  562.951538][T15200] device sit0 left promiscuous mode
[  562.966449][T15202] device sit0 entered promiscuous mode
[  569.758971][T15319] FAULT_INJECTION: forcing a failure.
[  569.758971][T15319] name failslab, interval 1, probability 0, space 0, times 0
[  569.771809][T15319] CPU: 1 PID: 15319 Comm: syz.4.5345 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  569.781559][T15319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  569.791453][T15319] Call Trace:
[  569.794671][T15319]  <TASK>
[  569.797440][T15319]  dump_stack_lvl+0x151/0x1c0
[  569.801956][T15319]  ? io_uring_drop_tctx_refs+0x190/0x190
[  569.807445][T15319]  ? arch_stack_walk+0x101/0x140
[  569.812196][T15319]  dump_stack+0x15/0x20
[  569.816194][T15319]  should_fail+0x3c6/0x510
[  569.820631][T15319]  __should_failslab+0xa4/0xe0
[  569.825225][T15319]  ? dst_alloc+0x164/0x1e0
[  569.829471][T15319]  should_failslab+0x9/0x20
[  569.833879][T15319]  slab_pre_alloc_hook+0x37/0xd0
[  569.838673][T15319]  ? dst_alloc+0x164/0x1e0
[  569.842946][T15319]  kmem_cache_alloc+0x44/0x200
[  569.847742][T15319]  ? ipv6_sysctl_rtcache_flush+0x120/0x120
[  569.853381][T15319]  dst_alloc+0x164/0x1e0
[  569.857462][T15319]  ip6_pol_route+0xc2a/0x14b0
[  569.861973][T15319]  ? sock_alloc_send_pskb+0x915/0xa50
[  569.867184][T15319]  ? fib6_table_lookup+0xaf0/0xaf0
[  569.872307][T15319]  ? _raw_spin_unlock+0x4d/0x70
[  569.877338][T15319]  ip6_pol_route_input+0x55/0x80
[  569.882197][T15319]  fib6_rule_lookup+0x25a/0x620
[  569.886890][T15319]  ? fault_around_bytes_set+0xc0/0xc0
[  569.892187][T15319]  ? ip6_route_input_lookup+0xd0/0xd0
[  569.897389][T15319]  ? fib6_lookup+0x3f0/0x3f0
[  569.901815][T15319]  ? __local_bh_enable_ip+0x58/0x80
[  569.907130][T15319]  ? local_bh_enable+0x1f/0x30
[  569.911792][T15319]  ? ip6t_do_table+0x1662/0x1850
[  569.916571][T15319]  ? ip6_route_input+0x245/0xb60
[  569.921522][T15319]  ? __ipv6_addr_type+0x244/0x2f0
[  569.926464][T15319]  ip6_route_input+0x724/0xb60
[  569.931327][T15319]  ? ip6_multipath_l3_keys+0x610/0x610
[  569.936809][T15319]  ? sk_setup_caps+0x430/0x430
[  569.941587][T15319]  ip6_rcv_finish+0x150/0x350
[  569.946183][T15319]  ipv6_rcv+0xeb/0x270
[  569.950080][T15319]  ? ip6_rcv_finish+0x350/0x350
[  569.954772][T15319]  ? refcount_add+0x80/0x80
[  569.959112][T15319]  ? ip6_rcv_finish+0x350/0x350
[  569.963945][T15319]  __netif_receive_skb+0x1c6/0x530
[  569.968849][T15319]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  569.974224][T15319]  ? _copy_from_iter+0x1c1/0xdc0
[  569.978993][T15319]  netif_receive_skb+0xb0/0x480
[  569.983668][T15319]  ? netif_receive_skb_core+0x210/0x210
[  569.989226][T15319]  tun_rx_batched+0x6d9/0x870
[  569.993825][T15319]  ? eth_type_trans+0x2e4/0x620
[  569.998515][T15319]  ? local_bh_enable+0x30/0x30
[  570.003292][T15319]  tun_get_user+0x2cb7/0x3aa0
[  570.007801][T15319]  ? _kstrtoull+0x3a0/0x4a0
[  570.012140][T15319]  ? tun_do_read+0x2010/0x2010
[  570.016742][T15319]  ? kstrtouint_from_user+0x20a/0x2a0
[  570.021966][T15319]  ? kstrtol_from_user+0x310/0x310
[  570.027328][T15319]  ? avc_policy_seqno+0x1b/0x70
[  570.032527][T15319]  ? selinux_file_permission+0x2c4/0x570
[  570.038238][T15319]  tun_chr_write_iter+0x1e1/0x2e0
[  570.043716][T15319]  vfs_write+0xd5d/0x1110
[  570.048108][T15319]  ? file_end_write+0x1c0/0x1c0
[  570.053061][T15319]  ? __fdget_pos+0x209/0x3a0
[  570.057733][T15319]  ? ksys_write+0x77/0x2c0
[  570.062364][T15319]  ksys_write+0x199/0x2c0
[  570.066616][T15319]  ? __ia32_sys_read+0x90/0x90
[  570.071335][T15319]  ? debug_smp_processor_id+0x17/0x20
[  570.076599][T15319]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  570.082765][T15319]  __x64_sys_write+0x7b/0x90
[  570.087368][T15319]  x64_sys_call+0x2f/0x9a0
[  570.091710][T15319]  do_syscall_64+0x3b/0xb0
[  570.096142][T15319]  ? clear_bhb_loop+0x35/0x90
[  570.100741][T15319]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  570.106654][T15319] RIP: 0033:0x7f8a611bfef9
[  570.111001][T15319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.131389][T15319] RSP: 002b:00007f8a5fe39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  570.139653][T15319] RAX: ffffffffffffffda RBX: 00007f8a61377f80 RCX: 00007f8a611bfef9
[  570.147713][T15319] RDX: 000000000000fdef RSI: 0000000020000200 RDI: 00000000000000c8
[  570.155702][T15319] RBP: 00007f8a5fe39090 R08: 0000000000000000 R09: 0000000000000000
[  570.163503][T15319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.171341][T15319] R13: 0000000000000000 R14: 00007f8a61377f80 R15: 00007fff4230d5e8
[  570.179364][T15319]  </TASK>
[  575.960738][T15457] FAULT_INJECTION: forcing a failure.
[  575.960738][T15457] name failslab, interval 1, probability 0, space 0, times 0
[  576.033142][T15457] CPU: 0 PID: 15457 Comm: syz.1.5393 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  576.043255][T15457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  576.053224][T15457] Call Trace:
[  576.056666][T15457]  <TASK>
[  576.059514][T15457]  dump_stack_lvl+0x151/0x1c0
[  576.064352][T15457]  ? io_uring_drop_tctx_refs+0x190/0x190
[  576.069994][T15457]  dump_stack+0x15/0x20
[  576.074065][T15457]  should_fail+0x3c6/0x510
[  576.078489][T15457]  __should_failslab+0xa4/0xe0
[  576.083286][T15457]  ? security_file_alloc+0x29/0x120
[  576.088306][T15457]  should_failslab+0x9/0x20
[  576.092733][T15457]  slab_pre_alloc_hook+0x37/0xd0
[  576.097509][T15457]  ? security_file_alloc+0x29/0x120
[  576.102543][T15457]  kmem_cache_alloc+0x44/0x200
[  576.107145][T15457]  security_file_alloc+0x29/0x120
[  576.112003][T15457]  __alloc_file+0xb2/0x2a0
[  576.116348][T15457]  alloc_empty_file+0x95/0x180
[  576.120950][T15457]  path_openat+0xfe/0x2f40
[  576.125390][T15457]  ? __stack_depot_save+0x15f/0x470
[  576.130773][T15457]  ? __kasan_slab_alloc+0xc3/0xe0
[  576.135721][T15457]  ? __kasan_slab_alloc+0xb1/0xe0
[  576.140665][T15457]  ? slab_post_alloc_hook+0x53/0x2c0
[  576.145956][T15457]  ? kmem_cache_alloc+0xf5/0x200
[  576.150737][T15457]  ? getname_flags+0xba/0x520
[  576.155246][T15457]  ? getname+0x19/0x20
[  576.159156][T15457]  ? do_sys_openat2+0xd7/0x830
[  576.163924][T15457]  ? __x64_sys_openat+0x243/0x290
[  576.168784][T15457]  ? x64_sys_call+0x6bf/0x9a0
[  576.173308][T15457]  ? do_syscall_64+0x3b/0xb0
[  576.177816][T15457]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  576.184069][T15457]  ? do_filp_open+0x460/0x460
[  576.188574][T15457]  ? irqentry_exit+0x30/0x40
[  576.193083][T15457]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  576.198728][T15457]  do_filp_open+0x21c/0x460
[  576.203066][T15457]  ? vfs_tmpfile+0x2c0/0x2c0
[  576.207503][T15457]  do_sys_openat2+0x13f/0x830
[  576.212118][T15457]  ? wait_for_completion_killable_timeout+0x10/0x10
[  576.218707][T15457]  ? __mutex_lock_slowpath+0x10/0x10
[  576.223828][T15457]  ? do_sys_open+0x220/0x220
[  576.228432][T15457]  ? __kasan_check_write+0x14/0x20
[  576.233374][T15457]  __x64_sys_openat+0x243/0x290
[  576.238063][T15457]  ? __ia32_sys_open+0x270/0x270
[  576.242843][T15457]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  576.248645][T15457]  x64_sys_call+0x6bf/0x9a0
[  576.252995][T15457]  do_syscall_64+0x3b/0xb0
[  576.257237][T15457]  ? clear_bhb_loop+0x35/0x90
[  576.262018][T15457]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  576.267749][T15457] RIP: 0033:0x7f99ecb18ef9
[  576.272118][T15457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.292002][T15457] RSP: 002b:00007f99eb771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  576.300238][T15457] RAX: ffffffffffffffda RBX: 00007f99eccd1058 RCX: 00007f99ecb18ef9
[  576.308133][T15457] RDX: 000000000000275a RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  576.315959][T15457] RBP: 00007f99eb771090 R08: 0000000000000000 R09: 0000000000000000
[  576.323852][T15457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.331927][T15457] R13: 0000000000000000 R14: 00007f99eccd1058 R15: 00007ffe14c6a6e8
[  576.339842][T15457]  </TASK>
[  576.953073][T15480] FAULT_INJECTION: forcing a failure.
[  576.953073][T15480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  576.969671][T15480] CPU: 0 PID: 15480 Comm: syz.2.5401 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  576.979500][T15480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  576.989395][T15480] Call Trace:
[  576.992511][T15480]  <TASK>
[  576.995292][T15480]  dump_stack_lvl+0x151/0x1c0
[  576.999898][T15480]  ? io_uring_drop_tctx_refs+0x190/0x190
[  577.005536][T15480]  ? kstrtouint_from_user+0x20a/0x2a0
[  577.010752][T15480]  dump_stack+0x15/0x20
[  577.014936][T15480]  should_fail+0x3c6/0x510
[  577.019196][T15480]  should_fail_usercopy+0x1a/0x20
[  577.024542][T15480]  _copy_to_user+0x20/0x90
[  577.029220][T15480]  simple_read_from_buffer+0xc7/0x150
[  577.034530][T15480]  proc_fail_nth_read+0x1a3/0x210
[  577.039640][T15480]  ? proc_fault_inject_write+0x390/0x390
[  577.045203][T15480]  ? fsnotify_perm+0x470/0x5d0
[  577.049887][T15480]  ? security_file_permission+0x86/0xb0
[  577.055885][T15480]  ? proc_fault_inject_write+0x390/0x390
[  577.061426][T15480]  vfs_read+0x27d/0xd40
[  577.065420][T15480]  ? kernel_read+0x1f0/0x1f0
[  577.070035][T15480]  ? __kasan_check_write+0x14/0x20
[  577.074976][T15480]  ? mutex_lock+0xb6/0x1e0
[  577.079612][T15480]  ? wait_for_completion_killable_timeout+0x10/0x10
[  577.086205][T15480]  ? __fdget_pos+0x2e7/0x3a0
[  577.090714][T15480]  ? ksys_read+0x77/0x2c0
[  577.094979][T15480]  ksys_read+0x199/0x2c0
[  577.099136][T15480]  ? vfs_write+0x1110/0x1110
[  577.103562][T15480]  ? debug_smp_processor_id+0x17/0x20
[  577.108766][T15480]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  577.114877][T15480]  __x64_sys_read+0x7b/0x90
[  577.119317][T15480]  x64_sys_call+0x28/0x9a0
[  577.123555][T15480]  do_syscall_64+0x3b/0xb0
[  577.128144][T15480]  ? clear_bhb_loop+0x35/0x90
[  577.132776][T15480]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  577.138501][T15480] RIP: 0033:0x7f1d6f18493c
[  577.142838][T15480] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  577.162276][T15480] RSP: 002b:00007f1d6ddff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  577.170538][T15480] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f18493c
[  577.178697][T15480] RDX: 000000000000000f RSI: 00007f1d6ddff0a0 RDI: 0000000000000005
[  577.186872][T15480] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  577.194773][T15480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  577.202758][T15480] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  577.210575][T15480]  </TASK>
[  578.597764][T15517] FAULT_INJECTION: forcing a failure.
[  578.597764][T15517] name failslab, interval 1, probability 0, space 0, times 0
[  578.753253][T15517] CPU: 1 PID: 15517 Comm: syz.0.5414 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  578.763088][T15517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  578.772992][T15517] Call Trace:
[  578.776107][T15517]  <TASK>
[  578.778890][T15517]  dump_stack_lvl+0x151/0x1c0
[  578.783554][T15517]  ? io_uring_drop_tctx_refs+0x190/0x190
[  578.789206][T15517]  dump_stack+0x15/0x20
[  578.793382][T15517]  should_fail+0x3c6/0x510
[  578.797790][T15517]  __should_failslab+0xa4/0xe0
[  578.802466][T15517]  should_failslab+0x9/0x20
[  578.806817][T15517]  slab_pre_alloc_hook+0x37/0xd0
[  578.811751][T15517]  __kmalloc+0x6d/0x270
[  578.815744][T15517]  ? sk_prot_alloc+0xf9/0x330
[  578.820521][T15517]  sk_prot_alloc+0xf9/0x330
[  578.825570][T15517]  ? _copy_from_user+0x96/0xd0
[  578.830166][T15517]  sk_alloc+0x38/0x430
[  578.834077][T15517]  bpf_prog_test_run_skb+0x362/0x1420
[  578.839282][T15517]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  578.845111][T15517]  ? __kasan_check_write+0x14/0x20
[  578.850140][T15517]  ? fput_many+0x160/0x1b0
[  578.854653][T15517]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  578.860478][T15517]  bpf_prog_test_run+0x3b0/0x630
[  578.865242][T15517]  ? bpf_prog_query+0x220/0x220
[  578.869928][T15517]  ? selinux_bpf+0xd2/0x100
[  578.874443][T15517]  ? security_bpf+0x82/0xb0
[  578.878789][T15517]  __sys_bpf+0x525/0x760
[  578.882862][T15517]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  578.888075][T15517]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  578.894191][T15517]  __x64_sys_bpf+0x7c/0x90
[  578.898419][T15517]  x64_sys_call+0x87f/0x9a0
[  578.902750][T15517]  do_syscall_64+0x3b/0xb0
[  578.906991][T15517]  ? clear_bhb_loop+0x35/0x90
[  578.911514][T15517]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  578.917351][T15517] RIP: 0033:0x7f0c5cb9fef9
[  578.921611][T15517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.941487][T15517] RSP: 002b:00007f0c5b819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  578.949724][T15517] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9fef9
[  578.957539][T15517] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  578.965358][T15517] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  578.973160][T15517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.981061][T15517] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  578.988886][T15517]  </TASK>
[  579.371345][T15536] device syzkaller0 entered promiscuous mode
[  579.636844][T15545] FAULT_INJECTION: forcing a failure.
[  579.636844][T15545] name failslab, interval 1, probability 0, space 0, times 0
[  579.650077][T15545] CPU: 1 PID: 15545 Comm: syz.3.5423 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  579.660177][T15545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  579.670140][T15545] Call Trace:
[  579.673268][T15545]  <TASK>
[  579.676346][T15545]  dump_stack_lvl+0x151/0x1c0
[  579.681230][T15545]  ? io_uring_drop_tctx_refs+0x190/0x190
[  579.686677][T15545]  dump_stack+0x15/0x20
[  579.690665][T15545]  should_fail+0x3c6/0x510
[  579.694946][T15545]  __should_failslab+0xa4/0xe0
[  579.699572][T15545]  should_failslab+0x9/0x20
[  579.703947][T15545]  slab_pre_alloc_hook+0x37/0xd0
[  579.708821][T15545]  __kmalloc+0x6d/0x270
[  579.712887][T15545]  ? kvmalloc_node+0x1f0/0x4d0
[  579.717502][T15545]  kvmalloc_node+0x1f0/0x4d0
[  579.721917][T15545]  ? vm_mmap+0xb0/0xb0
[  579.725832][T15545]  alloc_netdev_mqs+0x5c4/0xc90
[  579.730509][T15545]  ? vti6_exit_batch_net+0x2a0/0x2a0
[  579.735949][T15545]  ipip6_tunnel_locate+0x46a/0x670
[  579.740969][T15545]  ? prl_list_destroy_rcu+0x60/0x60
[  579.746543][T15545]  ? ns_capable+0x89/0xe0
[  579.750716][T15545]  ipip6_tunnel_ctl+0xca8/0x15c0
[  579.755481][T15545]  ? __kasan_check_write+0x14/0x20
[  579.760443][T15545]  ip_tunnel_siocdevprivate+0x126/0x1c0
[  579.765816][T15545]  ? ip_tunnel_update+0xcc0/0xcc0
[  579.770673][T15545]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  579.777364][T15545]  ipip6_tunnel_siocdevprivate+0x206/0xe90
[  579.783121][T15545]  ? sit_tunnel_xmit+0x2440/0x2440
[  579.788028][T15545]  ? __kasan_check_write+0x14/0x20
[  579.792982][T15545]  ? full_name_hash+0xa0/0xf0
[  579.797490][T15545]  dev_ifsioc+0xc75/0x10c0
[  579.801853][T15545]  ? dev_ioctl+0xe70/0xe70
[  579.806297][T15545]  ? mutex_lock+0x135/0x1e0
[  579.810640][T15545]  ? wait_for_completion_killable_timeout+0x10/0x10
[  579.817251][T15545]  dev_ioctl+0x5f3/0xe70
[  579.821517][T15545]  sock_ioctl+0x665/0x740
[  579.825963][T15545]  ? sock_poll+0x400/0x400
[  579.830221][T15545]  ? security_file_ioctl+0x84/0xb0
[  579.835525][T15545]  ? sock_poll+0x400/0x400
[  579.839845][T15545]  __se_sys_ioctl+0x114/0x190
[  579.844373][T15545]  __x64_sys_ioctl+0x7b/0x90
[  579.848786][T15545]  x64_sys_call+0x98/0x9a0
[  579.853120][T15545]  do_syscall_64+0x3b/0xb0
[  579.857479][T15545]  ? clear_bhb_loop+0x35/0x90
[  579.861974][T15545]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  579.867900][T15545] RIP: 0033:0x7f98c803fef9
[  579.872255][T15545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.891870][T15545] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  579.900098][T15545] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  579.908000][T15545] RDX: 0000000020000080 RSI: 00000000000089f1 RDI: 0000000000000004
[  579.915821][T15545] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  579.923621][T15545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  579.931432][T15545] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  579.939342][T15545]  </TASK>
[  583.555557][   T30] audit: type=1400 audit(1725994611.689:146): avc:  denied  { create } for  pid=15628 comm="syz.4.5451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  584.133978][T15659] FAULT_INJECTION: forcing a failure.
[  584.133978][T15659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  584.177750][T15659] CPU: 1 PID: 15659 Comm: syz.3.5463 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  584.187686][T15659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  584.197700][T15659] Call Trace:
[  584.200822][T15659]  <TASK>
[  584.203605][T15659]  dump_stack_lvl+0x151/0x1c0
[  584.208206][T15659]  ? io_uring_drop_tctx_refs+0x190/0x190
[  584.213669][T15659]  ? bpf_test_run+0x8de/0xa10
[  584.218269][T15659]  dump_stack+0x15/0x20
[  584.222348][T15659]  should_fail+0x3c6/0x510
[  584.226597][T15659]  should_fail_usercopy+0x1a/0x20
[  584.231543][T15659]  _copy_to_user+0x20/0x90
[  584.235952][T15659]  bpf_test_finish+0x265/0x5a0
[  584.240571][T15659]  ? convert_skb_to___skb+0x360/0x360
[  584.245878][T15659]  ? convert_skb_to___skb+0x208/0x360
[  584.251072][T15659]  bpf_prog_test_run_skb+0xd4d/0x1420
[  584.256406][T15659]  ? __kasan_check_write+0x14/0x20
[  584.261351][T15659]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  584.267378][T15659]  ? __kasan_check_write+0x14/0x20
[  584.272310][T15659]  ? fput_many+0x160/0x1b0
[  584.276649][T15659]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  584.282655][T15659]  bpf_prog_test_run+0x3b0/0x630
[  584.287525][T15659]  ? bpf_prog_query+0x220/0x220
[  584.292385][T15659]  ? selinux_bpf+0xd2/0x100
[  584.296819][T15659]  ? security_bpf+0x82/0xb0
[  584.301187][T15659]  __sys_bpf+0x525/0x760
[  584.305318][T15659]  ? fput_many+0x160/0x1b0
[  584.309570][T15659]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  584.314781][T15659]  ? debug_smp_processor_id+0x17/0x20
[  584.320246][T15659]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  584.326154][T15659]  __x64_sys_bpf+0x7c/0x90
[  584.330481][T15659]  x64_sys_call+0x87f/0x9a0
[  584.334839][T15659]  do_syscall_64+0x3b/0xb0
[  584.339381][T15659]  ? clear_bhb_loop+0x35/0x90
[  584.344325][T15659]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  584.350417][T15659] RIP: 0033:0x7f98c803fef9
[  584.354624][T15659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.374972][T15659] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  584.383393][T15659] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  584.391326][T15659] RDX: 000000000000001e RSI: 0000000020000080 RDI: 000000000000000a
[  584.399113][T15659] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  584.407091][T15659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  584.414902][T15659] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  584.422832][T15659]  </TASK>
[  585.283049][   T30] audit: type=1400 audit(1725994613.419:147): avc:  denied  { create } for  pid=15690 comm="syz.2.5473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  586.577091][T15721] device veth0_vlan left promiscuous mode
[  586.602555][T15721] device veth0_vlan entered promiscuous mode
[  588.887561][T15780] device pim6reg1 entered promiscuous mode
[  589.031061][T15789] FAULT_INJECTION: forcing a failure.
[  589.031061][T15789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  589.205196][T15789] CPU: 0 PID: 15789 Comm: syz.0.5504 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  589.215213][T15789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  589.225128][T15789] Call Trace:
[  589.228232][T15789]  <TASK>
[  589.231173][T15789]  dump_stack_lvl+0x151/0x1c0
[  589.235865][T15789]  ? io_uring_drop_tctx_refs+0x190/0x190
[  589.241620][T15789]  dump_stack+0x15/0x20
[  589.245678][T15789]  should_fail+0x3c6/0x510
[  589.250017][T15789]  should_fail_usercopy+0x1a/0x20
[  589.255053][T15789]  _copy_to_user+0x20/0x90
[  589.259317][T15789]  simple_read_from_buffer+0xc7/0x150
[  589.264603][T15789]  proc_fail_nth_read+0x1a3/0x210
[  589.269473][T15789]  ? proc_fault_inject_write+0x390/0x390
[  589.275112][T15789]  ? fsnotify_perm+0x470/0x5d0
[  589.279849][T15789]  ? security_file_permission+0x86/0xb0
[  589.285317][T15789]  ? proc_fault_inject_write+0x390/0x390
[  589.291214][T15789]  vfs_read+0x27d/0xd40
[  589.295372][T15789]  ? kernel_read+0x1f0/0x1f0
[  589.299801][T15789]  ? __kasan_check_write+0x14/0x20
[  589.305041][T15789]  ? mutex_lock+0xb6/0x1e0
[  589.309386][T15789]  ? wait_for_completion_killable_timeout+0x10/0x10
[  589.315894][T15789]  ? __fdget_pos+0x2e7/0x3a0
[  589.320469][T15789]  ? ksys_read+0x77/0x2c0
[  589.324747][T15789]  ksys_read+0x199/0x2c0
[  589.328823][T15789]  ? __blkcg_punt_bio_submit+0x180/0x180
[  589.334382][T15789]  ? vfs_write+0x1110/0x1110
[  589.339041][T15789]  ? debug_smp_processor_id+0x17/0x20
[  589.344496][T15789]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  589.351523][T15789]  __x64_sys_read+0x7b/0x90
[  589.355926][T15789]  x64_sys_call+0x28/0x9a0
[  589.360326][T15789]  do_syscall_64+0x3b/0xb0
[  589.364586][T15789]  ? clear_bhb_loop+0x35/0x90
[  589.369297][T15789]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  589.375005][T15789] RIP: 0033:0x7f0c5cb9e93c
[  589.379433][T15789] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  589.399161][T15789] RSP: 002b:00007f0c5b819030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  589.407505][T15789] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9e93c
[  589.415660][T15789] RDX: 000000000000000f RSI: 00007f0c5b8190a0 RDI: 0000000000000008
[  589.423683][T15789] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  589.431552][T15789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  589.439886][T15789] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  589.447878][T15789]  </TASK>
[  589.818376][T15808] device pim6reg1 entered promiscuous mode
[  593.292848][T15890] FAULT_INJECTION: forcing a failure.
[  593.292848][T15890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  593.403310][T15890] CPU: 1 PID: 15890 Comm: syz.1.5537 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  593.413342][T15890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  593.423748][T15890] Call Trace:
[  593.427159][T15890]  <TASK>
[  593.429921][T15890]  dump_stack_lvl+0x151/0x1c0
[  593.434434][T15890]  ? io_uring_drop_tctx_refs+0x190/0x190
[  593.439932][T15890]  dump_stack+0x15/0x20
[  593.443894][T15890]  should_fail+0x3c6/0x510
[  593.448150][T15890]  should_fail_usercopy+0x1a/0x20
[  593.453113][T15890]  _copy_from_user+0x20/0xd0
[  593.457524][T15890]  __sys_bpf+0x1e9/0x760
[  593.461688][T15890]  ? fput_many+0x160/0x1b0
[  593.466131][T15890]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  593.471507][T15890]  ? debug_smp_processor_id+0x17/0x20
[  593.476877][T15890]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  593.482963][T15890]  __x64_sys_bpf+0x7c/0x90
[  593.487301][T15890]  x64_sys_call+0x87f/0x9a0
[  593.491643][T15890]  do_syscall_64+0x3b/0xb0
[  593.495891][T15890]  ? clear_bhb_loop+0x35/0x90
[  593.500407][T15890]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  593.506486][T15890] RIP: 0033:0x7f99ecb18ef9
[  593.510715][T15890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  593.530458][T15890] RSP: 002b:00007f99eb792038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  593.539649][T15890] RAX: ffffffffffffffda RBX: 00007f99eccd0f80 RCX: 00007f99ecb18ef9
[  593.547894][T15890] RDX: 0000000000000050 RSI: 00000000200009c0 RDI: 0000000000000000
[  593.555711][T15890] RBP: 00007f99eb792090 R08: 0000000000000000 R09: 0000000000000000
[  593.563983][T15890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  593.571868][T15890] R13: 0000000000000000 R14: 00007f99eccd0f80 R15: 00007ffe14c6a6e8
[  593.579779][T15890]  </TASK>
[  594.094698][T15911] tun0: tun_chr_ioctl cmd 1074025675
[  594.100015][T15911] tun0: persist enabled
[  595.300959][T15956] FAULT_INJECTION: forcing a failure.
[  595.300959][T15956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  595.472323][T15956] CPU: 0 PID: 15956 Comm: syz.2.5561 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  595.482240][T15956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  595.492136][T15956] Call Trace:
[  595.495367][T15956]  <TASK>
[  595.498143][T15956]  dump_stack_lvl+0x151/0x1c0
[  595.502779][T15956]  ? io_uring_drop_tctx_refs+0x190/0x190
[  595.508286][T15956]  dump_stack+0x15/0x20
[  595.512359][T15956]  should_fail+0x3c6/0x510
[  595.516612][T15956]  should_fail_usercopy+0x1a/0x20
[  595.521479][T15956]  _copy_to_user+0x20/0x90
[  595.525820][T15956]  simple_read_from_buffer+0xc7/0x150
[  595.531047][T15956]  proc_fail_nth_read+0x1a3/0x210
[  595.535892][T15956]  ? proc_fault_inject_write+0x390/0x390
[  595.541446][T15956]  ? fsnotify_perm+0x470/0x5d0
[  595.546134][T15956]  ? security_file_permission+0x86/0xb0
[  595.551684][T15956]  ? proc_fault_inject_write+0x390/0x390
[  595.557154][T15956]  vfs_read+0x27d/0xd40
[  595.561145][T15956]  ? kernel_read+0x1f0/0x1f0
[  595.565574][T15956]  ? __kasan_check_write+0x14/0x20
[  595.570645][T15956]  ? mutex_lock+0xb6/0x1e0
[  595.574987][T15956]  ? wait_for_completion_killable_timeout+0x10/0x10
[  595.581593][T15956]  ? __fdget_pos+0x2e7/0x3a0
[  595.586008][T15956]  ? ksys_read+0x77/0x2c0
[  595.590175][T15956]  ksys_read+0x199/0x2c0
[  595.594257][T15956]  ? __ia32_sys_recv+0xb0/0xb0
[  595.598864][T15956]  ? vfs_write+0x1110/0x1110
[  595.603279][T15956]  ? debug_smp_processor_id+0x17/0x20
[  595.608485][T15956]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  595.614408][T15956]  __x64_sys_read+0x7b/0x90
[  595.618730][T15956]  x64_sys_call+0x28/0x9a0
[  595.622981][T15956]  do_syscall_64+0x3b/0xb0
[  595.627496][T15956]  ? clear_bhb_loop+0x35/0x90
[  595.632008][T15956]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  595.637910][T15956] RIP: 0033:0x7f1d6f18493c
[  595.642264][T15956] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  595.663215][T15956] RSP: 002b:00007f1d6ddff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  595.672065][T15956] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f18493c
[  595.680471][T15956] RDX: 000000000000000f RSI: 00007f1d6ddff0a0 RDI: 0000000000000006
[  595.688713][T15956] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  595.696566][T15956] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000002
[  595.704468][T15956] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  595.712967][T15956]  </TASK>
[  595.938394][T15972] tun0: tun_chr_ioctl cmd 1074025675
[  595.961955][T15972] tun0: persist enabled
[  596.126350][T15972] tun0: tun_chr_ioctl cmd 1074025675
[  596.133105][T15972] tun0: persist enabled
[  596.678786][   T30] audit: type=1400 audit(1725994624.809:148): avc:  denied  { create } for  pid=15984 comm="syz.3.5569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  597.052739][   T30] audit: type=1400 audit(1725994625.189:149): avc:  denied  { create } for  pid=16000 comm="syz.1.5574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  597.212289][T16010] syz.2.5578[16010] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  597.212375][T16010] syz.2.5578[16010] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  597.357218][T16010] syz.2.5578[16010] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  597.483788][T16010] syz.2.5578[16010] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  598.293088][   T30] audit: type=1400 audit(1725994626.429:150): avc:  denied  { create } for  pid=16031 comm="syz.1.5584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  598.693262][T16073] syz.4.5602[16073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  598.693349][T16073] syz.4.5602[16073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  598.746083][T16081] syz.4.5608[16081] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  598.766033][T16081] syz.4.5608[16081] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  598.984563][T16095] device pim6reg1 entered promiscuous mode
[  599.251147][T16102] -: renamed from syzkaller0
[  599.327417][T16105] syz.1.5618[16105] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  599.327499][T16105] syz.1.5618[16105] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  599.768358][T16132] device pim6reg1 entered promiscuous mode
[  599.788464][T16129] -: renamed from syzkaller0
[  599.876180][T16151] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.988435][T16169] netpci0: tun_chr_ioctl cmd 1074025677
[  599.998653][T16169] netpci0: linktype set to 0
[  600.352675][T16226] device syzkaller0 entered promiscuous mode
[  600.873122][T16303] device syzkaller0 entered promiscuous mode
[  601.329029][T16381] device syzkaller0 entered promiscuous mode
[  601.379030][T16391] device syzkaller0 entered promiscuous mode
[  602.804832][T16447] FAULT_INJECTION: forcing a failure.
[  602.804832][T16447] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  602.841905][T16447] CPU: 1 PID: 16447 Comm: syz.4.5767 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  602.852086][T16447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  602.861970][T16447] Call Trace:
[  602.865275][T16447]  <TASK>
[  602.868141][T16447]  dump_stack_lvl+0x151/0x1c0
[  602.872676][T16447]  ? io_uring_drop_tctx_refs+0x190/0x190
[  602.878308][T16447]  dump_stack+0x15/0x20
[  602.882291][T16447]  should_fail+0x3c6/0x510
[  602.886541][T16447]  should_fail_alloc_page+0x5a/0x80
[  602.891670][T16447]  prepare_alloc_pages+0x15c/0x700
[  602.896617][T16447]  ? __alloc_pages+0x8f0/0x8f0
[  602.901227][T16447]  ? __alloc_pages_bulk+0xe40/0xe40
[  602.906434][T16447]  __alloc_pages+0x18c/0x8f0
[  602.910851][T16447]  ? __x64_sys_bpf+0x7c/0x90
[  602.915734][T16447]  ? prep_new_page+0x110/0x110
[  602.920309][T16447]  ? __kasan_check_write+0x14/0x20
[  602.925256][T16447]  __get_free_pages+0x10/0x30
[  602.929868][T16447]  kasan_populate_vmalloc_pte+0x39/0x130
[  602.935323][T16447]  ? __apply_to_page_range+0x8ca/0xbe0
[  602.940623][T16447]  __apply_to_page_range+0x8dd/0xbe0
[  602.945824][T16447]  ? kasan_populate_vmalloc+0x70/0x70
[  602.951034][T16447]  ? kasan_populate_vmalloc+0x70/0x70
[  602.956414][T16447]  apply_to_page_range+0x3b/0x50
[  602.961198][T16447]  kasan_populate_vmalloc+0x65/0x70
[  602.966306][T16447]  alloc_vmap_area+0x192f/0x1a80
[  602.971083][T16447]  ? vm_map_ram+0xa90/0xa90
[  602.975517][T16447]  ? kmem_cache_alloc_trace+0x115/0x210
[  602.981060][T16447]  ? __get_vm_area_node+0x117/0x360
[  602.986204][T16447]  __get_vm_area_node+0x158/0x360
[  602.991042][T16447]  __vmalloc_node_range+0xe2/0x8d0
[  602.996001][T16447]  ? sock_hash_alloc+0x2bf/0x560
[  603.000765][T16447]  bpf_map_area_alloc+0xd9/0xf0
[  603.005449][T16447]  ? sock_hash_alloc+0x2bf/0x560
[  603.010339][T16447]  sock_hash_alloc+0x2bf/0x560
[  603.015032][T16447]  map_create+0x411/0x2050
[  603.019717][T16447]  __sys_bpf+0x296/0x760
[  603.023793][T16447]  ? fput_many+0x160/0x1b0
[  603.028235][T16447]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  603.033450][T16447]  ? debug_smp_processor_id+0x17/0x20
[  603.038741][T16447]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  603.044731][T16447]  __x64_sys_bpf+0x7c/0x90
[  603.049186][T16447]  x64_sys_call+0x87f/0x9a0
[  603.053527][T16447]  do_syscall_64+0x3b/0xb0
[  603.057862][T16447]  ? clear_bhb_loop+0x35/0x90
[  603.062372][T16447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  603.068188][T16447] RIP: 0033:0x7f8a611bfef9
[  603.072446][T16447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  603.091977][T16447] RSP: 002b:00007f8a5fe39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  603.100218][T16447] RAX: ffffffffffffffda RBX: 00007f8a61377f80 RCX: 00007f8a611bfef9
[  603.108032][T16447] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 0000000000000000
[  603.116189][T16447] RBP: 00007f8a5fe39090 R08: 0000000000000000 R09: 0000000000000000
[  603.124184][T16447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  603.132079][T16447] R13: 0000000000000000 R14: 00007f8a61377f80 R15: 00007fff4230d5e8
[  603.139996][T16447]  </TASK>
[  605.219766][T16514] device syzkaller0 entered promiscuous mode
[  605.725995][T16522] device syzkaller0 entered promiscuous mode
[  606.676744][T16562] device syzkaller0 entered promiscuous mode
[  609.189157][T16648] FAULT_INJECTION: forcing a failure.
[  609.189157][T16648] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  609.317065][T16648] CPU: 1 PID: 16648 Comm: syz.1.5833 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  609.327469][T16648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  609.337690][T16648] Call Trace:
[  609.340813][T16648]  <TASK>
[  609.343608][T16648]  dump_stack_lvl+0x151/0x1c0
[  609.348466][T16648]  ? io_uring_drop_tctx_refs+0x190/0x190
[  609.354012][T16648]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  609.359688][T16648]  dump_stack+0x15/0x20
[  609.363644][T16648]  should_fail+0x3c6/0x510
[  609.367896][T16648]  should_fail_alloc_page+0x5a/0x80
[  609.372959][T16648]  prepare_alloc_pages+0x15c/0x700
[  609.377877][T16648]  ? __alloc_pages_bulk+0xe40/0xe40
[  609.383091][T16648]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  609.389088][T16648]  __alloc_pages+0x18c/0x8f0
[  609.393625][T16648]  ? prep_new_page+0x110/0x110
[  609.398283][T16648]  ? __kasan_check_write+0x14/0x20
[  609.403320][T16648]  __get_free_pages+0x10/0x30
[  609.407921][T16648]  kasan_populate_vmalloc_pte+0x39/0x130
[  609.413483][T16648]  ? __apply_to_page_range+0x8ca/0xbe0
[  609.418766][T16648]  __apply_to_page_range+0x8dd/0xbe0
[  609.423978][T16648]  ? kasan_populate_vmalloc+0x70/0x70
[  609.429277][T16648]  ? kasan_populate_vmalloc+0x70/0x70
[  609.434666][T16648]  apply_to_page_range+0x3b/0x50
[  609.439443][T16648]  kasan_populate_vmalloc+0x65/0x70
[  609.444492][T16648]  alloc_vmap_area+0x192f/0x1a80
[  609.449345][T16648]  ? vm_map_ram+0xa90/0xa90
[  609.453679][T16648]  ? __kasan_kmalloc+0x9/0x10
[  609.458630][T16648]  ? kmem_cache_alloc_trace+0x115/0x210
[  609.464024][T16648]  __get_vm_area_node+0x158/0x360
[  609.468961][T16648]  __vmalloc_node_range+0xe2/0x8d0
[  609.473905][T16648]  ? reuseport_array_alloc+0xc3/0x160
[  609.479114][T16648]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  609.485309][T16648]  ? cap_capable+0x1d2/0x270
[  609.489716][T16648]  bpf_map_area_alloc+0xd9/0xf0
[  609.494494][T16648]  ? reuseport_array_alloc+0xc3/0x160
[  609.499707][T16648]  reuseport_array_alloc+0xc3/0x160
[  609.504780][T16648]  map_create+0x411/0x2050
[  609.509112][T16648]  __sys_bpf+0x296/0x760
[  609.513364][T16648]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  609.518663][T16648]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  609.524790][T16648]  __x64_sys_bpf+0x7c/0x90
[  609.529214][T16648]  x64_sys_call+0x87f/0x9a0
[  609.533554][T16648]  do_syscall_64+0x3b/0xb0
[  609.537890][T16648]  ? clear_bhb_loop+0x35/0x90
[  609.542410][T16648]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  609.548135][T16648] RIP: 0033:0x7f99ecb18ef9
[  609.552383][T16648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  609.572187][T16648] RSP: 002b:00007f99eb792038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  609.580414][T16648] RAX: ffffffffffffffda RBX: 00007f99eccd0f80 RCX: 00007f99ecb18ef9
[  609.588382][T16648] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000000
[  609.596999][T16648] RBP: 00007f99eb792090 R08: 0000000000000000 R09: 0000000000000000
[  609.604844][T16648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  609.612644][T16648] R13: 0000000000000000 R14: 00007f99eccd0f80 R15: 00007ffe14c6a6e8
[  609.620732][T16648]  </TASK>
[  614.824780][T16788] bpf_get_probe_write_proto: 2 callbacks suppressed
[  614.824815][T16788] syz.1.5879[16788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  614.864049][T16788] syz.1.5879[16788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  615.050333][T16788] bridge0: port 2(bridge_slave_1) entered disabled state
[  615.068984][T16788] bridge0: port 1(bridge_slave_0) entered disabled state
[  615.679520][T16794] device syzkaller0 entered promiscuous mode
[  616.347209][T16796] bridge0: port 1(bridge_slave_0) entered blocking state
[  616.388490][T16796] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.404917][T16796] device bridge_slave_0 entered promiscuous mode
[  616.492977][T16796] bridge0: port 2(bridge_slave_1) entered blocking state
[  616.515252][T16796] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.523716][T16796] device bridge_slave_1 entered promiscuous mode
[  616.563056][T16817] device pim6reg1 entered promiscuous mode
[  616.898015][T12906] device bridge_slave_1 left promiscuous mode
[  616.909803][T12906] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.945409][T12906] device bridge_slave_0 left promiscuous mode
[  616.956705][T12906] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.968092][T12906] device veth1_macvtap left promiscuous mode
[  616.997715][T12906] device veth0_vlan left promiscuous mode
[  617.588293][T16835] FAULT_INJECTION: forcing a failure.
[  617.588293][T16835] name failslab, interval 1, probability 0, space 0, times 0
[  617.612878][T16835] CPU: 0 PID: 16835 Comm: syz.3.5894 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  617.623520][T16835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  617.633815][T16835] Call Trace:
[  617.636933][T16835]  <TASK>
[  617.639856][T16835]  dump_stack_lvl+0x151/0x1c0
[  617.645251][T16835]  ? io_uring_drop_tctx_refs+0x190/0x190
[  617.650965][T16835]  ? dev_queue_xmit+0x20/0x20
[  617.655467][T16835]  dump_stack+0x15/0x20
[  617.659815][T16835]  should_fail+0x3c6/0x510
[  617.664242][T16835]  __should_failslab+0xa4/0xe0
[  617.669113][T16835]  ? skb_clone+0x1d1/0x360
[  617.673535][T16835]  should_failslab+0x9/0x20
[  617.678569][T16835]  slab_pre_alloc_hook+0x37/0xd0
[  617.683690][T16835]  ? skb_clone+0x1d1/0x360
[  617.688692][T16835]  kmem_cache_alloc+0x44/0x200
[  617.693412][T16835]  skb_clone+0x1d1/0x360
[  617.697888][T16835]  bpf_clone_redirect+0xa6/0x390
[  617.703067][T16835]  bpf_prog_64e505a7b7f97a05+0x55/0x22c
[  617.708609][T16835]  ? trace_event_raw_event_swiotlb_bounced+0x320/0x480
[  617.715421][T16835]  ? __stack_depot_save+0x34/0x470
[  617.720412][T16835]  ? __kasan_slab_alloc+0xc3/0xe0
[  617.725270][T16835]  ? __kasan_slab_alloc+0xb1/0xe0
[  617.730249][T16835]  ? slab_post_alloc_hook+0x53/0x2c0
[  617.735394][T16835]  ? kmem_cache_alloc+0xf5/0x200
[  617.740232][T16835]  ? __build_skb+0x2a/0x300
[  617.744911][T16835]  ? build_skb+0x25/0x1f0
[  617.749750][T16835]  ? bpf_prog_test_run_skb+0x38e/0x1420
[  617.755237][T16835]  ? bpf_prog_test_run+0x3b0/0x630
[  617.760187][T16835]  ? __sys_bpf+0x525/0x760
[  617.764482][T16835]  ? __x64_sys_bpf+0x7c/0x90
[  617.768955][T16835]  ? x64_sys_call+0x87f/0x9a0
[  617.773557][T16835]  ? do_syscall_64+0x3b/0xb0
[  617.778151][T16835]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  617.784057][T16835]  ? __kasan_check_read+0x11/0x20
[  617.789010][T16835]  ? bpf_test_timer_continue+0x140/0x460
[  617.794586][T16835]  bpf_test_run+0x478/0xa10
[  617.798912][T16835]  ? convert___skb_to_skb+0x570/0x570
[  617.804201][T16835]  ? eth_type_trans+0x2e4/0x620
[  617.808889][T16835]  ? eth_get_headlen+0x240/0x240
[  617.814268][T16835]  ? bpf_prog_test_run_skb+0x7bd/0x1420
[  617.819942][T16835]  ? convert___skb_to_skb+0x44/0x570
[  617.825070][T16835]  ? memcpy+0x56/0x70
[  617.828984][T16835]  bpf_prog_test_run_skb+0xb41/0x1420
[  617.834360][T16835]  ? __kasan_check_write+0x14/0x20
[  617.839327][T16835]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  617.845034][T16835]  ? __kasan_check_write+0x14/0x20
[  617.849981][T16835]  ? fput_many+0x160/0x1b0
[  617.854234][T16835]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  617.859962][T16835]  bpf_prog_test_run+0x3b0/0x630
[  617.864743][T16835]  ? bpf_prog_query+0x220/0x220
[  617.869537][T16835]  ? selinux_bpf+0xd2/0x100
[  617.874016][T16835]  ? security_bpf+0x82/0xb0
[  617.878538][T16835]  __sys_bpf+0x525/0x760
[  617.882703][T16835]  ? fput_many+0x160/0x1b0
[  617.887050][T16835]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  617.892438][T16835]  ? debug_smp_processor_id+0x17/0x20
[  617.897721][T16835]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  617.903620][T16835]  __x64_sys_bpf+0x7c/0x90
[  617.907875][T16835]  x64_sys_call+0x87f/0x9a0
[  617.912594][T16835]  do_syscall_64+0x3b/0xb0
[  617.916930][T16835]  ? clear_bhb_loop+0x35/0x90
[  617.921449][T16835]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  617.927394][T16835] RIP: 0033:0x7f98c803fef9
[  617.932224][T16835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  617.952131][T16835] RSP: 002b:00007f98c6cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  617.960543][T16835] RAX: ffffffffffffffda RBX: 00007f98c81f7f80 RCX: 00007f98c803fef9
[  617.968351][T16835] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 000000000000000a
[  617.976250][T16835] RBP: 00007f98c6cb9090 R08: 0000000000000000 R09: 0000000000000000
[  617.984352][T16835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  617.993160][T16835] R13: 0000000000000000 R14: 00007f98c81f7f80 R15: 00007ffc7e119f58
[  618.001548][T16835]  </TASK>
[  618.007822][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  618.042258][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  618.074846][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  618.094848][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  618.203290][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.210394][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  618.234324][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  618.242992][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  618.252303][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.259416][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  618.292676][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  618.300666][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  618.309327][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  618.355250][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  618.372845][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  618.386330][T16796] device veth0_vlan entered promiscuous mode
[  618.468396][T16853] device syzkaller0 entered promiscuous mode
[  618.515993][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  618.527492][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  618.541554][T16796] device veth1_macvtap entered promiscuous mode
[  618.574520][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  618.582603][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  618.589996][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  618.602438][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  618.611002][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  618.619528][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  618.627933][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  618.636424][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  618.645408][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  618.673993][   T30] audit: type=1400 audit(1725994646.789:151): avc:  denied  { ioctl } for  pid=16863 comm="syz.1.5880" path="cgroup:[4026532680]" dev="nsfs" ino=4026532680 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  618.774769][T16870] FAULT_INJECTION: forcing a failure.
[  618.774769][T16870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  618.857295][T16870] CPU: 0 PID: 16870 Comm: syz.1.5906 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  618.867502][T16870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  618.877576][T16870] Call Trace:
[  618.880779][T16870]  <TASK>
[  618.883546][T16870]  dump_stack_lvl+0x151/0x1c0
[  618.888065][T16870]  ? io_uring_drop_tctx_refs+0x190/0x190
[  618.893630][T16870]  ? arch_stack_walk+0xf3/0x140
[  618.898392][T16870]  dump_stack+0x15/0x20
[  618.902566][T16870]  should_fail+0x3c6/0x510
[  618.907638][T16870]  should_fail_alloc_page+0x5a/0x80
[  618.912766][T16870]  prepare_alloc_pages+0x15c/0x700
[  618.917978][T16870]  ? __alloc_pages_bulk+0xe40/0xe40
[  618.923222][T16870]  __alloc_pages+0x18c/0x8f0
[  618.927635][T16870]  ? __x64_sys_bpf+0x7c/0x90
[  618.932160][T16870]  ? prep_new_page+0x110/0x110
[  618.936850][T16870]  __get_free_pages+0x10/0x30
[  618.941736][T16870]  kasan_populate_vmalloc_pte+0x39/0x130
[  618.947535][T16870]  ? __apply_to_page_range+0x8ca/0xbe0
[  618.953232][T16870]  __apply_to_page_range+0x8dd/0xbe0
[  618.958566][T16870]  ? kasan_populate_vmalloc+0x70/0x70
[  618.963859][T16870]  ? kasan_populate_vmalloc+0x70/0x70
[  618.969066][T16870]  apply_to_page_range+0x3b/0x50
[  618.974017][T16870]  kasan_populate_vmalloc+0x65/0x70
[  618.979391][T16870]  alloc_vmap_area+0x192f/0x1a80
[  618.984450][T16870]  ? vm_map_ram+0xa90/0xa90
[  618.988970][T16870]  ? kmem_cache_alloc_trace+0x115/0x210
[  618.994419][T16870]  ? __get_vm_area_node+0x117/0x360
[  618.999625][T16870]  __get_vm_area_node+0x158/0x360
[  619.004478][T16870]  ? get_random_u64+0x5c0/0x5c0
[  619.009430][T16870]  __vmalloc_node_range+0xe2/0x8d0
[  619.014432][T16870]  ? htab_map_alloc+0xbb2/0x1650
[  619.019335][T16870]  bpf_map_area_alloc+0xd9/0xf0
[  619.024118][T16870]  ? htab_map_alloc+0xbb2/0x1650
[  619.028878][T16870]  htab_map_alloc+0xbb2/0x1650
[  619.033558][T16870]  map_create+0x411/0x2050
[  619.037989][T16870]  __sys_bpf+0x296/0x760
[  619.042057][T16870]  ? fput_many+0x160/0x1b0
[  619.046837][T16870]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  619.052070][T16870]  ? debug_smp_processor_id+0x17/0x20
[  619.057249][T16870]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  619.063255][T16870]  __x64_sys_bpf+0x7c/0x90
[  619.067750][T16870]  x64_sys_call+0x87f/0x9a0
[  619.072086][T16870]  do_syscall_64+0x3b/0xb0
[  619.076859][T16870]  ? clear_bhb_loop+0x35/0x90
[  619.081384][T16870]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  619.087099][T16870] RIP: 0033:0x7f0af6a3eef9
[  619.091368][T16870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  619.111081][T16870] RSP: 002b:00007f0af56b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  619.119882][T16870] RAX: ffffffffffffffda RBX: 00007f0af6bf6f80 RCX: 00007f0af6a3eef9
[  619.128112][T16870] RDX: 0000000000000048 RSI: 0000000020000840 RDI: 0000000000000000
[  619.136382][T16870] RBP: 00007f0af56b8090 R08: 0000000000000000 R09: 0000000000000000
[  619.144382][T16870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  619.152198][T16870] R13: 0000000000000000 R14: 00007f0af6bf6f80 R15: 00007ffcd891cf48
[  619.160524][T16870]  </TASK>
[  623.676807][T17021] device syzkaller0 entered promiscuous mode
[  624.579424][T17041] FAULT_INJECTION: forcing a failure.
[  624.579424][T17041] name failslab, interval 1, probability 0, space 0, times 0
[  624.592046][T17041] CPU: 1 PID: 17041 Comm: syz.0.5962 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  624.601966][T17041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  624.612236][T17041] Call Trace:
[  624.615610][T17041]  <TASK>
[  624.618651][T17041]  dump_stack_lvl+0x151/0x1c0
[  624.623159][T17041]  ? io_uring_drop_tctx_refs+0x190/0x190
[  624.628619][T17041]  ? __bpf_trace_kmem_cache_free+0x99/0xc0
[  624.634383][T17041]  ? kfree_skbmem+0x104/0x170
[  624.639074][T17041]  dump_stack+0x15/0x20
[  624.643079][T17041]  should_fail+0x3c6/0x510
[  624.647403][T17041]  __should_failslab+0xa4/0xe0
[  624.652078][T17041]  ? skb_clone+0x1d1/0x360
[  624.656625][T17041]  should_failslab+0x9/0x20
[  624.661300][T17041]  slab_pre_alloc_hook+0x37/0xd0
[  624.668591][T17041]  ? skb_clone+0x1d1/0x360
[  624.673043][T17041]  kmem_cache_alloc+0x44/0x200
[  624.678230][T17041]  skb_clone+0x1d1/0x360
[  624.683238][T17041]  bpf_clone_redirect+0xa6/0x390
[  624.688731][T17041]  bpf_prog_c08ef512837047f4+0x59/0xaf4
[  624.694290][T17041]  ? trace_event_raw_event_swiotlb_bounced+0x320/0x480
[  624.701725][T17041]  ? __stack_depot_save+0x34/0x470
[  624.707063][T17041]  ? __kasan_slab_alloc+0xc3/0xe0
[  624.712170][T17041]  ? __kasan_slab_alloc+0xb1/0xe0
[  624.717473][T17041]  ? slab_post_alloc_hook+0x53/0x2c0
[  624.722993][T17041]  ? kmem_cache_alloc+0xf5/0x200
[  624.727871][T17041]  ? __build_skb+0x2a/0x300
[  624.732786][T17041]  ? build_skb+0x25/0x1f0
[  624.737543][T17041]  ? bpf_prog_test_run_skb+0x38e/0x1420
[  624.742929][T17041]  ? bpf_prog_test_run+0x3b0/0x630
[  624.748049][T17041]  ? __sys_bpf+0x525/0x760
[  624.752294][T17041]  ? __x64_sys_bpf+0x7c/0x90
[  624.757001][T17041]  ? x64_sys_call+0x87f/0x9a0
[  624.761683][T17041]  ? do_syscall_64+0x3b/0xb0
[  624.766115][T17041]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  624.772313][T17041]  ? __kasan_check_read+0x11/0x20
[  624.777162][T17041]  ? bpf_test_timer_continue+0x140/0x460
[  624.782772][T17041]  bpf_test_run+0x478/0xa10
[  624.787230][T17041]  ? convert___skb_to_skb+0x570/0x570
[  624.792490][T17041]  ? eth_type_trans+0x2e4/0x620
[  624.797496][T17041]  ? eth_get_headlen+0x240/0x240
[  624.802220][T17041]  ? convert___skb_to_skb+0x44/0x570
[  624.807695][T17041]  bpf_prog_test_run_skb+0xb41/0x1420
[  624.812952][T17041]  ? __kasan_check_write+0x14/0x20
[  624.817915][T17041]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  624.823654][T17041]  ? __kasan_check_write+0x14/0x20
[  624.828661][T17041]  ? fput_many+0x160/0x1b0
[  624.832979][T17041]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  624.838743][T17041]  bpf_prog_test_run+0x3b0/0x630
[  624.843688][T17041]  ? bpf_prog_query+0x220/0x220
[  624.848453][T17041]  ? selinux_bpf+0xd2/0x100
[  624.852899][T17041]  ? security_bpf+0x82/0xb0
[  624.857302][T17041]  __sys_bpf+0x525/0x760
[  624.861392][T17041]  ? fput_many+0x160/0x1b0
[  624.865733][T17041]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  624.870931][T17041]  ? debug_smp_processor_id+0x17/0x20
[  624.876235][T17041]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  624.882133][T17041]  __x64_sys_bpf+0x7c/0x90
[  624.886395][T17041]  x64_sys_call+0x87f/0x9a0
[  624.890720][T17041]  do_syscall_64+0x3b/0xb0
[  624.894969][T17041]  ? clear_bhb_loop+0x35/0x90
[  624.899485][T17041]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  624.905746][T17041] RIP: 0033:0x7f0c5cb9fef9
[  624.909991][T17041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.930122][T17041] RSP: 002b:00007f0c5b819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  624.938369][T17041] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9fef9
[  624.946179][T17041] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a
[  624.954078][T17041] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  624.962076][T17041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  624.969982][T17041] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  624.977878][T17041]  </TASK>
[  627.083314][T17105] sock: sock_set_timeout: `syz.4.5982' (pid 17105) tries to set negative timeout
[  627.315096][T17111] FAULT_INJECTION: forcing a failure.
[  627.315096][T17111] name failslab, interval 1, probability 0, space 0, times 0
[  627.511912][T17111] CPU: 1 PID: 17111 Comm: syz.3.5983 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  627.521836][T17111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  627.531830][T17111] Call Trace:
[  627.534954][T17111]  <TASK>
[  627.537728][T17111]  dump_stack_lvl+0x151/0x1c0
[  627.542250][T17111]  ? io_uring_drop_tctx_refs+0x190/0x190
[  627.547895][T17111]  dump_stack+0x15/0x20
[  627.552136][T17111]  should_fail+0x3c6/0x510
[  627.556389][T17111]  __should_failslab+0xa4/0xe0
[  627.561097][T17111]  should_failslab+0x9/0x20
[  627.565435][T17111]  slab_pre_alloc_hook+0x37/0xd0
[  627.570388][T17111]  __kmalloc+0x6d/0x270
[  627.574436][T17111]  ? kstrtol_from_user+0x310/0x310
[  627.579493][T17111]  ? bpf_test_init+0x101/0x1b0
[  627.584214][T17111]  ? memset+0x35/0x40
[  627.588040][T17111]  bpf_test_init+0x101/0x1b0
[  627.592481][T17111]  bpf_prog_test_run_xdp+0x222/0xbc0
[  627.597671][T17111]  ? proc_fail_nth_write+0x20b/0x290
[  627.602992][T17111]  ? proc_fail_nth_read+0x210/0x210
[  627.608028][T17111]  ? fsnotify_perm+0x6a/0x5d0
[  627.612533][T17111]  ? dev_put+0x70/0x70
[  627.616443][T17111]  ? __kasan_check_write+0x14/0x20
[  627.621656][T17111]  ? fput_many+0x160/0x1b0
[  627.626092][T17111]  ? dev_put+0x70/0x70
[  627.630353][T17111]  bpf_prog_test_run+0x3b0/0x630
[  627.635414][T17111]  ? bpf_prog_query+0x220/0x220
[  627.640100][T17111]  ? selinux_bpf+0xd2/0x100
[  627.644450][T17111]  ? security_bpf+0x82/0xb0
[  627.648785][T17111]  __sys_bpf+0x525/0x760
[  627.652988][T17111]  ? fput_many+0x160/0x1b0
[  627.657196][T17111]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  627.662711][T17111]  ? debug_smp_processor_id+0x17/0x20
[  627.669395][T17111]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  627.676430][T17111]  __x64_sys_bpf+0x7c/0x90
[  627.682049][T17111]  x64_sys_call+0x87f/0x9a0
[  627.686661][T17111]  do_syscall_64+0x3b/0xb0
[  627.692021][T17111]  ? clear_bhb_loop+0x35/0x90
[  627.697674][T17111]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  627.703782][T17111] RIP: 0033:0x7f98c803fef9
[  627.708086][T17111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  627.727757][T17111] RSP: 002b:00007f98c6c98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  627.736051][T17111] RAX: ffffffffffffffda RBX: 00007f98c81f8058 RCX: 00007f98c803fef9
[  627.744027][T17111] RDX: 0000000000000050 RSI: 0000000020000500 RDI: 000000000000000a
[  627.752103][T17111] RBP: 00007f98c6c98090 R08: 0000000000000000 R09: 0000000000000000
[  627.760604][T17111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  627.768536][T17111] R13: 0000000000000001 R14: 00007f98c81f8058 R15: 00007ffc7e119f58
[  627.776517][T17111]  </TASK>
[  629.163831][T17181] FAULT_INJECTION: forcing a failure.
[  629.163831][T17181] name failslab, interval 1, probability 0, space 0, times 0
[  629.312927][T17181] CPU: 0 PID: 17181 Comm: syz.4.6005 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  629.323201][T17181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  629.333240][T17181] Call Trace:
[  629.336468][T17181]  <TASK>
[  629.339413][T17181]  dump_stack_lvl+0x151/0x1c0
[  629.344393][T17181]  ? io_uring_drop_tctx_refs+0x190/0x190
[  629.350039][T17181]  dump_stack+0x15/0x20
[  629.355252][T17181]  should_fail+0x3c6/0x510
[  629.359600][T17181]  __should_failslab+0xa4/0xe0
[  629.364539][T17181]  ? __alloc_file+0x29/0x2a0
[  629.368962][T17181]  should_failslab+0x9/0x20
[  629.373300][T17181]  slab_pre_alloc_hook+0x37/0xd0
[  629.378087][T17181]  ? __alloc_file+0x29/0x2a0
[  629.382676][T17181]  kmem_cache_alloc+0x44/0x200
[  629.387285][T17181]  ? _raw_spin_trylock_bh+0x190/0x190
[  629.392600][T17181]  __alloc_file+0x29/0x2a0
[  629.396918][T17181]  alloc_empty_file+0x95/0x180
[  629.401521][T17181]  alloc_file+0x5a/0x4e0
[  629.405777][T17181]  alloc_file_pseudo+0x259/0x2f0
[  629.410638][T17181]  ? local_bh_enable+0x1f/0x30
[  629.415375][T17181]  ? alloc_empty_file_noaccount+0x80/0x80
[  629.420894][T17181]  ? put_pid+0xc3/0x110
[  629.424881][T17181]  sock_alloc_file+0xbb/0x260
[  629.429443][T17181]  __sys_socketpair+0x4c3/0x6e0
[  629.434080][T17181]  ? __ia32_sys_socket+0x90/0x90
[  629.438935][T17181]  ? __ia32_sys_read+0x90/0x90
[  629.443538][T17181]  ? debug_smp_processor_id+0x17/0x20
[  629.448743][T17181]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  629.454653][T17181]  __x64_sys_socketpair+0x9b/0xb0
[  629.459529][T17181]  x64_sys_call+0x19b/0x9a0
[  629.463848][T17181]  do_syscall_64+0x3b/0xb0
[  629.468188][T17181]  ? clear_bhb_loop+0x35/0x90
[  629.472817][T17181]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  629.478548][T17181] RIP: 0033:0x7f8a611bfef9
[  629.482898][T17181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.502689][T17181] RSP: 002b:00007f8a5fe39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  629.510930][T17181] RAX: ffffffffffffffda RBX: 00007f8a61377f80 RCX: 00007f8a611bfef9
[  629.518742][T17181] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  629.526842][T17181] RBP: 00007f8a5fe39090 R08: 0000000000000000 R09: 0000000000000000
[  629.534733][T17181] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000002
[  629.542558][T17181] R13: 0000000000000001 R14: 00007f8a61377f80 R15: 00007fff4230d5e8
[  629.550794][T17181]  </TASK>
[  630.208643][T17203] device veth0_vlan left promiscuous mode
[  630.234602][T17203] device veth0_vlan entered promiscuous mode
[  630.297915][T17203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  630.328243][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  630.342166][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  630.352256][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  630.371083][T17207] device veth1_macvtap left promiscuous mode
[  631.910185][T17260] device syzkaller0 entered promiscuous mode
[  632.765439][T17290] FAULT_INJECTION: forcing a failure.
[  632.765439][T17290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  632.778964][T17290] CPU: 1 PID: 17290 Comm: syz.2.6039 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  632.789053][T17290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  632.799123][T17290] Call Trace:
[  632.802487][T17290]  <TASK>
[  632.805625][T17290]  dump_stack_lvl+0x151/0x1c0
[  632.810791][T17290]  ? io_uring_drop_tctx_refs+0x190/0x190
[  632.816270][T17290]  ? kasan_set_track+0x5d/0x70
[  632.821303][T17290]  ? __kasan_slab_free+0x11/0x20
[  632.826345][T17290]  ? kmem_cache_free+0x116/0x2e0
[  632.832049][T17290]  ? putname+0xfa/0x150
[  632.836113][T17290]  ? do_sys_openat2+0x71c/0x830
[  632.840803][T17290]  ? x64_sys_call+0x6bf/0x9a0
[  632.845490][T17290]  dump_stack+0x15/0x20
[  632.849493][T17290]  should_fail+0x3c6/0x510
[  632.853820][T17290]  should_fail_usercopy+0x1a/0x20
[  632.859210][T17290]  _copy_from_user+0x20/0xd0
[  632.863738][T17290]  iovec_from_user+0xc7/0x330
[  632.868495][T17290]  __import_iovec+0x6d/0x420
[  632.873188][T17290]  import_iovec+0xe5/0x120
[  632.877621][T17290]  ___sys_recvmsg+0x56b/0x690
[  632.882129][T17290]  ? __sys_recvmsg+0x260/0x260
[  632.886926][T17290]  ? __fdget+0x1bc/0x240
[  632.891068][T17290]  __x64_sys_recvmsg+0x1dc/0x2b0
[  632.895849][T17290]  ? ___sys_recvmsg+0x690/0x690
[  632.900552][T17290]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  632.906627][T17290]  ? exit_to_user_mode_prepare+0x39/0xa0
[  632.912094][T17290]  x64_sys_call+0x171/0x9a0
[  632.916607][T17290]  do_syscall_64+0x3b/0xb0
[  632.920950][T17290]  ? clear_bhb_loop+0x35/0x90
[  632.925482][T17290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  632.931737][T17290] RIP: 0033:0x7f1d6f185ef9
[  632.936246][T17290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.956580][T17290] RSP: 002b:00007f1d6ddff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  632.965297][T17290] RAX: ffffffffffffffda RBX: 00007f1d6f33df80 RCX: 00007f1d6f185ef9
[  632.973242][T17290] RDX: 00000000000040fd RSI: 0000000020000b00 RDI: 0000000000000003
[  632.981301][T17290] RBP: 00007f1d6ddff090 R08: 0000000000000000 R09: 0000000000000000
[  632.989155][T17290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  632.997142][T17290] R13: 0000000000000000 R14: 00007f1d6f33df80 R15: 00007ffe1c6c0ce8
[  633.005570][T17290]  </TASK>
[  635.725355][T17356] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.735010][T17356] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.031397][T17394] FAULT_INJECTION: forcing a failure.
[  637.031397][T17394] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  637.151742][T17394] CPU: 1 PID: 17394 Comm: syz.0.6073 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  637.162196][T17394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  637.172809][T17394] Call Trace:
[  637.176270][T17394]  <TASK>
[  637.179130][T17394]  dump_stack_lvl+0x151/0x1c0
[  637.184000][T17394]  ? io_uring_drop_tctx_refs+0x190/0x190
[  637.189572][T17394]  ? __stack_depot_save+0x34/0x470
[  637.194532][T17394]  dump_stack+0x15/0x20
[  637.198561][T17394]  should_fail+0x3c6/0x510
[  637.202766][T17394]  should_fail_alloc_page+0x5a/0x80
[  637.207886][T17394]  prepare_alloc_pages+0x15c/0x700
[  637.213225][T17394]  ? __alloc_pages+0x8f0/0x8f0
[  637.218027][T17394]  ? __alloc_pages_bulk+0xe40/0xe40
[  637.223011][T17394]  __alloc_pages+0x18c/0x8f0
[  637.227438][T17394]  ? prep_new_page+0x110/0x110
[  637.232029][T17394]  ? __kasan_kmalloc+0x9/0x10
[  637.236885][T17394]  ? __kmalloc+0x13a/0x270
[  637.241235][T17394]  ? __vmalloc_node_range+0x2d6/0x8d0
[  637.246626][T17394]  __vmalloc_node_range+0x482/0x8d0
[  637.252037][T17394]  bpf_map_area_alloc+0xd9/0xf0
[  637.256974][T17394]  ? htab_map_alloc+0xbb2/0x1650
[  637.262603][T17394]  htab_map_alloc+0xbb2/0x1650
[  637.267981][T17394]  map_create+0x411/0x2050
[  637.272273][T17394]  __sys_bpf+0x296/0x760
[  637.276695][T17394]  ? fput_many+0x160/0x1b0
[  637.281105][T17394]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  637.286695][T17394]  ? debug_smp_processor_id+0x17/0x20
[  637.291969][T17394]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  637.297863][T17394]  __x64_sys_bpf+0x7c/0x90
[  637.302534][T17394]  x64_sys_call+0x87f/0x9a0
[  637.306854][T17394]  do_syscall_64+0x3b/0xb0
[  637.311104][T17394]  ? clear_bhb_loop+0x35/0x90
[  637.315637][T17394]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  637.321777][T17394] RIP: 0033:0x7f0c5cb9fef9
[  637.326112][T17394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.347945][T17394] RSP: 002b:00007f0c5b819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  637.358027][T17394] RAX: ffffffffffffffda RBX: 00007f0c5cd57f80 RCX: 00007f0c5cb9fef9
[  637.366863][T17394] RDX: 0000000000000048 RSI: 0000000020000840 RDI: 0000000000000000
[  637.374762][T17394] RBP: 00007f0c5b819090 R08: 0000000000000000 R09: 0000000000000000
[  637.382759][T17394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  637.391242][T17394] R13: 0000000000000000 R14: 00007f0c5cd57f80 R15: 00007ffc73d7fd38
[  637.399147][T17394]  </TASK>
[  637.465593][T17399] device pim6reg1 entered promiscuous mode
[  637.531106][T17401] device syzkaller0 entered promiscuous mode
[  638.781977][T17446] FAULT_INJECTION: forcing a failure.
[  638.781977][T17446] name failslab, interval 1, probability 0, space 0, times 0
[  638.814058][T17446] CPU: 0 PID: 17446 Comm: syz.4.6092 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  638.824768][T17446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  638.834645][T17446] Call Trace:
[  638.837770][T17446]  <TASK>
[  638.840833][T17446]  dump_stack_lvl+0x151/0x1c0
[  638.845411][T17446]  ? io_uring_drop_tctx_refs+0x190/0x190
[  638.850878][T17446]  dump_stack+0x15/0x20
[  638.854882][T17446]  should_fail+0x3c6/0x510
[  638.859380][T17446]  __should_failslab+0xa4/0xe0
[  638.864248][T17446]  ? __alloc_file+0x29/0x2a0
[  638.868677][T17446]  should_failslab+0x9/0x20
[  638.873124][T17446]  slab_pre_alloc_hook+0x37/0xd0
[  638.877873][T17446]  ? __alloc_file+0x29/0x2a0
[  638.882298][T17446]  kmem_cache_alloc+0x44/0x200
[  638.886985][T17446]  ? _raw_spin_trylock_bh+0x190/0x190
[  638.892365][T17446]  __alloc_file+0x29/0x2a0
[  638.896622][T17446]  alloc_empty_file+0x95/0x180
[  638.901392][T17446]  alloc_file+0x5a/0x4e0
[  638.905475][T17446]  alloc_file_pseudo+0x259/0x2f0
[  638.910246][T17446]  ? alloc_empty_file_noaccount+0x80/0x80
[  638.915888][T17446]  ? tipc_sk_finish_conn+0x5a7/0x850
[  638.921198][T17446]  sock_alloc_file+0xbb/0x260
[  638.925700][T17446]  __sys_socketpair+0x405/0x6e0
[  638.930386][T17446]  ? __ia32_sys_socket+0x90/0x90
[  638.935331][T17446]  ? __ia32_sys_read+0x90/0x90
[  638.940189][T17446]  ? debug_smp_processor_id+0x17/0x20
[  638.945392][T17446]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  638.951385][T17446]  __x64_sys_socketpair+0x9b/0xb0
[  638.956391][T17446]  x64_sys_call+0x19b/0x9a0
[  638.960840][T17446]  do_syscall_64+0x3b/0xb0
[  638.965279][T17446]  ? clear_bhb_loop+0x35/0x90
[  638.969792][T17446]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  638.975782][T17446] RIP: 0033:0x7f8a611bfef9
[  638.980576][T17446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.000453][T17446] RSP: 002b:00007f8a5fe39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  639.008849][T17446] RAX: ffffffffffffffda RBX: 00007f8a61377f80 RCX: 00007f8a611bfef9
[  639.017046][T17446] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000001e
[  639.024858][T17446] RBP: 00007f8a5fe39090 R08: 0000000000000000 R09: 0000000000000000
[  639.032761][T17446] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  639.041920][T17446] R13: 0000000000000001 R14: 00007f8a61377f80 R15: 00007fff4230d5e8
[  639.050428][T17446]  </TASK>
[  640.134963][T17443] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.153213][T17443] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.167541][T17443] device bridge_slave_0 entered promiscuous mode
[  640.285609][T17443] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.303470][T17443] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.343854][T17443] device bridge_slave_1 entered promiscuous mode
[  640.955871][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  640.974532][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  641.066221][   T45] device bridge_slave_1 left promiscuous mode
[  641.073213][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.081283][   T45] device bridge_slave_0 left promiscuous mode
[  641.087433][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.096016][   T45] device veth1_macvtap left promiscuous mode
[  641.406298][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  641.414888][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  641.423118][T11553] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.430274][T11553] bridge0: port 1(bridge_slave_0) entered forwarding state
[  641.437646][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  641.445949][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  641.454034][T11553] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.460955][T11553] bridge0: port 2(bridge_slave_1) entered forwarding state
[  641.468380][T11553] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  641.881937][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  641.890077][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  641.920161][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  641.930845][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  642.022052][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  642.031136][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  642.040103][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  642.048506][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  642.088141][T17443] device veth0_vlan entered promiscuous mode
[  642.144538][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  642.193280][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  642.306452][T17443] device veth1_macvtap entered promiscuous mode
[  642.352982][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  642.361679][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  642.380218][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  642.463006][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  642.486142][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  642.495184][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  642.503609][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  645.472516][T17522] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.479401][T17522] bridge0: port 1(bridge_slave_0) entered disabled state
[  645.510656][T17522] device bridge_slave_0 entered promiscuous mode
[  645.584359][T17522] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.603237][T17522] bridge0: port 2(bridge_slave_1) entered disabled state
[  645.610779][T17522] device bridge_slave_1 entered promiscuous mode
[  646.189559][   T45] device bridge_slave_1 left promiscuous mode
[  646.222776][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  646.281806][   T45] device bridge_slave_0 left promiscuous mode
[  646.308442][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  646.335341][   T45] device veth0_vlan left promiscuous mode
[  647.130628][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  647.147775][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  647.253121][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  647.307826][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  647.368550][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.375452][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  647.454070][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  647.505371][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  647.514524][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.524511][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  647.689680][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  647.757146][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  647.772904][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  647.781124][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  647.790411][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  647.798722][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  647.807387][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  647.881164][T17522] device veth0_vlan entered promiscuous mode
[  647.953435][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  647.967136][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  648.029930][T17522] device veth1_macvtap entered promiscuous mode
[  648.177072][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  648.206540][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  648.261044][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  648.296573][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  648.305372][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  648.353841][T17596] bond_slave_1: mtu less than device minimum
[  648.391441][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  648.400479][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  648.410072][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  648.421270][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  650.873009][T17652] FAULT_INJECTION: forcing a failure.
[  650.873009][T17652] name failslab, interval 1, probability 0, space 0, times 0
[  650.972085][T17652] CPU: 1 PID: 17652 Comm: syz.4.6150 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  650.982016][T17652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  650.992013][T17652] Call Trace:
[  650.995115][T17652]  <TASK>
[  650.997892][T17652]  dump_stack_lvl+0x151/0x1c0
[  651.002941][T17652]  ? io_uring_drop_tctx_refs+0x190/0x190
[  651.008540][T17652]  dump_stack+0x15/0x20
[  651.012787][T17652]  should_fail+0x3c6/0x510
[  651.017086][T17652]  __should_failslab+0xa4/0xe0
[  651.021840][T17652]  should_failslab+0x9/0x20
[  651.026390][T17652]  slab_pre_alloc_hook+0x37/0xd0
[  651.031119][T17652]  __kmalloc+0x6d/0x270
[  651.035423][T17652]  ? security_prepare_creds+0x4d/0x140
[  651.040774][T17652]  security_prepare_creds+0x4d/0x140
[  651.046009][T17652]  prepare_creds+0x472/0x6a0
[  651.050496][T17652]  copy_creds+0xf0/0x630
[  651.054563][T17652]  ? dup_task_struct+0x7e6/0xc60
[  651.059468][T17652]  copy_process+0x7c3/0x3290
[  651.063937][T17652]  ? __kasan_check_write+0x14/0x20
[  651.068978][T17652]  ? selinux_file_permission+0x2c4/0x570
[  651.074525][T17652]  ? proc_fail_nth_read+0x210/0x210
[  651.079565][T17652]  ? fsnotify_perm+0x6a/0x5d0
[  651.084096][T17652]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  651.089215][T17652]  ? vfs_write+0x9ec/0x1110
[  651.093544][T17652]  kernel_clone+0x21e/0x9e0
[  651.097970][T17652]  ? __kasan_check_write+0x14/0x20
[  651.103008][T17652]  ? create_io_thread+0x1e0/0x1e0
[  651.108047][T17652]  __x64_sys_clone+0x23f/0x290
[  651.112636][T17652]  ? __do_sys_vfork+0x130/0x130
[  651.117325][T17652]  ? debug_smp_processor_id+0x17/0x20
[  651.122612][T17652]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  651.128565][T17652]  ? exit_to_user_mode_prepare+0x39/0xa0
[  651.134035][T17652]  x64_sys_call+0x1b0/0x9a0
[  651.138430][T17652]  do_syscall_64+0x3b/0xb0
[  651.143135][T17652]  ? clear_bhb_loop+0x35/0x90
[  651.147806][T17652]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  651.154122][T17652] RIP: 0033:0x7f8a611bfef9
[  651.158553][T17652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  651.178596][T17652] RSP: 002b:00007f8a5fe38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  651.187034][T17652] RAX: ffffffffffffffda RBX: 00007f8a61377f80 RCX: 00007f8a611bfef9
[  651.194906][T17652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008020000
[  651.202854][T17652] RBP: 00007f8a5fe39090 R08: 0000000000000000 R09: 0000000000000000
[  651.211004][T17652] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  651.219956][T17652] R13: 0000000000000000 R14: 00007f8a61377f80 R15: 00007fff4230d5e8
[  651.228272][T17652]  </TASK>
[  651.538166][   T30] audit: type=1400 audit(1725994679.669:152): avc:  denied  { create } for  pid=17666 comm="syz.2.6155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  651.597085][T17671] device pim6reg1 entered promiscuous mode
[  651.912874][T17681] FAULT_INJECTION: forcing a failure.
[  651.912874][T17681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.050924][T17681] CPU: 0 PID: 17681 Comm: syz.2.6160 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  652.061328][T17681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  652.071738][T17681] Call Trace:
[  652.074889][T17681]  <TASK>
[  652.077858][T17681]  dump_stack_lvl+0x151/0x1c0
[  652.082350][T17681]  ? io_uring_drop_tctx_refs+0x190/0x190
[  652.087823][T17681]  ? __kasan_check_write+0x14/0x20
[  652.092913][T17681]  ? __alloc_skb+0x355/0x550
[  652.097270][T17681]  dump_stack+0x15/0x20
[  652.101385][T17681]  should_fail+0x3c6/0x510
[  652.105600][T17681]  should_fail_usercopy+0x1a/0x20
[  652.110647][T17681]  _copy_from_iter+0x22f/0xdc0
[  652.115237][T17681]  ? copy_mc_pipe_to_iter+0x760/0x760
[  652.120445][T17681]  ? __check_object_size+0x2ec/0x3d0
[  652.125563][T17681]  skb_copy_datagram_from_iter+0x100/0x6d0
[  652.131207][T17681]  tun_get_user+0x112d/0x3aa0
[  652.135837][T17681]  ? __x64_sys_openat+0x1b0/0x290
[  652.141451][T17681]  ? x64_sys_call+0x6bf/0x9a0
[  652.145960][T17681]  ? _kstrtoull+0x3a0/0x4a0
[  652.150303][T17681]  ? tun_do_read+0x2010/0x2010
[  652.154897][T17681]  ? kstrtouint_from_user+0x20a/0x2a0
[  652.160192][T17681]  ? kstrtol_from_user+0x310/0x310
[  652.165143][T17681]  ? avc_policy_seqno+0x1b/0x70
[  652.169863][T17681]  ? selinux_file_permission+0x2c4/0x570
[  652.175576][T17681]  tun_chr_write_iter+0x1e1/0x2e0
[  652.180454][T17681]  vfs_write+0xd5d/0x1110
[  652.185554][T17681]  ? file_end_write+0x1c0/0x1c0
[  652.190466][T17681]  ? __fdget_pos+0x209/0x3a0
[  652.194879][T17681]  ? ksys_write+0x77/0x2c0
[  652.199145][T17681]  ksys_write+0x199/0x2c0
[  652.203298][T17681]  ? __ia32_sys_read+0x90/0x90
[  652.208157][T17681]  ? debug_smp_processor_id+0x17/0x20
[  652.213539][T17681]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  652.219538][T17681]  __x64_sys_write+0x7b/0x90
[  652.223966][T17681]  x64_sys_call+0x2f/0x9a0
[  652.228207][T17681]  do_syscall_64+0x3b/0xb0
[  652.232467][T17681]  ? clear_bhb_loop+0x35/0x90
[  652.237456][T17681]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  652.243409][T17681] RIP: 0033:0x7f14c049def9
[  652.247664][T17681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.267666][T17681] RSP: 002b:00007f14bf117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  652.276068][T17681] RAX: ffffffffffffffda RBX: 00007f14c0655f80 RCX: 00007f14c049def9
[  652.283969][T17681] RDX: 000000000000fdef RSI: 0000000020000200 RDI: 00000000000000c8
[  652.291778][T17681] RBP: 00007f14bf117090 R08: 0000000000000000 R09: 0000000000000000
[  652.299762][T17681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.307757][T17681] R13: 0000000000000000 R14: 00007f14c0655f80 R15: 00007ffcb4df1fb8
[  652.315932][T17681]  </TASK>
[  653.118880][T17712] tun0: tun_chr_ioctl cmd 1074025681
[  653.231238][T17711] tun1: tun_chr_ioctl cmd 1074025681
[  653.347929][T17720] FAULT_INJECTION: forcing a failure.
[  653.347929][T17720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  653.496871][T17720] CPU: 1 PID: 17720 Comm: syz.2.6172 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  653.506809][T17720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  653.518269][T17720] Call Trace:
[  653.521382][T17720]  <TASK>
[  653.524161][T17720]  dump_stack_lvl+0x151/0x1c0
[  653.528860][T17720]  ? io_uring_drop_tctx_refs+0x190/0x190
[  653.534321][T17720]  dump_stack+0x15/0x20
[  653.538310][T17720]  should_fail+0x3c6/0x510
[  653.542568][T17720]  should_fail_usercopy+0x1a/0x20
[  653.547422][T17720]  _copy_from_user+0x20/0xd0
[  653.551951][T17720]  bpf_test_init+0x13b/0x1b0
[  653.556375][T17720]  bpf_prog_test_run_skb+0x268/0x1420
[  653.561586][T17720]  ? proc_fail_nth_write+0x20b/0x290
[  653.566705][T17720]  ? selinux_file_permission+0x2c4/0x570
[  653.572548][T17720]  ? proc_fail_nth_read+0x210/0x210
[  653.577560][T17720]  ? fsnotify_perm+0x6a/0x5d0
[  653.582090][T17720]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  653.587811][T17720]  ? __kasan_check_write+0x14/0x20
[  653.593220][T17720]  ? fput_many+0x160/0x1b0
[  653.597814][T17720]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  653.603506][T17720]  bpf_prog_test_run+0x3b0/0x630
[  653.608802][T17720]  ? bpf_prog_query+0x220/0x220
[  653.613864][T17720]  ? selinux_bpf+0xd2/0x100
[  653.618199][T17720]  ? security_bpf+0x82/0xb0
[  653.622712][T17720]  __sys_bpf+0x525/0x760
[  653.626799][T17720]  ? fput_many+0x160/0x1b0
[  653.631130][T17720]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  653.636437][T17720]  ? debug_smp_processor_id+0x17/0x20
[  653.641674][T17720]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  653.647541][T17720]  __x64_sys_bpf+0x7c/0x90
[  653.651785][T17720]  x64_sys_call+0x87f/0x9a0
[  653.656128][T17720]  do_syscall_64+0x3b/0xb0
[  653.660377][T17720]  ? clear_bhb_loop+0x35/0x90
[  653.664986][T17720]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  653.671407][T17720] RIP: 0033:0x7f14c049def9
[  653.675904][T17720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.696743][T17720] RSP: 002b:00007f14bf117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  653.705199][T17720] RAX: ffffffffffffffda RBX: 00007f14c0655f80 RCX: 00007f14c049def9
[  653.713181][T17720] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  653.721798][T17720] RBP: 00007f14bf117090 R08: 0000000000000000 R09: 0000000000000000
[  653.729591][T17720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  653.737413][T17720] R13: 0000000000000000 R14: 00007f14c0655f80 R15: 00007ffcb4df1fb8
[  653.745400][T17720]  </TASK>
[  654.745328][T17741] FAULT_INJECTION: forcing a failure.
[  654.745328][T17741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  654.783159][T17741] CPU: 0 PID: 17741 Comm: syz.2.6178 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  654.792991][T17741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  654.803064][T17741] Call Trace:
[  654.806267][T17741]  <TASK>
[  654.809074][T17741]  dump_stack_lvl+0x151/0x1c0
[  654.813754][T17741]  ? io_uring_drop_tctx_refs+0x190/0x190
[  654.819210][T17741]  ? __kasan_check_write+0x14/0x20
[  654.824256][T17741]  ? __alloc_skb+0x355/0x550
[  654.828754][T17741]  dump_stack+0x15/0x20
[  654.832837][T17741]  should_fail+0x3c6/0x510
[  654.837185][T17741]  should_fail_usercopy+0x1a/0x20
[  654.842330][T17741]  _copy_from_iter+0x22f/0xdc0
[  654.846929][T17741]  ? copy_mc_pipe_to_iter+0x760/0x760
[  654.852220][T17741]  ? __check_object_size+0x2ec/0x3d0
[  654.857531][T17741]  skb_copy_datagram_from_iter+0x100/0x6d0
[  654.863510][T17741]  tun_get_user+0x112d/0x3aa0
[  654.868338][T17741]  ? __x64_sys_openat+0x1b0/0x290
[  654.873215][T17741]  ? x64_sys_call+0x6bf/0x9a0
[  654.877749][T17741]  ? _kstrtoull+0x3a0/0x4a0
[  654.882071][T17741]  ? tun_do_read+0x2010/0x2010
[  654.886670][T17741]  ? kstrtouint_from_user+0x20a/0x2a0
[  654.892055][T17741]  ? kstrtol_from_user+0x310/0x310
[  654.897186][T17741]  ? 0xffffffff81000000
[  654.901276][T17741]  ? avc_policy_seqno+0x1b/0x70
[  654.906738][T17741]  ? selinux_file_permission+0x2c4/0x570
[  654.912944][T17741]  tun_chr_write_iter+0x1e1/0x2e0
[  654.917895][T17741]  vfs_write+0xd5d/0x1110
[  654.922068][T17741]  ? file_end_write+0x1c0/0x1c0
[  654.926840][T17741]  ? __fdget_pos+0x209/0x3a0
[  654.931345][T17741]  ? ksys_write+0x77/0x2c0
[  654.935767][T17741]  ksys_write+0x199/0x2c0
[  654.939947][T17741]  ? __ia32_sys_read+0x90/0x90
[  654.944548][T17741]  ? debug_smp_processor_id+0x17/0x20
[  654.949743][T17741]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  654.955652][T17741]  __x64_sys_write+0x7b/0x90
[  654.960080][T17741]  x64_sys_call+0x2f/0x9a0
[  654.964409][T17741]  do_syscall_64+0x3b/0xb0
[  654.968852][T17741]  ? clear_bhb_loop+0x35/0x90
[  654.973356][T17741]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  654.979490][T17741] RIP: 0033:0x7f14c049def9
[  654.983924][T17741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.004561][T17741] RSP: 002b:00007f14bf0f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  655.012893][T17741] RAX: ffffffffffffffda RBX: 00007f14c0656058 RCX: 00007f14c049def9
[  655.021063][T17741] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 00000000000000c8
[  655.029037][T17741] RBP: 00007f14bf0f6090 R08: 0000000000000000 R09: 0000000000000000
[  655.037111][T17741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.045269][T17741] R13: 0000000000000000 R14: 00007f14c0656058 R15: 00007ffcb4df1fb8
[  655.053743][T17741]  </TASK>
[  655.318047][   T30] audit: type=1400 audit(1725994683.449:153): avc:  denied  { ioctl } for  pid=17759 comm="syz.3.6184" path="socket:[74342]" dev="sockfs" ino=74342 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  655.355369][T17760] device syzkaller0 entered promiscuous mode
[  657.438462][T17786] ==================================================================
[  657.446639][T17786] BUG: KASAN: use-after-free in sk_psock_verdict_data_ready+0xc2/0x1a0
[  657.454974][T17786] Read of size 8 at addr ffff88811a6de820 by task syz.3.6193/17786
[  657.462982][T17786] 
[  657.465154][T17786] CPU: 1 PID: 17786 Comm: syz.3.6193 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0
[  657.475087][T17786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  657.485082][T17786] Call Trace:
[  657.488209][T17786]  <TASK>
[  657.491012][T17786]  dump_stack_lvl+0x151/0x1c0
[  657.495496][T17786]  ? io_uring_drop_tctx_refs+0x190/0x190
[  657.500961][T17786]  ? panic+0x760/0x760
[  657.504959][T17786]  ? irqentry_exit_cond_resched+0x2a/0x30
[  657.510505][T17786]  print_address_description+0x87/0x3b0
[  657.515978][T17786]  kasan_report+0x179/0x1c0
[  657.520544][T17786]  ? sk_psock_verdict_data_ready+0xc2/0x1a0
[  657.526326][T17786]  ? sk_psock_verdict_data_ready+0xc2/0x1a0
[  657.532233][T17786]  __asan_report_load8_noabort+0x14/0x20
[  657.537857][T17786]  sk_psock_verdict_data_ready+0xc2/0x1a0
[  657.543445][T17786]  ? sk_psock_start_verdict+0xc0/0xc0
[  657.548637][T17786]  ? _raw_spin_lock+0xa4/0x1b0
[  657.553227][T17786]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  657.558964][T17786]  ? skb_queue_tail+0xfb/0x120
[  657.563652][T17786]  unix_stream_sendmsg+0x8fd/0x1060
[  657.568784][T17786]  ? unix_stream_sendmsg+0x891/0x1060
[  657.574169][T17786]  ? unix_show_fdinfo+0xa0/0xa0
[  657.578847][T17786]  ? unix_show_fdinfo+0xa0/0xa0
[  657.583567][T17786]  ? ____sys_sendmsg+0x525/0x8f0
[  657.588491][T17786]  ? unix_show_fdinfo+0xa0/0xa0
[  657.593302][T17786]  ____sys_sendmsg+0x59e/0x8f0
[  657.597857][T17786]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  657.603502][T17786]  ? __sys_sendmsg_sock+0x40/0x40
[  657.608630][T17786]  ? import_iovec+0xe5/0x120
[  657.613049][T17786]  ___sys_sendmsg+0x252/0x2e0
[  657.617563][T17786]  ? __sys_sendmsg+0x260/0x260
[  657.622222][T17786]  ? timerqueue_add+0x250/0x270
[  657.626847][T17786]  ? __hrtimer_run_queues+0xa6f/0xad0
[  657.632065][T17786]  ? __fdget+0x1bc/0x240
[  657.636315][T17786]  __se_sys_sendmsg+0x19a/0x260
[  657.641050][T17786]  ? __x64_sys_sendmsg+0x90/0x90
[  657.645955][T17786]  ? __kasan_check_read+0x11/0x20
[  657.650805][T17786]  __x64_sys_sendmsg+0x7b/0x90
[  657.655535][T17786]  x64_sys_call+0x16a/0x9a0
[  657.659865][T17786]  do_syscall_64+0x3b/0xb0
[  657.664257][T17786]  ? clear_bhb_loop+0x35/0x90
[  657.668718][T17786]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  657.674896][T17786] RIP: 0033:0x7f3d6d06aef9
[  657.679417][T17786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  657.700266][T17786] RSP: 002b:00007f3d6bce4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  657.708831][T17786] RAX: ffffffffffffffda RBX: 00007f3d6d222f80 RCX: 00007f3d6d06aef9
[  657.716618][T17786] RDX: 0000000000000003 RSI: 0000000020000980 RDI: 0000000000000003
[  657.724516][T17786] RBP: 00007f3d6d0dd9f6 R08: 0000000000000000 R09: 0000000000000000
[  657.732410][T17786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  657.740225][T17786] R13: 0000000000000000 R14: 00007f3d6d222f80 R15: 00007ffd8a5cf4b8
[  657.748173][T17786]  </TASK>
[  657.751187][T17786] 
[  657.753357][T17786] Allocated by task 17786:
[  657.757626][T17786]  __kasan_slab_alloc+0xb1/0xe0
[  657.762554][T17786]  slab_post_alloc_hook+0x53/0x2c0
[  657.767500][T17786]  kmem_cache_alloc+0xf5/0x200
[  657.772100][T17786]  sock_alloc_inode+0x1b/0xb0
[  657.776702][T17786]  new_inode_pseudo+0x64/0x220
[  657.781389][T17786]  __sock_create+0x135/0x760
[  657.785826][T17786]  __sys_socketpair+0x313/0x6e0
[  657.790685][T17786]  __x64_sys_socketpair+0x9b/0xb0
[  657.795623][T17786]  x64_sys_call+0x19b/0x9a0
[  657.799964][T17786]  do_syscall_64+0x3b/0xb0
[  657.804439][T17786]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  657.810390][T17786] 
[  657.812637][T17786] Freed by task 6:
[  657.816279][T17786]  kasan_set_track+0x4b/0x70
[  657.820790][T17786]  kasan_set_free_info+0x23/0x40
[  657.825569][T17786]  ____kasan_slab_free+0x126/0x160
[  657.830515][T17786]  __kasan_slab_free+0x11/0x20
[  657.835211][T17786]  slab_free_freelist_hook+0xbd/0x190
[  657.840718][T17786]  kmem_cache_free+0x116/0x2e0
[  657.845465][T17786]  sock_free_inode+0x20/0x30
[  657.849974][T17786]  i_callback+0x4b/0x70
[  657.853972][T17786]  rcu_do_batch+0x57a/0xc10
[  657.858405][T17786]  rcu_core+0x517/0x1020
[  657.862495][T17786]  rcu_core_si+0x9/0x10
[  657.866654][T17786]  __do_softirq+0x26d/0x5bf
[  657.871081][T17786] 
[  657.873338][T17786] Last potentially related work creation:
[  657.879448][T17786]  kasan_save_stack+0x3b/0x60
[  657.884368][T17786]  __kasan_record_aux_stack+0xd3/0xf0
[  657.889709][T17786]  kasan_record_aux_stack_noalloc+0xb/0x10
[  657.895565][T17786]  call_rcu+0x135/0x1310
[  657.899722][T17786]  evict+0x5df/0x630
[  657.903461][T17786]  iput+0x63b/0x7e0
[  657.907101][T17786]  dentry_unlink_inode+0x34f/0x440
[  657.912051][T17786]  __dentry_kill+0x447/0x660
[  657.916561][T17786]  dentry_kill+0xc0/0x2a0
[  657.920818][T17786]  dput+0x45/0x80
[  657.924460][T17786]  __fput+0x662/0x910
[  657.928367][T17786]  ____fput+0x15/0x20
[  657.932186][T17786]  task_work_run+0x129/0x190
[  657.936611][T17786]  exit_to_user_mode_loop+0xc4/0xe0
[  657.941732][T17786]  exit_to_user_mode_prepare+0x5a/0xa0
[  657.947026][T17786]  syscall_exit_to_user_mode+0x26/0x160
[  657.952407][T17786]  do_syscall_64+0x47/0xb0
[  657.956659][T17786]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  657.962473][T17786] 
[  657.964647][T17786] Second to last potentially related work creation:
[  657.971068][T17786]  kasan_save_stack+0x3b/0x60
[  657.975668][T17786]  __kasan_record_aux_stack+0xd3/0xf0
[  657.980877][T17786]  kasan_record_aux_stack_noalloc+0xb/0x10
[  657.986527][T17786]  call_rcu+0x135/0x1310
[  657.990602][T17786]  evict+0x5df/0x630
[  657.994337][T17786]  iput+0x63b/0x7e0
[  657.997973][T17786]  dentry_unlink_inode+0x34f/0x440
[  658.002963][T17786]  __dentry_kill+0x447/0x660
[  658.007348][T17786]  dentry_kill+0xc0/0x2a0
[  658.011515][T17786]  dput+0x45/0x80
[  658.014999][T17786]  __fput+0x662/0x910
[  658.018805][T17786]  ____fput+0x15/0x20
[  658.022623][T17786]  task_work_run+0x129/0x190
[  658.027048][T17786]  exit_to_user_mode_loop+0xc4/0xe0
[  658.032083][T17786]  exit_to_user_mode_prepare+0x5a/0xa0
[  658.037377][T17786]  syscall_exit_to_user_mode+0x26/0x160
[  658.043450][T17786]  do_syscall_64+0x47/0xb0
[  658.048115][T17786]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  658.053998][T17786] 
[  658.056344][T17786] The buggy address belongs to the object at ffff88811a6de800
[  658.056344][T17786]  which belongs to the cache sock_inode_cache of size 896
[  658.071560][T17786] The buggy address is located 32 bytes inside of
[  658.071560][T17786]  896-byte region [ffff88811a6de800, ffff88811a6deb80)
[  658.085070][T17786] The buggy address belongs to the page:
[  658.090700][T17786] page:ffffea000469b700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11a6dc
[  658.101202][T17786] head:ffffea000469b700 order:2 compound_mapcount:0 compound_pincount:0
[  658.109608][T17786] flags: 0x4000000000010200(slab|head|zone=1)
[  658.115601][T17786] raw: 4000000000010200 0000000000000000 0000000f00000001 ffff8881081b2480
[  658.124182][T17786] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  658.132684][T17786] page dumped because: kasan: bad access detected
[  658.139031][T17786] page_owner tracks the page as allocated
[  658.144572][T17786] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 8769, ts 465633511820, free_ts 455697250091
[  658.166884][T17786]  post_alloc_hook+0x1a3/0x1b0
[  658.171961][T17786]  prep_new_page+0x1b/0x110
[  658.176250][T17786]  get_page_from_freelist+0x3550/0x35d0
[  658.181736][T17786]  __alloc_pages+0x27e/0x8f0
[  658.186255][T17786]  new_slab+0x9a/0x4e0
[  658.190154][T17786]  ___slab_alloc+0x39e/0x830
[  658.194698][T17786]  __slab_alloc+0x4a/0x90
[  658.198838][T17786]  kmem_cache_alloc+0x134/0x200
[  658.203519][T17786]  sock_alloc_inode+0x1b/0xb0
[  658.208116][T17786]  new_inode_pseudo+0x64/0x220
[  658.212729][T17786]  __sock_create+0x135/0x760
[  658.217761][T17786]  __sys_socket+0x132/0x370
[  658.222180][T17786]  __x64_sys_socket+0x7a/0x90
[  658.226692][T17786]  x64_sys_call+0x147/0x9a0
[  658.231211][T17786]  do_syscall_64+0x3b/0xb0
[  658.235631][T17786]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  658.241392][T17786] page last free stack trace:
[  658.245874][T17786]  free_unref_page_prepare+0x7c8/0x7d0
[  658.251194][T17786]  free_unref_page+0xe8/0x750
[  658.255693][T17786]  __free_pages+0x61/0xf0
[  658.259937][T17786]  __free_slab+0xec/0x1d0
[  658.264274][T17786]  discard_slab+0x29/0x40
[  658.268650][T17786]  __slab_free+0x205/0x290
[  658.273055][T17786]  ___cache_free+0x109/0x120
[  658.277575][T17786]  qlink_free+0x4d/0x90
[  658.281567][T17786]  qlist_free_all+0x44/0xb0
[  658.285913][T17786]  kasan_quarantine_reduce+0x15a/0x180
[  658.291536][T17786]  __kasan_slab_alloc+0x2f/0xe0
[  658.296259][T17786]  slab_post_alloc_hook+0x53/0x2c0
[  658.301258][T17786]  kmem_cache_alloc+0xf5/0x200
[  658.305813][T17786]  __alloc_skb+0xbe/0x550
[  658.310210][T17786]  alloc_skb_with_frags+0xa6/0x680
[  658.315177][T17786]  sock_alloc_send_pskb+0x915/0xa50
[  658.320234][T17786] 
[  658.322387][T17786] Memory state around the buggy address:
[  658.327882][T17786]  ffff88811a6de700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  658.336029][T17786]  ffff88811a6de780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  658.344108][T17786] >ffff88811a6de800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  658.352170][T17786]                                ^
[  658.357163][T17786]  ffff88811a6de880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  658.365199][T17786]  ffff88811a6de900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  658.373179][T17786] ==================================================================
[  658.381168][T17786] Disabling lock debugging due to kernel taint