(async)
pselect6(0x349, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020) (async)
sched_rr_get_interval(r2, &(0x7f0000000080)) (async)
getpid() (async)
syz_open_pts(0xffffffffffffffff, 0x40001) (async)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000002300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)=""/151}) (async)
syz_open_procfs$namespace(r3, 0x0) (async)
sched_rr_get_interval(r3, &(0x7f0000000040)) (async)

06:33:09 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r4}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
r5 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000000940)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f0000000800)={0xc4, 0x0, 0x0, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7f}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x1}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x6}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x22, 0x13, [{0x1, 0x1}, {0x60}, {}, {0xc}, {0x36}, {0x18, 0x1}, {0xdee2cc2bd3e90894, 0x1}, {0x36}, {0x3b}, {0x24}, {0x16}, {0x1, 0x1}, {0x1b, 0x1}, {0x5, 0x1}, {0x4}, {0x7e, 0x1}, {0x3}, {0x30}, {0xc, 0x1}, {0x3}, {0x6, 0x1}, {0xc}, {0x4}, {0x18, 0x1}, {0x6c}, {0x48, 0x1}, {0xc, 0x1}, {0x48, 0x1}, {0x6c}, {0x30, 0x1}]}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x71}]}, @NL80211_ATTR_STA_FLAGS={0x2c, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xb}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x4028000)
add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000001c0)="ee3bd3dc095abb8e6149de7cf59a1a54ee4062c1671cedd403aa49d77e61d321c98e40dfb4d11b06938132f82b1f45cc410b7cd4843d053c27c739d977d6201d3d580d2ae30ac555d09b2a60939a1800cd3b4fe0daf1d53ea11e02259b28af089c6821d2f12fb137b469e92a0f6ca510984f3f0ec301c5986f1cfd59784773bb34ebb1857b189009", 0x88, 0xfffffffffffffffc)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r5)

06:33:09 executing program 1:
syz_clone(0x34ca0000, 0x0, 0x3f000000, 0x0, 0x0, 0x0)

06:33:09 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r4}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
r5 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000000940)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f0000000800)={0xc4, 0x0, 0x0, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7f}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x1}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x6}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x22, 0x13, [{0x1, 0x1}, {0x60}, {}, {0xc}, {0x36}, {0x18, 0x1}, {0xdee2cc2bd3e90894, 0x1}, {0x36}, {0x3b}, {0x24}, {0x16}, {0x1, 0x1}, {0x1b, 0x1}, {0x5, 0x1}, {0x4}, {0x7e, 0x1}, {0x3}, {0x30}, {0xc, 0x1}, {0x3}, {0x6, 0x1}, {0xc}, {0x4}, {0x18, 0x1}, {0x6c}, {0x48, 0x1}, {0xc, 0x1}, {0x48, 0x1}, {0x6c}, {0x30, 0x1}]}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x71}]}, @NL80211_ATTR_STA_FLAGS={0x2c, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xb}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x4028000)
add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000001c0)="ee3bd3dc095abb8e6149de7cf59a1a54ee4062c1671cedd403aa49d77e61d321c98e40dfb4d11b06938132f82b1f45cc410b7cd4843d053c27c739d977d6201d3d580d2ae30ac555d09b2a60939a1800cd3b4fe0daf1d53ea11e02259b28af089c6821d2f12fb137b469e92a0f6ca510984f3f0ec301c5986f1cfd59784773bb34ebb1857b189009", 0x88, 0xfffffffffffffffc)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r5)

06:33:09 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@ipv6_getrule={0x1c, 0x22, 0x604, 0x70bd2a, 0x25dfdbfe, {0xa, 0x20, 0x10, 0x7, 0xf4, 0x0, 0x0, 0x7, 0x10000}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)

06:33:09 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r4}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
r5 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000000940)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f0000000800)={0xc4, 0x0, 0x0, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7f}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x1}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x6}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x22, 0x13, [{0x1, 0x1}, {0x60}, {}, {0xc}, {0x36}, {0x18, 0x1}, {0xdee2cc2bd3e90894, 0x1}, {0x36}, {0x3b}, {0x24}, {0x16}, {0x1, 0x1}, {0x1b, 0x1}, {0x5, 0x1}, {0x4}, {0x7e, 0x1}, {0x3}, {0x30}, {0xc, 0x1}, {0x3}, {0x6, 0x1}, {0xc}, {0x4}, {0x18, 0x1}, {0x6c}, {0x48, 0x1}, {0xc, 0x1}, {0x48, 0x1}, {0x6c}, {0x30, 0x1}]}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x71}]}, @NL80211_ATTR_STA_FLAGS={0x2c, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xb}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x4028000)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r5)

06:33:09 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r1=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
read$watch_queue(0xffffffffffffffff, &(0x7f0000002240)=""/161, 0xa1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

06:33:09 executing program 3:
clock_gettime(0x1, &(0x7f0000000000))
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000000c0)={&(0x7f0000000180), 0x8})

06:33:09 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:10 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r3}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
r4 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r4)

06:33:10 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x3b, 0x0, 0xa86e, 0x5, 0x80000000, 0x2c5a, 0xaf}, &(0x7f0000000040)={0x4, 0x1, 0x5, 0x0, 0x9, 0x41e, 0x7fffffffffffffff, 0x6}, &(0x7f0000000080)={0xe9c7, 0x80000001, 0x20, 0x17, 0x2, 0x400, 0x4, 0x1}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x4]}, 0x8})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f00000005c0))
clock_gettime(0x0, &(0x7f0000000380)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x7fffffff, 0x5, 0x200, 0xfffffffffffffffe, 0x2eae, 0xdb, 0xfffe00000000, 0x2}, &(0x7f0000000300)={0xffff, 0x6, 0x94, 0x2, 0x5, 0x4, 0x8, 0x200000000}, &(0x7f0000000340)={0x8, 0x6, 0xf67b, 0xf41, 0x401, 0x4, 0x9, 0x6}, &(0x7f00000003c0)={r2, r3+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0xffff]}, 0x8})
ioctl$VHOST_VDPA_GET_VRING_NUM(0xffffffffffffffff, 0x8002af76, &(0x7f0000000280))
socketpair(0x2c, 0x80000, 0x9, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x201000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x47}}}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x4040090)

06:33:10 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r3}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, 0x0)

06:33:10 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0) (async)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r3}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, 0x0)

06:33:10 executing program 4:
r0 = syz_clone(0x1840000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000002000000250d000000000000ff0000000100000040000000ff01000007000000030000000700000005000000040000006b070000be5effff000000000200000009000000000000800000000000100000ffffffff0104000007000000000000000900000005000000ff0f00006000000003000000060000000300000000000000ffffff7f0100000000800000040000000004000009000000040000004000000080000000030000000000000073310000ff0f010008000000060000000900000009000000020000008000000007000000010000000100000008000000"])
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
write$FUSE_LK(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3, 0xdb, 0x0, r0}}}, 0x28)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r3}, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={0x1, &(0x7f0000000440)="34f17bb7d24cb41b999ef4e7607bc454bc5817e581ef43db79cddca9fa539c6b09bbe95e65481283835eb3a679cc2f9c8685be48440a9c0e153ddeb1b5ff21ab591a17112f3777d78f0f4fa1a2f79ce2e70e4a9a386cc0b53511b525667be2eee546bfbc43a48ab460dfa00716732cc663bb1182710b35a79c259f4443be840b4a4efbea33a49b4911762bd35f6317ffe5ee0057778336d0891e0ccb8c2431b2ce60cd49d451e6a32115345fb167e298b14bdc4ec225c3a1113d95fc6b64e06dcbd6bb41fe2719cf94b5d52c4c4bd9d2382c531a7decdec86f8e7c7da7d21bf2abb24814a6a102826b2f3e4473fda9518119f9def2701d6126f2ce83", &(0x7f0000000580)=@tcp6=r1, 0x1}, 0x20)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, 0x0)

06:33:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r1=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
read$watch_queue(0xffffffffffffffff, &(0x7f0000002240)=""/161, 0xa1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

06:33:10 executing program 3:
clock_gettime(0x1, &(0x7f0000000000))
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000000c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x1, &(0x7f0000000000)) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040)) (async)
clock_gettime(0x0, &(0x7f0000000080)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000000c0)={&(0x7f0000000180), 0x8}) (async)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f00000006c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, r3}, 0xc)
r4 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r4)

06:33:10 executing program 4:
r0 = syz_clone(0x1840000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000002000000250d000000000000ff0000000100000040000000ff01000007000000030000000700000005000000040000006b070000be5effff000000000200000009000000000000800000000000100000ffffffff0104000007000000000000000900000005000000ff0f00006000000003000000060000000300000000000000ffffff7f0100000000800000040000000004000009000000040000004000000080000000030000000000000073310000ff0f010008000000060000000900000009000000020000008000000007000000010000000100000008000000"]) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
write$FUSE_LK(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3, 0xdb, 0x0, r0}}}, 0x28)

06:33:10 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x3b, 0x0, 0xa86e, 0x5, 0x80000000, 0x2c5a, 0xaf}, &(0x7f0000000040)={0x4, 0x1, 0x5, 0x0, 0x9, 0x41e, 0x7fffffffffffffff, 0x6}, &(0x7f0000000080)={0xe9c7, 0x80000001, 0x20, 0x17, 0x2, 0x400, 0x4, 0x1}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x4]}, 0x8}) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f00000005c0))
clock_gettime(0x0, &(0x7f0000000380)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x7fffffff, 0x5, 0x200, 0xfffffffffffffffe, 0x2eae, 0xdb, 0xfffe00000000, 0x2}, &(0x7f0000000300)={0xffff, 0x6, 0x94, 0x2, 0x5, 0x4, 0x8, 0x200000000}, &(0x7f0000000340)={0x8, 0x6, 0xf67b, 0xf41, 0x401, 0x4, 0x9, 0x6}, &(0x7f00000003c0)={r2, r3+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0xffff]}, 0x8}) (async)
ioctl$VHOST_VDPA_GET_VRING_NUM(0xffffffffffffffff, 0x8002af76, &(0x7f0000000280)) (async)
socketpair(0x2c, 0x80000, 0x9, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x201000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x47}}}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x4040090)

06:33:10 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r1=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
read$watch_queue(0xffffffffffffffff, &(0x7f0000002240)=""/161, 0xa1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

06:33:10 executing program 4:
r0 = syz_clone(0x1840000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000002000000250d000000000000ff0000000100000040000000ff01000007000000030000000700000005000000040000006b070000be5effff000000000200000009000000000000800000000000100000ffffffff0104000007000000000000000900000005000000ff0f00006000000003000000060000000300000000000000ffffff7f0100000000800000040000000004000009000000040000004000000080000000030000000000000073310000ff0f010008000000060000000900000009000000020000008000000007000000010000000100000008000000"])
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
write$FUSE_LK(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3, 0xdb, 0x0, r0}}}, 0x28)
syz_clone(0x1840000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000002000000250d000000000000ff0000000100000040000000ff01000007000000030000000700000005000000040000006b070000be5effff000000000200000009000000000000800000000000100000ffffffff0104000007000000000000000900000005000000ff0f00006000000003000000060000000300000000000000ffffff7f0100000000800000040000000004000009000000040000004000000080000000030000000000000073310000ff0f010008000000060000000900000009000000020000008000000007000000010000000100000008000000"]) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
write$FUSE_LK(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3, 0xdb, 0x0, r0}}}, 0x28) (async)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6tnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, @local, 0x7, 0x8000, 0x99}})
r3 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r3)

06:33:10 executing program 4:
syz_clone(0x1dde3800, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pipe2$watch_queue(&(0x7f0000000700), 0x80)
r2 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r2)

06:33:10 executing program 4:
syz_clone(0x1dde3800, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:10 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r2 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r2)

06:33:11 executing program 3:
clock_gettime(0x1, &(0x7f0000000000)) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040)) (async)
clock_gettime(0x0, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000000c0)={&(0x7f0000000180), 0x8})

06:33:11 executing program 4:
syz_clone(0x1dde3800, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:11 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r1)

06:33:11 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:11 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x3b, 0x0, 0xa86e, 0x5, 0x80000000, 0x2c5a, 0xaf}, &(0x7f0000000040)={0x4, 0x1, 0x5, 0x0, 0x9, 0x41e, 0x7fffffffffffffff, 0x6}, &(0x7f0000000080)={0xe9c7, 0x80000001, 0x20, 0x17, 0x2, 0x400, 0x4, 0x1}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x4]}, 0x8})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f00000005c0)) (async)
clock_gettime(0x0, &(0x7f0000000380)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x7fffffff, 0x5, 0x200, 0xfffffffffffffffe, 0x2eae, 0xdb, 0xfffe00000000, 0x2}, &(0x7f0000000300)={0xffff, 0x6, 0x94, 0x2, 0x5, 0x4, 0x8, 0x200000000}, &(0x7f0000000340)={0x8, 0x6, 0xf67b, 0xf41, 0x401, 0x4, 0x9, 0x6}, &(0x7f00000003c0)={r2, r3+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0xffff]}, 0x8}) (async)
ioctl$VHOST_VDPA_GET_VRING_NUM(0xffffffffffffffff, 0x8002af76, &(0x7f0000000280)) (async)
socketpair(0x2c, 0x80000, 0x9, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x201000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x47}}}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x4040090)

06:33:11 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r1=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
read$watch_queue(0xffffffffffffffff, &(0x7f0000002240)=""/161, 0xa1)

06:33:11 executing program 4:
syz_clone(0x39ce0200, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0})

06:33:11 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
geteuid()

06:33:11 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000740)={'TPROXY\x00'}, &(0x7f0000000780)=0x1e)
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r1)

06:33:11 executing program 4:
syz_clone(0x39ce0200, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0})

06:33:11 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000980)={0x1, 0x1f}, 0xc)
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r1)

06:33:11 executing program 4:
syz_clone(0x39ce0200, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0})
syz_clone(0x39ce0200, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) (async)

06:33:12 executing program 3:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:12 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
socketpair(0x8, 0x1, 0x8, &(0x7f0000000540))
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r1)

06:33:12 executing program 4:
r0 = syz_clone(0x154e2400, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))

06:33:12 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r1=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:12 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:12 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r1)

06:33:12 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
geteuid()

06:33:12 executing program 4:
r0 = syz_clone(0x154e2400, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))

06:33:12 executing program 2:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:12 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:12 executing program 4:
r0 = syz_clone(0x154e2400, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))

06:33:12 executing program 2:
r0 = add_key(0x0, &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:12 executing program 3:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x1, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)

06:33:12 executing program 2:
r0 = add_key(0x0, &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:12 executing program 4:
r0 = syz_clone(0x44004000, 0x0, 0xffffffffffffff06, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/uts\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, {{0x2, 0x1ff, 0x2, r2}}}, 0x28)
getresuid(&(0x7f0000000080), &(0x7f0000000040), &(0x7f0000000180))

06:33:12 executing program 2:
r0 = add_key(0x0, &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:12 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:12 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100))

06:33:13 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
geteuid()

06:33:13 executing program 4:
r0 = syz_clone(0x44004000, 0x0, 0xffffffffffffff06, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/uts\x00') (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0) (async)
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, {{0x2, 0x1ff, 0x2, r2}}}, 0x28)
getresuid(&(0x7f0000000080), &(0x7f0000000040), &(0x7f0000000180))

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', 0x0, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:13 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)
getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))

06:33:13 executing program 3:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', 0x0, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:13 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:13 executing program 1:
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', 0x0, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:13 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:13 executing program 1:
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:13 executing program 4:
r0 = syz_clone(0x44004000, 0x0, 0xffffffffffffff06, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/uts\x00') (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, {{0x2, 0x1ff, 0x2, r2}}}, 0x28) (async)
getresuid(&(0x7f0000000080), &(0x7f0000000040), &(0x7f0000000180))

06:33:13 executing program 1:
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:13 executing program 5:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:13 executing program 3:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @local}, 0x10)
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r1=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:13 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
sched_rr_get_interval(0x0, &(0x7f00000002c0))
clock_gettime(0x6, &(0x7f0000000300))
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x9, 0x6, 0x0, 0xffff, 0x3ff, 0x7ceb, 0x757}, &(0x7f0000000040)={0x80000000, 0x2000000, 0x80000001, 0x2, 0x0, 0x3, 0x8, 0x2}, &(0x7f0000000080)={0x1, 0xfffffffffffffff7, 0x5, 0x1, 0x9, 0x5, 0x80, 0x6}, &(0x7f0000000200)={r2, r3+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x1f]}, 0x8})

06:33:13 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:13 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
sched_rr_get_interval(0x0, &(0x7f00000002c0))
clock_gettime(0x6, &(0x7f0000000300)) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f0000000340)) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x9, 0x6, 0x0, 0xffff, 0x3ff, 0x7ceb, 0x757}, &(0x7f0000000040)={0x80000000, 0x2000000, 0x80000001, 0x2, 0x0, 0x3, 0x8, 0x2}, &(0x7f0000000080)={0x1, 0xfffffffffffffff7, 0x5, 0x1, 0x9, 0x5, 0x80, 0x6}, &(0x7f0000000200)={r2, r3+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x1f]}, 0x8})

06:33:14 executing program 5:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180), 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 3:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @local}, 0x10)
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r1=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @local}, 0x10) (async)
clock_gettime(0x0, &(0x7f0000000040)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)

06:33:14 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:14 executing program 5:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180), 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
sched_rr_get_interval(0x0, &(0x7f00000002c0)) (async)
clock_gettime(0x6, &(0x7f0000000300)) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000340)) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x9, 0x6, 0x0, 0xffff, 0x3ff, 0x7ceb, 0x757}, &(0x7f0000000040)={0x80000000, 0x2000000, 0x80000001, 0x2, 0x0, 0x3, 0x8, 0x2}, &(0x7f0000000080)={0x1, 0xfffffffffffffff7, 0x5, 0x1, 0x9, 0x5, 0x80, 0x6}, &(0x7f0000000200)={r2, r3+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x1f]}, 0x8})

06:33:14 executing program 4:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0)
syz_clone(0x35480000, 0x0, 0xff43, 0x0, 0x0, 0x0)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180), 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:14 executing program 5:
clock_gettime(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 4:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0) (async)
syz_clone(0x35480000, 0x0, 0xff43, 0x0, 0x0, 0x0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(0x0, &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 3:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @local}, 0x10)
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r1=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @local}, 0x10) (async)
clock_gettime(0x0, &(0x7f0000000040)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)

06:33:14 executing program 5:
clock_gettime(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f00000000c0), &(0x7f0000002300)=0x4)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(0x0, &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing', 0x0, 0xc0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000240)={&(0x7f0000000180)={[0x8]}, 0x8})
sched_rr_get_interval(0x0, &(0x7f0000000200))
prctl$PR_SVE_SET_VL(0x32, 0x1c0ff)
read$char_usb(0xffffffffffffffff, &(0x7f0000000000)=""/167, 0xa7)

06:33:14 executing program 4:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0)
syz_clone(0x35480000, 0x0, 0xff43, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff) (async)
add_key(&(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, r0) (async)
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0) (async)
syz_clone(0x35480000, 0x0, 0xff43, 0x0, 0x0, 0x0) (async)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, 0x0, &(0x7f0000002300))

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(0x0, &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 5:
clock_gettime(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, 0x0, &(0x7f0000002300))

06:33:14 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000300)={<r2=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r2, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x3, 0x2, 0x3ff, 0x0, 0xffffffffffffffff, 0x69, '\x00', r2, 0xffffffffffffffff, 0x4, 0x3, 0x4}, 0x48)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, 0x0, &(0x7f0000002300))

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, r0)

06:33:14 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000300)={<r2=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r2, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x3, 0x2, 0x3ff, 0x0, 0xffffffffffffffff, 0x69, '\x00', r2, 0xffffffffffffffff, 0x4, 0x3, 0x4}, 0x48)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (async)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000300)={0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r2, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x3, 0x2, 0x3ff, 0x0, 0xffffffffffffffff, 0x69, '\x00', r2, 0xffffffffffffffff, 0x4, 0x3, 0x4}, 0x48) (async)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing', 0x0, 0xc0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000240)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
sched_rr_get_interval(0x0, &(0x7f0000000200))
prctl$PR_SVE_SET_VL(0x32, 0x1c0ff) (async)
read$char_usb(0xffffffffffffffff, &(0x7f0000000000)=""/167, 0xa7)

06:33:14 executing program 2:
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), 0x0)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing', 0x0, 0xc0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000240)={&(0x7f0000000180)={[0x8]}, 0x8})
sched_rr_get_interval(0x0, &(0x7f0000000200)) (async)
prctl$PR_SVE_SET_VL(0x32, 0x1c0ff) (async)
read$char_usb(0xffffffffffffffff, &(0x7f0000000000)=""/167, 0xa7)

06:33:14 executing program 2:
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), 0x0)

06:33:14 executing program 2:
add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0)

06:33:14 executing program 2:
r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="fa", 0x1, 0xfffffffffffffffe)
add_key(0x0, &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="9ebf796e0653dc8b8b5469ba8599bcb0b97d50c817b947d3412480a5432033212872b87565853e", 0x27, r0)

06:33:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0), 0x0)

06:33:14 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000300)={<r2=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r2, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x3, 0x2, 0x3ff, 0x0, 0xffffffffffffffff, 0x69, '\x00', r2, 0xffffffffffffffff, 0x4, 0x3, 0x4}, 0x48)

06:33:14 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 2:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:14 executing program 1:
r0 = syz_clone(0x44004000, 0x0, 0xffffffffffffff06, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/uts\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, {{0x2, 0x1ff, 0x2, r2}}}, 0x28)
getresuid(&(0x7f0000000080), &(0x7f0000000040), &(0x7f0000000180))

06:33:14 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ehci_hcd', 0x21c0, 0x84)
sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@delneigh={0x30, 0x1d, 0x1, 0x70bd2a, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0x10, 0x90, 0xe}, [@NDA_DST_IPV6={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004810)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)=@dellinkprop={0x1c0, 0x6d, 0x4, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1000, 0x1080}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x5}, @IFLA_MASTER={0x8}, @IFLA_PHYS_PORT_ID={0x23, 0x22, "34d00a274f0926fa122596eb8c7e14f9e70f01c41825691ab296e04389edf2"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x5764}, @IFLA_LINKINFO={0x118, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x108, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf3, 0x80}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xc543, 0x20}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3feb69e2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffffb, 0x21d}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0xfffffffa}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0xd5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x2}}]}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_EGRESS_QOS={0x40, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3e2, 0x80000000}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x3}}]}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x3}, @IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x24, 0x2, 0x0, 0x1, {{0x8, 0x1, r0}, {0x8, 0x2, r0}, [@IFLA_GTP_ROLE={0x8, 0x4, 0x1}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x8}]}}}}, @IFLA_BROADCAST={0xa, 0x2, @random="da562c7ef14e"}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x3}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40801}, 0x8015)

06:33:14 executing program 3:
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
prctl$PR_SVE_SET_VL(0x32, 0x26ff2)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/hidp', 0x14040, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00001b0000000000000001000000"], 0x14}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000003c0)={'team0\x00', <r4=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000400)={'syztnl0\x00', <r5=>0x0, 0x29, 0x40, 0xff, 0x2, 0x70, @private0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40, 0x10, 0x5, 0x200}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000004c0)={'ip6gre0\x00', <r6=>0x0, 0x2f, 0x8, 0x8, 0x2, 0x1b, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x8000, 0x80, 0x7, 0xcbb}})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f00000002c0)=0x61)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r8=>0x0, @initdev, @multicast1}, &(0x7f0000000100)=0xfffffffffffffe7b)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r8, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000001700)=ANY=[@ANYBLOB="98060000", @ANYRES16=0x0, @ANYBLOB="1b6e6ff4e16c55745238fcab7afc295bce010026bd7000fedb00000100000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e000008000100", @ANYRES32=0x0, @ANYBLOB="8000028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000500051040000000d90608050400000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000008000100", @ANYRES32=0x0, @ANYBLOB="b40002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400030000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="00000100", @ANYRES32=0x0, @ANYBLOB="0401028040000100240001006c625f704f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400fffffeff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040002002007010000000000070117000000080003070700000008000100", @ANYRES32=0x0, @ANYBLOB="700102804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d11d00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r3, @ANYBLOB="b80002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=r4, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="a80102803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400afa0000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004001f000000080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB="08000700000000003c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c00040007000600000400003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x698}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000980)=ANY=[@ANYBLOB="90000000", @ANYRES16=0x0, @ANYBLOB="0200e8d47000ffdbdf25060000000800020007000000ba69e82157afa8ecff0200000000000000000000000000010c000180060001000a000000080003000100000008000300020000002000018014000400ff01000000000000000000000000000108000600010000000800020004000000080003000200000008000300030000000800030005000000505b34f5bc4315d87ab178c50b364bd5cc95e4dc740af7aca2ba81ce6ab2b9871159d4bc5e7ab19618f7e37b281e53959303c6c3be7763007789298002bfdbd0afbf3317869df198f240785ff6e50e43800fe7c86600832a41db7b63c98ad7438f50b01dec82cf24f3784dce558495b96a2b1b4801b13029ae18e7f1b025b70f66397190a9e18992982b87b3b7a1bfbc0df321385785a9f5db2214021edb4fe8d63705ed7f64f67b618e0144de3d2d63b9a9400e8859bbf17ed8ad74235dde3208335250ad5c1496f723d99c780fa8c973cab0987e51ae202db5b87ef0ec3e65f2991a20d1a614e8997ad00ec18a29ae65c59ca9331ee9"], 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c091)

06:33:14 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000000))
clock_gettime(0x3, &(0x7f0000000040))

06:33:14 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ehci_hcd', 0x21c0, 0x84)
sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@delneigh={0x30, 0x1d, 0x1, 0x70bd2a, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0x10, 0x90, 0xe}, [@NDA_DST_IPV6={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004810)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)=@dellinkprop={0x1c0, 0x6d, 0x4, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1000, 0x1080}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x5}, @IFLA_MASTER={0x8}, @IFLA_PHYS_PORT_ID={0x23, 0x22, "34d00a274f0926fa122596eb8c7e14f9e70f01c41825691ab296e04389edf2"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x5764}, @IFLA_LINKINFO={0x118, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x108, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf3, 0x80}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xc543, 0x20}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3feb69e2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffffb, 0x21d}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0xfffffffa}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0xd5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x2}}]}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_EGRESS_QOS={0x40, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3e2, 0x80000000}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x3}}]}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x3}, @IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x24, 0x2, 0x0, 0x1, {{0x8, 0x1, r0}, {0x8, 0x2, r0}, [@IFLA_GTP_ROLE={0x8, 0x4, 0x1}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x8}]}}}}, @IFLA_BROADCAST={0xa, 0x2, @random="da562c7ef14e"}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x3}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40801}, 0x8015)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ehci_hcd', 0x21c0, 0x84) (async)
sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@delneigh={0x30, 0x1d, 0x1, 0x70bd2a, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0x10, 0x90, 0xe}, [@NDA_DST_IPV6={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004810) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)=@dellinkprop={0x1c0, 0x6d, 0x4, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1000, 0x1080}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x5}, @IFLA_MASTER={0x8}, @IFLA_PHYS_PORT_ID={0x23, 0x22, "34d00a274f0926fa122596eb8c7e14f9e70f01c41825691ab296e04389edf2"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x5764}, @IFLA_LINKINFO={0x118, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x108, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf3, 0x80}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xc543, 0x20}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3feb69e2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffffb, 0x21d}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0xfffffffa}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0xd5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x2}}]}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_EGRESS_QOS={0x40, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3e2, 0x80000000}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x3}}]}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x3}, @IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x24, 0x2, 0x0, 0x1, {{0x8, 0x1, r0}, {0x8, 0x2, r0}, [@IFLA_GTP_ROLE={0x8, 0x4, 0x1}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x8}]}}}}, @IFLA_BROADCAST={0xa, 0x2, @random="da562c7ef14e"}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x3}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40801}, 0x8015) (async)

06:33:14 executing program 3:
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async, rerun: 32)
prctl$PR_SVE_SET_VL(0x32, 0x26ff2) (rerun: 32)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/hidp', 0x14040, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00001b0000000000000001000000"], 0x14}}, 0x0) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async, rerun: 32)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000003c0)={'team0\x00', <r4=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000400)={'syztnl0\x00', <r5=>0x0, 0x29, 0x40, 0xff, 0x2, 0x70, @private0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40, 0x10, 0x5, 0x200}}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000004c0)={'ip6gre0\x00', <r6=>0x0, 0x2f, 0x8, 0x8, 0x2, 0x1b, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x8000, 0x80, 0x7, 0xcbb}}) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (async)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f00000002c0)=0x61) (async)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r8=>0x0, @initdev, @multicast1}, &(0x7f0000000100)=0xfffffffffffffe7b)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r8, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async, rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000001700)=ANY=[@ANYBLOB="98060000", @ANYRES16=0x0, @ANYBLOB="1b6e6ff4e16c55745238fcab7afc295bce010026bd7000fedb00000100000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e000008000100", @ANYRES32=0x0, @ANYBLOB="8000028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000500051040000000d90608050400000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000008000100", @ANYRES32=0x0, @ANYBLOB="b40002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400030000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="00000100", @ANYRES32=0x0, @ANYBLOB="0401028040000100240001006c625f704f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400fffffeff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040002002007010000000000070117000000080003070700000008000100", @ANYRES32=0x0, @ANYBLOB="700102804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d11d00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r3, @ANYBLOB="b80002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=r4, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="a80102803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400afa0000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004001f000000080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB="08000700000000003c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c00040007000600000400003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x698}, 0x1, 0x0, 0x0, 0x40}, 0x0) (rerun: 32)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000980)=ANY=[@ANYBLOB="90000000", @ANYRES16=0x0, @ANYBLOB="0200e8d47000ffdbdf25060000000800020007000000ba69e82157afa8ecff0200000000000000000000000000010c000180060001000a000000080003000100000008000300020000002000018014000400ff01000000000000000000000000000108000600010000000800020004000000080003000200000008000300030000000800030005000000505b34f5bc4315d87ab178c50b364bd5cc95e4dc740af7aca2ba81ce6ab2b9871159d4bc5e7ab19618f7e37b281e53959303c6c3be7763007789298002bfdbd0afbf3317869df198f240785ff6e50e43800fe7c86600832a41db7b63c98ad7438f50b01dec82cf24f3784dce558495b96a2b1b4801b13029ae18e7f1b025b70f66397190a9e18992982b87b3b7a1bfbc0df321385785a9f5db2214021edb4fe8d63705ed7f64f67b618e0144de3d2d63b9a9400e8859bbf17ed8ad74235dde3208335250ad5c1496f723d99c780fa8c973cab0987e51ae202db5b87ef0ec3e65f2991a20d1a614e8997ad00ec18a29ae65c59ca9331ee9"], 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c091)

06:33:14 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:14 executing program 3:
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async, rerun: 32)
prctl$PR_SVE_SET_VL(0x32, 0x26ff2) (rerun: 32)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/hidp', 0x14040, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00001b0000000000000001000000"], 0x14}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000003c0)={'team0\x00', <r4=>0x0}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000400)={'syztnl0\x00', <r5=>0x0, 0x29, 0x40, 0xff, 0x2, 0x70, @private0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40, 0x10, 0x5, 0x200}}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000004c0)={'ip6gre0\x00', <r6=>0x0, 0x2f, 0x8, 0x8, 0x2, 0x1b, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x8000, 0x80, 0x7, 0xcbb}})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f00000002c0)=0x61) (async)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r8=>0x0, @initdev, @multicast1}, &(0x7f0000000100)=0xfffffffffffffe7b)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r8, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async, rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000001700)=ANY=[@ANYBLOB="98060000", @ANYRES16=0x0, @ANYBLOB="1b6e6ff4e16c55745238fcab7afc295bce010026bd7000fedb00000100000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e000008000100", @ANYRES32=0x0, @ANYBLOB="8000028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000500051040000000d90608050400000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000008000100", @ANYRES32=0x0, @ANYBLOB="b40002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400030000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="00000100", @ANYRES32=0x0, @ANYBLOB="0401028040000100240001006c625f704f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400fffffeff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040002002007010000000000070117000000080003070700000008000100", @ANYRES32=0x0, @ANYBLOB="700102804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d11d00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r3, @ANYBLOB="b80002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=r4, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="a80102803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400afa0000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004001f000000080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB="08000700000000003c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c00040007000600000400003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x698}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async, rerun: 64)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000980)=ANY=[@ANYBLOB="90000000", @ANYRES16=0x0, @ANYBLOB="0200e8d47000ffdbdf25060000000800020007000000ba69e82157afa8ecff0200000000000000000000000000010c000180060001000a000000080003000100000008000300020000002000018014000400ff01000000000000000000000000000108000600010000000800020004000000080003000200000008000300030000000800030005000000505b34f5bc4315d87ab178c50b364bd5cc95e4dc740af7aca2ba81ce6ab2b9871159d4bc5e7ab19618f7e37b281e53959303c6c3be7763007789298002bfdbd0afbf3317869df198f240785ff6e50e43800fe7c86600832a41db7b63c98ad7438f50b01dec82cf24f3784dce558495b96a2b1b4801b13029ae18e7f1b025b70f66397190a9e18992982b87b3b7a1bfbc0df321385785a9f5db2214021edb4fe8d63705ed7f64f67b618e0144de3d2d63b9a9400e8859bbf17ed8ad74235dde3208335250ad5c1496f723d99c780fa8c973cab0987e51ae202db5b87ef0ec3e65f2991a20d1a614e8997ad00ec18a29ae65c59ca9331ee9"], 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c091)

06:33:14 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:15 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000200)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x100000000, 0x3, 0x6, 0x7fffffffffffffff, 0x4, 0x200000000000000, 0x2a, 0x5}, &(0x7f0000000080)={0x9, 0xf391, 0x1, 0x2, 0x2, 0xfff, 0x9, 0x2}, &(0x7f00000000c0)={0x4, 0x10001, 0x2, 0x5, 0x4, 0x7ff, 0x8001, 0xfff}, &(0x7f0000000240)={r1, r2+10000000}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x9]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="c6639b0339b4d55bf226eb1ae24fdb6c6d206e6f4ca17c8b", 0x0, 0x18)
pselect6(0x40, &(0x7f0000000300)={0x9, 0x7fff, 0x4a32, 0xe099a20, 0x401, 0x7fff, 0x82e6, 0x3f}, &(0x7f0000000340)={0xfffffffffffffff8, 0x8, 0x9, 0x51b, 0xfff, 0x80000001, 0x9, 0x7}, &(0x7f0000000380)={0x10000, 0x1, 0x800, 0xc7, 0x3, 0x1, 0x3, 0x3}, &(0x7f00000003c0)={0x77359400}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7]}, 0x8})

06:33:15 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ehci_hcd', 0x21c0, 0x84)
sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@delneigh={0x30, 0x1d, 0x1, 0x70bd2a, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0x10, 0x90, 0xe}, [@NDA_DST_IPV6={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004810) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)=@dellinkprop={0x1c0, 0x6d, 0x4, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1000, 0x1080}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x5}, @IFLA_MASTER={0x8}, @IFLA_PHYS_PORT_ID={0x23, 0x22, "34d00a274f0926fa122596eb8c7e14f9e70f01c41825691ab296e04389edf2"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x5764}, @IFLA_LINKINFO={0x118, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x108, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf3, 0x80}}]}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xc543, 0x20}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3feb69e2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffffb, 0x21d}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0xfffffffa}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x20, 0xd5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x2}}]}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_EGRESS_QOS={0x40, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3e2, 0x80000000}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x3}}]}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x3}, @IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x24, 0x2, 0x0, 0x1, {{0x8, 0x1, r0}, {0x8, 0x2, r0}, [@IFLA_GTP_ROLE={0x8, 0x4, 0x1}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x8}]}}}}, @IFLA_BROADCAST={0xa, 0x2, @random="da562c7ef14e"}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x3}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40801}, 0x8015)

06:33:15 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:15 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000200)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x100000000, 0x3, 0x6, 0x7fffffffffffffff, 0x4, 0x200000000000000, 0x2a, 0x5}, &(0x7f0000000080)={0x9, 0xf391, 0x1, 0x2, 0x2, 0xfff, 0x9, 0x2}, &(0x7f00000000c0)={0x4, 0x10001, 0x2, 0x5, 0x4, 0x7ff, 0x8001, 0xfff}, &(0x7f0000000240)={r1, r2+10000000}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x9]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="c6639b0339b4d55bf226eb1ae24fdb6c6d206e6f4ca17c8b", 0x0, 0x18) (async)
pselect6(0x40, &(0x7f0000000300)={0x9, 0x7fff, 0x4a32, 0xe099a20, 0x401, 0x7fff, 0x82e6, 0x3f}, &(0x7f0000000340)={0xfffffffffffffff8, 0x8, 0x9, 0x51b, 0xfff, 0x80000001, 0x9, 0x7}, &(0x7f0000000380)={0x10000, 0x1, 0x800, 0xc7, 0x3, 0x1, 0x3, 0x3}, &(0x7f00000003c0)={0x77359400}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7]}, 0x8})

06:33:15 executing program 1:
syz_clone(0x34ca0000, 0x0, 0xf000000, 0x0, 0x0, 0x0)

06:33:15 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:15 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000000))
clock_gettime(0x3, &(0x7f0000000040))

06:33:15 executing program 1:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:15 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:15 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, &(0x7f0000000000)="93f47dbaeeae264218c7c4ad56c02e4f0cec76585d064ee313ad2451d405513d023be3aaa29d0f86df0a52a3074056ca869e4c02e601a9a88d7cce65ef00f0e9afb6eb515aa20e0a3e9004320ad7c6cd8d257a90098031dc95089c7f9ec17ecee358d815fa7a368d8037aab4ecfdfcb88815f77b3454109a812f662c422acc6b87976652e5dce7fb9c4247b3bd478edadf802d8dd4ee4058a6", 0x99, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="4de764ce902ad0884f548541ef6524113296205d57b13819f522235c80a54ed848131a0359b91bf183e4d2ff3c39ed36611cfd0e6ee3c4a54f7c6599c71e64cc7965858e92ca920428ba6988025008d694a099a07828b13bad1c25f38fb74fc15ba26f74824e8c4b264caaae769241f99c7fc72218")

06:33:15 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, &(0x7f0000000000)="93f47dbaeeae264218c7c4ad56c02e4f0cec76585d064ee313ad2451d405513d023be3aaa29d0f86df0a52a3074056ca869e4c02e601a9a88d7cce65ef00f0e9afb6eb515aa20e0a3e9004320ad7c6cd8d257a90098031dc95089c7f9ec17ecee358d815fa7a368d8037aab4ecfdfcb88815f77b3454109a812f662c422acc6b87976652e5dce7fb9c4247b3bd478edadf802d8dd4ee4058a6", 0x99, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="4de764ce902ad0884f548541ef6524113296205d57b13819f522235c80a54ed848131a0359b91bf183e4d2ff3c39ed36611cfd0e6ee3c4a54f7c6599c71e64cc7965858e92ca920428ba6988025008d694a099a07828b13bad1c25f38fb74fc15ba26f74824e8c4b264caaae769241f99c7fc72218")
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, &(0x7f0000000000)="93f47dbaeeae264218c7c4ad56c02e4f0cec76585d064ee313ad2451d405513d023be3aaa29d0f86df0a52a3074056ca869e4c02e601a9a88d7cce65ef00f0e9afb6eb515aa20e0a3e9004320ad7c6cd8d257a90098031dc95089c7f9ec17ecee358d815fa7a368d8037aab4ecfdfcb88815f77b3454109a812f662c422acc6b87976652e5dce7fb9c4247b3bd478edadf802d8dd4ee4058a6", 0x99, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="4de764ce902ad0884f548541ef6524113296205d57b13819f522235c80a54ed848131a0359b91bf183e4d2ff3c39ed36611cfd0e6ee3c4a54f7c6599c71e64cc7965858e92ca920428ba6988025008d694a099a07828b13bad1c25f38fb74fc15ba26f74824e8c4b264caaae769241f99c7fc72218") (async)

06:33:15 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:15 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:15 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, &(0x7f0000000000)="93f47dbaeeae264218c7c4ad56c02e4f0cec76585d064ee313ad2451d405513d023be3aaa29d0f86df0a52a3074056ca869e4c02e601a9a88d7cce65ef00f0e9afb6eb515aa20e0a3e9004320ad7c6cd8d257a90098031dc95089c7f9ec17ecee358d815fa7a368d8037aab4ecfdfcb88815f77b3454109a812f662c422acc6b87976652e5dce7fb9c4247b3bd478edadf802d8dd4ee4058a6", 0x99, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="4de764ce902ad0884f548541ef6524113296205d57b13819f522235c80a54ed848131a0359b91bf183e4d2ff3c39ed36611cfd0e6ee3c4a54f7c6599c71e64cc7965858e92ca920428ba6988025008d694a099a07828b13bad1c25f38fb74fc15ba26f74824e8c4b264caaae769241f99c7fc72218")
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, &(0x7f0000000000)="93f47dbaeeae264218c7c4ad56c02e4f0cec76585d064ee313ad2451d405513d023be3aaa29d0f86df0a52a3074056ca869e4c02e601a9a88d7cce65ef00f0e9afb6eb515aa20e0a3e9004320ad7c6cd8d257a90098031dc95089c7f9ec17ecee358d815fa7a368d8037aab4ecfdfcb88815f77b3454109a812f662c422acc6b87976652e5dce7fb9c4247b3bd478edadf802d8dd4ee4058a6", 0x99, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="4de764ce902ad0884f548541ef6524113296205d57b13819f522235c80a54ed848131a0359b91bf183e4d2ff3c39ed36611cfd0e6ee3c4a54f7c6599c71e64cc7965858e92ca920428ba6988025008d694a099a07828b13bad1c25f38fb74fc15ba26f74824e8c4b264caaae769241f99c7fc72218") (async)

06:33:16 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:16 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000002080))

06:33:16 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000200)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x100000000, 0x3, 0x6, 0x7fffffffffffffff, 0x4, 0x200000000000000, 0x2a, 0x5}, &(0x7f0000000080)={0x9, 0xf391, 0x1, 0x2, 0x2, 0xfff, 0x9, 0x2}, &(0x7f00000000c0)={0x4, 0x10001, 0x2, 0x5, 0x4, 0x7ff, 0x8001, 0xfff}, &(0x7f0000000240)={r1, r2+10000000}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x9]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="c6639b0339b4d55bf226eb1ae24fdb6c6d206e6f4ca17c8b", 0x0, 0x18)
pselect6(0x40, &(0x7f0000000300)={0x9, 0x7fff, 0x4a32, 0xe099a20, 0x401, 0x7fff, 0x82e6, 0x3f}, &(0x7f0000000340)={0xfffffffffffffff8, 0x8, 0x9, 0x51b, 0xfff, 0x80000001, 0x9, 0x7}, &(0x7f0000000380)={0x10000, 0x1, 0x800, 0xc7, 0x3, 0x1, 0x3, 0x3}, &(0x7f00000003c0)={0x77359400}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7]}, 0x8})
clock_gettime(0x5, &(0x7f0000000100)) (async)
clock_gettime(0x0, &(0x7f0000000200)) (async)
pselect6(0x40, &(0x7f0000000040)={0x100000000, 0x3, 0x6, 0x7fffffffffffffff, 0x4, 0x200000000000000, 0x2a, 0x5}, &(0x7f0000000080)={0x9, 0xf391, 0x1, 0x2, 0x2, 0xfff, 0x9, 0x2}, &(0x7f00000000c0)={0x4, 0x10001, 0x2, 0x5, 0x4, 0x7ff, 0x8001, 0xfff}, &(0x7f0000000240)={r1, r2+10000000}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x9]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="c6639b0339b4d55bf226eb1ae24fdb6c6d206e6f4ca17c8b", 0x0, 0x18) (async)
pselect6(0x40, &(0x7f0000000300)={0x9, 0x7fff, 0x4a32, 0xe099a20, 0x401, 0x7fff, 0x82e6, 0x3f}, &(0x7f0000000340)={0xfffffffffffffff8, 0x8, 0x9, 0x51b, 0xfff, 0x80000001, 0x9, 0x7}, &(0x7f0000000380)={0x10000, 0x1, 0x800, 0xc7, 0x3, 0x1, 0x3, 0x3}, &(0x7f00000003c0)={0x77359400}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7]}, 0x8}) (async)

06:33:16 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000000))
clock_gettime(0x3, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
getpid() (async)
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f0000000000)) (async)
clock_gettime(0x3, &(0x7f0000000040)) (async)

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)

06:33:16 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000002080))
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) (async)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000002080)) (async)

06:33:16 executing program 1:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)

06:33:16 executing program 1:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:16 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:16 executing program 0:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000000)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:16 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000002080))
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) (async)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000002080)) (async)

06:33:16 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
pselect6(0x40, &(0x7f0000000080)={0xfb, 0x2, 0x1, 0x7, 0xfff, 0x6, 0x0, 0x8}, &(0x7f00000000c0)={0x8, 0x80000000, 0x0, 0xa31, 0x7, 0x498, 0x3f, 0x7ff}, &(0x7f0000000180)={0x8, 0x9, 0x200, 0x5, 0xfffffffffffffffa, 0xb0d4, 0x7}, &(0x7f0000000200), &(0x7f0000000280)={&(0x7f0000000240)={[0x7]}, 0x8})
alarm(0x7)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+60000000}, &(0x7f00000001c0)={&(0x7f0000000040), 0x8})

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:16 executing program 0:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000000)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:16 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:16 executing program 0:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000000)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000000)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

06:33:16 executing program 2:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:16 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r2 = fsmount(r1, 0x1, 0x5)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000080)='!#\'{K&^\\*/),!@!\'.%%(^\x00', &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000040)={0x0, 0x1})
r5 = getpid()
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, r3, {{0x7fff, 0x8000000000000000, 0x5, r5}}}, 0x28)
r6 = getegid()
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0x0, r3, {{0x0, 0x1, 0x1, 0x8, 0x0, 0x9, {0x6, 0x5, 0x6, 0xb4e5500, 0x20000000, 0x55, 0x8, 0x2, 0x5, 0x4000, 0x1f, r4, r6, 0x4, 0x5}}, {0x0, 0x3}}}, 0xa0)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, r3, {{0x83, 0x80000001, 0x2, r0}}}, 0x28)
r7 = fsmount(r1, 0x0, 0x2)
read$FUSE(r7, &(0x7f0000002680)={0x2020}, 0x2020)

06:33:17 executing program 1:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r2 = fsmount(r1, 0x1, 0x5)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000080)='!#\'{K&^\\*/),!@!\'.%%(^\x00', &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000040)={0x0, 0x1})
r5 = getpid()
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, r3, {{0x7fff, 0x8000000000000000, 0x5, r5}}}, 0x28)
r6 = getegid()
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0x0, r3, {{0x0, 0x1, 0x1, 0x8, 0x0, 0x9, {0x6, 0x5, 0x6, 0xb4e5500, 0x20000000, 0x55, 0x8, 0x2, 0x5, 0x4000, 0x1f, r4, r6, 0x4, 0x5}}, {0x0, 0x3}}}, 0xa0)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, r3, {{0x83, 0x80000001, 0x2, r0}}}, 0x28)
r7 = fsmount(r1, 0x0, 0x2)
read$FUSE(r7, &(0x7f0000002680)={0x2020}, 0x2020)

06:33:17 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0xfffffffffffffffe, 0x0, {0x4, 0x0, 0xffff, 0x639}}, 0x20)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
prctl$PR_SVE_SET_VL(0x32, 0x369d4)

06:33:17 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:17 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r2 = fsmount(r1, 0x1, 0x5)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000080)='!#\'{K&^\\*/),!@!\'.%%(^\x00', &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020) (async)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000040)={0x0, 0x1}) (async)
r5 = getpid()
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, r3, {{0x7fff, 0x8000000000000000, 0x5, r5}}}, 0x28)
r6 = getegid()
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0x0, r3, {{0x0, 0x1, 0x1, 0x8, 0x0, 0x9, {0x6, 0x5, 0x6, 0xb4e5500, 0x20000000, 0x55, 0x8, 0x2, 0x5, 0x4000, 0x1f, r4, r6, 0x4, 0x5}}, {0x0, 0x3}}}, 0xa0) (async)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, r3, {{0x83, 0x80000001, 0x2, r0}}}, 0x28) (async)
r7 = fsmount(r1, 0x0, 0x2)
read$FUSE(r7, &(0x7f0000002680)={0x2020}, 0x2020)

06:33:17 executing program 1:
syz_clone(0x34ca0000, 0x0, 0x8000000, 0x0, 0x0, 0x0)

06:33:17 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
pselect6(0x40, &(0x7f0000000080)={0xfb, 0x2, 0x1, 0x7, 0xfff, 0x6, 0x0, 0x8}, &(0x7f00000000c0)={0x8, 0x80000000, 0x0, 0xa31, 0x7, 0x498, 0x3f, 0x7ff}, &(0x7f0000000180)={0x8, 0x9, 0x200, 0x5, 0xfffffffffffffffa, 0xb0d4, 0x7}, &(0x7f0000000200), &(0x7f0000000280)={&(0x7f0000000240)={[0x7]}, 0x8}) (async)
alarm(0x7) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+60000000}, &(0x7f00000001c0)={&(0x7f0000000040), 0x8})

06:33:17 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0xfffffffffffffffe, 0x0, {0x4, 0x0, 0xffff, 0x639}}, 0x20)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
prctl$PR_SVE_SET_VL(0x32, 0x369d4)

06:33:17 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r2 = fsmount(r1, 0x1, 0x5)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000080)='!#\'{K&^\\*/),!@!\'.%%(^\x00', &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020) (async, rerun: 64)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000040)={0x0, 0x1}) (async, rerun: 64)
r5 = getpid()
write$FUSE_LK(r1, &(0x7f0000000140)={0x28, 0x0, r3, {{0x7fff, 0x8000000000000000, 0x5, r5}}}, 0x28) (async)
r6 = getegid()
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0x0, r3, {{0x0, 0x1, 0x1, 0x8, 0x0, 0x9, {0x6, 0x5, 0x6, 0xb4e5500, 0x20000000, 0x55, 0x8, 0x2, 0x5, 0x4000, 0x1f, r4, r6, 0x4, 0x5}}, {0x0, 0x3}}}, 0xa0)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, r3, {{0x83, 0x80000001, 0x2, r0}}}, 0x28)
r7 = fsmount(r1, 0x0, 0x2)
read$FUSE(r7, &(0x7f0000002680)={0x2020}, 0x2020)

06:33:17 executing program 1:
syz_clone(0x34ca0000, 0x0, 0x4000000, 0x0, 0x0, 0x0)

06:33:17 executing program 2:
syz_clone(0x34ca0000, 0x0, 0x40000, 0x0, 0x0, 0x0)

06:33:17 executing program 1:
syz_clone(0x34ca0000, 0x0, 0x2000, 0x0, 0x0, 0x0)

06:33:17 executing program 2:
syz_clone(0x34ca0000, 0x0, 0xf00, 0x0, 0x0, 0x0)

06:33:17 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)

06:33:17 executing program 1:
syz_clone(0x34ca0000, 0x0, 0x4, 0x0, 0x0, 0x0)

06:33:18 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:18 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)

06:33:18 executing program 2:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)

06:33:18 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)) (async)
clock_gettime(0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
pselect6(0x40, &(0x7f0000000080)={0xfb, 0x2, 0x1, 0x7, 0xfff, 0x6, 0x0, 0x8}, &(0x7f00000000c0)={0x8, 0x80000000, 0x0, 0xa31, 0x7, 0x498, 0x3f, 0x7ff}, &(0x7f0000000180)={0x8, 0x9, 0x200, 0x5, 0xfffffffffffffffa, 0xb0d4, 0x7}, &(0x7f0000000200), &(0x7f0000000280)={&(0x7f0000000240)={[0x7]}, 0x8})
alarm(0x7) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+60000000}, &(0x7f00000001c0)={&(0x7f0000000040), 0x8})

06:33:18 executing program 1:
syz_clone(0x34ca4100, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:18 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0xfffffffffffffffe, 0x0, {0x4, 0x0, 0xffff, 0x639}}, 0x20) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
prctl$PR_SVE_SET_VL(0x32, 0x369d4)

06:33:18 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)

06:33:18 executing program 2:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:18 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VDPA_GET_IOVA_RANGE(r0, 0x8010af78, &(0x7f0000000000))
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:18 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$VHOST_VDPA_GET_IOVA_RANGE(r0, 0x8010af78, &(0x7f0000000000))
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:18 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async, rerun: 32)
ioctl$VHOST_VDPA_GET_IOVA_RANGE(r0, 0x8010af78, &(0x7f0000000000)) (async, rerun: 32)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:18 executing program 4:
syz_clone(0x31ee4000, 0x0, 0xc0, 0x0, 0x0, 0x0)

06:33:18 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:18 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:18 executing program 4:
syz_clone(0x31ee4000, 0x0, 0xc0, 0x0, 0x0, 0x0)

06:33:19 executing program 4:
syz_clone(0x31ee4000, 0x0, 0xc0, 0x0, 0x0, 0x0)

06:33:19 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:19 executing program 0:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000180)={&(0x7f0000000040)={[0x6]}, 0xfeca})

06:33:19 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x80000000, 0x5c2e8469, 0x10001, 0x20, 0x52}, &(0x7f0000000040)={0x9c, 0x0, 0xffffffffffff8001, 0x0, 0x9e, 0x800, 0x1f, 0x7}, &(0x7f0000000080)={0x81, 0x2, 0x7, 0x40, 0x2, 0x0, 0xff, 0xf30d}, &(0x7f0000000200)={r1, r2+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x2]}, 0x8})
clock_gettime(0x0, &(0x7f00000003c0))
pselect6(0x40, &(0x7f0000000300)={0x0, 0x5, 0x1, 0x3, 0x9, 0x6, 0x56932788, 0xfffffffffffffc00}, &(0x7f0000000340)={0x4657, 0x5, 0x9, 0x7ff, 0x0, 0x0, 0x8, 0x100000001}, &(0x7f0000000380)={0x8, 0x80000001, 0x8000000000000001, 0x9, 0x5, 0x3, 0x4, 0x8}, &(0x7f0000000400), &(0x7f0000000480)={&(0x7f0000000440)={[0x3f]}, 0x8})
clock_gettime(0x0, &(0x7f00000002c0))

06:33:19 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (fail_nth: 1)

06:33:19 executing program 0:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000140)) (async)
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000180)={&(0x7f0000000040)={[0x6]}, 0xfeca})

06:33:19 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:19 executing program 0:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000140)) (async)
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000180)={&(0x7f0000000040)={[0x6]}, 0xfeca})

[ 1122.273151][T29350] FAULT_INJECTION: forcing a failure.
[ 1122.273151][T29350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1122.292842][T29350] CPU: 1 PID: 29350 Comm: syz-executor.2 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1122.303002][T29350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1122.312826][T29350] Call Trace:
[ 1122.316039][T29350]  <TASK>
[ 1122.318815][T29350]  dump_stack_lvl+0x151/0x1b7
06:33:19 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1122.323439][T29350]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1122.328758][T29350]  dump_stack+0x15/0x17
[ 1122.332824][T29350]  should_fail+0x3c0/0x510
[ 1122.337091][T29350]  should_fail_usercopy+0x1a/0x20
[ 1122.341950][T29350]  _copy_from_user+0x20/0xd0
[ 1122.346380][T29350]  __sys_bpf+0x1f6/0x750
[ 1122.350458][T29350]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 1122.355669][T29350]  ? debug_smp_processor_id+0x17/0x20
[ 1122.360873][T29350]  __x64_sys_bpf+0x7c/0x90
[ 1122.365159][T29350]  do_syscall_64+0x44/0xd0
06:33:19 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:19 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

06:33:19 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1122.369379][T29350]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1122.375106][T29350] RIP: 0033:0x7fe84e2015a9
[ 1122.379517][T29350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1122.398955][T29350] RSP: 002b:00007fe84cf75168 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1122.407198][T29350] RAX: ffffffffffffffda RBX: 00007fe84e321f80 RCX: 00007fe84e2015a9
[ 1122.415008][T29350] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000017
06:33:19 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

06:33:19 executing program 0:
clock_gettime(0x5, &(0x7f0000000040)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f0000000380)={0x7233b87e, 0xcc, 0xe4a, 0x101, 0x5, 0x1ff, 0x7fffffffffffffff, 0x100000002}, &(0x7f00000003c0)={0x2, 0x2, 0x8, 0x9, 0x3, 0x9, 0x2, 0x2}, &(0x7f0000000400)={0x7b14, 0x3454, 0x4, 0x10001, 0x3, 0x3, 0x8, 0x7f}, &(0x7f0000000440)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x9]}, 0x8})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
clock_gettime(0x7, &(0x7f0000000080))
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3ff, 0x7, 0x5, 0x7, 0x4, 0x4}, &(0x7f0000000200)={0x657, 0x20, 0xd1b7, 0x7f, 0x400, 0x5, 0xffffffffffff8000, 0x882f}, &(0x7f0000000240)={0x3, 0xac, 0x1ff, 0x20a54b1b, 0x8000000000000000, 0x4, 0x10001, 0x2}, &(0x7f0000000280)={0x0, 0x3938700}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x100000000]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000500))
clock_gettime(0x6, &(0x7f0000000340))
clock_gettime(0x7, &(0x7f0000000540))

[ 1122.422819][T29350] RBP: 00007fe84cf751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1122.430631][T29350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.438440][T29350] R13: 00007ffcd60d0f0f R14: 00007fe84cf75300 R15: 0000000000022000
[ 1122.446252][T29350]  </TASK>
[ 1122.466473][T29382] FAULT_INJECTION: forcing a failure.
06:33:19 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (fail_nth: 2)

[ 1122.466473][T29382] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.483191][T29385] FAULT_INJECTION: forcing a failure.
[ 1122.483191][T29385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1122.488409][T29382] CPU: 0 PID: 29382 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1122.506109][T29382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1122.516009][T29382] Call Trace:
[ 1122.519129][T29382]  <TASK>
[ 1122.521908][T29382]  dump_stack_lvl+0x151/0x1b7
[ 1122.526426][T29382]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1122.531715][T29382]  ? do_handle_mm_fault+0x142f/0x2370
[ 1122.536923][T29382]  dump_stack+0x15/0x17
[ 1122.540920][T29382]  should_fail+0x3c0/0x510
[ 1122.545169][T29382]  __should_failslab+0x9f/0xe0
[ 1122.549767][T29382]  should_failslab+0x9/0x20
[ 1122.554103][T29382]  kmem_cache_alloc+0x4f/0x2f0
[ 1122.558706][T29382]  ? dup_task_struct+0x53/0xa60
[ 1122.563397][T29382]  ? __kasan_check_write+0x14/0x20
[ 1122.568339][T29382]  dup_task_struct+0x53/0xa60
[ 1122.573026][T29382]  ? __kasan_check_write+0x14/0x20
[ 1122.577976][T29382]  copy_process+0x579/0x3250
[ 1122.582408][T29382]  ? __kasan_check_write+0x14/0x20
[ 1122.587354][T29382]  ? proc_fail_nth_write+0x213/0x290
[ 1122.592471][T29382]  ? proc_fail_nth_read+0x220/0x220
[ 1122.597502][T29382]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1122.602450][T29382]  ? vfs_write+0x9af/0x1050
[ 1122.606787][T29382]  ? vmacache_update+0xb7/0x120
[ 1122.611477][T29382]  kernel_clone+0x22d/0x990
[ 1122.615901][T29382]  ? file_end_write+0x1b0/0x1b0
[ 1122.620587][T29382]  ? __kasan_check_write+0x14/0x20
[ 1122.625534][T29382]  ? create_io_thread+0x1e0/0x1e0
[ 1122.630400][T29382]  ? __mutex_lock_slowpath+0x10/0x10
[ 1122.635524][T29382]  __x64_sys_clone+0x289/0x310
[ 1122.640120][T29382]  ? __do_sys_vfork+0x130/0x130
[ 1122.644813][T29382]  ? debug_smp_processor_id+0x17/0x20
[ 1122.650010][T29382]  do_syscall_64+0x44/0xd0
[ 1122.654259][T29382]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1122.659986][T29382] RIP: 0033:0x7f263a8c35a9
[ 1122.664242][T29382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1122.683690][T29382] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1122.691924][T29382] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1122.699824][T29382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1122.707721][T29382] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1122.715533][T29382] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1122.723349][T29382] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1122.731163][T29382]  </TASK>
[ 1122.734029][T29385] CPU: 1 PID: 29385 Comm: syz-executor.2 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1122.744091][T29385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1122.753988][T29385] Call Trace:
[ 1122.757110][T29385]  <TASK>
[ 1122.759975][T29385]  dump_stack_lvl+0x151/0x1b7
[ 1122.764486][T29385]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1122.769782][T29385]  dump_stack+0x15/0x17
[ 1122.773770][T29385]  should_fail+0x3c0/0x510
[ 1122.778023][T29385]  should_fail_usercopy+0x1a/0x20
[ 1122.782971][T29385]  _copy_to_user+0x20/0x90
[ 1122.787220][T29385]  simple_read_from_buffer+0xdd/0x160
[ 1122.792430][T29385]  proc_fail_nth_read+0x1af/0x220
[ 1122.797298][T29385]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1122.802773][T29385]  ? security_file_permission+0x497/0x5f0
[ 1122.808313][T29385]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1122.813779][T29385]  vfs_read+0x299/0xd80
[ 1122.817773][T29385]  ? kernel_read+0x1f0/0x1f0
[ 1122.822200][T29385]  ? __kasan_check_write+0x14/0x20
[ 1122.827145][T29385]  ? mutex_lock+0xb6/0x130
[ 1122.831400][T29385]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1122.837822][T29385]  ? __fdget_pos+0x26d/0x310
[ 1122.842246][T29385]  ? ksys_read+0x77/0x2c0
[ 1122.846413][T29385]  ksys_read+0x198/0x2c0
[ 1122.850498][T29385]  ? vfs_write+0x1050/0x1050
[ 1122.854918][T29385]  ? debug_smp_processor_id+0x17/0x20
[ 1122.860129][T29385]  __x64_sys_read+0x7b/0x90
[ 1122.864466][T29385]  do_syscall_64+0x44/0xd0
[ 1122.868718][T29385]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1122.874451][T29385] RIP: 0033:0x7fe84e1b32ec
[ 1122.878703][T29385] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1122.898147][T29385] RSP: 002b:00007fe84cf75160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1122.906386][T29385] RAX: ffffffffffffffda RBX: 00007fe84e321f80 RCX: 00007fe84e1b32ec
[ 1122.914197][T29385] RDX: 000000000000000f RSI: 00007fe84cf751e0 RDI: 0000000000000003
06:33:20 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x80000000, 0x5c2e8469, 0x10001, 0x20, 0x52}, &(0x7f0000000040)={0x9c, 0x0, 0xffffffffffff8001, 0x0, 0x9e, 0x800, 0x1f, 0x7}, &(0x7f0000000080)={0x81, 0x2, 0x7, 0x40, 0x2, 0x0, 0xff, 0xf30d}, &(0x7f0000000200)={r1, r2+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x2]}, 0x8})
clock_gettime(0x0, &(0x7f00000003c0))
pselect6(0x40, &(0x7f0000000300)={0x0, 0x5, 0x1, 0x3, 0x9, 0x6, 0x56932788, 0xfffffffffffffc00}, &(0x7f0000000340)={0x4657, 0x5, 0x9, 0x7ff, 0x0, 0x0, 0x8, 0x100000001}, &(0x7f0000000380)={0x8, 0x80000001, 0x8000000000000001, 0x9, 0x5, 0x3, 0x4, 0x8}, &(0x7f0000000400), &(0x7f0000000480)={&(0x7f0000000440)={[0x3f]}, 0x8})
clock_gettime(0x0, &(0x7f00000002c0))
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x40, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x80000000, 0x5c2e8469, 0x10001, 0x20, 0x52}, &(0x7f0000000040)={0x9c, 0x0, 0xffffffffffff8001, 0x0, 0x9e, 0x800, 0x1f, 0x7}, &(0x7f0000000080)={0x81, 0x2, 0x7, 0x40, 0x2, 0x0, 0xff, 0xf30d}, &(0x7f0000000200)={r1, r2+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x2]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f00000003c0)) (async)
pselect6(0x40, &(0x7f0000000300)={0x0, 0x5, 0x1, 0x3, 0x9, 0x6, 0x56932788, 0xfffffffffffffc00}, &(0x7f0000000340)={0x4657, 0x5, 0x9, 0x7ff, 0x0, 0x0, 0x8, 0x100000001}, &(0x7f0000000380)={0x8, 0x80000001, 0x8000000000000001, 0x9, 0x5, 0x3, 0x4, 0x8}, &(0x7f0000000400), &(0x7f0000000480)={&(0x7f0000000440)={[0x3f]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f00000002c0)) (async)

06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0xa400, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r4=>0x0, 0x4, 0x72, 0x1, 0x956, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x8020, 0x0, 0x72}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r5=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl0\x00', <r6=>0x0, 0x2f, 0xb1, 0x4, 0x9, 0x2, @empty, @private2, 0x20, 0x700, 0x1, 0x9}})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r7, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000300)={<r9=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r9, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000480)={<r10=>0x0, @rand_addr, @local}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000500)={0xbf0, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x36b}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x22c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xd2}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3fb}}}]}}, {{0x8}, {0x14c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x4, 0x0, 0x7, 0x6}, {0x7, 0x7, 0x9, 0x7}, {0x9, 0x67, 0x2, 0x6}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9e6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r3}, {0x190, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf2b1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x3f, 0x81, 0x3b}, {0x5, 0xba, 0x5, 0x7fffffff}, {0x6, 0x3, 0x4, 0x9}, {0xff, 0x0, 0x6, 0x8000}, {0x7, 0x3f, 0x2, 0x1}, {0x3, 0x9, 0x9, 0x9}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r4}, {0x198, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r6}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}]}, 0xbf0}, 0x1, 0x0, 0x0, 0x4000001}, 0x40)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))

06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

[ 1122.922008][T29385] RBP: 00007fe84cf751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1122.929819][T29385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.937644][T29385] R13: 00007ffcd60d0f0f R14: 00007fe84cf75300 R15: 0000000000022000
[ 1122.945533][T29385]  </TASK>
06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0xa400, 0x3) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r4=>0x0, 0x4, 0x72, 0x1, 0x956, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x8020, 0x0, 0x72}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r5=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl0\x00', <r6=>0x0, 0x2f, 0xb1, 0x4, 0x9, 0x2, @empty, @private2, 0x20, 0x700, 0x1, 0x9}})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r7, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000300)={<r9=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r9, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000480)={<r10=>0x0, @rand_addr, @local}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000500)={0xbf0, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x36b}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x22c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xd2}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3fb}}}]}}, {{0x8}, {0x14c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x4, 0x0, 0x7, 0x6}, {0x7, 0x7, 0x9, 0x7}, {0x9, 0x67, 0x2, 0x6}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9e6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r3}, {0x190, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf2b1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x3f, 0x81, 0x3b}, {0x5, 0xba, 0x5, 0x7fffffff}, {0x6, 0x3, 0x4, 0x9}, {0xff, 0x0, 0x6, 0x8000}, {0x7, 0x3f, 0x2, 0x1}, {0x3, 0x9, 0x9, 0x9}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r4}, {0x198, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r6}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}]}, 0xbf0}, 0x1, 0x0, 0x0, 0x4000001}, 0x40)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))

[ 1122.975308][T29393] FAULT_INJECTION: forcing a failure.
[ 1122.975308][T29393] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.989832][T29393] CPU: 1 PID: 29393 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1123.000083][T29393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1123.009974][T29393] Call Trace:
[ 1123.013097][T29393]  <TASK>
[ 1123.015873][T29393]  dump_stack_lvl+0x151/0x1b7
06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0xa400, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r4=>0x0, 0x4, 0x72, 0x1, 0x956, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x8020, 0x0, 0x72}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r5=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl0\x00', <r6=>0x0, 0x2f, 0xb1, 0x4, 0x9, 0x2, @empty, @private2, 0x20, 0x700, 0x1, 0x9}})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r7, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000300)={<r9=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r9, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000480)={<r10=>0x0, @rand_addr, @local}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000500)={0xbf0, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x36b}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x22c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xd2}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3fb}}}]}}, {{0x8}, {0x14c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x4, 0x0, 0x7, 0x6}, {0x7, 0x7, 0x9, 0x7}, {0x9, 0x67, 0x2, 0x6}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9e6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r3}, {0x190, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf2b1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x3f, 0x81, 0x3b}, {0x5, 0xba, 0x5, 0x7fffffff}, {0x6, 0x3, 0x4, 0x9}, {0xff, 0x0, 0x6, 0x8000}, {0x7, 0x3f, 0x2, 0x1}, {0x3, 0x9, 0x9, 0x9}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r4}, {0x198, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r6}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}]}, 0xbf0}, 0x1, 0x0, 0x0, 0x4000001}, 0x40)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0xa400, 0x3) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (async)
getsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x4, 0x72, 0x1, 0x956, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x8020, 0x0, 0x72}}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan0\x00'}) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl0\x00', 0x0, 0x2f, 0xb1, 0x4, 0x9, 0x2, @empty, @private2, 0x20, 0x700, 0x1, 0x9}}) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (async)
getsockopt$inet6_udp_int(r7, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000300)={0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r9, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000480)={0x0, @rand_addr, @local}, &(0x7f00000004c0)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000500)={0xbf0, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x36b}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x22c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xd2}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3fb}}}]}}, {{0x8}, {0x14c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x4, 0x0, 0x7, 0x6}, {0x7, 0x7, 0x9, 0x7}, {0x9, 0x67, 0x2, 0x6}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9e6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r3}, {0x190, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf2b1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x3f, 0x81, 0x3b}, {0x5, 0xba, 0x5, 0x7fffffff}, {0x6, 0x3, 0x4, 0x9}, {0xff, 0x0, 0x6, 0x8000}, {0x7, 0x3f, 0x2, 0x1}, {0x3, 0x9, 0x9, 0x9}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r4}, {0x198, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r6}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}]}, 0xbf0}, 0x1, 0x0, 0x0, 0x4000001}, 0x40) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) (async)

06:33:20 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0), 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1123.020385][T29393]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1123.025684][T29393]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1123.030546][T29393]  ? kmem_cache_alloc+0x189/0x2f0
[ 1123.035404][T29393]  dump_stack+0x15/0x17
[ 1123.039395][T29393]  should_fail+0x3c0/0x510
[ 1123.043647][T29393]  ? __get_vm_area_node+0x13a/0x380
[ 1123.048681][T29393]  __should_failslab+0x9f/0xe0
[ 1123.053281][T29393]  should_failslab+0x9/0x20
[ 1123.057618][T29393]  kmem_cache_alloc_trace+0x4a/0x310
[ 1123.062743][T29393]  __get_vm_area_node+0x13a/0x380
[ 1123.067605][T29393]  __vmalloc_node_range+0xda/0x800
[ 1123.072552][T29393]  ? copy_process+0x579/0x3250
[ 1123.077153][T29393]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1123.082011][T29393]  ? dup_task_struct+0x53/0xa60
[ 1123.086699][T29393]  dup_task_struct+0x61f/0xa60
[ 1123.091297][T29393]  ? copy_process+0x579/0x3250
[ 1123.095902][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.100845][T29393]  copy_process+0x579/0x3250
[ 1123.105268][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.110224][T29393]  ? proc_fail_nth_write+0x213/0x290
[ 1123.115333][T29393]  ? proc_fail_nth_read+0x220/0x220
[ 1123.120478][T29393]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.125418][T29393]  ? vfs_write+0x9af/0x1050
[ 1123.129755][T29393]  ? vmacache_update+0xb7/0x120
[ 1123.134445][T29393]  kernel_clone+0x22d/0x990
[ 1123.138877][T29393]  ? file_end_write+0x1b0/0x1b0
[ 1123.143555][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.148501][T29393]  ? create_io_thread+0x1e0/0x1e0
[ 1123.153366][T29393]  ? __mutex_lock_slowpath+0x10/0x10
[ 1123.158487][T29393]  __x64_sys_clone+0x289/0x310
[ 1123.163098][T29393]  ? __do_sys_vfork+0x130/0x130
[ 1123.167771][T29393]  ? debug_smp_processor_id+0x17/0x20
[ 1123.172979][T29393]  do_syscall_64+0x44/0xd0
[ 1123.177236][T29393]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1123.182965][T29393] RIP: 0033:0x7f263a8c35a9
[ 1123.187215][T29393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1123.206654][T29393] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1123.214901][T29393] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x2, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x80000000, 0x5c2e8469, 0x10001, 0x20, 0x52}, &(0x7f0000000040)={0x9c, 0x0, 0xffffffffffff8001, 0x0, 0x9e, 0x800, 0x1f, 0x7}, &(0x7f0000000080)={0x81, 0x2, 0x7, 0x40, 0x2, 0x0, 0xff, 0xf30d}, &(0x7f0000000200)={r1, r2+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x2]}, 0x8})
clock_gettime(0x0, &(0x7f00000003c0))
pselect6(0x40, &(0x7f0000000300)={0x0, 0x5, 0x1, 0x3, 0x9, 0x6, 0x56932788, 0xfffffffffffffc00}, &(0x7f0000000340)={0x4657, 0x5, 0x9, 0x7ff, 0x0, 0x0, 0x8, 0x100000001}, &(0x7f0000000380)={0x8, 0x80000001, 0x8000000000000001, 0x9, 0x5, 0x3, 0x4, 0x8}, &(0x7f0000000400), &(0x7f0000000480)={&(0x7f0000000440)={[0x3f]}, 0x8})
clock_gettime(0x0, &(0x7f00000002c0))
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x40, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x80000000, 0x5c2e8469, 0x10001, 0x20, 0x52}, &(0x7f0000000040)={0x9c, 0x0, 0xffffffffffff8001, 0x0, 0x9e, 0x800, 0x1f, 0x7}, &(0x7f0000000080)={0x81, 0x2, 0x7, 0x40, 0x2, 0x0, 0xff, 0xf30d}, &(0x7f0000000200)={r1, r2+60000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x2]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f00000003c0)) (async)
pselect6(0x40, &(0x7f0000000300)={0x0, 0x5, 0x1, 0x3, 0x9, 0x6, 0x56932788, 0xfffffffffffffc00}, &(0x7f0000000340)={0x4657, 0x5, 0x9, 0x7ff, 0x0, 0x0, 0x8, 0x100000001}, &(0x7f0000000380)={0x8, 0x80000001, 0x8000000000000001, 0x9, 0x5, 0x3, 0x4, 0x8}, &(0x7f0000000400), &(0x7f0000000480)={&(0x7f0000000440)={[0x3f]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f00000002c0)) (async)

06:33:20 executing program 0:
clock_gettime(0x5, &(0x7f0000000040)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000000)) (async, rerun: 64)
pselect6(0x40, &(0x7f0000000380)={0x7233b87e, 0xcc, 0xe4a, 0x101, 0x5, 0x1ff, 0x7fffffffffffffff, 0x100000002}, &(0x7f00000003c0)={0x2, 0x2, 0x8, 0x9, 0x3, 0x9, 0x2, 0x2}, &(0x7f0000000400)={0x7b14, 0x3454, 0x4, 0x10001, 0x3, 0x3, 0x8, 0x7f}, &(0x7f0000000440)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x9]}, 0x8}) (async, rerun: 64)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) (async, rerun: 32)
clock_gettime(0x7, &(0x7f0000000080)) (async, rerun: 32)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3ff, 0x7, 0x5, 0x7, 0x4, 0x4}, &(0x7f0000000200)={0x657, 0x20, 0xd1b7, 0x7f, 0x400, 0x5, 0xffffffffffff8000, 0x882f}, &(0x7f0000000240)={0x3, 0xac, 0x1ff, 0x20a54b1b, 0x8000000000000000, 0x4, 0x10001, 0x2}, &(0x7f0000000280)={0x0, 0x3938700}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x100000000]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000500))
clock_gettime(0x6, &(0x7f0000000340)) (async)
clock_gettime(0x7, &(0x7f0000000540))

[ 1123.222885][T29393] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1123.230694][T29393] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.238507][T29393] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1123.246316][T29393] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1123.254134][T29393]  </TASK>
06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_clone(0x34008100, &(0x7f0000002100)="4172c459b60e7b0de619e452031bf1d0b2ff5cf3dc967cd9e98eb10dd04e575f8370b925c31268f880398f53a393bc273c16a219157daf3de10683aaa5e0579db71e37d14eb1576cc1594d4cc18760bb3209d52a9945b794ec6f041a2eabb412940584c014c958c6d5d23cf298143b0a1d63c9c713579b26b2c9ea3236b42b51d1a2dabf9939e982b8a58fba4042b29b47f202bc802445fc3eeab7388659e9396a182270295135ec9383f114cde74f65649910098bd91f4f03277363b24847c1a9d2c894ab541f5edfbf364538dde813fd7330cedf23a3395fe77c", 0xdb, &(0x7f0000002200), &(0x7f0000002240), &(0x7f0000002280)="e99bdeff65f2cdfd0b19aef045e824339290fb75d7321be1")
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000002380)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f0000002300)=@RTM_GETMDB={0x18, 0x56, 0x402, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x10)

[ 1123.275792][T29393] warn_alloc: 2 callbacks suppressed
06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
syz_clone(0x34008100, &(0x7f0000002100)="4172c459b60e7b0de619e452031bf1d0b2ff5cf3dc967cd9e98eb10dd04e575f8370b925c31268f880398f53a393bc273c16a219157daf3de10683aaa5e0579db71e37d14eb1576cc1594d4cc18760bb3209d52a9945b794ec6f041a2eabb412940584c014c958c6d5d23cf298143b0a1d63c9c713579b26b2c9ea3236b42b51d1a2dabf9939e982b8a58fba4042b29b47f202bc802445fc3eeab7388659e9396a182270295135ec9383f114cde74f65649910098bd91f4f03277363b24847c1a9d2c894ab541f5edfbf364538dde813fd7330cedf23a3395fe77c", 0xdb, &(0x7f0000002200), &(0x7f0000002240), &(0x7f0000002280)="e99bdeff65f2cdfd0b19aef045e824339290fb75d7321be1")
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000002380)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f0000002300)=@RTM_GETMDB={0x18, 0x56, 0x402, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x10)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getpid() (async)
syz_clone(0x34008100, &(0x7f0000002100)="4172c459b60e7b0de619e452031bf1d0b2ff5cf3dc967cd9e98eb10dd04e575f8370b925c31268f880398f53a393bc273c16a219157daf3de10683aaa5e0579db71e37d14eb1576cc1594d4cc18760bb3209d52a9945b794ec6f041a2eabb412940584c014c958c6d5d23cf298143b0a1d63c9c713579b26b2c9ea3236b42b51d1a2dabf9939e982b8a58fba4042b29b47f202bc802445fc3eeab7388659e9396a182270295135ec9383f114cde74f65649910098bd91f4f03277363b24847c1a9d2c894ab541f5edfbf364538dde813fd7330cedf23a3395fe77c", 0xdb, &(0x7f0000002200), &(0x7f0000002240), &(0x7f0000002280)="e99bdeff65f2cdfd0b19aef045e824339290fb75d7321be1") (async)
syz_open_procfs$namespace(r0, 0x0) (async)
sched_rr_get_interval(r0, &(0x7f0000000000)) (async)
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00') (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000002380)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f0000002300)=@RTM_GETMDB={0x18, 0x56, 0x402, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x10) (async)

[ 1123.275812][T29393] syz-executor.1: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[ 1123.316666][T29393] CPU: 1 PID: 29393 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1123.326741][T29393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1123.336638][T29393] Call Trace:
[ 1123.339767][T29393]  <TASK>
[ 1123.342535][T29393]  dump_stack_lvl+0x151/0x1b7
06:33:20 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0), 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1123.347052][T29393]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1123.352344][T29393]  ? pr_cont_kernfs_name+0xe6/0x100
[ 1123.357390][T29393]  dump_stack+0x15/0x17
[ 1123.361370][T29393]  warn_alloc+0x242/0x3d0
[ 1123.365540][T29393]  ? zone_watermark_ok_safe+0x280/0x280
[ 1123.370916][T29393]  ? __get_vm_area_node+0x36a/0x380
[ 1123.375952][T29393]  __vmalloc_node_range+0x2be/0x800
[ 1123.380988][T29393]  ? dup_task_struct+0x53/0xa60
[ 1123.385767][T29393]  dup_task_struct+0x61f/0xa60
[ 1123.390361][T29393]  ? copy_process+0x579/0x3250
[ 1123.394959][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.399908][T29393]  copy_process+0x579/0x3250
[ 1123.404339][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.409278][T29393]  ? proc_fail_nth_write+0x213/0x290
[ 1123.414403][T29393]  ? proc_fail_nth_read+0x220/0x220
[ 1123.419436][T29393]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.424388][T29393]  ? vfs_write+0x9af/0x1050
[ 1123.428721][T29393]  ? vmacache_update+0xb7/0x120
[ 1123.433409][T29393]  kernel_clone+0x22d/0x990
[ 1123.437747][T29393]  ? file_end_write+0x1b0/0x1b0
[ 1123.442429][T29393]  ? __kasan_check_write+0x14/0x20
[ 1123.447380][T29393]  ? create_io_thread+0x1e0/0x1e0
[ 1123.452238][T29393]  ? __mutex_lock_slowpath+0x10/0x10
[ 1123.457445][T29393]  __x64_sys_clone+0x289/0x310
[ 1123.462045][T29393]  ? __do_sys_vfork+0x130/0x130
[ 1123.466819][T29393]  ? debug_smp_processor_id+0x17/0x20
[ 1123.472025][T29393]  do_syscall_64+0x44/0xd0
[ 1123.476288][T29393]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1123.482007][T29393] RIP: 0033:0x7f263a8c35a9
[ 1123.486262][T29393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1123.505787][T29393] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1123.514032][T29393] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1123.522155][T29393] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1123.530052][T29393] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.537862][T29393] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1123.545676][T29393] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1123.553491][T29393]  </TASK>
[ 1123.559556][T29393] Mem-Info:
[ 1123.562660][T29393] active_anon:9461 inactive_anon:16190 isolated_anon:0
[ 1123.562660][T29393]  active_file:4913 inactive_file:8937 isolated_file:0
[ 1123.562660][T29393]  unevictable:0 dirty:27 writeback:200
[ 1123.562660][T29393]  slab_reclaimable:22841 slab_unreclaimable:68509
[ 1123.562660][T29393]  mapped:28677 shmem:11572 pagetables:634 bounce:0
[ 1123.562660][T29393]  kernel_misc_reclaimable:0
[ 1123.562660][T29393]  free:1534732 free_pcp:22233 free_cma:0
[ 1123.604260][T29393] Node 0 active_anon:37844kB inactive_anon:64760kB active_file:19652kB inactive_file:34948kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114708kB dirty:108kB writeback:100kB shmem:46288kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4980kB pagetables:2536kB all_unreclaimable? no
[ 1123.635257][T29393] DMA32 free:2976724kB min:62592kB low:78240kB high:93888kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2982428kB mlocked:0kB bounce:0kB free_pcp:5704kB local_pcp:5648kB free_cma:0kB
[ 1123.662510][T29393] lowmem_reserve[]: 0 3941 3941
[ 1123.667403][T29393] Normal free:3162204kB min:84860kB low:106072kB high:127284kB reserved_highatomic:0KB active_anon:37844kB inactive_anon:64760kB active_file:19652kB inactive_file:34948kB unevictable:0kB writepending:108kB present:5242880kB managed:4035848kB mlocked:0kB bounce:0kB free_pcp:84136kB local_pcp:40848kB free_cma:0kB
[ 1123.696935][T29393] lowmem_reserve[]: 0 0 0
[ 1123.701134][T29393] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 4*2048kB (UM) 723*4096kB (M) = 2976724kB
[ 1123.716973][T29393] Normal: 2985*4kB (UM) 1703*8kB (UME) 946*16kB (UME) 511*32kB (UME) 422*64kB (UME) 164*128kB (UME) 14*256kB (UE) 8*512kB (UME) 2*1024kB (UM) 2*2048kB (UM) 743*4096kB (M) = 3162204kB
[ 1123.734974][T29393] 24754 total pagecache pages
[ 1123.739435][T29393] 0 pages in swap cache
[ 1123.743435][T29393] Swap cache stats: add 0, delete 0, find 0/0
06:33:20 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

06:33:20 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = getpid()
syz_clone(0x34008100, &(0x7f0000002100)="4172c459b60e7b0de619e452031bf1d0b2ff5cf3dc967cd9e98eb10dd04e575f8370b925c31268f880398f53a393bc273c16a219157daf3de10683aaa5e0579db71e37d14eb1576cc1594d4cc18760bb3209d52a9945b794ec6f041a2eabb412940584c014c958c6d5d23cf298143b0a1d63c9c713579b26b2c9ea3236b42b51d1a2dabf9939e982b8a58fba4042b29b47f202bc802445fc3eeab7388659e9396a182270295135ec9383f114cde74f65649910098bd91f4f03277363b24847c1a9d2c894ab541f5edfbf364538dde813fd7330cedf23a3395fe77c", 0xdb, &(0x7f0000002200), &(0x7f0000002240), &(0x7f0000002280)="e99bdeff65f2cdfd0b19aef045e824339290fb75d7321be1") (async)
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000)) (async)
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00') (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000002380)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f0000002300)=@RTM_GETMDB={0x18, 0x56, 0x402, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x10)

06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x5, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 3:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x778]}, 0x8})
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)

06:33:20 executing program 0:
clock_gettime(0x5, &(0x7f0000000040)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000000)) (async)
pselect6(0x40, &(0x7f0000000380)={0x7233b87e, 0xcc, 0xe4a, 0x101, 0x5, 0x1ff, 0x7fffffffffffffff, 0x100000002}, &(0x7f00000003c0)={0x2, 0x2, 0x8, 0x9, 0x3, 0x9, 0x2, 0x2}, &(0x7f0000000400)={0x7b14, 0x3454, 0x4, 0x10001, 0x3, 0x3, 0x8, 0x7f}, &(0x7f0000000440)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x9]}, 0x8}) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) (async, rerun: 64)
clock_gettime(0x7, &(0x7f0000000080)) (async)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3ff, 0x7, 0x5, 0x7, 0x4, 0x4}, &(0x7f0000000200)={0x657, 0x20, 0xd1b7, 0x7f, 0x400, 0x5, 0xffffffffffff8000, 0x882f}, &(0x7f0000000240)={0x3, 0xac, 0x1ff, 0x20a54b1b, 0x8000000000000000, 0x4, 0x10001, 0x2}, &(0x7f0000000280)={0x0, 0x3938700}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x100000000]}, 0x8}) (async, rerun: 32)
r1 = getpid() (rerun: 32)
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000500))
clock_gettime(0x6, &(0x7f0000000340))
clock_gettime(0x7, &(0x7f0000000540))

06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x6, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1123.749626][T29393] Free swap  = 0kB
[ 1123.753511][T29393] Total swap = 0kB
[ 1123.757298][T29393] 2097051 pages RAM
[ 1123.760947][T29393] 0 pages HighMem/MovableOnly
[ 1123.765615][T29393] 342482 pages reserved
[ 1123.769605][T29393] 0 pages cma reserved
06:33:20 executing program 3:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x778]}, 0x8}) (async)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)

06:33:20 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000a911a3b19bcd90581426c5b0d7b2e50f089dd9537804cec8fba2a9cd2b5f5f8843716c6cf29b4805af8809b3e46c868c499de932dddc1b16139f859d431825baf04cc33660aa0a90ccf2d22b28e728ab795e268d0cf3b48e06e96f70183ecb27e4bc10ef80e688b703f399efe8159428d963709d98306a059b2eac8e05353fe5230a28bcf9c9c380bfea87943be10a3b22ac89ab65675b06e93ecaa437b4429a588f97bac13d96c76ad6893c6a7eb733ff1ab988217bceca6546", @ANYRES16=r1, @ANYBLOB="000326bd7000fcdbdf25010000000c00042209000000c1a5f900000000129e1b8162356c66837a3b1d246816603640a4bdb60aab66cb8cb27b144c46b2d61ca19111736f896d15e0d4efdfddc2a682903717d743561c915002b9480397c2d66df0824d951eebd0102fe756469c74dd5b38731980cad2698c9f3557369f44d2b440817bac3f96abdb9075580b6cb02ac88f7f16123c82811e0bf02bda834b52d9afbf724fc9"], 0x20}, 0x1, 0x0, 0x0, 0x20000800}, 0x4040840)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x80)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/51})
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="eec96588a08a45ebd27adf797a2dd9be", 0x10)

06:33:20 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x7, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:20 executing program 0:
clock_gettime(0x3, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f00000000c0))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000080)={&(0x7f0000000180)={[0x7]}, 0x8})

[ 1123.799197][T29498] FAULT_INJECTION: forcing a failure.
[ 1123.799197][T29498] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.820914][T29498] CPU: 1 PID: 29498 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1123.830993][T29498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1123.840889][T29498] Call Trace:
[ 1123.844013][T29498]  <TASK>
06:33:21 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000a911a3b19bcd90581426c5b0d7b2e50f089dd9537804cec8fba2a9cd2b5f5f8843716c6cf29b4805af8809b3e46c868c499de932dddc1b16139f859d431825baf04cc33660aa0a90ccf2d22b28e728ab795e268d0cf3b48e06e96f70183ecb27e4bc10ef80e688b703f399efe8159428d963709d98306a059b2eac8e05353fe5230a28bcf9c9c380bfea87943be10a3b22ac89ab65675b06e93ecaa437b4429a588f97bac13d96c76ad6893c6a7eb733ff1ab988217bceca6546", @ANYRES16=r1, @ANYBLOB="000326bd7000fcdbdf25010000000c00042209000000c1a5f900000000129e1b8162356c66837a3b1d246816603640a4bdb60aab66cb8cb27b144c46b2d61ca19111736f896d15e0d4efdfddc2a682903717d743561c915002b9480397c2d66df0824d951eebd0102fe756469c74dd5b38731980cad2698c9f3557369f44d2b440817bac3f96abdb9075580b6cb02ac88f7f16123c82811e0bf02bda834b52d9afbf724fc9"], 0x20}, 0x1, 0x0, 0x0, 0x20000800}, 0x4040840) (async)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x80)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/51}) (async)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="eec96588a08a45ebd27adf797a2dd9be", 0x10)

[ 1123.846792][T29498]  dump_stack_lvl+0x151/0x1b7
[ 1123.851304][T29498]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1123.856598][T29498]  ? __get_vm_area_node+0x13a/0x380
[ 1123.861632][T29498]  ? ____kasan_kmalloc+0xee/0x110
[ 1123.866590][T29498]  ? ____kasan_kmalloc+0xdc/0x110
[ 1123.871439][T29498]  dump_stack+0x15/0x17
[ 1123.875432][T29498]  should_fail+0x3c0/0x510
[ 1123.879685][T29498]  __should_failslab+0x9f/0xe0
[ 1123.884287][T29498]  should_failslab+0x9/0x20
[ 1123.888627][T29498]  kmem_cache_alloc+0x4f/0x2f0
[ 1123.893397][T29498]  ? alloc_vmap_area+0x19a/0x1a90
[ 1123.898256][T29498]  alloc_vmap_area+0x19a/0x1a90
[ 1123.902946][T29498]  ? vm_map_ram+0xa80/0xa80
[ 1123.907284][T29498]  ? __kasan_kmalloc+0x9/0x10
[ 1123.911798][T29498]  ? __get_vm_area_node+0x13a/0x380
[ 1123.916835][T29498]  __get_vm_area_node+0x17b/0x380
[ 1123.921693][T29498]  __vmalloc_node_range+0xda/0x800
[ 1123.926637][T29498]  ? copy_process+0x579/0x3250
[ 1123.931233][T29498]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1123.936095][T29498]  ? dup_task_struct+0x53/0xa60
[ 1123.940867][T29498]  dup_task_struct+0x61f/0xa60
[ 1123.945468][T29498]  ? copy_process+0x579/0x3250
[ 1123.950066][T29498]  ? __kasan_check_write+0x14/0x20
[ 1123.955020][T29498]  copy_process+0x579/0x3250
[ 1123.959527][T29498]  ? __kasan_check_write+0x14/0x20
[ 1123.964480][T29498]  ? proc_fail_nth_write+0x213/0x290
[ 1123.969595][T29498]  ? proc_fail_nth_read+0x220/0x220
[ 1123.974631][T29498]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.979583][T29498]  ? vfs_write+0x9af/0x1050
[ 1123.983916][T29498]  ? vmacache_update+0xb7/0x120
[ 1123.988604][T29498]  kernel_clone+0x22d/0x990
[ 1123.992944][T29498]  ? file_end_write+0x1b0/0x1b0
06:33:21 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0), 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1123.997628][T29498]  ? __kasan_check_write+0x14/0x20
[ 1124.002577][T29498]  ? create_io_thread+0x1e0/0x1e0
[ 1124.007437][T29498]  ? __mutex_lock_slowpath+0x10/0x10
[ 1124.012563][T29498]  __x64_sys_clone+0x289/0x310
[ 1124.017166][T29498]  ? __do_sys_vfork+0x130/0x130
[ 1124.021845][T29498]  ? debug_smp_processor_id+0x17/0x20
[ 1124.027051][T29498]  do_syscall_64+0x44/0xd0
[ 1124.031306][T29498]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1124.037117][T29498] RIP: 0033:0x7f263a8c35a9
[ 1124.041371][T29498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1124.061174][T29498] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1124.069412][T29498] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1124.077217][T29498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1124.085021][T29498] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1124.092841][T29498] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
06:33:21 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

06:33:21 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x8, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:21 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000a911a3b19bcd90581426c5b0d7b2e50f089dd9537804cec8fba2a9cd2b5f5f8843716c6cf29b4805af8809b3e46c868c499de932dddc1b16139f859d431825baf04cc33660aa0a90ccf2d22b28e728ab795e268d0cf3b48e06e96f70183ecb27e4bc10ef80e688b703f399efe8159428d963709d98306a059b2eac8e05353fe5230a28bcf9c9c380bfea87943be10a3b22ac89ab65675b06e93ecaa437b4429a588f97bac13d96c76ad6893c6a7eb733ff1ab988217bceca6546", @ANYRES16=r1, @ANYBLOB="000326bd7000fcdbdf25010000000c00042209000000c1a5f900000000129e1b8162356c66837a3b1d246816603640a4bdb60aab66cb8cb27b144c46b2d61ca19111736f896d15e0d4efdfddc2a682903717d743561c915002b9480397c2d66df0824d951eebd0102fe756469c74dd5b38731980cad2698c9f3557369f44d2b440817bac3f96abdb9075580b6cb02ac88f7f16123c82811e0bf02bda834b52d9afbf724fc9"], 0x20}, 0x1, 0x0, 0x0, 0x20000800}, 0x4040840)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x80)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/51})
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="eec96588a08a45ebd27adf797a2dd9be", 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) (async)
syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000a911a3b19bcd90581426c5b0d7b2e50f089dd9537804cec8fba2a9cd2b5f5f8843716c6cf29b4805af8809b3e46c868c499de932dddc1b16139f859d431825baf04cc33660aa0a90ccf2d22b28e728ab795e268d0cf3b48e06e96f70183ecb27e4bc10ef80e688b703f399efe8159428d963709d98306a059b2eac8e05353fe5230a28bcf9c9c380bfea87943be10a3b22ac89ab65675b06e93ecaa437b4429a588f97bac13d96c76ad6893c6a7eb733ff1ab988217bceca6546", @ANYRES16=r1, @ANYBLOB="000326bd7000fcdbdf25010000000c00042209000000c1a5f900000000129e1b8162356c66837a3b1d246816603640a4bdb60aab66cb8cb27b144c46b2d61ca19111736f896d15e0d4efdfddc2a682903717d743561c915002b9480397c2d66df0824d951eebd0102fe756469c74dd5b38731980cad2698c9f3557369f44d2b440817bac3f96abdb9075580b6cb02ac88f7f16123c82811e0bf02bda834b52d9afbf724fc9"], 0x20}, 0x1, 0x0, 0x0, 0x20000800}, 0x4040840) (async)
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
fsmount(0xffffffffffffffff, 0x0, 0x80) (async)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/51}) (async)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="eec96588a08a45ebd27adf797a2dd9be", 0x10) (async)

06:33:21 executing program 3:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x778]}, 0x8})
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)

06:33:21 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:21 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

[ 1124.100644][T29498] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1124.108470][T29498]  </TASK>
[ 1124.131979][T29525] FAULT_INJECTION: forcing a failure.
[ 1124.131979][T29525] name failslab, interval 1, probability 0, space 0, times 0
06:33:21 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x30022000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@getneightbl={0x14, 0x42, 0x2, 0x70bd2c, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)

06:33:21 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x30022000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@getneightbl={0x14, 0x42, 0x2, 0x70bd2c, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)

06:33:21 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)) (async, rerun: 64)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (rerun: 64)

[ 1124.150468][T29525] CPU: 1 PID: 29525 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1124.160652][T29525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1124.170536][T29525] Call Trace:
[ 1124.173682][T29525]  <TASK>
[ 1124.176520][T29525]  dump_stack_lvl+0x151/0x1b7
[ 1124.181038][T29525]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1124.186416][T29525]  dump_stack+0x15/0x17
[ 1124.190406][T29525]  should_fail+0x3c0/0x510
[ 1124.194662][T29525]  __should_failslab+0x9f/0xe0
[ 1124.199260][T29525]  should_failslab+0x9/0x20
[ 1124.203604][T29525]  kmem_cache_alloc+0x4f/0x2f0
[ 1124.208198][T29525]  ? alloc_vmap_area+0x6c3/0x1a90
[ 1124.213062][T29525]  alloc_vmap_area+0x6c3/0x1a90
[ 1124.217757][T29525]  ? vm_map_ram+0xa80/0xa80
[ 1124.222086][T29525]  ? __kasan_kmalloc+0x9/0x10
[ 1124.226637][T29525]  ? __get_vm_area_node+0x13a/0x380
[ 1124.231804][T29525]  __get_vm_area_node+0x17b/0x380
[ 1124.236665][T29525]  __vmalloc_node_range+0xda/0x800
[ 1124.241635][T29525]  ? copy_process+0x579/0x3250
[ 1124.246210][T29525]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1124.251084][T29525]  ? dup_task_struct+0x53/0xa60
[ 1124.255756][T29525]  dup_task_struct+0x61f/0xa60
[ 1124.260354][T29525]  ? copy_process+0x579/0x3250
[ 1124.264955][T29525]  ? __kasan_check_write+0x14/0x20
[ 1124.270085][T29525]  copy_process+0x579/0x3250
[ 1124.274498][T29525]  ? __kasan_check_write+0x14/0x20
[ 1124.279444][T29525]  ? proc_fail_nth_write+0x213/0x290
[ 1124.284609][T29525]  ? proc_fail_nth_read+0x220/0x220
[ 1124.289609][T29525]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1124.294546][T29525]  ? vfs_write+0x9af/0x1050
[ 1124.298883][T29525]  ? vmacache_update+0xb7/0x120
[ 1124.303578][T29525]  kernel_clone+0x22d/0x990
[ 1124.307918][T29525]  ? file_end_write+0x1b0/0x1b0
[ 1124.312597][T29525]  ? __kasan_check_write+0x14/0x20
[ 1124.317545][T29525]  ? create_io_thread+0x1e0/0x1e0
[ 1124.322406][T29525]  ? __mutex_lock_slowpath+0x10/0x10
[ 1124.327547][T29525]  __x64_sys_clone+0x289/0x310
[ 1124.332133][T29525]  ? __do_sys_vfork+0x130/0x130
[ 1124.336900][T29525]  ? debug_smp_processor_id+0x17/0x20
[ 1124.342112][T29525]  do_syscall_64+0x44/0xd0
[ 1124.346456][T29525]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1124.353388][T29525] RIP: 0033:0x7f263a8c35a9
[ 1124.357659][T29525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1124.377181][T29525] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1124.385413][T29525] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1124.393225][T29525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1124.401034][T29525] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1124.408947][T29525] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1124.416749][T29525] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1124.424560][T29525]  </TASK>
06:33:21 executing program 0:
clock_gettime(0x3, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f00000000c0))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000080)={&(0x7f0000000180)={[0x7]}, 0x8})
clock_gettime(0x3, &(0x7f0000000000)) (async)
clock_gettime(0x0, &(0x7f0000000040)) (async)
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000080)={&(0x7f0000000180)={[0x7]}, 0x8}) (async)

06:33:21 executing program 4:
syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x30022000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@getneightbl={0x14, 0x42, 0x2, 0x70bd2c, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)

06:33:21 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xa, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:21 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)

06:33:21 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:21 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

06:33:21 executing program 3:
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000002c0)={0x2, 0x1, &(0x7f0000000000)=""/149, &(0x7f0000000200)=""/166, &(0x7f00000000c0)=""/30, 0x2000})
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:21 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xb, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:21 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000002080)={0x28, 0xb, r1, {{0xde, 0xfffffffffffffffc, 0x2, r0}}}, 0x28)

[ 1124.721463][T29557] FAULT_INJECTION: forcing a failure.
[ 1124.721463][T29557] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1124.744888][T29557] CPU: 1 PID: 29557 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1124.755084][T29557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1124.764977][T29557] Call Trace:
[ 1124.768107][T29557]  <TASK>
06:33:21 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xc, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:21 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000002080)={0x28, 0xb, r1, {{0xde, 0xfffffffffffffffc, 0x2, r0}}}, 0x28)

[ 1124.770883][T29557]  dump_stack_lvl+0x151/0x1b7
[ 1124.775473][T29557]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1124.780781][T29557]  ? stack_trace_save+0x12d/0x1f0
[ 1124.785638][T29557]  ? is_bpf_text_address+0x1a2/0x1c0
[ 1124.790747][T29557]  dump_stack+0x15/0x17
[ 1124.794920][T29557]  should_fail+0x3c0/0x510
[ 1124.799169][T29557]  should_fail_alloc_page+0x58/0x70
[ 1124.804206][T29557]  __alloc_pages+0x1de/0x7c0
[ 1124.808631][T29557]  ? kmem_cache_alloc+0x189/0x2f0
[ 1124.813579][T29557]  ? __x64_sys_clone+0x289/0x310
06:33:22 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1124.818349][T29557]  ? __count_vm_events+0x30/0x30
[ 1124.823216][T29557]  __get_free_pages+0xe/0x30
[ 1124.827667][T29557]  kasan_populate_vmalloc_pte+0x39/0x130
[ 1124.833113][T29557]  ? __apply_to_page_range+0x8a5/0xb90
[ 1124.838399][T29557]  __apply_to_page_range+0x8b8/0xb90
[ 1124.843519][T29557]  ? kasan_populate_vmalloc+0x70/0x70
[ 1124.848727][T29557]  ? kasan_populate_vmalloc+0x70/0x70
[ 1124.853939][T29557]  apply_to_page_range+0x3b/0x50
[ 1124.858705][T29557]  kasan_populate_vmalloc+0x65/0x70
[ 1124.863740][T29557]  alloc_vmap_area+0x1946/0x1a90
[ 1124.868519][T29557]  ? vm_map_ram+0xa80/0xa80
[ 1124.872872][T29557]  ? __kasan_kmalloc+0x9/0x10
[ 1124.877452][T29557]  ? __get_vm_area_node+0x13a/0x380
[ 1124.882487][T29557]  __get_vm_area_node+0x17b/0x380
[ 1124.887349][T29557]  __vmalloc_node_range+0xda/0x800
[ 1124.892292][T29557]  ? copy_process+0x579/0x3250
[ 1124.897193][T29557]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1124.902036][T29557]  ? dup_task_struct+0x53/0xa60
[ 1124.906736][T29557]  dup_task_struct+0x61f/0xa60
[ 1124.911327][T29557]  ? copy_process+0x579/0x3250
[ 1124.915930][T29557]  ? __kasan_check_write+0x14/0x20
[ 1124.920882][T29557]  copy_process+0x579/0x3250
[ 1124.925388][T29557]  ? __kasan_check_write+0x14/0x20
[ 1124.930331][T29557]  ? proc_fail_nth_write+0x213/0x290
[ 1124.935485][T29557]  ? proc_fail_nth_read+0x220/0x220
[ 1124.940490][T29557]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1124.945457][T29557]  ? vfs_write+0x9af/0x1050
[ 1124.949776][T29557]  ? vmacache_update+0xb7/0x120
[ 1124.954461][T29557]  kernel_clone+0x22d/0x990
[ 1124.958801][T29557]  ? file_end_write+0x1b0/0x1b0
[ 1124.963487][T29557]  ? __kasan_check_write+0x14/0x20
[ 1124.968437][T29557]  ? create_io_thread+0x1e0/0x1e0
[ 1124.973294][T29557]  ? __mutex_lock_slowpath+0x10/0x10
[ 1124.978467][T29557]  __x64_sys_clone+0x289/0x310
[ 1124.983122][T29557]  ? __do_sys_vfork+0x130/0x130
[ 1124.988679][T29557]  ? debug_smp_processor_id+0x17/0x20
[ 1124.993983][T29557]  do_syscall_64+0x44/0xd0
[ 1124.998221][T29557]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1125.003946][T29557] RIP: 0033:0x7f263a8c35a9
[ 1125.008201][T29557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1125.027784][T29557] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1125.036031][T29557] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1125.043874][T29557] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1125.051734][T29557] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1125.059548][T29557] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1125.067356][T29557] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1125.075182][T29557]  </TASK>
06:33:22 executing program 0:
clock_gettime(0x3, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000080)={&(0x7f0000000180)={[0x7]}, 0x8})

06:33:22 executing program 4:
r0 = syz_clone(0x35ce0000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000002080)={0x28, 0xb, r1, {{0xde, 0xfffffffffffffffc, 0x2, r0}}}, 0x28)

06:33:22 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:22 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

06:33:22 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:22 executing program 3:
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000002c0)={0x2, 0x1, &(0x7f0000000000)=""/149, &(0x7f0000000200)=""/166, &(0x7f00000000c0)=""/30, 0x2000}) (async)
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:22 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0xf, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:22 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1125.604136][T29590] FAULT_INJECTION: forcing a failure.
[ 1125.604136][T29590] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1125.637519][T29590] CPU: 1 PID: 29590 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1125.647610][T29590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1125.657500][T29590] Call Trace:
[ 1125.660619][T29590]  <TASK>
[ 1125.663395][T29590]  dump_stack_lvl+0x151/0x1b7
[ 1125.667919][T29590]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1125.673210][T29590]  dump_stack+0x15/0x17
[ 1125.677195][T29590]  should_fail+0x3c0/0x510
[ 1125.681462][T29590]  should_fail_alloc_page+0x58/0x70
[ 1125.686490][T29590]  __alloc_pages+0x1de/0x7c0
[ 1125.690916][T29590]  ? __count_vm_events+0x30/0x30
[ 1125.695779][T29590]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1125.700989][T29590]  __get_free_pages+0xe/0x30
[ 1125.705404][T29590]  kasan_populate_vmalloc_pte+0x39/0x130
[ 1125.710887][T29590]  ? __apply_to_page_range+0x8a5/0xb90
[ 1125.716172][T29590]  __apply_to_page_range+0x8b8/0xb90
[ 1125.721288][T29590]  ? kasan_populate_vmalloc+0x70/0x70
[ 1125.726499][T29590]  ? kasan_populate_vmalloc+0x70/0x70
[ 1125.731808][T29590]  apply_to_page_range+0x3b/0x50
[ 1125.736756][T29590]  kasan_populate_vmalloc+0x65/0x70
[ 1125.741787][T29590]  alloc_vmap_area+0x1946/0x1a90
[ 1125.746566][T29590]  ? vm_map_ram+0xa80/0xa80
[ 1125.750897][T29590]  ? __kasan_kmalloc+0x9/0x10
[ 1125.755416][T29590]  ? __get_vm_area_node+0x13a/0x380
[ 1125.760477][T29590]  __get_vm_area_node+0x17b/0x380
[ 1125.765482][T29590]  __vmalloc_node_range+0xda/0x800
[ 1125.770427][T29590]  ? copy_process+0x579/0x3250
[ 1125.775204][T29590]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1125.780058][T29590]  ? dup_task_struct+0x53/0xa60
[ 1125.784927][T29590]  dup_task_struct+0x61f/0xa60
[ 1125.789516][T29590]  ? copy_process+0x579/0x3250
[ 1125.794124][T29590]  ? __kasan_check_write+0x14/0x20
[ 1125.799062][T29590]  copy_process+0x579/0x3250
[ 1125.803488][T29590]  ? __kasan_check_write+0x14/0x20
[ 1125.808546][T29590]  ? proc_fail_nth_write+0x213/0x290
[ 1125.813666][T29590]  ? proc_fail_nth_read+0x220/0x220
[ 1125.818698][T29590]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1125.823646][T29590]  ? vfs_write+0x9af/0x1050
[ 1125.828002][T29590]  ? vmacache_update+0xb7/0x120
[ 1125.832841][T29590]  kernel_clone+0x22d/0x990
[ 1125.837159][T29590]  ? file_end_write+0x1b0/0x1b0
[ 1125.841828][T29590]  ? __kasan_check_write+0x14/0x20
[ 1125.846788][T29590]  ? create_io_thread+0x1e0/0x1e0
[ 1125.851638][T29590]  ? __mutex_lock_slowpath+0x10/0x10
[ 1125.856759][T29590]  __x64_sys_clone+0x289/0x310
[ 1125.861361][T29590]  ? __do_sys_vfork+0x130/0x130
[ 1125.866042][T29590]  ? debug_smp_processor_id+0x17/0x20
[ 1125.871361][T29590]  do_syscall_64+0x44/0xd0
[ 1125.875616][T29590]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1125.881346][T29590] RIP: 0033:0x7f263a8c35a9
[ 1125.885594][T29590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
06:33:23 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x11, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

[ 1125.905038][T29590] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1125.913288][T29590] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1125.921091][T29590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1125.928903][T29590] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1125.936716][T29590] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1125.944522][T29590] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1125.952339][T29590]  </TASK>
[ 1125.984112][T29616] FAULT_INJECTION: forcing a failure.
[ 1125.984112][T29616] name failslab, interval 1, probability 0, space 0, times 0
[ 1125.996785][T29616] CPU: 1 PID: 29616 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1126.006948][T29616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1126.016840][T29616] Call Trace:
[ 1126.019963][T29616]  <TASK>
[ 1126.022740][T29616]  dump_stack_lvl+0x151/0x1b7
[ 1126.027266][T29616]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1126.032556][T29616]  dump_stack+0x15/0x17
[ 1126.036541][T29616]  should_fail+0x3c0/0x510
[ 1126.040795][T29616]  ? __vmalloc_node_range+0x2e3/0x800
[ 1126.046000][T29616]  __should_failslab+0x9f/0xe0
[ 1126.050605][T29616]  should_failslab+0x9/0x20
[ 1126.054940][T29616]  __kmalloc+0x6d/0x350
[ 1126.058933][T29616]  __vmalloc_node_range+0x2e3/0x800
[ 1126.063969][T29616]  dup_task_struct+0x61f/0xa60
[ 1126.068564][T29616]  ? copy_process+0x579/0x3250
[ 1126.073180][T29616]  ? __kasan_check_write+0x14/0x20
[ 1126.078118][T29616]  copy_process+0x579/0x3250
[ 1126.082542][T29616]  ? __kasan_check_write+0x14/0x20
[ 1126.087488][T29616]  ? proc_fail_nth_write+0x213/0x290
[ 1126.092611][T29616]  ? proc_fail_nth_read+0x220/0x220
[ 1126.097643][T29616]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1126.102594][T29616]  ? vfs_write+0x9af/0x1050
[ 1126.106926][T29616]  ? vmacache_update+0xb7/0x120
[ 1126.111621][T29616]  kernel_clone+0x22d/0x990
[ 1126.115953][T29616]  ? file_end_write+0x1b0/0x1b0
[ 1126.120639][T29616]  ? __kasan_check_write+0x14/0x20
[ 1126.125588][T29616]  ? create_io_thread+0x1e0/0x1e0
[ 1126.130446][T29616]  ? __mutex_lock_slowpath+0x10/0x10
[ 1126.135569][T29616]  __x64_sys_clone+0x289/0x310
[ 1126.140174][T29616]  ? __do_sys_vfork+0x130/0x130
[ 1126.144860][T29616]  ? debug_smp_processor_id+0x17/0x20
[ 1126.150074][T29616]  do_syscall_64+0x44/0xd0
[ 1126.154839][T29616]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1126.160588][T29616] RIP: 0033:0x7f263a8c35a9
[ 1126.164819][T29616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1126.184523][T29616] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1126.192783][T29616] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1126.200577][T29616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1126.208397][T29616] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1126.216311][T29616] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1126.224119][T29616] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1126.231942][T29616]  </TASK>
06:33:23 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0x9, 0xf0800000, 0x9, 0xff, 0x2}, 0x14)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x12, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

06:33:23 executing program 3:
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000002c0)={0x2, 0x1, &(0x7f0000000000)=""/149, &(0x7f0000000200)=""/166, &(0x7f00000000c0)=""/30, 0x2000}) (async)
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:23 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:23 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0x9, 0xf0800000, 0x9, 0xff, 0x2}, 0x14)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4)
clock_gettime(0x0, &(0x7f0000000100)) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0x9, 0xf0800000, 0x9, 0xff, 0x2}, 0x14) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4) (async)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, 0x0, 0x0)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, 0x0, 0x0)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, 0x0, 0x0)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040), 0x8)

[ 1126.457607][T29619] FAULT_INJECTION: forcing a failure.
[ 1126.457607][T29619] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1126.475490][T29619] CPU: 0 PID: 29619 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1126.485564][T29619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1126.495547][T29619] Call Trace:
[ 1126.498670][T29619]  <TASK>
[ 1126.501453][T29619]  dump_stack_lvl+0x151/0x1b7
06:33:23 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0x9, 0xf0800000, 0x9, 0xff, 0x2}, 0x14)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4)
clock_gettime(0x0, &(0x7f0000000100)) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0x9, 0xf0800000, 0x9, 0xff, 0x2}, 0x14) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4) (async)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040), 0x8)

06:33:23 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040), 0x8)

[ 1126.505965][T29619]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1126.511256][T29619]  dump_stack+0x15/0x17
[ 1126.515249][T29619]  should_fail+0x3c0/0x510
[ 1126.519504][T29619]  should_fail_alloc_page+0x58/0x70
[ 1126.524534][T29619]  __alloc_pages+0x1de/0x7c0
[ 1126.528967][T29619]  ? __count_vm_events+0x30/0x30
[ 1126.533735][T29619]  ? __kasan_kmalloc+0x9/0x10
[ 1126.538245][T29619]  ? __kmalloc+0x203/0x350
[ 1126.542508][T29619]  ? __vmalloc_node_range+0x2e3/0x800
[ 1126.547713][T29619]  __vmalloc_node_range+0x48f/0x800
[ 1126.552738][T29619]  dup_task_struct+0x61f/0xa60
[ 1126.557336][T29619]  ? copy_process+0x579/0x3250
[ 1126.561938][T29619]  ? __kasan_check_write+0x14/0x20
[ 1126.566883][T29619]  copy_process+0x579/0x3250
[ 1126.571309][T29619]  ? __kasan_check_write+0x14/0x20
[ 1126.576362][T29619]  ? proc_fail_nth_write+0x213/0x290
[ 1126.581483][T29619]  ? proc_fail_nth_read+0x220/0x220
[ 1126.586520][T29619]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1126.591466][T29619]  ? vfs_write+0x9af/0x1050
[ 1126.595897][T29619]  ? vmacache_update+0xb7/0x120
[ 1126.600595][T29619]  kernel_clone+0x22d/0x990
[ 1126.604925][T29619]  ? file_end_write+0x1b0/0x1b0
[ 1126.609613][T29619]  ? __kasan_check_write+0x14/0x20
[ 1126.614559][T29619]  ? create_io_thread+0x1e0/0x1e0
[ 1126.619425][T29619]  ? __mutex_lock_slowpath+0x10/0x10
[ 1126.624539][T29619]  __x64_sys_clone+0x289/0x310
[ 1126.629139][T29619]  ? __do_sys_vfork+0x130/0x130
[ 1126.633826][T29619]  ? debug_smp_processor_id+0x17/0x20
[ 1126.639034][T29619]  do_syscall_64+0x44/0xd0
[ 1126.643287][T29619]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1126.649012][T29619] RIP: 0033:0x7f263a8c35a9
[ 1126.653267][T29619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1126.672884][T29619] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1126.681220][T29619] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1126.689023][T29619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1126.696833][T29619] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:33:23 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x13, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:23 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

[ 1126.704646][T29619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1126.712455][T29619] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1126.720456][T29619]  </TASK>
[ 1126.738404][T29661] FAULT_INJECTION: forcing a failure.
[ 1126.738404][T29661] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1126.751496][T29661] CPU: 1 PID: 29661 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1126.761495][T29661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1126.771386][T29661] Call Trace:
[ 1126.774515][T29661]  <TASK>
[ 1126.777380][T29661]  dump_stack_lvl+0x151/0x1b7
[ 1126.781889][T29661]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1126.787184][T29661]  dump_stack+0x15/0x17
[ 1126.791175][T29661]  should_fail+0x3c0/0x510
[ 1126.795429][T29661]  should_fail_alloc_page+0x58/0x70
[ 1126.800610][T29661]  __alloc_pages+0x1de/0x7c0
[ 1126.805033][T29661]  ? __count_vm_events+0x30/0x30
[ 1126.809807][T29661]  ? __kasan_kmalloc+0x9/0x10
[ 1126.814320][T29661]  ? __kmalloc+0x203/0x350
[ 1126.818572][T29661]  ? __vmalloc_node_range+0x2e3/0x800
[ 1126.823786][T29661]  __vmalloc_node_range+0x48f/0x800
[ 1126.828818][T29661]  dup_task_struct+0x61f/0xa60
[ 1126.833503][T29661]  ? copy_process+0x579/0x3250
[ 1126.838100][T29661]  ? __kasan_check_write+0x14/0x20
[ 1126.843047][T29661]  copy_process+0x579/0x3250
[ 1126.847473][T29661]  ? __kasan_check_write+0x14/0x20
[ 1126.852417][T29661]  ? proc_fail_nth_write+0x213/0x290
[ 1126.857545][T29661]  ? proc_fail_nth_read+0x220/0x220
[ 1126.862573][T29661]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1126.867522][T29661]  ? vfs_write+0x9af/0x1050
[ 1126.871862][T29661]  ? vmacache_update+0xb7/0x120
[ 1126.876823][T29661]  kernel_clone+0x22d/0x990
[ 1126.881154][T29661]  ? file_end_write+0x1b0/0x1b0
[ 1126.885839][T29661]  ? __kasan_check_write+0x14/0x20
[ 1126.890786][T29661]  ? create_io_thread+0x1e0/0x1e0
[ 1126.895645][T29661]  ? __mutex_lock_slowpath+0x10/0x10
[ 1126.900767][T29661]  __x64_sys_clone+0x289/0x310
[ 1126.905368][T29661]  ? __do_sys_vfork+0x130/0x130
[ 1126.910142][T29661]  ? debug_smp_processor_id+0x17/0x20
[ 1126.915352][T29661]  do_syscall_64+0x44/0xd0
[ 1126.919599][T29661]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1126.925327][T29661] RIP: 0033:0x7f263a8c35a9
[ 1126.929582][T29661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1126.949200][T29661] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1126.957437][T29661] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1126.965250][T29661] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1126.973060][T29661] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1126.980874][T29661] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1126.988725][T29661] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1126.996505][T29661]  </TASK>
06:33:24 executing program 4:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:24 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x0, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:24 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
socket$bt_hidp(0x1f, 0x3, 0x6)

06:33:24 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x14, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x400, 0x400, 0x9, 0x3, 0x1, 0xcb, 0xffffffffffff452b, 0x6}, &(0x7f0000000040)={0x9, 0x2, 0x8, 0x5, 0x965b, 0x5, 0x4b900000, 0x401}, &(0x7f0000000080)={0x8, 0x3f, 0x6, 0x401, 0xaa, 0x0, 0x5, 0x77}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={0x0, @rand_addr, @loopback}, &(0x7f0000000300)=0xc)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x18, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1127.148799][T29673] FAULT_INJECTION: forcing a failure.
[ 1127.148799][T29673] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1127.162519][T29673] CPU: 1 PID: 29673 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1127.172585][T29673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1127.182569][T29673] Call Trace:
[ 1127.185688][T29673]  <TASK>
[ 1127.188466][T29673]  dump_stack_lvl+0x151/0x1b7
[ 1127.192984][T29673]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x19, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x1a, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1127.198281][T29673]  dump_stack+0x15/0x17
[ 1127.202279][T29673]  should_fail+0x3c0/0x510
[ 1127.206519][T29673]  should_fail_alloc_page+0x58/0x70
[ 1127.211556][T29673]  __alloc_pages+0x1de/0x7c0
[ 1127.215985][T29673]  ? __count_vm_events+0x30/0x30
[ 1127.220756][T29673]  ? __kasan_kmalloc+0x9/0x10
[ 1127.225278][T29673]  ? __kmalloc+0x203/0x350
[ 1127.229603][T29673]  ? __vmalloc_node_range+0x2e3/0x800
[ 1127.234814][T29673]  __vmalloc_node_range+0x48f/0x800
[ 1127.239852][T29673]  dup_task_struct+0x61f/0xa60
[ 1127.244452][T29673]  ? copy_process+0x579/0x3250
06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x1b, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1127.249045][T29673]  ? __kasan_check_write+0x14/0x20
[ 1127.253992][T29673]  copy_process+0x579/0x3250
[ 1127.258422][T29673]  ? __kasan_check_write+0x14/0x20
[ 1127.263368][T29673]  ? proc_fail_nth_write+0x213/0x290
[ 1127.268489][T29673]  ? proc_fail_nth_read+0x220/0x220
[ 1127.273524][T29673]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1127.278562][T29673]  ? vfs_write+0x9af/0x1050
[ 1127.282896][T29673]  ? vmacache_update+0xb7/0x120
[ 1127.287588][T29673]  kernel_clone+0x22d/0x990
[ 1127.291923][T29673]  ? file_end_write+0x1b0/0x1b0
[ 1127.296628][T29673]  ? __kasan_check_write+0x14/0x20
[ 1127.301684][T29673]  ? create_io_thread+0x1e0/0x1e0
[ 1127.306632][T29673]  ? __mutex_lock_slowpath+0x10/0x10
[ 1127.311750][T29673]  __x64_sys_clone+0x289/0x310
[ 1127.316352][T29673]  ? __do_sys_vfork+0x130/0x130
[ 1127.321038][T29673]  ? debug_smp_processor_id+0x17/0x20
[ 1127.326474][T29673]  do_syscall_64+0x44/0xd0
[ 1127.330733][T29673]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1127.336456][T29673] RIP: 0033:0x7f263a8c35a9
[ 1127.340710][T29673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1127.360191][T29673] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1127.368396][T29673] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1127.376319][T29673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1127.384130][T29673] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1127.391936][T29673] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1127.399884][T29673] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1127.407812][T29673]  </TASK>
06:33:24 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x0, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:24 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
socket$bt_hidp(0x1f, 0x3, 0x6)
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x1c, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x400, 0x400, 0x9, 0x3, 0x1, 0xcb, 0xffffffffffff452b, 0x6}, &(0x7f0000000040)={0x9, 0x2, 0x8, 0x5, 0x965b, 0x5, 0x4b900000, 0x401}, &(0x7f0000000080)={0x8, 0x3f, 0x6, 0x401, 0xaa, 0x0, 0x5, 0x77}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={0x0, @rand_addr, @loopback}, &(0x7f0000000300)=0xc)

06:33:24 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, 0x0, 0x0)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, 0x0, 0x0)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, 0x0, 0x0)

06:33:24 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040), 0x8)

[ 1127.486697][T29698] FAULT_INJECTION: forcing a failure.
[ 1127.486697][T29698] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1127.502565][T29698] CPU: 0 PID: 29698 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1127.512637][T29698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1127.522533][T29698] Call Trace:
[ 1127.525652][T29698]  <TASK>
[ 1127.528432][T29698]  dump_stack_lvl+0x151/0x1b7
[ 1127.532945][T29698]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1127.538241][T29698]  dump_stack+0x15/0x17
[ 1127.542229][T29698]  should_fail+0x3c0/0x510
[ 1127.546482][T29698]  should_fail_alloc_page+0x58/0x70
[ 1127.551513][T29698]  __alloc_pages+0x1de/0x7c0
[ 1127.555939][T29698]  ? __count_vm_events+0x30/0x30
[ 1127.560719][T29698]  ? __kasan_kmalloc+0x9/0x10
[ 1127.565227][T29698]  ? __kmalloc+0x203/0x350
[ 1127.569479][T29698]  ? __vmalloc_node_range+0x2e3/0x800
[ 1127.574719][T29698]  __vmalloc_node_range+0x48f/0x800
[ 1127.579720][T29698]  dup_task_struct+0x61f/0xa60
[ 1127.584322][T29698]  ? copy_process+0x579/0x3250
[ 1127.588920][T29698]  ? __kasan_check_write+0x14/0x20
[ 1127.593869][T29698]  copy_process+0x579/0x3250
[ 1127.598294][T29698]  ? __kasan_check_write+0x14/0x20
[ 1127.603238][T29698]  ? proc_fail_nth_write+0x213/0x290
[ 1127.608359][T29698]  ? proc_fail_nth_read+0x220/0x220
[ 1127.613415][T29698]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1127.618350][T29698]  ? vfs_write+0x9af/0x1050
[ 1127.622680][T29698]  ? vmacache_update+0xb7/0x120
[ 1127.627371][T29698]  kernel_clone+0x22d/0x990
[ 1127.631711][T29698]  ? file_end_write+0x1b0/0x1b0
[ 1127.636411][T29698]  ? __kasan_check_write+0x14/0x20
[ 1127.641884][T29698]  ? create_io_thread+0x1e0/0x1e0
[ 1127.646810][T29698]  ? __mutex_lock_slowpath+0x10/0x10
[ 1127.651932][T29698]  __x64_sys_clone+0x289/0x310
[ 1127.656535][T29698]  ? __do_sys_vfork+0x130/0x130
[ 1127.661396][T29698]  ? debug_smp_processor_id+0x17/0x20
[ 1127.667131][T29698]  do_syscall_64+0x44/0xd0
[ 1127.671483][T29698]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1127.677212][T29698] RIP: 0033:0x7f263a8c35a9
[ 1127.681579][T29698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1127.701221][T29698] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1127.709466][T29698] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1127.717276][T29698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1127.725524][T29698] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1127.733421][T29698] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1127.741409][T29698] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1127.749479][T29698]  </TASK>
06:33:25 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x0, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:25 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6)

06:33:25 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040), 0x8)

06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:25 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

06:33:25 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x400, 0x400, 0x9, 0x3, 0x1, 0xcb, 0xffffffffffff452b, 0x6}, &(0x7f0000000040)={0x9, 0x2, 0x8, 0x5, 0x965b, 0x5, 0x4b900000, 0x401}, &(0x7f0000000080)={0x8, 0x3f, 0x6, 0x401, 0xaa, 0x0, 0x5, 0x77}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8}) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={0x0, @rand_addr, @loopback}, &(0x7f0000000300)=0xc)

06:33:25 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040), 0x8)

06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1128.324614][T29734] FAULT_INJECTION: forcing a failure.
[ 1128.324614][T29734] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1128.340587][T29734] CPU: 0 PID: 29734 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1128.350668][T29734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1128.361168][T29734] Call Trace:
[ 1128.364309][T29734]  <TASK>
[ 1128.367085][T29734]  dump_stack_lvl+0x151/0x1b7
06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x7ffffffe}, 0x8)

06:33:25 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, 0x0)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1128.371769][T29734]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1128.377136][T29734]  dump_stack+0x15/0x17
[ 1128.381129][T29734]  should_fail+0x3c0/0x510
[ 1128.386523][T29734]  should_fail_alloc_page+0x58/0x70
[ 1128.391557][T29734]  __alloc_pages+0x1de/0x7c0
[ 1128.396192][T29734]  ? __count_vm_events+0x30/0x30
[ 1128.400966][T29734]  ? __kasan_kmalloc+0x9/0x10
[ 1128.405907][T29734]  ? __kmalloc+0x203/0x350
[ 1128.410246][T29734]  ? __vmalloc_node_range+0x2e3/0x800
[ 1128.415454][T29734]  __vmalloc_node_range+0x48f/0x800
[ 1128.420486][T29734]  dup_task_struct+0x61f/0xa60
06:33:25 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x20000048)

[ 1128.425085][T29734]  ? copy_process+0x579/0x3250
[ 1128.429701][T29734]  ? __kasan_check_write+0x14/0x20
[ 1128.434635][T29734]  copy_process+0x579/0x3250
[ 1128.439120][T29734]  ? __kasan_check_write+0x14/0x20
[ 1128.444103][T29734]  ? proc_fail_nth_write+0x213/0x290
[ 1128.449212][T29734]  ? proc_fail_nth_read+0x220/0x220
[ 1128.454356][T29734]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1128.459286][T29734]  ? vfs_write+0x9af/0x1050
[ 1128.463622][T29734]  ? vmacache_update+0xb7/0x120
[ 1128.468325][T29734]  kernel_clone+0x22d/0x990
[ 1128.472643][T29734]  ? file_end_write+0x1b0/0x1b0
[ 1128.477884][T29734]  ? __kasan_check_write+0x14/0x20
[ 1128.482827][T29734]  ? create_io_thread+0x1e0/0x1e0
[ 1128.487781][T29734]  ? __mutex_lock_slowpath+0x10/0x10
[ 1128.492900][T29734]  __x64_sys_clone+0x289/0x310
[ 1128.497510][T29734]  ? __do_sys_vfork+0x130/0x130
[ 1128.502306][T29734]  ? debug_smp_processor_id+0x17/0x20
[ 1128.507626][T29734]  do_syscall_64+0x44/0xd0
[ 1128.511877][T29734]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1128.517588][T29734] RIP: 0033:0x7f263a8c35a9
[ 1128.521836][T29734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1128.541387][T29734] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1128.549627][T29734] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1128.557449][T29734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1128.565255][T29734] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1128.573165][T29734] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1128.581064][T29734] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1128.588889][T29734]  </TASK>
06:33:26 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x80, 0xc8cc, 0xca30, 0x40, 0x20, 0x9}, &(0x7f0000000040)={0x984, 0x5, 0x8000, 0x80, 0xfd, 0x4, 0x0, 0x9}, &(0x7f0000000080)={0xea3, 0x5, 0x6, 0xb7, 0x1f, 0x9, 0x8, 0xff}, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200)={[0x6]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f0000000340)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000280)={0x1000, 0x9, 0x7, 0x0, 0x63b, 0x7, 0x81, 0x9}, &(0x7f00000002c0)={0xe0b8, 0x9, 0x7, 0x6, 0x0, 0x8000000000000001, 0xffffffffffffffc3, 0x2}, &(0x7f0000000300)={0x7, 0x5, 0x6, 0x10001, 0x37, 0x100000001, 0x4, 0x3}, &(0x7f0000000380)={r1, r2+60000000}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x7fffffffffffffff]}, 0x8})
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000005c0), &(0x7f0000000600)=0x4)
pselect6(0x40, &(0x7f0000000440)={0x40, 0x2213, 0xff, 0x5, 0x7fffffffffffffff, 0x8, 0x4, 0x9}, &(0x7f0000000480)={0x5, 0x1ff, 0x6, 0x7fd, 0x8, 0x4, 0x5, 0x12231ac68000}, &(0x7f00000004c0)={0x3, 0x7, 0x3, 0x8, 0x3f, 0x9, 0x303e9e46, 0x8}, &(0x7f0000000500), &(0x7f0000000580)={&(0x7f0000000540)={[0x7]}, 0x8})

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

06:33:26 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x40, &(0x7f00000002c0)={0x8, 0x9185, 0x6, 0x34, 0xa8c, 0x0, 0x4, 0x51}, &(0x7f0000000300)={0xfffffffffffffff7, 0x3, 0x1, 0x10000, 0x7f, 0x80000000, 0x0, 0x100000001}, &(0x7f0000000340)={0x7ff, 0x309, 0xffffffffffffffff, 0x9, 0x7, 0x7, 0x80, 0x6}, &(0x7f0000000380)={0x77359400}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x1d7c000000]}, 0x8})
r1 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000200)="9040e034d47e2a9af744d60932c80fc06fa52e9430ee0a0963f75870d08c33862fd4adad28a6cce2115b9a06f70595c436366c96583efd7fcd288b4dffd229d10f20d26fb16f1991697b118f3c06263fc3472cb107334e621a5d10c1e9f5f58cdd58ce4b506f7261a3c31bb0d947b35b2cb6c4f1ebbc29e5f2450be165a0cf93f7e1a2f60762fd7ada48bdd896977f1da80e6ae94341712acbc28ed4bcb4f21dd0e4ce0dc0b85b3e793683cf0de35765d1489e0b", 0xb4, 0xfffffffffffffff9)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffff9c, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000000000001000000000000000000000000000000000000000000000000000000000000000009090000", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000123b2f16243c391936"])
pselect6(0x40, &(0x7f0000000440)={0x8, 0x6, 0x1, 0x3, 0xd3, 0x0, 0x6da, 0xfffffffffffffff8}, &(0x7f0000000480)={0x8, 0x9, 0x0, 0xffffffff, 0x10000, 0x7, 0x5, 0x9}, &(0x7f00000004c0)={0x2c1, 0x1ff, 0xffffffffffffffff, 0xc0, 0xfffffffffffffffc, 0xb69, 0x80000001, 0x5}, &(0x7f0000000500)={0x0, 0x989680}, &(0x7f0000000580)={&(0x7f0000000540)={[0xfff]}, 0x8})

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, 0x0, 0x0)

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8) (async)

[ 1128.913035][T29763] FAULT_INJECTION: forcing a failure.
[ 1128.913035][T29763] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.928738][T29763] CPU: 0 PID: 29763 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1128.938900][T29763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1128.948791][T29763] Call Trace:
[ 1128.951914][T29763]  <TASK>
[ 1128.954693][T29763]  dump_stack_lvl+0x151/0x1b7
[ 1128.959206][T29763]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1128.964498][T29763]  ? _raw_spin_lock+0xa3/0x1b0
[ 1128.969097][T29763]  ? dup_fd+0x51f/0xa40
[ 1128.973094][T29763]  dump_stack+0x15/0x17
[ 1128.977524][T29763]  should_fail+0x3c0/0x510
[ 1128.981779][T29763]  __should_failslab+0x9f/0xe0
[ 1128.986894][T29763]  should_failslab+0x9/0x20
[ 1128.991239][T29763]  kmem_cache_alloc+0x4f/0x2f0
[ 1128.995846][T29763]  ? copy_fs_struct+0x4e/0x230
[ 1129.000646][T29763]  copy_fs_struct+0x4e/0x230
[ 1129.005073][T29763]  copy_fs+0x72/0x140
[ 1129.008893][T29763]  copy_process+0x1214/0x3250
[ 1129.013407][T29763]  ? proc_fail_nth_write+0x213/0x290
[ 1129.018531][T29763]  ? proc_fail_nth_read+0x220/0x220
[ 1129.023561][T29763]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1129.028507][T29763]  ? vfs_write+0x9af/0x1050
[ 1129.032849][T29763]  ? vmacache_update+0xb7/0x120
[ 1129.037622][T29763]  kernel_clone+0x22d/0x990
[ 1129.041963][T29763]  ? file_end_write+0x1b0/0x1b0
[ 1129.046755][T29763]  ? __kasan_check_write+0x14/0x20
[ 1129.051703][T29763]  ? create_io_thread+0x1e0/0x1e0
[ 1129.056569][T29763]  ? __mutex_lock_slowpath+0x10/0x10
[ 1129.061773][T29763]  __x64_sys_clone+0x289/0x310
[ 1129.066456][T29763]  ? __do_sys_vfork+0x130/0x130
[ 1129.071266][T29763]  ? debug_smp_processor_id+0x17/0x20
[ 1129.076473][T29763]  do_syscall_64+0x44/0xd0
[ 1129.080820][T29763]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1129.086641][T29763] RIP: 0033:0x7f263a8c35a9
[ 1129.091063][T29763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
06:33:26 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, 0x0)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4}, 0x3d205c9a99765f86)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, 0x0, 0x0)

06:33:26 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x40, &(0x7f00000002c0)={0x8, 0x9185, 0x6, 0x34, 0xa8c, 0x0, 0x4, 0x51}, &(0x7f0000000300)={0xfffffffffffffff7, 0x3, 0x1, 0x10000, 0x7f, 0x80000000, 0x0, 0x100000001}, &(0x7f0000000340)={0x7ff, 0x309, 0xffffffffffffffff, 0x9, 0x7, 0x7, 0x80, 0x6}, &(0x7f0000000380)={0x77359400}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x1d7c000000]}, 0x8})
r1 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000200)="9040e034d47e2a9af744d60932c80fc06fa52e9430ee0a0963f75870d08c33862fd4adad28a6cce2115b9a06f70595c436366c96583efd7fcd288b4dffd229d10f20d26fb16f1991697b118f3c06263fc3472cb107334e621a5d10c1e9f5f58cdd58ce4b506f7261a3c31bb0d947b35b2cb6c4f1ebbc29e5f2450be165a0cf93f7e1a2f60762fd7ada48bdd896977f1da80e6ae94341712acbc28ed4bcb4f21dd0e4ce0dc0b85b3e793683cf0de35765d1489e0b", 0xb4, 0xfffffffffffffff9)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffff9c, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000000000001000000000000000000000000000000000000000000000000000000000000000009090000", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000123b2f16243c391936"])
pselect6(0x40, &(0x7f0000000440)={0x8, 0x6, 0x1, 0x3, 0xd3, 0x0, 0x6da, 0xfffffffffffffff8}, &(0x7f0000000480)={0x8, 0x9, 0x0, 0xffffffff, 0x10000, 0x7, 0x5, 0x9}, &(0x7f00000004c0)={0x2c1, 0x1ff, 0xffffffffffffffff, 0xc0, 0xfffffffffffffffc, 0xb69, 0x80000001, 0x5}, &(0x7f0000000500)={0x0, 0x989680}, &(0x7f0000000580)={&(0x7f0000000540)={[0xfff]}, 0x8})
clock_gettime(0x5, &(0x7f0000000100)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
pselect6(0x40, &(0x7f00000002c0)={0x8, 0x9185, 0x6, 0x34, 0xa8c, 0x0, 0x4, 0x51}, &(0x7f0000000300)={0xfffffffffffffff7, 0x3, 0x1, 0x10000, 0x7f, 0x80000000, 0x0, 0x100000001}, &(0x7f0000000340)={0x7ff, 0x309, 0xffffffffffffffff, 0x9, 0x7, 0x7, 0x80, 0x6}, &(0x7f0000000380)={0x77359400}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x1d7c000000]}, 0x8}) (async)
add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000200)="9040e034d47e2a9af744d60932c80fc06fa52e9430ee0a0963f75870d08c33862fd4adad28a6cce2115b9a06f70595c436366c96583efd7fcd288b4dffd229d10f20d26fb16f1991697b118f3c06263fc3472cb107334e621a5d10c1e9f5f58cdd58ce4b506f7261a3c31bb0d947b35b2cb6c4f1ebbc29e5f2450be165a0cf93f7e1a2f60762fd7ada48bdd896977f1da80e6ae94341712acbc28ed4bcb4f21dd0e4ce0dc0b85b3e793683cf0de35765d1489e0b", 0xb4, 0xfffffffffffffff9) (async)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffff9c, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000000000001000000000000000000000000000000000000000000000000000000000000000009090000", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000123b2f16243c391936"]) (async)
pselect6(0x40, &(0x7f0000000440)={0x8, 0x6, 0x1, 0x3, 0xd3, 0x0, 0x6da, 0xfffffffffffffff8}, &(0x7f0000000480)={0x8, 0x9, 0x0, 0xffffffff, 0x10000, 0x7, 0x5, 0x9}, &(0x7f00000004c0)={0x2c1, 0x1ff, 0xffffffffffffffff, 0xc0, 0xfffffffffffffffc, 0xb69, 0x80000001, 0x5}, &(0x7f0000000500)={0x0, 0x989680}, &(0x7f0000000580)={&(0x7f0000000540)={[0xfff]}, 0x8}) (async)

06:33:26 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x80, 0xc8cc, 0xca30, 0x40, 0x20, 0x9}, &(0x7f0000000040)={0x984, 0x5, 0x8000, 0x80, 0xfd, 0x4, 0x0, 0x9}, &(0x7f0000000080)={0xea3, 0x5, 0x6, 0xb7, 0x1f, 0x9, 0x8, 0xff}, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200)={[0x6]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x0, &(0x7f0000000340)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000280)={0x1000, 0x9, 0x7, 0x0, 0x63b, 0x7, 0x81, 0x9}, &(0x7f00000002c0)={0xe0b8, 0x9, 0x7, 0x6, 0x0, 0x8000000000000001, 0xffffffffffffffc3, 0x2}, &(0x7f0000000300)={0x7, 0x5, 0x6, 0x10001, 0x37, 0x100000001, 0x4, 0x3}, &(0x7f0000000380)={r1, r2+60000000}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x7fffffffffffffff]}, 0x8}) (async)
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000005c0), &(0x7f0000000600)=0x4) (async)
pselect6(0x40, &(0x7f0000000440)={0x40, 0x2213, 0xff, 0x5, 0x7fffffffffffffff, 0x8, 0x4, 0x9}, &(0x7f0000000480)={0x5, 0x1ff, 0x6, 0x7fd, 0x8, 0x4, 0x5, 0x12231ac68000}, &(0x7f00000004c0)={0x3, 0x7, 0x3, 0x8, 0x3f, 0x9, 0x303e9e46, 0x8}, &(0x7f0000000500), &(0x7f0000000580)={&(0x7f0000000540)={[0x7]}, 0x8})

06:33:26 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, 0x0, 0x0)

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4}, 0x3d205c9a99765f86)

[ 1129.111934][T29763] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1129.120445][T29763] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1129.128513][T29763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1129.136327][T29763] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1129.144509][T29763] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1129.152677][T29763] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1129.160759][T29763]  </TASK>
06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040), 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040), 0x8)

06:33:26 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4}, 0x3d205c9a99765f86)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4}, 0x3d205c9a99765f86) (async)

[ 1129.189863][T29788] FAULT_INJECTION: forcing a failure.
[ 1129.189863][T29788] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1129.203391][T29788] CPU: 0 PID: 29788 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1129.213663][T29788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1129.223626][T29788] Call Trace:
[ 1129.226834][T29788]  <TASK>
[ 1129.229613][T29788]  dump_stack_lvl+0x151/0x1b7
[ 1129.234135][T29788]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x23, &(0x7f0000000040), 0x8)

[ 1129.239678][T29788]  dump_stack+0x15/0x17
[ 1129.243928][T29788]  should_fail+0x3c0/0x510
[ 1129.248199][T29788]  should_fail_alloc_page+0x58/0x70
[ 1129.253315][T29788]  __alloc_pages+0x1de/0x7c0
[ 1129.258256][T29788]  ? __count_vm_events+0x30/0x30
[ 1129.263132][T29788]  ? __kasan_kmalloc+0x9/0x10
[ 1129.267714][T29788]  ? __kmalloc+0x203/0x350
[ 1129.272170][T29788]  ? __vmalloc_node_range+0x2e3/0x800
[ 1129.277651][T29788]  __vmalloc_node_range+0x48f/0x800
[ 1129.282780][T29788]  dup_task_struct+0x61f/0xa60
[ 1129.287751][T29788]  ? copy_process+0x579/0x3250
[ 1129.292341][T29788]  ? __kasan_check_write+0x14/0x20
[ 1129.297279][T29788]  copy_process+0x579/0x3250
[ 1129.301726][T29788]  ? __kasan_check_write+0x14/0x20
[ 1129.306653][T29788]  ? proc_fail_nth_write+0x213/0x290
[ 1129.311776][T29788]  ? proc_fail_nth_read+0x220/0x220
[ 1129.316809][T29788]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1129.321764][T29788]  ? vfs_write+0x9af/0x1050
[ 1129.326213][T29788]  ? vmacache_update+0xb7/0x120
[ 1129.330867][T29788]  kernel_clone+0x22d/0x990
[ 1129.335218][T29788]  ? file_end_write+0x1b0/0x1b0
[ 1129.340069][T29788]  ? __kasan_check_write+0x14/0x20
[ 1129.350051][T29788]  ? create_io_thread+0x1e0/0x1e0
[ 1129.354997][T29788]  ? __mutex_lock_slowpath+0x10/0x10
[ 1129.360116][T29788]  __x64_sys_clone+0x289/0x310
[ 1129.364719][T29788]  ? __do_sys_vfork+0x130/0x130
[ 1129.369436][T29788]  ? debug_smp_processor_id+0x17/0x20
[ 1129.374612][T29788]  do_syscall_64+0x44/0xd0
[ 1129.379733][T29788]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1129.385458][T29788] RIP: 0033:0x7f263a8c35a9
[ 1129.391240][T29788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1129.410786][T29788] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1129.419106][T29788] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1129.426916][T29788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1129.434732][T29788] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1129.442540][T29788] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1129.451614][T29788] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1129.459454][T29788]  </TASK>
06:33:26 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, 0x0)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:26 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0x1, 0x1f, 0x15b5, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3, 0x8}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x40, &(0x7f00000002c0)={0x8, 0x9185, 0x6, 0x34, 0xa8c, 0x0, 0x4, 0x51}, &(0x7f0000000300)={0xfffffffffffffff7, 0x3, 0x1, 0x10000, 0x7f, 0x80000000, 0x0, 0x100000001}, &(0x7f0000000340)={0x7ff, 0x309, 0xffffffffffffffff, 0x9, 0x7, 0x7, 0x80, 0x6}, &(0x7f0000000380)={0x77359400}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x1d7c000000]}, 0x8})
r1 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000200)="9040e034d47e2a9af744d60932c80fc06fa52e9430ee0a0963f75870d08c33862fd4adad28a6cce2115b9a06f70595c436366c96583efd7fcd288b4dffd229d10f20d26fb16f1991697b118f3c06263fc3472cb107334e621a5d10c1e9f5f58cdd58ce4b506f7261a3c31bb0d947b35b2cb6c4f1ebbc29e5f2450be165a0cf93f7e1a2f60762fd7ada48bdd896977f1da80e6ae94341712acbc28ed4bcb4f21dd0e4ce0dc0b85b3e793683cf0de35765d1489e0b", 0xb4, 0xfffffffffffffff9)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffff9c, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000000000001000000000000000000000000000000000000000000000000000000000000000009090000", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000123b2f16243c391936"])
pselect6(0x40, &(0x7f0000000440)={0x8, 0x6, 0x1, 0x3, 0xd3, 0x0, 0x6da, 0xfffffffffffffff8}, &(0x7f0000000480)={0x8, 0x9, 0x0, 0xffffffff, 0x10000, 0x7, 0x5, 0x9}, &(0x7f00000004c0)={0x2c1, 0x1ff, 0xffffffffffffffff, 0xc0, 0xfffffffffffffffc, 0xb69, 0x80000001, 0x5}, &(0x7f0000000500)={0x0, 0x989680}, &(0x7f0000000580)={&(0x7f0000000540)={[0xfff]}, 0x8})
clock_gettime(0x5, &(0x7f0000000100)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
pselect6(0x40, &(0x7f00000002c0)={0x8, 0x9185, 0x6, 0x34, 0xa8c, 0x0, 0x4, 0x51}, &(0x7f0000000300)={0xfffffffffffffff7, 0x3, 0x1, 0x10000, 0x7f, 0x80000000, 0x0, 0x100000001}, &(0x7f0000000340)={0x7ff, 0x309, 0xffffffffffffffff, 0x9, 0x7, 0x7, 0x80, 0x6}, &(0x7f0000000380)={0x77359400}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x1d7c000000]}, 0x8}) (async)
add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000200)="9040e034d47e2a9af744d60932c80fc06fa52e9430ee0a0963f75870d08c33862fd4adad28a6cce2115b9a06f70595c436366c96583efd7fcd288b4dffd229d10f20d26fb16f1991697b118f3c06263fc3472cb107334e621a5d10c1e9f5f58cdd58ce4b506f7261a3c31bb0d947b35b2cb6c4f1ebbc29e5f2450be165a0cf93f7e1a2f60762fd7ada48bdd896977f1da80e6ae94341712acbc28ed4bcb4f21dd0e4ce0dc0b85b3e793683cf0de35765d1489e0b", 0xb4, 0xfffffffffffffff9) (async)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffff9c, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000000000001000000000000000000000000000000000000000000000000000000000000000009090000", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000123b2f16243c391936"]) (async)
pselect6(0x40, &(0x7f0000000440)={0x8, 0x6, 0x1, 0x3, 0xd3, 0x0, 0x6da, 0xfffffffffffffff8}, &(0x7f0000000480)={0x8, 0x9, 0x0, 0xffffffff, 0x10000, 0x7, 0x5, 0x9}, &(0x7f00000004c0)={0x2c1, 0x1ff, 0xffffffffffffffff, 0xc0, 0xfffffffffffffffc, 0xb69, 0x80000001, 0x5}, &(0x7f0000000500)={0x0, 0x989680}, &(0x7f0000000580)={&(0x7f0000000540)={[0xfff]}, 0x8}) (async)

06:33:26 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

06:33:26 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x80, 0xc8cc, 0xca30, 0x40, 0x20, 0x9}, &(0x7f0000000040)={0x984, 0x5, 0x8000, 0x80, 0xfd, 0x4, 0x0, 0x9}, &(0x7f0000000080)={0xea3, 0x5, 0x6, 0xb7, 0x1f, 0x9, 0x8, 0xff}, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200)={[0x6]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x0, &(0x7f0000000340)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000280)={0x1000, 0x9, 0x7, 0x0, 0x63b, 0x7, 0x81, 0x9}, &(0x7f00000002c0)={0xe0b8, 0x9, 0x7, 0x6, 0x0, 0x8000000000000001, 0xffffffffffffffc3, 0x2}, &(0x7f0000000300)={0x7, 0x5, 0x6, 0x10001, 0x37, 0x100000001, 0x4, 0x3}, &(0x7f0000000380)={r1, r2+60000000}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x7fffffffffffffff]}, 0x8}) (async)
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000005c0), &(0x7f0000000600)=0x4) (async)
pselect6(0x40, &(0x7f0000000440)={0x40, 0x2213, 0xff, 0x5, 0x7fffffffffffffff, 0x8, 0x4, 0x9}, &(0x7f0000000480)={0x5, 0x1ff, 0x6, 0x7fd, 0x8, 0x4, 0x5, 0x12231ac68000}, &(0x7f00000004c0)={0x3, 0x7, 0x3, 0x8, 0x3f, 0x9, 0x303e9e46, 0x8}, &(0x7f0000000500), &(0x7f0000000580)={&(0x7f0000000540)={[0x7]}, 0x8})

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0x1, 0x1f, 0x15b5, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3, 0x8}, 0x48) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:26 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0x1, 0x1f, 0x15b5, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3, 0x8}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:27 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x923}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x3}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/27, 0x1b, <r0=>0x0, &(0x7f00000000c0)=""/3, 0x3}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, 0x0, 0x0)

[ 1129.824686][T29822] FAULT_INJECTION: forcing a failure.
[ 1129.824686][T29822] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1129.842219][T29822] CPU: 1 PID: 29822 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1129.852303][T29822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1129.862285][T29822] Call Trace:
[ 1129.865412][T29822]  <TASK>
[ 1129.868189][T29822]  dump_stack_lvl+0x151/0x1b7
[ 1129.872719][T29822]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1129.878083][T29822]  dump_stack+0x15/0x17
[ 1129.882307][T29822]  should_fail+0x3c0/0x510
[ 1129.886535][T29822]  should_fail_alloc_page+0x58/0x70
[ 1129.891572][T29822]  __alloc_pages+0x1de/0x7c0
[ 1129.895998][T29822]  ? __count_vm_events+0x30/0x30
[ 1129.900772][T29822]  ? __kasan_kmalloc+0x9/0x10
[ 1129.905283][T29822]  ? __kmalloc+0x203/0x350
[ 1129.909534][T29822]  ? __vmalloc_node_range+0x2e3/0x800
[ 1129.914738][T29822]  __vmalloc_node_range+0x48f/0x800
[ 1129.919781][T29822]  dup_task_struct+0x61f/0xa60
[ 1129.924475][T29822]  ? copy_process+0x579/0x3250
[ 1129.929166][T29822]  ? __kasan_check_write+0x14/0x20
[ 1129.934111][T29822]  copy_process+0x579/0x3250
[ 1129.938552][T29822]  ? __kasan_check_write+0x14/0x20
[ 1129.943481][T29822]  ? proc_fail_nth_write+0x213/0x290
[ 1129.948601][T29822]  ? proc_fail_nth_read+0x220/0x220
[ 1129.953646][T29822]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1129.958895][T29822]  ? vfs_write+0x9af/0x1050
[ 1129.963214][T29822]  ? vmacache_update+0xb7/0x120
[ 1129.967899][T29822]  kernel_clone+0x22d/0x990
[ 1129.972483][T29822]  ? file_end_write+0x1b0/0x1b0
[ 1129.977160][T29822]  ? __kasan_check_write+0x14/0x20
[ 1129.982142][T29822]  ? create_io_thread+0x1e0/0x1e0
[ 1129.987043][T29822]  ? __mutex_lock_slowpath+0x10/0x10
[ 1129.992260][T29822]  __x64_sys_clone+0x289/0x310
[ 1129.996852][T29822]  ? __do_sys_vfork+0x130/0x130
[ 1130.001543][T29822]  ? debug_smp_processor_id+0x17/0x20
[ 1130.006747][T29822]  do_syscall_64+0x44/0xd0
[ 1130.010998][T29822]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.016750][T29822] RIP: 0033:0x7f263a8c35a9
[ 1130.020997][T29822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1130.040427][T29822] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1130.048799][T29822] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1130.056700][T29822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1130.064516][T29822] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1130.072468][T29822] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1130.080276][T29822] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1130.088107][T29822]  </TASK>
06:33:27 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:27 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x923}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x3}, 0x8) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/27, 0x1b, <r0=>0x0, &(0x7f00000000c0)=""/3, 0x3}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, 0x0, 0x0)

06:33:27 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

06:33:27 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x6, 0xfffffffffffffffa, 0x2, 0x5, 0x40d5, 0x9, 0x9, 0x5}, &(0x7f0000000040)={0x7, 0x9, 0x1f, 0x0, 0x3, 0x8, 0x800, 0x8}, &(0x7f0000000080)={0xffffffff, 0x10001, 0x642, 0x3, 0xffffffffffffffff, 0x400, 0x8000}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0xb33]}, 0x8})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

[ 1130.282130][T29853] FAULT_INJECTION: forcing a failure.
[ 1130.282130][T29853] name failslab, interval 1, probability 0, space 0, times 0
[ 1130.294893][T29853] CPU: 1 PID: 29853 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1130.305637][T29853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1130.315901][T29853] Call Trace:
[ 1130.319007][T29853]  <TASK>
[ 1130.321872][T29853]  dump_stack_lvl+0x151/0x1b7
[ 1130.326475][T29853]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1130.332264][T29853]  ? __this_cpu_preempt_check+0x13/0x20
[ 1130.337645][T29853]  dump_stack+0x15/0x17
[ 1130.341633][T29853]  should_fail+0x3c0/0x510
[ 1130.345989][T29853]  __should_failslab+0x9f/0xe0
[ 1130.350665][T29853]  should_failslab+0x9/0x20
[ 1130.355003][T29853]  kmem_cache_alloc+0x4f/0x2f0
[ 1130.359684][T29853]  ? __kasan_check_write+0x14/0x20
[ 1130.364633][T29853]  ? prepare_creds+0x30/0x690
[ 1130.369156][T29853]  ? _raw_spin_lock_irqsave+0xf8/0x210
[ 1130.374442][T29853]  prepare_creds+0x30/0x690
[ 1130.378784][T29853]  copy_creds+0xde/0x640
[ 1130.382969][T29853]  copy_process+0x775/0x3250
[ 1130.387612][T29853]  ? __kasan_check_write+0x14/0x20
[ 1130.392637][T29853]  ? proc_fail_nth_write+0x213/0x290
[ 1130.397770][T29853]  ? proc_fail_nth_read+0x220/0x220
[ 1130.402797][T29853]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1130.407867][T29853]  ? vfs_write+0x9af/0x1050
[ 1130.412266][T29853]  ? vmacache_update+0xb7/0x120
[ 1130.417091][T29853]  kernel_clone+0x22d/0x990
[ 1130.421416][T29853]  ? file_end_write+0x1b0/0x1b0
[ 1130.426265][T29853]  ? __kasan_check_write+0x14/0x20
[ 1130.431192][T29853]  ? create_io_thread+0x1e0/0x1e0
[ 1130.436158][T29853]  ? __mutex_lock_slowpath+0x10/0x10
[ 1130.442064][T29853]  __x64_sys_clone+0x289/0x310
[ 1130.446955][T29853]  ? __do_sys_vfork+0x130/0x130
[ 1130.451634][T29853]  ? debug_smp_processor_id+0x17/0x20
[ 1130.456971][T29853]  do_syscall_64+0x44/0xd0
[ 1130.461210][T29853]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.467202][T29853] RIP: 0033:0x7f263a8c35a9
[ 1130.471447][T29853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1130.491281][T29853] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1130.499503][T29853] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1130.507306][T29853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1130.515147][T29853] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1130.523019][T29853] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1130.531106][T29853] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1130.539038][T29853]  </TASK>
06:33:27 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
sched_rr_get_interval(0x0, &(0x7f0000000000))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:27 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x923}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x3}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/27, 0x1b, <r0=>0x0, &(0x7f00000000c0)=""/3, 0x3}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x923}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x3}, 0x8) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/27, 0x1b, 0x0, &(0x7f00000000c0)=""/3, 0x3}}, 0x10) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4) (async)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, 0x0, 0x0)

06:33:27 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040), 0x8)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040), 0x8)

06:33:27 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x22, &(0x7f0000000040), 0x8)

[ 1130.674421][T29866] FAULT_INJECTION: forcing a failure.
[ 1130.674421][T29866] name failslab, interval 1, probability 0, space 0, times 0
[ 1130.687253][T29866] CPU: 1 PID: 29866 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1130.698030][T29866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1130.707932][T29866] Call Trace:
[ 1130.711046][T29866]  <TASK>
[ 1130.713822][T29866]  dump_stack_lvl+0x151/0x1b7
[ 1130.718464][T29866]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1130.723718][T29866]  dump_stack+0x15/0x17
[ 1130.730750][T29866]  should_fail+0x3c0/0x510
[ 1130.735083][T29866]  ? security_prepare_creds+0x50/0x160
[ 1130.740468][T29866]  __should_failslab+0x9f/0xe0
[ 1130.745063][T29866]  should_failslab+0x9/0x20
[ 1130.749405][T29866]  __kmalloc+0x6d/0x350
[ 1130.753407][T29866]  security_prepare_creds+0x50/0x160
[ 1130.758603][T29866]  prepare_creds+0x471/0x690
[ 1130.763120][T29866]  copy_creds+0xde/0x640
[ 1130.767197][T29866]  copy_process+0x775/0x3250
[ 1130.771624][T29866]  ? __kasan_check_write+0x14/0x20
[ 1130.776574][T29866]  ? proc_fail_nth_write+0x213/0x290
[ 1130.781695][T29866]  ? proc_fail_nth_read+0x220/0x220
[ 1130.786899][T29866]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1130.792106][T29866]  ? vfs_write+0x9af/0x1050
[ 1130.796639][T29866]  ? vmacache_update+0xb7/0x120
[ 1130.801324][T29866]  kernel_clone+0x22d/0x990
[ 1130.805761][T29866]  ? file_end_write+0x1b0/0x1b0
[ 1130.810795][T29866]  ? __kasan_check_write+0x14/0x20
[ 1130.815740][T29866]  ? create_io_thread+0x1e0/0x1e0
[ 1130.821294][T29866]  ? __mutex_lock_slowpath+0x10/0x10
[ 1130.826417][T29866]  __x64_sys_clone+0x289/0x310
[ 1130.831016][T29866]  ? __do_sys_vfork+0x130/0x130
[ 1130.835715][T29866]  ? debug_smp_processor_id+0x17/0x20
[ 1130.841213][T29866]  do_syscall_64+0x44/0xd0
[ 1130.845468][T29866]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.851197][T29866] RIP: 0033:0x7f263a8c35a9
[ 1130.855446][T29866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1130.875304][T29866] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1130.883544][T29866] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1130.891360][T29866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1130.899343][T29866] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1130.907265][T29866] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1130.915297][T29866] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1130.923108][T29866]  </TASK>
06:33:28 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:28 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x75}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', r0, 0x2f, 0x8, 0xde, 0x1f, 0x30, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7, 0x10, 0x1ff, 0x2}})

06:33:28 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:28 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x6, 0xfffffffffffffffa, 0x2, 0x5, 0x40d5, 0x9, 0x9, 0x5}, &(0x7f0000000040)={0x7, 0x9, 0x1f, 0x0, 0x3, 0x8, 0x800, 0x8}, &(0x7f0000000080)={0xffffffff, 0x10001, 0x642, 0x3, 0xffffffffffffffff, 0x400, 0x8000}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0xb33]}, 0x8}) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:28 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

[ 1131.125786][T29885] FAULT_INJECTION: forcing a failure.
[ 1131.125786][T29885] name failslab, interval 1, probability 0, space 0, times 0
[ 1131.138525][T29885] CPU: 1 PID: 29885 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1131.148590][T29885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1131.158483][T29885] Call Trace:
[ 1131.161614][T29885]  <TASK>
[ 1131.164386][T29885]  dump_stack_lvl+0x151/0x1b7
[ 1131.168929][T29885]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1131.174292][T29885]  ? _raw_spin_lock+0xa3/0x1b0
[ 1131.178877][T29885]  ? mntput+0x5c/0xc0
[ 1131.182695][T29885]  dump_stack+0x15/0x17
[ 1131.186700][T29885]  should_fail+0x3c0/0x510
[ 1131.190953][T29885]  __should_failslab+0x9f/0xe0
[ 1131.195662][T29885]  should_failslab+0x9/0x20
[ 1131.200147][T29885]  kmem_cache_alloc+0x4f/0x2f0
[ 1131.204736][T29885]  ? create_user_ns+0x59f/0x19b0
[ 1131.209621][T29885]  create_user_ns+0x59f/0x19b0
[ 1131.214580][T29885]  ? utsns_owner+0x40/0x40
[ 1131.219504][T29885]  ? security_prepare_creds+0x149/0x160
[ 1131.224873][T29885]  ? prepare_creds+0x485/0x690
[ 1131.229485][T29885]  copy_creds+0x200/0x640
[ 1131.233667][T29885]  copy_process+0x775/0x3250
[ 1131.238243][T29885]  ? __kasan_check_write+0x14/0x20
[ 1131.243193][T29885]  ? proc_fail_nth_write+0x213/0x290
[ 1131.248659][T29885]  ? proc_fail_nth_read+0x220/0x220
[ 1131.253720][T29885]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1131.258641][T29885]  ? vfs_write+0x9af/0x1050
[ 1131.263755][T29885]  ? vmacache_update+0xb7/0x120
[ 1131.268447][T29885]  kernel_clone+0x22d/0x990
[ 1131.272784][T29885]  ? file_end_write+0x1b0/0x1b0
[ 1131.277508][T29885]  ? __kasan_check_write+0x14/0x20
[ 1131.283137][T29885]  ? create_io_thread+0x1e0/0x1e0
[ 1131.288257][T29885]  ? __mutex_lock_slowpath+0x10/0x10
[ 1131.293393][T29885]  __x64_sys_clone+0x289/0x310
[ 1131.298151][T29885]  ? __do_sys_vfork+0x130/0x130
[ 1131.302837][T29885]  ? debug_smp_processor_id+0x17/0x20
[ 1131.308044][T29885]  do_syscall_64+0x44/0xd0
[ 1131.312572][T29885]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1131.318398][T29885] RIP: 0033:0x7f263a8c35a9
[ 1131.322624][T29885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1131.342567][T29885] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1131.350774][T29885] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1131.358580][T29885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1131.366394][T29885] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1131.374201][T29885] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1131.382043][T29885] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1131.390216][T29885]  </TASK>
06:33:28 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
sched_rr_get_interval(0x0, &(0x7f0000000000))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:28 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x75}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', r0, 0x2f, 0x8, 0xde, 0x1f, 0x30, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7, 0x10, 0x1ff, 0x2}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x75}, 0x8) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'}) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', r0, 0x2f, 0x8, 0xde, 0x1f, 0x30, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7, 0x10, 0x1ff, 0x2}}) (async)

06:33:28 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:28 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

06:33:28 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x6, 0xfffffffffffffffa, 0x2, 0x5, 0x40d5, 0x9, 0x9, 0x5}, &(0x7f0000000040)={0x7, 0x9, 0x1f, 0x0, 0x3, 0x8, 0x800, 0x8}, &(0x7f0000000080)={0xffffffff, 0x10001, 0x642, 0x3, 0xffffffffffffffff, 0x400, 0x8000}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0xb33]}, 0x8}) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:28 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:28 executing program 0:
clock_gettime(0x7, &(0x7f0000000000))
clock_gettime(0x4, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

[ 1131.523350][T29900] FAULT_INJECTION: forcing a failure.
[ 1131.523350][T29900] name failslab, interval 1, probability 0, space 0, times 0
[ 1131.537985][T29900] CPU: 0 PID: 29900 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1131.548058][T29900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1131.558163][T29900] Call Trace:
[ 1131.561293][T29900]  <TASK>
[ 1131.564061][T29900]  dump_stack_lvl+0x151/0x1b7
[ 1131.568578][T29900]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1131.573874][T29900]  dump_stack+0x15/0x17
[ 1131.577860][T29900]  should_fail+0x3c0/0x510
[ 1131.582353][T29900]  __should_failslab+0x9f/0xe0
[ 1131.586946][T29900]  should_failslab+0x9/0x20
[ 1131.591373][T29900]  kmem_cache_alloc+0x4f/0x2f0
[ 1131.596057][T29900]  ? vm_area_dup+0x26/0x1d0
[ 1131.600402][T29900]  vm_area_dup+0x26/0x1d0
[ 1131.604568][T29900]  dup_mmap+0x6b8/0xea0
[ 1131.608559][T29900]  ? __delayed_free_task+0x20/0x20
[ 1131.614823][T29900]  ? mm_init+0x807/0x960
[ 1131.618975][T29900]  dup_mm+0x91/0x330
[ 1131.622794][T29900]  copy_mm+0x108/0x1b0
[ 1131.626699][T29900]  copy_process+0x1295/0x3250
[ 1131.631221][T29900]  ? proc_fail_nth_write+0x213/0x290
[ 1131.636421][T29900]  ? proc_fail_nth_read+0x220/0x220
[ 1131.641629][T29900]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1131.647186][T29900]  ? vfs_write+0x9af/0x1050
[ 1131.652177][T29900]  ? vmacache_update+0xb7/0x120
[ 1131.656818][T29900]  kernel_clone+0x22d/0x990
[ 1131.661362][T29900]  ? file_end_write+0x1b0/0x1b0
[ 1131.666047][T29900]  ? __kasan_check_write+0x14/0x20
[ 1131.670990][T29900]  ? create_io_thread+0x1e0/0x1e0
[ 1131.675850][T29900]  ? __mutex_lock_slowpath+0x10/0x10
[ 1131.681855][T29900]  __x64_sys_clone+0x289/0x310
[ 1131.686440][T29900]  ? __do_sys_vfork+0x130/0x130
[ 1131.691306][T29900]  ? debug_smp_processor_id+0x17/0x20
[ 1131.696605][T29900]  do_syscall_64+0x44/0xd0
[ 1131.700946][T29900]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1131.706783][T29900] RIP: 0033:0x7f263a8c35a9
[ 1131.711486][T29900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1131.731580][T29900] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1131.739982][T29900] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1131.748229][T29900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1131.756263][T29900] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1131.764063][T29900] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1131.771889][T29900] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1131.779703][T29900]  </TASK>
06:33:29 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:29 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x75}, 0x8) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', r0, 0x2f, 0x8, 0xde, 0x1f, 0x30, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7, 0x10, 0x1ff, 0x2}})

06:33:29 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, 0x0, 0x0)

06:33:29 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

06:33:29 executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x5, &(0x7f0000000040)=0x1)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x8e}, 0x5d)

[ 1131.973468][T29914] FAULT_INJECTION: forcing a failure.
[ 1131.973468][T29914] name failslab, interval 1, probability 0, space 0, times 0
[ 1131.986395][T29914] CPU: 0 PID: 29914 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1131.996542][T29914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1132.006492][T29914] Call Trace:
[ 1132.009561][T29914]  <TASK>
[ 1132.012344][T29914]  dump_stack_lvl+0x151/0x1b7
[ 1132.016878][T29914]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1132.022148][T29914]  dump_stack+0x15/0x17
[ 1132.026400][T29914]  should_fail+0x3c0/0x510
[ 1132.030650][T29914]  __should_failslab+0x9f/0xe0
[ 1132.035367][T29914]  should_failslab+0x9/0x20
[ 1132.039690][T29914]  kmem_cache_alloc+0x4f/0x2f0
[ 1132.044372][T29914]  ? vm_area_dup+0x26/0x1d0
[ 1132.048713][T29914]  ? __kasan_check_read+0x11/0x20
[ 1132.053597][T29914]  vm_area_dup+0x26/0x1d0
[ 1132.057763][T29914]  dup_mmap+0x6b8/0xea0
[ 1132.061735][T29914]  ? __delayed_free_task+0x20/0x20
[ 1132.067127][T29914]  ? mm_init+0x807/0x960
[ 1132.071191][T29914]  dup_mm+0x91/0x330
[ 1132.075098][T29914]  copy_mm+0x108/0x1b0
[ 1132.079006][T29914]  copy_process+0x1295/0x3250
[ 1132.084122][T29914]  ? proc_fail_nth_write+0x213/0x290
[ 1132.089719][T29914]  ? proc_fail_nth_read+0x220/0x220
[ 1132.094841][T29914]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1132.099791][T29914]  ? vfs_write+0x9af/0x1050
[ 1132.104123][T29914]  ? vmacache_update+0xb7/0x120
[ 1132.108811][T29914]  kernel_clone+0x22d/0x990
[ 1132.113238][T29914]  ? file_end_write+0x1b0/0x1b0
[ 1132.118098][T29914]  ? __kasan_check_write+0x14/0x20
[ 1132.123044][T29914]  ? create_io_thread+0x1e0/0x1e0
[ 1132.127948][T29914]  ? __mutex_lock_slowpath+0x10/0x10
[ 1132.133136][T29914]  __x64_sys_clone+0x289/0x310
[ 1132.137740][T29914]  ? __do_sys_vfork+0x130/0x130
[ 1132.142513][T29914]  ? debug_smp_processor_id+0x17/0x20
[ 1132.147723][T29914]  do_syscall_64+0x44/0xd0
[ 1132.152361][T29914]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1132.158171][T29914] RIP: 0033:0x7f263a8c35a9
[ 1132.162421][T29914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1132.182617][T29914] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1132.191872][T29914] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1132.199877][T29914] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1132.207788][T29914] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1132.215881][T29914] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:29 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
sched_rr_get_interval(0x0, &(0x7f0000000000)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:29 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, 0x0, 0x0)

06:33:29 executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x5, &(0x7f0000000040)=0x1)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x8e}, 0x5d)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x5, &(0x7f0000000040)=0x1) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x8e}, 0x5d) (async)

06:33:29 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

06:33:29 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, 0x0, 0x0)

[ 1132.224207][T29914] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1132.232157][T29914]  </TASK>
[ 1132.249264][T29921] FAULT_INJECTION: forcing a failure.
[ 1132.249264][T29921] name failslab, interval 1, probability 0, space 0, times 0
[ 1132.262784][T29921] CPU: 0 PID: 29921 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
06:33:29 executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x5, &(0x7f0000000040)=0x1) (async, rerun: 32)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x8e}, 0x5d) (rerun: 32)

[ 1132.272867][T29921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1132.282749][T29921] Call Trace:
[ 1132.285877][T29921]  <TASK>
[ 1132.288685][T29921]  dump_stack_lvl+0x151/0x1b7
[ 1132.293161][T29921]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1132.298460][T29921]  ? __register_sysctl_table+0x1264/0x1330
[ 1132.304103][T29921]  dump_stack+0x15/0x17
[ 1132.308177][T29921]  should_fail+0x3c0/0x510
[ 1132.312432][T29921]  ? alloc_ucounts+0x161/0x4e0
[ 1132.317032][T29921]  __should_failslab+0x9f/0xe0
[ 1132.321629][T29921]  should_failslab+0x9/0x20
[ 1132.325971][T29921]  kmem_cache_alloc_trace+0x4a/0x310
[ 1132.331090][T29921]  ? utsns_owner+0x40/0x40
[ 1132.335345][T29921]  alloc_ucounts+0x161/0x4e0
[ 1132.339793][T29921]  copy_creds+0x345/0x640
[ 1132.343940][T29921]  copy_process+0x775/0x3250
[ 1132.348469][T29921]  ? __kasan_check_write+0x14/0x20
[ 1132.353393][T29921]  ? proc_fail_nth_write+0x213/0x290
[ 1132.358517][T29921]  ? proc_fail_nth_read+0x220/0x220
[ 1132.363773][T29921]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1132.368864][T29921]  ? vfs_write+0x9af/0x1050
[ 1132.373195][T29921]  ? vmacache_update+0xb7/0x120
[ 1132.377880][T29921]  kernel_clone+0x22d/0x990
[ 1132.382306][T29921]  ? file_end_write+0x1b0/0x1b0
[ 1132.387263][T29921]  ? __kasan_check_write+0x14/0x20
[ 1132.392449][T29921]  ? create_io_thread+0x1e0/0x1e0
[ 1132.397476][T29921]  ? __mutex_lock_slowpath+0x10/0x10
[ 1132.402965][T29921]  __x64_sys_clone+0x289/0x310
[ 1132.407564][T29921]  ? __do_sys_vfork+0x130/0x130
[ 1132.412247][T29921]  ? debug_smp_processor_id+0x17/0x20
[ 1132.417470][T29921]  do_syscall_64+0x44/0xd0
[ 1132.422212][T29921]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1132.428999][T29921] RIP: 0033:0x7f263a8c35a9
[ 1132.433763][T29921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1132.453298][T29921] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1132.462241][T29921] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
06:33:29 executing program 0:
clock_gettime(0x7, &(0x7f0000000000))
clock_gettime(0x4, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x7, &(0x7f0000000000)) (async)
clock_gettime(0x4, &(0x7f0000000080)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

[ 1132.470053][T29921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1132.477980][T29921] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1132.486752][T29921] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1132.494824][T29921] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1132.502641][T29921]  </TASK>
06:33:29 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kyber_latency\x00', r0}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000240)=0x5, 0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r0, 0x8002af76, &(0x7f0000000000))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042bbd70fbdf114a464df5690040000180060001000a0000000800070090cafe68263fb78920e0616f3888129ecf501cbc432d749073851115b1b98ba6119f598d0a332bb4a9030948d982b2a7e15d63d5f94dc31d017471f34ba0cbaf550070397f7107ec99a6b44e18f050e445d37f6dc10bc92ad9eb7c8c5f7df1db7afc10ae01a5c89f83455e35014252f2d75cb068bbc3e336b63de6981f3cb7038d73d70f0000", @ANYRES32=0x0, @ANYBLOB="14000400fc02000000000000000000000000000108000300e0000002060001000200000008000700", @ANYRES32=0x0, @ANYBLOB="08000300060000000800030008000000080003000500000008000300030000000800020005000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4008000}, 0x200440c4)

06:33:29 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040), 0x8)

06:33:29 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

06:33:29 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:29 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0xb6, 0xffffffffffffff34, 0x3, 0x8, 0x3, 0x5, 0x0, 0x8}, &(0x7f0000000040)={0x40, 0xffffffffffffffc1, 0x8, 0x798ddcb6, 0x33e, 0x3, 0x3, 0x80000001}, &(0x7f0000000080)={0x7, 0x5, 0x1, 0x7, 0x4, 0x5, 0x6d, 0x40000000}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x2ff1]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:29 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kyber_latency\x00', r0}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000240)=0x5, 0x4) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r0, 0x8002af76, &(0x7f0000000000)) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042bbd70fbdf114a464df5690040000180060001000a0000000800070090cafe68263fb78920e0616f3888129ecf501cbc432d749073851115b1b98ba6119f598d0a332bb4a9030948d982b2a7e15d63d5f94dc31d017471f34ba0cbaf550070397f7107ec99a6b44e18f050e445d37f6dc10bc92ad9eb7c8c5f7df1db7afc10ae01a5c89f83455e35014252f2d75cb068bbc3e336b63de6981f3cb7038d73d70f0000", @ANYRES32=0x0, @ANYBLOB="14000400fc02000000000000000000000000000108000300e0000002060001000200000008000700", @ANYRES32=0x0, @ANYBLOB="08000300060000000800030008000000080003000500000008000300030000000800020005000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4008000}, 0x200440c4)

06:33:30 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040), 0x8)

[ 1132.807648][T29940] FAULT_INJECTION: forcing a failure.
[ 1132.807648][T29940] name failslab, interval 1, probability 0, space 0, times 0
[ 1132.822746][T29940] CPU: 0 PID: 29940 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1132.832862][T29940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1132.842747][T29940] Call Trace:
[ 1132.845976][T29940]  <TASK>
[ 1132.848725][T29940]  dump_stack_lvl+0x151/0x1b7
06:33:30 executing program 5:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:30 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, 0x0)
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x21, &(0x7f0000000040), 0x8)

[ 1132.853238][T29940]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1132.858617][T29940]  ? __register_sysctl_table+0x1264/0x1330
[ 1132.864500][T29940]  dump_stack+0x15/0x17
[ 1132.868424][T29940]  should_fail+0x3c0/0x510
[ 1132.872694][T29940]  ? alloc_ucounts+0x161/0x4e0
[ 1132.877452][T29940]  __should_failslab+0x9f/0xe0
[ 1132.882051][T29940]  should_failslab+0x9/0x20
[ 1132.886413][T29940]  kmem_cache_alloc_trace+0x4a/0x310
[ 1132.891509][T29940]  ? utsns_owner+0x40/0x40
[ 1132.895937][T29940]  alloc_ucounts+0x161/0x4e0
[ 1132.900366][T29940]  copy_creds+0x345/0x640
[ 1132.904531][T29940]  copy_process+0x775/0x3250
[ 1132.909188][T29940]  ? __kasan_check_write+0x14/0x20
[ 1132.914352][T29940]  ? proc_fail_nth_write+0x213/0x290
[ 1132.919453][T29940]  ? proc_fail_nth_read+0x220/0x220
[ 1132.924633][T29940]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1132.929526][T29940]  ? vfs_write+0x9af/0x1050
[ 1132.933862][T29940]  ? vmacache_update+0xb7/0x120
[ 1132.938649][T29940]  kernel_clone+0x22d/0x990
[ 1132.942971][T29940]  ? file_end_write+0x1b0/0x1b0
[ 1132.947671][T29940]  ? __kasan_check_write+0x14/0x20
[ 1132.952608][T29940]  ? create_io_thread+0x1e0/0x1e0
[ 1132.957468][T29940]  ? __mutex_lock_slowpath+0x10/0x10
[ 1132.962587][T29940]  __x64_sys_clone+0x289/0x310
[ 1132.967208][T29940]  ? __do_sys_vfork+0x130/0x130
[ 1132.971977][T29940]  ? debug_smp_processor_id+0x17/0x20
[ 1132.977277][T29940]  do_syscall_64+0x44/0xd0
[ 1132.981508][T29940]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1132.987412][T29940] RIP: 0033:0x7f263a8c35a9
[ 1132.992182][T29940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1133.011846][T29940] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1133.020182][T29940] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1133.027991][T29940] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1133.035803][T29940] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1133.043639][T29940] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1133.051600][T29940] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1133.059588][T29940]  </TASK>
06:33:30 executing program 0:
clock_gettime(0x7, &(0x7f0000000000))
clock_gettime(0x4, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x7, &(0x7f0000000000)) (async)
clock_gettime(0x4, &(0x7f0000000080)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

06:33:30 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, 0x0)
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:30 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

06:33:30 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kyber_latency\x00', r0}, 0x10) (async, rerun: 64)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (rerun: 64)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000240)=0x5, 0x4) (async, rerun: 32)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async, rerun: 32)
ioctl$VHOST_VDPA_GET_VRING_NUM(r0, 0x8002af76, &(0x7f0000000000)) (async, rerun: 32)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8) (rerun: 32)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042bbd70fbdf114a464df5690040000180060001000a0000000800070090cafe68263fb78920e0616f3888129ecf501cbc432d749073851115b1b98ba6119f598d0a332bb4a9030948d982b2a7e15d63d5f94dc31d017471f34ba0cbaf550070397f7107ec99a6b44e18f050e445d37f6dc10bc92ad9eb7c8c5f7df1db7afc10ae01a5c89f83455e35014252f2d75cb068bbc3e336b63de6981f3cb7038d73d70f0000", @ANYRES32=0x0, @ANYBLOB="14000400fc02000000000000000000000000000108000300e0000002060001000200000008000700", @ANYRES32=0x0, @ANYBLOB="08000300060000000800030008000000080003000500000008000300030000000800020005000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4008000}, 0x200440c4)

06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1133.365854][T29969] FAULT_INJECTION: forcing a failure.
[ 1133.365854][T29969] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.378488][T29969] CPU: 0 PID: 29969 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1133.389955][T29969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1133.400205][T29969] Call Trace:
[ 1133.403359][T29969]  <TASK>
[ 1133.406099][T29969]  dump_stack_lvl+0x151/0x1b7
[ 1133.410616][T29969]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1133.415998][T29969]  dump_stack+0x15/0x17
[ 1133.420617][T29969]  should_fail+0x3c0/0x510
[ 1133.424852][T29969]  __should_failslab+0x9f/0xe0
[ 1133.429538][T29969]  should_failslab+0x9/0x20
[ 1133.433885][T29969]  kmem_cache_alloc+0x4f/0x2f0
[ 1133.438488][T29969]  ? vm_area_dup+0x26/0x1d0
[ 1133.442925][T29969]  ? __kasan_check_read+0x11/0x20
[ 1133.447784][T29969]  vm_area_dup+0x26/0x1d0
[ 1133.451949][T29969]  dup_mmap+0x6b8/0xea0
[ 1133.456027][T29969]  ? __delayed_free_task+0x20/0x20
[ 1133.460972][T29969]  ? mm_init+0x807/0x960
[ 1133.465053][T29969]  dup_mm+0x91/0x330
[ 1133.468788][T29969]  copy_mm+0x108/0x1b0
[ 1133.472805][T29969]  copy_process+0x1295/0x3250
[ 1133.478118][T29969]  ? proc_fail_nth_write+0x213/0x290
[ 1133.483221][T29969]  ? proc_fail_nth_read+0x220/0x220
[ 1133.488261][T29969]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1133.493200][T29969]  ? vfs_write+0x9af/0x1050
[ 1133.497729][T29969]  ? vmacache_update+0xb7/0x120
[ 1133.502406][T29969]  kernel_clone+0x22d/0x990
[ 1133.506745][T29969]  ? file_end_write+0x1b0/0x1b0
[ 1133.511492][T29969]  ? __kasan_check_write+0x14/0x20
[ 1133.516390][T29969]  ? create_io_thread+0x1e0/0x1e0
[ 1133.521247][T29969]  ? __mutex_lock_slowpath+0x10/0x10
[ 1133.526362][T29969]  __x64_sys_clone+0x289/0x310
[ 1133.531058][T29969]  ? __do_sys_vfork+0x130/0x130
[ 1133.535746][T29969]  ? debug_smp_processor_id+0x17/0x20
[ 1133.540941][T29969]  do_syscall_64+0x44/0xd0
[ 1133.545208][T29969]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.551099][T29969] RIP: 0033:0x7f263a8c35a9
[ 1133.555523][T29969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1133.575055][T29969] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1133.583385][T29969] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1133.591195][T29969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1133.599096][T29969] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1133.606901][T29969] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:30 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0xb6, 0xffffffffffffff34, 0x3, 0x8, 0x3, 0x5, 0x0, 0x8}, &(0x7f0000000040)={0x40, 0xffffffffffffffc1, 0x8, 0x798ddcb6, 0x33e, 0x3, 0x3, 0x80000001}, &(0x7f0000000080)={0x7, 0x5, 0x1, 0x7, 0x4, 0x5, 0x6d, 0x40000000}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x2ff1]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:30 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x4, 0x68, 0x8001}, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000500)=@security={'security\x00', 0xe, 0x4, 0x3c8, 0xffffffff, 0x0, 0x118, 0x0, 0xffffffff, 0xffffffff, 0x330, 0x330, 0x330, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x0, 0xff, 'ip6tnl0\x00', 'nr0\x00', {}, {0xff}, 0x5e, 0x2, 0x12}, 0x0, 0xb8, 0x118, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00', 0xdc}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x1, 0x1, 0x4, 0x2, 0x1], 0x4, 0x7}, {0x4, [0x7, 0x1, 0x2, 0x5, 0x2, 0x5], 0x5, 0x2}}}}, {{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x141, 0x1}}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x6, 0x5, 0x1, 0x3, 0x0, 0x1], 0x4, 0x5}, {0x2, [0x2, 0x1, 0x7, 0x4, 0x4, 0x5], 0x1, 0x1}}}}, {{@ip={@multicast1, @remote, 0xffffffff, 0x0, 'pimreg\x00', 'xfrm0\x00', {}, {0xff}, 0x32, 0x1, 0x2}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ah={{0x30}, {[0x69, 0x86]}}, @common=@unspec=@mac={{0x30}, {@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x2, 0x200}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)

06:33:30 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1133.614805][T29969] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1133.622705][T29969]  </TASK>
[ 1133.655364][T29985] FAULT_INJECTION: forcing a failure.
06:33:30 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, 0x0, 0x0)

06:33:30 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x4, 0x68, 0x8001}, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000500)=@security={'security\x00', 0xe, 0x4, 0x3c8, 0xffffffff, 0x0, 0x118, 0x0, 0xffffffff, 0xffffffff, 0x330, 0x330, 0x330, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x0, 0xff, 'ip6tnl0\x00', 'nr0\x00', {}, {0xff}, 0x5e, 0x2, 0x12}, 0x0, 0xb8, 0x118, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00', 0xdc}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x1, 0x1, 0x4, 0x2, 0x1], 0x4, 0x7}, {0x4, [0x7, 0x1, 0x2, 0x5, 0x2, 0x5], 0x5, 0x2}}}}, {{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x141, 0x1}}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x6, 0x5, 0x1, 0x3, 0x0, 0x1], 0x4, 0x5}, {0x2, [0x2, 0x1, 0x7, 0x4, 0x4, 0x5], 0x1, 0x1}}}}, {{@ip={@multicast1, @remote, 0xffffffff, 0x0, 'pimreg\x00', 'xfrm0\x00', {}, {0xff}, 0x32, 0x1, 0x2}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ah={{0x30}, {[0x69, 0x86]}}, @common=@unspec=@mac={{0x30}, {@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x2, 0x200}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x4, 0x68, 0x8001}, 0xc) (async)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000500)=@security={'security\x00', 0xe, 0x4, 0x3c8, 0xffffffff, 0x0, 0x118, 0x0, 0xffffffff, 0xffffffff, 0x330, 0x330, 0x330, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x0, 0xff, 'ip6tnl0\x00', 'nr0\x00', {}, {0xff}, 0x5e, 0x2, 0x12}, 0x0, 0xb8, 0x118, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00', 0xdc}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x1, 0x1, 0x4, 0x2, 0x1], 0x4, 0x7}, {0x4, [0x7, 0x1, 0x2, 0x5, 0x2, 0x5], 0x5, 0x2}}}}, {{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x141, 0x1}}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x6, 0x5, 0x1, 0x3, 0x0, 0x1], 0x4, 0x5}, {0x2, [0x2, 0x1, 0x7, 0x4, 0x4, 0x5], 0x1, 0x1}}}}, {{@ip={@multicast1, @remote, 0xffffffff, 0x0, 'pimreg\x00', 'xfrm0\x00', {}, {0xff}, 0x32, 0x1, 0x2}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ah={{0x30}, {[0x69, 0x86]}}, @common=@unspec=@mac={{0x30}, {@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x2, 0x200}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428) (async)

[ 1133.655364][T29985] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.662152][T29988] x_tables: duplicate underflow at hook 2
[ 1133.673031][T29985] CPU: 0 PID: 29985 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1133.684846][T29985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1133.694767][T29985] Call Trace:
[ 1133.697860][T29985]  <TASK>
[ 1133.700640][T29985]  dump_stack_lvl+0x151/0x1b7
[ 1133.705157][T29985]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1133.710452][T29985]  dump_stack+0x15/0x17
[ 1133.714203][T29993] x_tables: duplicate underflow at hook 2
[ 1133.714562][T29985]  should_fail+0x3c0/0x510
[ 1133.721112][T29998] x_tables: duplicate underflow at hook 2
[ 1133.724369][T29985]  ? alloc_fdtable+0xaf/0x2b0
[ 1133.724396][T29985]  __should_failslab+0x9f/0xe0
[ 1133.724415][T29985]  should_failslab+0x9/0x20
[ 1133.743702][T29985]  kmem_cache_alloc_trace+0x4a/0x310
[ 1133.748895][T29985]  ? __kasan_check_write+0x14/0x20
[ 1133.753770][T29985]  ? _raw_spin_lock+0xa3/0x1b0
[ 1133.758812][T29985]  alloc_fdtable+0xaf/0x2b0
[ 1133.763129][T29985]  dup_fd+0x781/0xa40
[ 1133.767523][T29985]  ? avc_has_perm+0x16d/0x260
[ 1133.772119][T29985]  copy_files+0xe6/0x200
[ 1133.776175][T29985]  ? perf_event_attrs+0x30/0x30
[ 1133.780947][T29985]  ? dup_task_struct+0xa60/0xa60
[ 1133.785988][T29985]  ? security_task_alloc+0x132/0x150
[ 1133.791106][T29985]  copy_process+0x11e9/0x3250
[ 1133.796339][T29985]  ? proc_fail_nth_write+0x213/0x290
[ 1133.801531][T29985]  ? proc_fail_nth_read+0x220/0x220
[ 1133.806743][T29985]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1133.811764][T29985]  ? vfs_write+0x9af/0x1050
[ 1133.816101][T29985]  ? vmacache_update+0xb7/0x120
[ 1133.820785][T29985]  kernel_clone+0x22d/0x990
[ 1133.825213][T29985]  ? file_end_write+0x1b0/0x1b0
[ 1133.830071][T29985]  ? __kasan_check_write+0x14/0x20
[ 1133.835025][T29985]  ? create_io_thread+0x1e0/0x1e0
[ 1133.839879][T29985]  ? __mutex_lock_slowpath+0x10/0x10
[ 1133.845354][T29985]  __x64_sys_clone+0x289/0x310
[ 1133.850139][T29985]  ? __do_sys_vfork+0x130/0x130
[ 1133.854917][T29985]  ? debug_smp_processor_id+0x17/0x20
[ 1133.860127][T29985]  do_syscall_64+0x44/0xd0
[ 1133.864493][T29985]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.870321][T29985] RIP: 0033:0x7f263a8c35a9
[ 1133.874563][T29985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1133.894001][T29985] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1133.902245][T29985] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1133.910194][T29985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
06:33:31 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, 0x0)
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1133.918089][T29985] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1133.926547][T29985] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1133.934460][T29985] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1133.942287][T29985]  </TASK>
06:33:31 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:31 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, 0x0, 0x0)

06:33:31 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

06:33:31 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async, rerun: 32)
r1 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x4, 0x68, 0x8001}, 0xc) (async)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000500)=@security={'security\x00', 0xe, 0x4, 0x3c8, 0xffffffff, 0x0, 0x118, 0x0, 0xffffffff, 0xffffffff, 0x330, 0x330, 0x330, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x0, 0xff, 'ip6tnl0\x00', 'nr0\x00', {}, {0xff}, 0x5e, 0x2, 0x12}, 0x0, 0xb8, 0x118, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00', 0xdc}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x1, 0x1, 0x4, 0x2, 0x1], 0x4, 0x7}, {0x4, [0x7, 0x1, 0x2, 0x5, 0x2, 0x5], 0x5, 0x2}}}}, {{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x141, 0x1}}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x6, 0x5, 0x1, 0x3, 0x0, 0x1], 0x4, 0x5}, {0x2, [0x2, 0x1, 0x7, 0x4, 0x4, 0x5], 0x1, 0x1}}}}, {{@ip={@multicast1, @remote, 0xffffffff, 0x0, 'pimreg\x00', 'xfrm0\x00', {}, {0xff}, 0x32, 0x1, 0x2}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ah={{0x30}, {[0x69, 0x86]}}, @common=@unspec=@mac={{0x30}, {@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x2, 0x200}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)

[ 1134.210674][T30007] x_tables: duplicate underflow at hook 2
[ 1134.211868][T30010] FAULT_INJECTION: forcing a failure.
[ 1134.211868][T30010] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.228953][T30010] CPU: 1 PID: 30010 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1134.239204][T30010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1134.249080][T30010] Call Trace:
[ 1134.252281][T30010]  <TASK>
[ 1134.255061][T30010]  dump_stack_lvl+0x151/0x1b7
[ 1134.259559][T30010]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1134.264856][T30010]  dump_stack+0x15/0x17
[ 1134.269626][T30010]  should_fail+0x3c0/0x510
[ 1134.274408][T30010]  ? kvmalloc_node+0x82/0x130
[ 1134.279152][T30010]  __should_failslab+0x9f/0xe0
[ 1134.283841][T30010]  should_failslab+0x9/0x20
[ 1134.288181][T30010]  __kmalloc+0x6d/0x350
[ 1134.292799][T30010]  ? __kasan_kmalloc+0x9/0x10
[ 1134.297416][T30010]  kvmalloc_node+0x82/0x130
[ 1134.301759][T30010]  alloc_fdtable+0xea/0x2b0
[ 1134.306206][T30010]  dup_fd+0x781/0xa40
[ 1134.310027][T30010]  ? avc_has_perm+0x16d/0x260
[ 1134.315166][T30010]  copy_files+0xe6/0x200
[ 1134.320150][T30010]  ? perf_event_attrs+0x30/0x30
[ 1134.325272][T30010]  ? dup_task_struct+0xa60/0xa60
[ 1134.331291][T30010]  ? security_task_alloc+0x132/0x150
[ 1134.336411][T30010]  copy_process+0x11e9/0x3250
[ 1134.341347][T30010]  ? proc_fail_nth_write+0x213/0x290
[ 1134.346743][T30010]  ? proc_fail_nth_read+0x220/0x220
[ 1134.351868][T30010]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1134.357099][T30010]  ? vfs_write+0x9af/0x1050
[ 1134.361519][T30010]  ? vmacache_update+0xb7/0x120
[ 1134.366378][T30010]  kernel_clone+0x22d/0x990
[ 1134.370863][T30010]  ? file_end_write+0x1b0/0x1b0
[ 1134.375755][T30010]  ? __kasan_check_write+0x14/0x20
[ 1134.380903][T30010]  ? create_io_thread+0x1e0/0x1e0
[ 1134.386010][T30010]  ? __mutex_lock_slowpath+0x10/0x10
[ 1134.391101][T30010]  __x64_sys_clone+0x289/0x310
[ 1134.395783][T30010]  ? __do_sys_vfork+0x130/0x130
[ 1134.400461][T30010]  ? debug_smp_processor_id+0x17/0x20
[ 1134.405689][T30010]  do_syscall_64+0x44/0xd0
[ 1134.410073][T30010]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1134.415836][T30010] RIP: 0033:0x7f263a8c35a9
[ 1134.420085][T30010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1134.441124][T30010] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1134.449923][T30010] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
06:33:31 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0xb6, 0xffffffffffffff34, 0x3, 0x8, 0x3, 0x5, 0x0, 0x8}, &(0x7f0000000040)={0x40, 0xffffffffffffffc1, 0x8, 0x798ddcb6, 0x33e, 0x3, 0x3, 0x80000001}, &(0x7f0000000080)={0x7, 0x5, 0x1, 0x7, 0x4, 0x5, 0x6d, 0x40000000}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x2ff1]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:31 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={0x0})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:31 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, 0x0, 0x0)

06:33:31 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x10001}, 0xffffffffffffffb1)

06:33:31 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040), 0x8)

06:33:31 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

06:33:31 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040), 0x8)

06:33:31 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x10001}, 0xffffffffffffffb1)

[ 1134.457731][T30010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1134.465621][T30010] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1134.473439][T30010] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1134.482523][T30010] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1134.490571][T30010]  </TASK>
[ 1134.519312][T30026] FAULT_INJECTION: forcing a failure.
[ 1134.519312][T30026] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.532581][T30026] CPU: 0 PID: 30026 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1134.542645][T30026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1134.553015][T30026] Call Trace:
[ 1134.556133][T30026]  <TASK>
[ 1134.559071][T30026]  dump_stack_lvl+0x151/0x1b7
[ 1134.563942][T30026]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1134.570436][T30026]  dump_stack+0x15/0x17
[ 1134.574447][T30026]  should_fail+0x3c0/0x510
[ 1134.578680][T30026]  ? kvmalloc_node+0x82/0x130
[ 1134.583198][T30026]  __should_failslab+0x9f/0xe0
[ 1134.588096][T30026]  should_failslab+0x9/0x20
[ 1134.592420][T30026]  __kmalloc+0x6d/0x350
[ 1134.596414][T30026]  ? kvmalloc_node+0x82/0x130
[ 1134.601261][T30026]  kvmalloc_node+0x82/0x130
[ 1134.605769][T30026]  alloc_fdtable+0x173/0x2b0
[ 1134.610186][T30026]  dup_fd+0x781/0xa40
[ 1134.614017][T30026]  ? avc_has_perm+0x16d/0x260
[ 1134.618770][T30026]  copy_files+0xe6/0x200
[ 1134.622868][T30026]  ? perf_event_attrs+0x30/0x30
[ 1134.627623][T30026]  ? dup_task_struct+0xa60/0xa60
[ 1134.632561][T30026]  ? security_task_alloc+0x132/0x150
[ 1134.637847][T30026]  copy_process+0x11e9/0x3250
[ 1134.643432][T30026]  ? proc_fail_nth_write+0x213/0x290
[ 1134.648735][T30026]  ? proc_fail_nth_read+0x220/0x220
[ 1134.653838][T30026]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1134.658770][T30026]  ? vfs_write+0x9af/0x1050
[ 1134.663119][T30026]  ? vmacache_update+0xb7/0x120
[ 1134.668251][T30026]  kernel_clone+0x22d/0x990
[ 1134.672712][T30026]  ? file_end_write+0x1b0/0x1b0
[ 1134.677504][T30026]  ? __kasan_check_write+0x14/0x20
[ 1134.687858][T30026]  ? create_io_thread+0x1e0/0x1e0
[ 1134.692631][T30026]  ? __mutex_lock_slowpath+0x10/0x10
[ 1134.697770][T30026]  __x64_sys_clone+0x289/0x310
[ 1134.702529][T30026]  ? __do_sys_vfork+0x130/0x130
[ 1134.707221][T30026]  ? debug_smp_processor_id+0x17/0x20
[ 1134.713032][T30026]  do_syscall_64+0x44/0xd0
[ 1134.717369][T30026]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1134.723194][T30026] RIP: 0033:0x7f263a8c35a9
[ 1134.727632][T30026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1134.748262][T30026] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1134.756948][T30026] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
06:33:31 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f0000000000)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:31 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x10001}, 0xffffffffffffffb1)

06:33:31 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1e, &(0x7f0000000040), 0x8)

06:33:31 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder-control\x00', 0x802, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

[ 1134.764753][T30026] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1134.772739][T30026] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1134.780633][T30026] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1134.788628][T30026] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1134.796435][T30026]  </TASK>
06:33:32 executing program 3:
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r0=>0x0})
ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:32 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={0x0})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:32 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

06:33:32 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder-control\x00', 0x802, 0x0) (async)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

06:33:32 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:32 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:32 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, 0x0, 0x0)

[ 1135.187394][T30047] FAULT_INJECTION: forcing a failure.
[ 1135.187394][T30047] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.202648][T30047] CPU: 0 PID: 30047 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1135.212744][T30047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1135.222635][T30047] Call Trace:
[ 1135.225994][T30047]  <TASK>
[ 1135.228989][T30047]  dump_stack_lvl+0x151/0x1b7
[ 1135.233503][T30047]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1135.238995][T30047]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1135.245539][T30047]  dump_stack+0x15/0x17
[ 1135.249617][T30047]  should_fail+0x3c0/0x510
[ 1135.253958][T30047]  __should_failslab+0x9f/0xe0
[ 1135.258558][T30047]  should_failslab+0x9/0x20
[ 1135.262907][T30047]  kmem_cache_alloc+0x4f/0x2f0
[ 1135.267590][T30047]  ? anon_vma_fork+0xf7/0x4f0
[ 1135.272112][T30047]  anon_vma_fork+0xf7/0x4f0
[ 1135.276532][T30047]  ? anon_vma_name+0x4c/0x70
[ 1135.281140][T30047]  dup_mmap+0x750/0xea0
[ 1135.285145][T30047]  ? __delayed_free_task+0x20/0x20
[ 1135.290166][T30047]  ? mm_init+0x807/0x960
[ 1135.294246][T30047]  dup_mm+0x91/0x330
[ 1135.297980][T30047]  copy_mm+0x108/0x1b0
[ 1135.301897][T30047]  copy_process+0x1295/0x3250
[ 1135.306406][T30047]  ? proc_fail_nth_write+0x213/0x290
[ 1135.311518][T30047]  ? proc_fail_nth_read+0x220/0x220
[ 1135.316555][T30047]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1135.321498][T30047]  ? vfs_write+0x9af/0x1050
[ 1135.325837][T30047]  ? vmacache_update+0xb7/0x120
[ 1135.330530][T30047]  kernel_clone+0x22d/0x990
[ 1135.334882][T30047]  ? file_end_write+0x1b0/0x1b0
[ 1135.339565][T30047]  ? __kasan_check_write+0x14/0x20
[ 1135.344583][T30047]  ? create_io_thread+0x1e0/0x1e0
[ 1135.349531][T30047]  ? __mutex_lock_slowpath+0x10/0x10
[ 1135.354653][T30047]  __x64_sys_clone+0x289/0x310
[ 1135.359262][T30047]  ? __do_sys_vfork+0x130/0x130
[ 1135.364122][T30047]  ? debug_smp_processor_id+0x17/0x20
[ 1135.369415][T30047]  do_syscall_64+0x44/0xd0
[ 1135.373659][T30047]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1135.379385][T30047] RIP: 0033:0x7f263a8c35a9
[ 1135.383841][T30047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1135.403379][T30047] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1135.411615][T30047] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1135.419617][T30047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1135.427412][T30047] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1135.436263][T30047] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1135.444074][T30047] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1135.451981][T30047]  </TASK>
06:33:32 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x0, &(0x7f0000000100)) (async)
getpid() (async)
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f0000000000)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

06:33:32 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, 0x0, 0x0)

06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder-control\x00', 0x802, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder-control\x00', 0x802, 0x0) (async)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) (async)

06:33:32 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

06:33:32 executing program 3:
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r0=>0x0})
ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:32 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={0x0})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f0000000000), 0x80)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000100)={0x2020}, 0x2020)

06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000000), 0x80) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
read$FUSE(r1, &(0x7f0000000100)={0x2020}, 0x2020)

[ 1135.658884][T30065] FAULT_INJECTION: forcing a failure.
[ 1135.658884][T30065] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.675986][T30065] CPU: 0 PID: 30065 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1135.686584][T30065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1135.696492][T30065] Call Trace:
[ 1135.699603][T30065]  <TASK>
[ 1135.702378][T30065]  dump_stack_lvl+0x151/0x1b7
06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000000), 0x80) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000100)={0x2020}, 0x2020)

06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socketpair(0x2b, 0x4, 0x7, &(0x7f0000000000))
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f00000001c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop14', 0x4200, 0x104)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4)

[ 1135.706894][T30065]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1135.712273][T30065]  dump_stack+0x15/0x17
[ 1135.716438][T30065]  should_fail+0x3c0/0x510
[ 1135.720692][T30065]  __should_failslab+0x9f/0xe0
[ 1135.725381][T30065]  should_failslab+0x9/0x20
[ 1135.729832][T30065]  kmem_cache_alloc+0x4f/0x2f0
[ 1135.734430][T30065]  ? copy_sighand+0x54/0x250
[ 1135.738885][T30065]  ? _raw_spin_unlock+0x4d/0x70
[ 1135.743633][T30065]  copy_sighand+0x54/0x250
[ 1135.747986][T30065]  copy_process+0x123f/0x3250
[ 1135.752600][T30065]  ? proc_fail_nth_write+0x213/0x290
06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair(0x2b, 0x4, 0x7, &(0x7f0000000000)) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f00000001c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop14', 0x4200, 0x104)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4)

[ 1135.757804][T30065]  ? proc_fail_nth_read+0x220/0x220
[ 1135.762903][T30065]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1135.768201][T30065]  ? vfs_write+0x9af/0x1050
[ 1135.772531][T30065]  ? vmacache_update+0xb7/0x120
[ 1135.777221][T30065]  kernel_clone+0x22d/0x990
[ 1135.781562][T30065]  ? file_end_write+0x1b0/0x1b0
[ 1135.786348][T30065]  ? __kasan_check_write+0x14/0x20
[ 1135.791281][T30065]  ? create_io_thread+0x1e0/0x1e0
[ 1135.796241][T30065]  ? __mutex_lock_slowpath+0x10/0x10
[ 1135.801929][T30065]  __x64_sys_clone+0x289/0x310
06:33:32 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair(0x2b, 0x4, 0x7, &(0x7f0000000000)) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f00000001c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop14', 0x4200, 0x104)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4)

[ 1135.806816][T30065]  ? __do_sys_vfork+0x130/0x130
[ 1135.811511][T30065]  ? debug_smp_processor_id+0x17/0x20
[ 1135.816700][T30065]  do_syscall_64+0x44/0xd0
[ 1135.821589][T30065]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1135.827311][T30065] RIP: 0033:0x7f263a8c35a9
[ 1135.831648][T30065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1135.851518][T30065] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1135.859756][T30065] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1135.867759][T30065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1135.875552][T30065] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1135.883365][T30065] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1135.891173][T30065] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1135.899205][T30065]  </TASK>
06:33:33 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, 0x0, 0x0)

06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000000)=""/27, 0x1b, 0x0, &(0x7f0000000080)=""/68, 0x44}}, 0x10)

06:33:33 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

06:33:33 executing program 3:
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r0=>0x0})
ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:33 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r1, r2+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0x5]}, 0x8})

06:33:33 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000000)=""/27, 0x1b, 0x0, &(0x7f0000000080)=""/68, 0x44}}, 0x10)

06:33:33 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040), 0x8)

06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000000)=""/27, 0x1b, 0x0, &(0x7f0000000080)=""/68, 0x44}}, 0x10)

[ 1136.507574][T30109] FAULT_INJECTION: forcing a failure.
[ 1136.507574][T30109] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.526781][T30109] CPU: 0 PID: 30109 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1136.536893][T30109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1136.547047][T30109] Call Trace:
[ 1136.550169][T30109]  <TASK>
[ 1136.553014][T30109]  dump_stack_lvl+0x151/0x1b7
06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080), 0x8)

06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080), 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080), 0x8) (async)

06:33:33 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080), 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080), 0x8) (async)

[ 1136.557533][T30109]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1136.562832][T30109]  dump_stack+0x15/0x17
[ 1136.566836][T30109]  should_fail+0x3c0/0x510
[ 1136.571071][T30109]  __should_failslab+0x9f/0xe0
[ 1136.575667][T30109]  should_failslab+0x9/0x20
[ 1136.580014][T30109]  kmem_cache_alloc+0x4f/0x2f0
[ 1136.584606][T30109]  ? dup_mm+0x29/0x330
[ 1136.588512][T30109]  dup_mm+0x29/0x330
[ 1136.592244][T30109]  copy_mm+0x108/0x1b0
[ 1136.596152][T30109]  copy_process+0x1295/0x3250
[ 1136.600761][T30109]  ? proc_fail_nth_write+0x213/0x290
[ 1136.606228][T30109]  ? proc_fail_nth_read+0x220/0x220
[ 1136.611393][T30109]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1136.616300][T30109]  ? vfs_write+0x9af/0x1050
[ 1136.620642][T30109]  ? vmacache_update+0xb7/0x120
[ 1136.625321][T30109]  kernel_clone+0x22d/0x990
[ 1136.629668][T30109]  ? file_end_write+0x1b0/0x1b0
[ 1136.634343][T30109]  ? __kasan_check_write+0x14/0x20
[ 1136.639290][T30109]  ? create_io_thread+0x1e0/0x1e0
[ 1136.644147][T30109]  ? __mutex_lock_slowpath+0x10/0x10
[ 1136.649270][T30109]  __x64_sys_clone+0x289/0x310
[ 1136.653871][T30109]  ? __do_sys_vfork+0x130/0x130
[ 1136.659288][T30109]  ? debug_smp_processor_id+0x17/0x20
[ 1136.664510][T30109]  do_syscall_64+0x44/0xd0
[ 1136.668835][T30109]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1136.674547][T30109] RIP: 0033:0x7f263a8c35a9
[ 1136.678890][T30109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1136.698591][T30109] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:33:33 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040), 0x8)

06:33:33 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x1d, &(0x7f0000000040), 0x8)

06:33:33 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

[ 1136.707254][T30109] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1136.715179][T30109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1136.723053][T30109] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1136.730949][T30109] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1136.739307][T30109] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1136.747124][T30109]  </TASK>
[ 1136.777731][T30136] FAULT_INJECTION: forcing a failure.
[ 1136.777731][T30136] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1136.790900][T30136] CPU: 1 PID: 30136 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1136.800947][T30136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1136.810933][T30136] Call Trace:
[ 1136.814053][T30136]  <TASK>
[ 1136.816834][T30136]  dump_stack_lvl+0x151/0x1b7
[ 1136.821345][T30136]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1136.826637][T30136]  ? __kasan_check_write+0x14/0x20
[ 1136.831688][T30136]  ? __set_page_owner+0x2ee/0x310
[ 1136.836631][T30136]  dump_stack+0x15/0x17
[ 1136.840713][T30136]  should_fail+0x3c0/0x510
[ 1136.844965][T30136]  should_fail_alloc_page+0x58/0x70
[ 1136.849991][T30136]  __alloc_pages+0x1de/0x7c0
[ 1136.854420][T30136]  ? __count_vm_events+0x30/0x30
[ 1136.859196][T30136]  ? __count_vm_events+0x30/0x30
[ 1136.864229][T30136]  ? __kasan_check_write+0x14/0x20
[ 1136.869174][T30136]  ? _raw_spin_lock+0xa3/0x1b0
[ 1136.874056][T30136]  __pmd_alloc+0xb1/0x550
[ 1136.878323][T30136]  ? kmem_cache_alloc+0x189/0x2f0
[ 1136.883162][T30136]  ? anon_vma_fork+0x1b9/0x4f0
[ 1136.887765][T30136]  ? __pud_alloc+0x260/0x260
[ 1136.892279][T30136]  ? __pud_alloc+0x218/0x260
[ 1136.896713][T30136]  ? do_handle_mm_fault+0x2370/0x2370
[ 1136.902028][T30136]  copy_page_range+0xd04/0x1090
[ 1136.906775][T30136]  ? pfn_valid+0x1e0/0x1e0
[ 1136.911136][T30136]  dup_mmap+0x99f/0xea0
[ 1136.915126][T30136]  ? __delayed_free_task+0x20/0x20
[ 1136.920091][T30136]  ? mm_init+0x807/0x960
[ 1136.924154][T30136]  dup_mm+0x91/0x330
[ 1136.927883][T30136]  copy_mm+0x108/0x1b0
[ 1136.931793][T30136]  copy_process+0x1295/0x3250
[ 1136.936468][T30136]  ? proc_fail_nth_write+0x213/0x290
[ 1136.941582][T30136]  ? proc_fail_nth_read+0x220/0x220
[ 1136.946708][T30136]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1136.951702][T30136]  ? vfs_write+0x9af/0x1050
[ 1136.956512][T30136]  ? vmacache_update+0xb7/0x120
[ 1136.961201][T30136]  kernel_clone+0x22d/0x990
[ 1136.965622][T30136]  ? file_end_write+0x1b0/0x1b0
[ 1136.970398][T30136]  ? __kasan_check_write+0x14/0x20
[ 1136.975343][T30136]  ? create_io_thread+0x1e0/0x1e0
[ 1136.980302][T30136]  ? __mutex_lock_slowpath+0x10/0x10
[ 1136.985416][T30136]  __x64_sys_clone+0x289/0x310
[ 1136.990009][T30136]  ? __do_sys_vfork+0x130/0x130
[ 1136.994800][T30136]  ? debug_smp_processor_id+0x17/0x20
[ 1137.000010][T30136]  do_syscall_64+0x44/0xd0
[ 1137.004344][T30136]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1137.010109][T30136] RIP: 0033:0x7f263a8c35a9
[ 1137.014326][T30136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1137.034054][T30136] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1137.042820][T30136] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1137.050829][T30136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1137.058636][T30136] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1137.066445][T30136] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1137.074257][T30136] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1137.082441][T30136]  </TASK>
06:33:34 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfbfff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_eat_lsm_opts\x00')

06:33:34 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r1, r2+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0x5]}, 0x8})
clock_gettime(0x0, &(0x7f0000000100)) (async)
getpid() (async)
syz_open_procfs$namespace(r0, 0x0) (async)
sched_rr_get_interval(r0, &(0x7f0000000000)) (async)
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r1, r2+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0x5]}, 0x8}) (async)

06:33:34 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:34 executing program 3:
clock_gettime(0x2, &(0x7f0000000100))
r0 = syz_clone(0x88040800, &(0x7f0000000080)="dab0bd4229a5e370af0b060d882fbfdef8fb00ef8b37d57d7cb171f1d3e8246f014cd3b0d863f7645e98978444de0cae4f", 0x31, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)="607398c72c5e4a9480646b869d205bbc471ef91c8acc99f11e9f0196bbb2e3c9393c4f9905255899e6da60be4d1b445a96bbea40bf3033f31a3e12182de71665c5706f947acf5bb5e302942e847245ed105a137f14e8eda8cda7f1c5908b3c1dded40a350c556b382b6310f07d887a5de952bd1177f5e94b77d139274e94df9a416bdd87da170449c213f1279becb840d0674e2bd577a6a4f8c04f605821c23754582e8a63")
sched_rr_get_interval(r0, &(0x7f0000000280))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040)={&(0x7f0000000000)={[0x7e]}, 0x8})

06:33:34 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

06:33:34 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfbfff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_eat_lsm_opts\x00')

06:33:34 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:34 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1137.362951][T30142] FAULT_INJECTION: forcing a failure.
[ 1137.362951][T30142] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1137.378841][T30142] CPU: 1 PID: 30142 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1137.389010][T30142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1137.399081][T30142] Call Trace:
[ 1137.402305][T30142]  <TASK>
[ 1137.405067][T30142]  dump_stack_lvl+0x151/0x1b7
06:33:34 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:34 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfbfff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_eat_lsm_opts\x00')

[ 1137.409594][T30142]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1137.414883][T30142]  ? pcpu_block_update_hint_alloc+0x972/0xd00
[ 1137.420862][T30142]  dump_stack+0x15/0x17
[ 1137.425122][T30142]  should_fail+0x3c0/0x510
[ 1137.429367][T30142]  should_fail_alloc_page+0x58/0x70
[ 1137.434501][T30142]  __alloc_pages+0x1de/0x7c0
[ 1137.438918][T30142]  ? __count_vm_events+0x30/0x30
[ 1137.444297][T30142]  __get_free_pages+0xe/0x30
[ 1137.448721][T30142]  pgd_alloc+0x22/0x2c0
[ 1137.452715][T30142]  mm_init+0x5bf/0x960
[ 1137.456709][T30142]  dup_mm+0x7d/0x330
06:33:34 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, &(0x7f0000000040), ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)

06:33:34 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, &(0x7f0000000040), ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4}, 0x8) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, &(0x7f0000000040), ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10) (async)

06:33:34 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, 0x0, 0x0)

[ 1137.460437][T30142]  copy_mm+0x108/0x1b0
[ 1137.465558][T30142]  copy_process+0x1295/0x3250
[ 1137.470076][T30142]  ? proc_fail_nth_write+0x213/0x290
[ 1137.475193][T30142]  ? proc_fail_nth_read+0x220/0x220
[ 1137.480233][T30142]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1137.485349][T30142]  ? vfs_write+0x9af/0x1050
[ 1137.489686][T30142]  ? vmacache_update+0xb7/0x120
[ 1137.494896][T30142]  kernel_clone+0x22d/0x990
[ 1137.499250][T30142]  ? file_end_write+0x1b0/0x1b0
[ 1137.503921][T30142]  ? __kasan_check_write+0x14/0x20
[ 1137.508948][T30142]  ? create_io_thread+0x1e0/0x1e0
[ 1137.513904][T30142]  ? __mutex_lock_slowpath+0x10/0x10
[ 1137.519118][T30142]  __x64_sys_clone+0x289/0x310
[ 1137.523972][T30142]  ? __do_sys_vfork+0x130/0x130
[ 1137.528796][T30142]  ? debug_smp_processor_id+0x17/0x20
[ 1137.534086][T30142]  do_syscall_64+0x44/0xd0
[ 1137.538338][T30142]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1137.544440][T30142] RIP: 0033:0x7f263a8c35a9
[ 1137.548898][T30142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1137.568899][T30142] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1137.577205][T30142] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1137.585133][T30142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1137.593388][T30142] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1137.601318][T30142] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:34 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0) (async, rerun: 64)
sched_rr_get_interval(r0, &(0x7f0000000000)) (rerun: 64)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={r1, r2+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0x5]}, 0x8})

06:33:34 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, 0x0, 0x0)

[ 1137.609116][T30142] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1137.616948][T30142]  </TASK>
06:33:35 executing program 3:
clock_gettime(0x2, &(0x7f0000000100)) (async)
r0 = syz_clone(0x88040800, &(0x7f0000000080)="dab0bd4229a5e370af0b060d882fbfdef8fb00ef8b37d57d7cb171f1d3e8246f014cd3b0d863f7645e98978444de0cae4f", 0x31, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)="607398c72c5e4a9480646b869d205bbc471ef91c8acc99f11e9f0196bbb2e3c9393c4f9905255899e6da60be4d1b445a96bbea40bf3033f31a3e12182de71665c5706f947acf5bb5e302942e847245ed105a137f14e8eda8cda7f1c5908b3c1dded40a350c556b382b6310f07d887a5de952bd1177f5e94b77d139274e94df9a416bdd87da170449c213f1279becb840d0674e2bd577a6a4f8c04f605821c23754582e8a63")
sched_rr_get_interval(r0, &(0x7f0000000280)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040)={&(0x7f0000000000)={[0x7e]}, 0x8})

06:33:35 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, &(0x7f0000000040), ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4}, 0x8) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, &(0x7f0000000040), ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10) (async)

06:33:35 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, 0x0, 0x0)

06:33:35 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

06:33:35 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:35 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040), 0x8)

06:33:35 executing program 2:
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000000))
r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f00000000c0)=0x10, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x418, 0x110, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000100), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast1, @local, 0xd, 0x1}}}, {{@arp={@broadcast, @dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xffffffff, 0x8, 0x4, {@mac=@multicast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff]}}, 0x8001, 0x20, 0xffff, 0x2, 0x4, 0x3, 'bond_slave_1\x00', '\x00', {0xff}, {0xff}, 0x0, 0x1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @broadcast, @rand_addr=0x64010102, 0x2, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast, @local, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000700)={'filter\x00', 0x0, 0x3, 0xbe, [0x1ff, 0x7fffffff, 0x4, 0x1, 0x6, 0x9], 0x8, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000640)=""/190}, &(0x7f0000000780)=0x78)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x8, 0x50, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000007c0)="e8a75d1b89578a4580b23aaa49bf0ad962f8a5f6d6376a8bb1eb2c73543919b9906c7f85baf70062c0121325c92f8b2386a0c860d6fa29bdab9ebedb2f43228d511563c9890430f6", 0x0, 0x48)

06:33:35 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040), 0x8)

06:33:35 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040), 0x8)

[ 1138.207032][T30186] FAULT_INJECTION: forcing a failure.
[ 1138.207032][T30186] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1138.223644][T30186] CPU: 1 PID: 30186 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1138.233910][T30186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1138.244323][T30186] Call Trace:
[ 1138.247445][T30186]  <TASK>
[ 1138.250378][T30186]  dump_stack_lvl+0x151/0x1b7
06:33:35 executing program 2:
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0) (async)
sched_rr_get_interval(r0, &(0x7f0000000000))
r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f00000000c0)=0x10, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x418, 0x110, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000100), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast1, @local, 0xd, 0x1}}}, {{@arp={@broadcast, @dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xffffffff, 0x8, 0x4, {@mac=@multicast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff]}}, 0x8001, 0x20, 0xffff, 0x2, 0x4, 0x3, 'bond_slave_1\x00', '\x00', {0xff}, {0xff}, 0x0, 0x1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @broadcast, @rand_addr=0x64010102, 0x2, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast, @local, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000700)={'filter\x00', 0x0, 0x3, 0xbe, [0x1ff, 0x7fffffff, 0x4, 0x1, 0x6, 0x9], 0x8, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000640)=""/190}, &(0x7f0000000780)=0x78)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x8, 0x50, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000007c0)="e8a75d1b89578a4580b23aaa49bf0ad962f8a5f6d6376a8bb1eb2c73543919b9906c7f85baf70062c0121325c92f8b2386a0c860d6fa29bdab9ebedb2f43228d511563c9890430f6", 0x0, 0x48)

[ 1138.255222][T30186]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1138.260606][T30186]  ? pcpu_block_update_hint_alloc+0x972/0xd00
[ 1138.266510][T30186]  dump_stack+0x15/0x17
[ 1138.270502][T30186]  should_fail+0x3c0/0x510
[ 1138.274787][T30186]  should_fail_alloc_page+0x58/0x70
[ 1138.280215][T30186]  __alloc_pages+0x1de/0x7c0
[ 1138.284739][T30186]  ? __count_vm_events+0x30/0x30
[ 1138.289510][T30186]  __get_free_pages+0xe/0x30
[ 1138.294031][T30186]  pgd_alloc+0x22/0x2c0
[ 1138.298012][T30186]  mm_init+0x5bf/0x960
[ 1138.301915][T30186]  dup_mm+0x7d/0x330
[ 1138.305822][T30186]  copy_mm+0x108/0x1b0
[ 1138.309736][T30186]  copy_process+0x1295/0x3250
[ 1138.314240][T30186]  ? proc_fail_nth_write+0x213/0x290
[ 1138.319356][T30186]  ? proc_fail_nth_read+0x220/0x220
[ 1138.324490][T30186]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1138.329468][T30186]  ? vfs_write+0x9af/0x1050
[ 1138.334146][T30186]  ? vmacache_update+0xb7/0x120
[ 1138.338842][T30186]  kernel_clone+0x22d/0x990
[ 1138.343175][T30186]  ? file_end_write+0x1b0/0x1b0
[ 1138.347879][T30186]  ? __kasan_check_write+0x14/0x20
[ 1138.352890][T30186]  ? create_io_thread+0x1e0/0x1e0
[ 1138.357838][T30186]  ? __mutex_lock_slowpath+0x10/0x10
[ 1138.362959][T30186]  __x64_sys_clone+0x289/0x310
[ 1138.367564][T30186]  ? __do_sys_vfork+0x130/0x130
[ 1138.372420][T30186]  ? debug_smp_processor_id+0x17/0x20
[ 1138.377628][T30186]  do_syscall_64+0x44/0xd0
[ 1138.381880][T30186]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1138.387607][T30186] RIP: 0033:0x7f263a8c35a9
[ 1138.391861][T30186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1138.411389][T30186] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1138.419657][T30186] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1138.427470][T30186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1138.435262][T30186] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1138.443419][T30186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:35 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = syz_clone(0x80000, &(0x7f0000000200)="80c14788b69e3d71b08b09a2348b27fe55ab7261ef567dc2e8b2bb40b69a7d29a7c2af26a5bd7bae4b4223f599893dd06f341ee4582448e6acd218ebfea3b901c7b949af7cf70088544016d46fefd757a52aa9d913676a1dc5283a1bd478f0f3ccf7708a3ee61c6a4bd79ea7ae06573d573660bc96c5a79b9a6916edfee3c06c06b7baa178d9eb9e1b975376c99b7326fe69d7ea38acbe0fe70db1fb900273b9151a957a8f4e17045c399e62b695850304da43727330d8064f97a0067b29c79b69e0b98b1479002b31ed488811089777fd1c9b09e653e5930ace0d68ef4e7ab76a8aa8afa2c57722a8fe71a6983bda2814c677f78074df47f5596fdf194598686eed9b517876f2569e61c2cbf0084bec84adbac1646ed39836b2f621a7bb8e7d38f8698156d79683352e22cf5f4f35d4c60a7d5aac659cf5390583f176a35ab93476026feb5c3ff165d66332399be23eb0b87d64787b1f1b648262c4a524508aeb86698b51fa7b4631f5d645064b4fe33c53afcb239d5efdf5f8244ca1e8a12febae8f81b40b5c6bdc94d8407bea0fda09186540ca06533d99d50c99a07ccaceaf91fe95237e5989296a6173aad8ccea91bd0f0cabe2e8fb8564a03d3f564954db917c53820d96885badc124fb3ae8282b162852a1a5ac2f5cf8421350779b83a6ff4a5a63f6865240dccb6c8a8c3a8b48fc44b21d81c39025101f7a3ab5a886c821ecefcad64516974ea4e9453f9a6ab673227a2daec49dfe28fb5404a2676064ffcce560ae53071c261c6078d993608899b368a96cd527a9578ea134d92eefc4a16f63f701eff5e0726a0f8425370aacbe2b00311088aaa1fa335d9e84fe6300f8403402b5edd0a76e24974fcc22a5355ee759e1cebd64f8ed368cdf8474f6a5ec7a55889e4ca94018edbdd6deb910630993e7a6fcf2093df47fd6e334ecd69452c7e138cb8fa77db0aa7b8877d370f8586b11fd8e9c1eb1648536eb9bcc98e102484ef3c84c34d3230b4f439694a18b3c4d12182aa830f1729ac007bca6efe0e5b8a12c8c43c8c7af6e0cafc39e9aed7eea820621056d60f2d75c6ffd4650a5de76d30135851fcac372d610bfb8ac600c936020a3dc95ae37551f120dda044b70fe36f32edaf68b46b00c5c9c19647cff08b23946415ed6298f0caff290fdea3048552e208f7e261bfd26dc0f0143b53c98f0d7d749e54f4f5284551d8da5f8480fa4772466260b63c52465e9708311babaa4a2d64e23829d90cc52dd495b9d9fe03e307852f2921abc96dc15593b01234627ba259485aec30963603098ee8666797f43e5ee58e0a127b971c6739c8e11b7405d57e7f329e0744fa0d901bff662e3bc0c78d4cd1488a98c813b7f08ec91cd6bec51c5422df770ad37e4c67f4f1abe021d759584c5c9b215ab1697b007452682a77fc9dd9dd4490f887a914d2beb140d005fab2ed8c16682343be8d70eb5ea22b6e9300b846a00b22c5914943ddc5f166eb72b38426f5c5059fb36051a74c39fdca05e36eecd5a0084f820c064c7596ca9bf99823ba2961998ea7ed9f92fe266d7f1b1b48e469638dc8595c964a22b62c71deee133f33898c4f08844181bc23d523cc1654f07b8cac6cd4ad483dda01a53f6de6a4a9ffe08a5e63dd1f4510889aa069ffb4920bcf16f0a041ddc70863e29aa1a74f819d38e89983a44acb267aa90cc8f8f5214fec53d702a7395cf45b9f54a278e624e77c31bc37e371edebcc48bc9dccdbb4a148910f53224f467e6560a39fb055b1ab5468bf1f42a89e30164ff0f7fd37945a0964a97ed2b03ce275f4e3626478d474fd2875cea8aa597fd119b9c7e5c925df7521d00d3cad95604deea031e032f8fb94449c1fa9fd08bef784017e71daadd30630d00ea16ebd315ef2b1f6926e65dd909c423920e3e4e49608daf2df97512fe0517de3a23b77003e49b5c117b77011ca6f89531f6d5f7024c05a3b29c1988134ba59ef4d3b51651b66c2d324dacff141467df31c7d48c90d9619454b494daabadfb35e428023da636aa3a84c51747479900704dba5975615e15738f69c44a9d29ab163d338cbc56dfcff7f29af3173864afaef43c2e4f74e78f436eaa2cf21acaa1651e1cd7fe1cec3ddebc6fe877e0f09e693133483b8ea07b9fbfaac9647e167724e07b9002624549ed686074a1fe125dbd347c3cba0e85b7352a50270297efab891be0ed8954098a706a92e53cea798d9c09c05ba7c2f130b0454bfb9f3cf1290f404ab98e8e0dedd69cade65df2db79a4b0f25c1256bc6ef5fd06fa2f6d62835670befa525b4abf38dd05bbdb953240ffb648d9a292b9cdcb6895e678b349ff0c296fd2350e710331dcf40c75d96d47dba40f4778b52e56ca63211a0700980d87a0968e2ef83999fa178f572af34397790fdd57e4a37e285cee120cad7f231e953ab25c85d7287c0454c25dfde26119345b564e4ffaa91b915c42a2abe2fe31f9827719ce6ac7de6dadb9492afbbfb0de36126ddf88c7f2dcda068fa56950fba3870ea4ce7ab84a9613b7c49df307aeb1688c2df8adf211d97dba7472673c838730c94b827304cfdfc38c9f9ec6b2b22ac13abea94ee0d3673e26ddf9c5fa6fbfc1fe2741fdcd2a2bb6a066b0e6c8e31e39c92dbbf28d1d6da916f287f33d7266cfb3c08371a4f2953c8b4e4902f4be6de11656f764f7e73d957063b32db23314c9909fde807dbdeccf97259fbcfc0afaabf9fbc2ad4f88eb4e87d13cd9e66d32f190e25c67e14ec0f0497ff411c4bc9f95dee4d88e85e8c6f48ca255300b22d29dc64e5ac83edb39d86613285478b9508b10aa5fd1ddcc2ea06e4b714988000d07106ca00566d64ede0941b6c049de63c15603a9a8cb5c33224293f5d8f6f5940738501415320177a2f14dd73e69c1495ee183052d902bda00d80261c69f1eece4f54984d77ce9047470d2acd716eb77c35f19bf6903473e8aef7eb9696717d1469838db968bbe8fd6279ebeea6364a0f30939b6e2796ce9d67f05e5c75decc399cacc90003c7a85ce1db7f19950faa6e20c6ecf0929d91de6648de639ad7dda4ecfa0aa00ef6852d07aac4d2cbb4f3dd4253762cfb02d0238cb376291e60c4b45648889cf9b25249835e5c417538b1e244da23819d5d74bc7ea79ec56951b2c5e903140234ebdc6cbaf683788710bd81b7769e114960a43cfbedfc7725484e3c05e46b8d0d50fa923ade324de9063a51d4f8822ce5c303970f911424fcdd07ef94f84fbe342c674c3796c8739707004725f1df3923d8ff089ae9fcdfa5dfffcfbba665b2da994809c5dd5e5c3e0d37a423244432df20e4646161cb4aa09106deedd2e84874870f5f7d31a797919464ee4b377c0a28968999666cc070ee507ecae97d8b46f2d0f80a19a1df9ed750f5550c7c379821215f83f42901e2e1cd82b702e8ee2d4d8089da985025498ebd83f140d79ee8bd356a778ae7472489b7b113bfc67352ff9dce3a39e7c1d2b74044614731f7a16ec09ce3b8bbcd80189ba5bd2e5d114dd0c6b13d615347be01503fc43b48796370a8c53372f6396eabb85d569bb55e95ed183dadaf55e9cc47d4e2fdcbb21f30759c05e30f4e9bd0b4bc35536ffacf0031c1c2183efee22070b6d665dde271381cc08bb0165ce9c925b420ecbc1bae6316d7767569dd7f346b4ae8a0ca51a3839fad834eee7cf1e6dc4eedb8baed249aa0341ec5088ccdcfd896cd1c4f187d750e37b93378ac9f2706eae4d8734c88df3a3000b8ae43d0a70d02f65cd319d06449a070f58a3fce4990c61f44b994b9af66c168a6811ee67351a949c8a89eef8e51c17928d273e6bbbb0bc1ed74ce810794a632cce166c5ed6ad3b6e1b75b249ae9be3b363a984437b18379e11e10320b79171d7ecf27d5629fc309d6740b5da3db729517764fb6d295eef51cce35f8785a05c5ccde47c8f513af95afaa01d259a8cd4bba51158ef82d0c894946445f08f2c7e599316b90110966ae7a3d938c5c6db67e30bfddb45b72237ccf78e1e4b613e92d46b699d570d9d345e8634a3ce7d3cb0472635644a48ca976ee9535eeb0d48a3fbe1d20cadafd16a0b2a14d0a1a5da3cb1e661ca1baace07662149ed6a1917573e0ca4110262e17321ada5275acb82938aba2ab138676fcc2a20348dcbb0d81ba46d2e89c0c46c86a32790dd788d04b35da085c6997046878279b90e754056120e66a7a1b78501ffa0d24f0c8a99e1e3f9939a1d7b44dd99ea06f3292176bd1b844e80a271b88b6e8865d45b8632cd89b1197c11ac730227a0cbf62289b34654d2d67ab89459029d035e45d1ea5bdc47d50a4156c52acd4c345661d54c1f776f785a212f83648617dd07b4df5bdd98fbb9e450eebb8acaf13ccd74ee15d131ee3df94079bc5aba1f7b817e255655ed92c904ceff881393729d19dc1e01a000168b3c84d128c797fa742a0a466544cea6d4f0cb8f17f97327a00bd704d4bdc2fcc0a0d484d22618356544495c6e3622d258a4db41a45da5f03ee3678b59c742eaea27911ef8ec16fad9d03b6dc6c5880d0a8c3c4df684b2481152f9da877bcff103e66d62c423dd184c7401905e58bce949992f9a1226344f86d59adc002d9aec6eddd0a58e4b7343671ca4fa6dbc7dcd74284a643b7d1a7fb921b16f51f24957f2c308e447c6079eb22ab9ee08a5cad8e2fa15e673451520744f47554b35be0916eb77a02c72663c67a909aa83e7032bd221de64ab9b9c2428be0ad496ed4f6fe7ab62a618b7bb67597c824f2bccfa8366a1f5ada31b490ceb5fe006abf6b2495fae805d51c20cee6c3e3601b98d74bcbc9d947353f9902b8ed96ffbd592c2273aeaa9cca0ad635bca79439ccaaf25a508bd7c193cf45ee52cf36294bdadc9f73dc241324f429204767286360996788910208cdc66c28484e42c2f267b0e6983eedd98eafdc8efbe7325239b8061b880d865b1880d932b433995616ca975b0faf6eeab31fdf39956fc2bfcf4a782c124a6998f080dfd179e639ca96faa45d8223aa2b10a28a804bea64afe29fd56a5a7f77789a2548d4e89186b382e2f5eb8d93f899ccc6c7544b6f2c45cd1ef2c18b89cb009f2e40a0c51435bd22b214103877952c4501d3609248afd1990076377008864bd0e191adf5b334f9f0c037221cd59e15a8906a5b84c6b3031cb61873e8754a10445881f0e4045ce14832131fdec17decd18d8da116d3242b9cbd86e8e7b0c8ad964576a9f9f283f67586efc9e639e48373974f613da66ab19b8eaaa3f93fb0bc2c945e3b4301e529188d60aac03c694f1b4a3fdbcf8aeef73946a49b53d73ba6cafe370ef8fc94a2af859425e7921ade983af25c9908883f2cfa2cb47099fd12f508fa3e3d73964b756bcea6dab4c38b787f523f8f16f9f096f353252e2ae77efa88fdbf01510a02485a5cc48a98d64da4ec531a69afd19fb9687ec4702736e24aef3a1c4cb8b8da05dff891987956c55973e574d736ee75540e79f0e77b0c4b600ce38b6c3453b6c6b8351ba69c3914804d521b99185ec3ea7b2cd4b03c76ec8cdcf1cc52d9cb2857c0120905473cc4131b8ef5b76ea4e79976b245ccf0ef64278b374ff392c3d1750b827dd76276e30f11c12d2f81cab8e9325697f050593f5da54bd03ff3947b1c4af9cf49f417b69148c52d1216e54534a164bc669a15a0845ae33284bd21dea49272d70ef281d860c5d47cbb9090ce7f4a87ee766379ec725780e0af584ea17af7d6cc285cbe0047f9222a7594ac09ac0ec35747dcbd8151e4979a7dc1d9ec5", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="9eb641bf4661ec717e9a633b343ba4e75e4c210e3fede7e1f075df305f85a50c38e73df01fa021a28cf8c1f7888248e0c1aec0202475629556f6b11018570086c0c1491a62cfdfa8d2f65c0d44656ac229f8b2e14d349c9223aad1fdbe1b6e056aa78a8d643b344213d3b8f1f98475a919d82d057dbf263bc4409ed1bd7a")
sched_rr_get_interval(r1, &(0x7f0000001200))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:35 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfbfff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_eat_lsm_opts\x00')

[ 1138.451926][T30186] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1138.459833][T30186]  </TASK>
06:33:36 executing program 3:
clock_gettime(0x2, &(0x7f0000000100)) (async)
r0 = syz_clone(0x88040800, &(0x7f0000000080)="dab0bd4229a5e370af0b060d882fbfdef8fb00ef8b37d57d7cb171f1d3e8246f014cd3b0d863f7645e98978444de0cae4f", 0x31, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)="607398c72c5e4a9480646b869d205bbc471ef91c8acc99f11e9f0196bbb2e3c9393c4f9905255899e6da60be4d1b445a96bbea40bf3033f31a3e12182de71665c5706f947acf5bb5e302942e847245ed105a137f14e8eda8cda7f1c5908b3c1dded40a350c556b382b6310f07d887a5de952bd1177f5e94b77d139274e94df9a416bdd87da170449c213f1279becb840d0674e2bd577a6a4f8c04f605821c23754582e8a63")
sched_rr_get_interval(r0, &(0x7f0000000280)) (async, rerun: 64)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040)={&(0x7f0000000000)={[0x7e]}, 0x8}) (rerun: 64)

06:33:36 executing program 2:
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0) (async)
sched_rr_get_interval(r0, &(0x7f0000000000))
r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f00000000c0)=0x10, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x418, 0x110, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000100), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast1, @local, 0xd, 0x1}}}, {{@arp={@broadcast, @dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xffffffff, 0x8, 0x4, {@mac=@multicast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff]}}, 0x8001, 0x20, 0xffff, 0x2, 0x4, 0x3, 'bond_slave_1\x00', '\x00', {0xff}, {0xff}, 0x0, 0x1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @broadcast, @rand_addr=0x64010102, 0x2, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast, @local, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000700)={'filter\x00', 0x0, 0x3, 0xbe, [0x1ff, 0x7fffffff, 0x4, 0x1, 0x6, 0x9], 0x8, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000640)=""/190}, &(0x7f0000000780)=0x78) (async)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x8, 0x50, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000007c0)="e8a75d1b89578a4580b23aaa49bf0ad962f8a5f6d6376a8bb1eb2c73543919b9906c7f85baf70062c0121325c92f8b2386a0c860d6fa29bdab9ebedb2f43228d511563c9890430f6", 0x0, 0x48)

06:33:36 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

06:33:36 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfbfff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_eat_lsm_opts\x00')

06:33:36 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:36 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = syz_clone(0x80000, &(0x7f0000000200)="80c14788b69e3d71b08b09a2348b27fe55ab7261ef567dc2e8b2bb40b69a7d29a7c2af26a5bd7bae4b4223f599893dd06f341ee4582448e6acd218ebfea3b901c7b949af7cf70088544016d46fefd757a52aa9d913676a1dc5283a1bd478f0f3ccf7708a3ee61c6a4bd79ea7ae06573d573660bc96c5a79b9a6916edfee3c06c06b7baa178d9eb9e1b975376c99b7326fe69d7ea38acbe0fe70db1fb900273b9151a957a8f4e17045c399e62b695850304da43727330d8064f97a0067b29c79b69e0b98b1479002b31ed488811089777fd1c9b09e653e5930ace0d68ef4e7ab76a8aa8afa2c57722a8fe71a6983bda2814c677f78074df47f5596fdf194598686eed9b517876f2569e61c2cbf0084bec84adbac1646ed39836b2f621a7bb8e7d38f8698156d79683352e22cf5f4f35d4c60a7d5aac659cf5390583f176a35ab93476026feb5c3ff165d66332399be23eb0b87d64787b1f1b648262c4a524508aeb86698b51fa7b4631f5d645064b4fe33c53afcb239d5efdf5f8244ca1e8a12febae8f81b40b5c6bdc94d8407bea0fda09186540ca06533d99d50c99a07ccaceaf91fe95237e5989296a6173aad8ccea91bd0f0cabe2e8fb8564a03d3f564954db917c53820d96885badc124fb3ae8282b162852a1a5ac2f5cf8421350779b83a6ff4a5a63f6865240dccb6c8a8c3a8b48fc44b21d81c39025101f7a3ab5a886c821ecefcad64516974ea4e9453f9a6ab673227a2daec49dfe28fb5404a2676064ffcce560ae53071c261c6078d993608899b368a96cd527a9578ea134d92eefc4a16f63f701eff5e0726a0f8425370aacbe2b00311088aaa1fa335d9e84fe6300f8403402b5edd0a76e24974fcc22a5355ee759e1cebd64f8ed368cdf8474f6a5ec7a55889e4ca94018edbdd6deb910630993e7a6fcf2093df47fd6e334ecd69452c7e138cb8fa77db0aa7b8877d370f8586b11fd8e9c1eb1648536eb9bcc98e102484ef3c84c34d3230b4f439694a18b3c4d12182aa830f1729ac007bca6efe0e5b8a12c8c43c8c7af6e0cafc39e9aed7eea820621056d60f2d75c6ffd4650a5de76d30135851fcac372d610bfb8ac600c936020a3dc95ae37551f120dda044b70fe36f32edaf68b46b00c5c9c19647cff08b23946415ed6298f0caff290fdea3048552e208f7e261bfd26dc0f0143b53c98f0d7d749e54f4f5284551d8da5f8480fa4772466260b63c52465e9708311babaa4a2d64e23829d90cc52dd495b9d9fe03e307852f2921abc96dc15593b01234627ba259485aec30963603098ee8666797f43e5ee58e0a127b971c6739c8e11b7405d57e7f329e0744fa0d901bff662e3bc0c78d4cd1488a98c813b7f08ec91cd6bec51c5422df770ad37e4c67f4f1abe021d759584c5c9b215ab1697b007452682a77fc9dd9dd4490f887a914d2beb140d005fab2ed8c16682343be8d70eb5ea22b6e9300b846a00b22c5914943ddc5f166eb72b38426f5c5059fb36051a74c39fdca05e36eecd5a0084f820c064c7596ca9bf99823ba2961998ea7ed9f92fe266d7f1b1b48e469638dc8595c964a22b62c71deee133f33898c4f08844181bc23d523cc1654f07b8cac6cd4ad483dda01a53f6de6a4a9ffe08a5e63dd1f4510889aa069ffb4920bcf16f0a041ddc70863e29aa1a74f819d38e89983a44acb267aa90cc8f8f5214fec53d702a7395cf45b9f54a278e624e77c31bc37e371edebcc48bc9dccdbb4a148910f53224f467e6560a39fb055b1ab5468bf1f42a89e30164ff0f7fd37945a0964a97ed2b03ce275f4e3626478d474fd2875cea8aa597fd119b9c7e5c925df7521d00d3cad95604deea031e032f8fb94449c1fa9fd08bef784017e71daadd30630d00ea16ebd315ef2b1f6926e65dd909c423920e3e4e49608daf2df97512fe0517de3a23b77003e49b5c117b77011ca6f89531f6d5f7024c05a3b29c1988134ba59ef4d3b51651b66c2d324dacff141467df31c7d48c90d9619454b494daabadfb35e428023da636aa3a84c51747479900704dba5975615e15738f69c44a9d29ab163d338cbc56dfcff7f29af3173864afaef43c2e4f74e78f436eaa2cf21acaa1651e1cd7fe1cec3ddebc6fe877e0f09e693133483b8ea07b9fbfaac9647e167724e07b9002624549ed686074a1fe125dbd347c3cba0e85b7352a50270297efab891be0ed8954098a706a92e53cea798d9c09c05ba7c2f130b0454bfb9f3cf1290f404ab98e8e0dedd69cade65df2db79a4b0f25c1256bc6ef5fd06fa2f6d62835670befa525b4abf38dd05bbdb953240ffb648d9a292b9cdcb6895e678b349ff0c296fd2350e710331dcf40c75d96d47dba40f4778b52e56ca63211a0700980d87a0968e2ef83999fa178f572af34397790fdd57e4a37e285cee120cad7f231e953ab25c85d7287c0454c25dfde26119345b564e4ffaa91b915c42a2abe2fe31f9827719ce6ac7de6dadb9492afbbfb0de36126ddf88c7f2dcda068fa56950fba3870ea4ce7ab84a9613b7c49df307aeb1688c2df8adf211d97dba7472673c838730c94b827304cfdfc38c9f9ec6b2b22ac13abea94ee0d3673e26ddf9c5fa6fbfc1fe2741fdcd2a2bb6a066b0e6c8e31e39c92dbbf28d1d6da916f287f33d7266cfb3c08371a4f2953c8b4e4902f4be6de11656f764f7e73d957063b32db23314c9909fde807dbdeccf97259fbcfc0afaabf9fbc2ad4f88eb4e87d13cd9e66d32f190e25c67e14ec0f0497ff411c4bc9f95dee4d88e85e8c6f48ca255300b22d29dc64e5ac83edb39d86613285478b9508b10aa5fd1ddcc2ea06e4b714988000d07106ca00566d64ede0941b6c049de63c15603a9a8cb5c33224293f5d8f6f5940738501415320177a2f14dd73e69c1495ee183052d902bda00d80261c69f1eece4f54984d77ce9047470d2acd716eb77c35f19bf6903473e8aef7eb9696717d1469838db968bbe8fd6279ebeea6364a0f30939b6e2796ce9d67f05e5c75decc399cacc90003c7a85ce1db7f19950faa6e20c6ecf0929d91de6648de639ad7dda4ecfa0aa00ef6852d07aac4d2cbb4f3dd4253762cfb02d0238cb376291e60c4b45648889cf9b25249835e5c417538b1e244da23819d5d74bc7ea79ec56951b2c5e903140234ebdc6cbaf683788710bd81b7769e114960a43cfbedfc7725484e3c05e46b8d0d50fa923ade324de9063a51d4f8822ce5c303970f911424fcdd07ef94f84fbe342c674c3796c8739707004725f1df3923d8ff089ae9fcdfa5dfffcfbba665b2da994809c5dd5e5c3e0d37a423244432df20e4646161cb4aa09106deedd2e84874870f5f7d31a797919464ee4b377c0a28968999666cc070ee507ecae97d8b46f2d0f80a19a1df9ed750f5550c7c379821215f83f42901e2e1cd82b702e8ee2d4d8089da985025498ebd83f140d79ee8bd356a778ae7472489b7b113bfc67352ff9dce3a39e7c1d2b74044614731f7a16ec09ce3b8bbcd80189ba5bd2e5d114dd0c6b13d615347be01503fc43b48796370a8c53372f6396eabb85d569bb55e95ed183dadaf55e9cc47d4e2fdcbb21f30759c05e30f4e9bd0b4bc35536ffacf0031c1c2183efee22070b6d665dde271381cc08bb0165ce9c925b420ecbc1bae6316d7767569dd7f346b4ae8a0ca51a3839fad834eee7cf1e6dc4eedb8baed249aa0341ec5088ccdcfd896cd1c4f187d750e37b93378ac9f2706eae4d8734c88df3a3000b8ae43d0a70d02f65cd319d06449a070f58a3fce4990c61f44b994b9af66c168a6811ee67351a949c8a89eef8e51c17928d273e6bbbb0bc1ed74ce810794a632cce166c5ed6ad3b6e1b75b249ae9be3b363a984437b18379e11e10320b79171d7ecf27d5629fc309d6740b5da3db729517764fb6d295eef51cce35f8785a05c5ccde47c8f513af95afaa01d259a8cd4bba51158ef82d0c894946445f08f2c7e599316b90110966ae7a3d938c5c6db67e30bfddb45b72237ccf78e1e4b613e92d46b699d570d9d345e8634a3ce7d3cb0472635644a48ca976ee9535eeb0d48a3fbe1d20cadafd16a0b2a14d0a1a5da3cb1e661ca1baace07662149ed6a1917573e0ca4110262e17321ada5275acb82938aba2ab138676fcc2a20348dcbb0d81ba46d2e89c0c46c86a32790dd788d04b35da085c6997046878279b90e754056120e66a7a1b78501ffa0d24f0c8a99e1e3f9939a1d7b44dd99ea06f3292176bd1b844e80a271b88b6e8865d45b8632cd89b1197c11ac730227a0cbf62289b34654d2d67ab89459029d035e45d1ea5bdc47d50a4156c52acd4c345661d54c1f776f785a212f83648617dd07b4df5bdd98fbb9e450eebb8acaf13ccd74ee15d131ee3df94079bc5aba1f7b817e255655ed92c904ceff881393729d19dc1e01a000168b3c84d128c797fa742a0a466544cea6d4f0cb8f17f97327a00bd704d4bdc2fcc0a0d484d22618356544495c6e3622d258a4db41a45da5f03ee3678b59c742eaea27911ef8ec16fad9d03b6dc6c5880d0a8c3c4df684b2481152f9da877bcff103e66d62c423dd184c7401905e58bce949992f9a1226344f86d59adc002d9aec6eddd0a58e4b7343671ca4fa6dbc7dcd74284a643b7d1a7fb921b16f51f24957f2c308e447c6079eb22ab9ee08a5cad8e2fa15e673451520744f47554b35be0916eb77a02c72663c67a909aa83e7032bd221de64ab9b9c2428be0ad496ed4f6fe7ab62a618b7bb67597c824f2bccfa8366a1f5ada31b490ceb5fe006abf6b2495fae805d51c20cee6c3e3601b98d74bcbc9d947353f9902b8ed96ffbd592c2273aeaa9cca0ad635bca79439ccaaf25a508bd7c193cf45ee52cf36294bdadc9f73dc241324f429204767286360996788910208cdc66c28484e42c2f267b0e6983eedd98eafdc8efbe7325239b8061b880d865b1880d932b433995616ca975b0faf6eeab31fdf39956fc2bfcf4a782c124a6998f080dfd179e639ca96faa45d8223aa2b10a28a804bea64afe29fd56a5a7f77789a2548d4e89186b382e2f5eb8d93f899ccc6c7544b6f2c45cd1ef2c18b89cb009f2e40a0c51435bd22b214103877952c4501d3609248afd1990076377008864bd0e191adf5b334f9f0c037221cd59e15a8906a5b84c6b3031cb61873e8754a10445881f0e4045ce14832131fdec17decd18d8da116d3242b9cbd86e8e7b0c8ad964576a9f9f283f67586efc9e639e48373974f613da66ab19b8eaaa3f93fb0bc2c945e3b4301e529188d60aac03c694f1b4a3fdbcf8aeef73946a49b53d73ba6cafe370ef8fc94a2af859425e7921ade983af25c9908883f2cfa2cb47099fd12f508fa3e3d73964b756bcea6dab4c38b787f523f8f16f9f096f353252e2ae77efa88fdbf01510a02485a5cc48a98d64da4ec531a69afd19fb9687ec4702736e24aef3a1c4cb8b8da05dff891987956c55973e574d736ee75540e79f0e77b0c4b600ce38b6c3453b6c6b8351ba69c3914804d521b99185ec3ea7b2cd4b03c76ec8cdcf1cc52d9cb2857c0120905473cc4131b8ef5b76ea4e79976b245ccf0ef64278b374ff392c3d1750b827dd76276e30f11c12d2f81cab8e9325697f050593f5da54bd03ff3947b1c4af9cf49f417b69148c52d1216e54534a164bc669a15a0845ae33284bd21dea49272d70ef281d860c5d47cbb9090ce7f4a87ee766379ec725780e0af584ea17af7d6cc285cbe0047f9222a7594ac09ac0ec35747dcbd8151e4979a7dc1d9ec5", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="9eb641bf4661ec717e9a633b343ba4e75e4c210e3fede7e1f075df305f85a50c38e73df01fa021a28cf8c1f7888248e0c1aec0202475629556f6b11018570086c0c1491a62cfdfa8d2f65c0d44656ac229f8b2e14d349c9223aad1fdbe1b6e056aa78a8d643b344213d3b8f1f98475a919d82d057dbf263bc4409ed1bd7a")
sched_rr_get_interval(r1, &(0x7f0000001200))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x1, &(0x7f0000000100)) (async)
syz_clone(0x80000, &(0x7f0000000200)="80c14788b69e3d71b08b09a2348b27fe55ab7261ef567dc2e8b2bb40b69a7d29a7c2af26a5bd7bae4b4223f599893dd06f341ee4582448e6acd218ebfea3b901c7b949af7cf70088544016d46fefd757a52aa9d913676a1dc5283a1bd478f0f3ccf7708a3ee61c6a4bd79ea7ae06573d573660bc96c5a79b9a6916edfee3c06c06b7baa178d9eb9e1b975376c99b7326fe69d7ea38acbe0fe70db1fb900273b9151a957a8f4e17045c399e62b695850304da43727330d8064f97a0067b29c79b69e0b98b1479002b31ed488811089777fd1c9b09e653e5930ace0d68ef4e7ab76a8aa8afa2c57722a8fe71a6983bda2814c677f78074df47f5596fdf194598686eed9b517876f2569e61c2cbf0084bec84adbac1646ed39836b2f621a7bb8e7d38f8698156d79683352e22cf5f4f35d4c60a7d5aac659cf5390583f176a35ab93476026feb5c3ff165d66332399be23eb0b87d64787b1f1b648262c4a524508aeb86698b51fa7b4631f5d645064b4fe33c53afcb239d5efdf5f8244ca1e8a12febae8f81b40b5c6bdc94d8407bea0fda09186540ca06533d99d50c99a07ccaceaf91fe95237e5989296a6173aad8ccea91bd0f0cabe2e8fb8564a03d3f564954db917c53820d96885badc124fb3ae8282b162852a1a5ac2f5cf8421350779b83a6ff4a5a63f6865240dccb6c8a8c3a8b48fc44b21d81c39025101f7a3ab5a886c821ecefcad64516974ea4e9453f9a6ab673227a2daec49dfe28fb5404a2676064ffcce560ae53071c261c6078d993608899b368a96cd527a9578ea134d92eefc4a16f63f701eff5e0726a0f8425370aacbe2b00311088aaa1fa335d9e84fe6300f8403402b5edd0a76e24974fcc22a5355ee759e1cebd64f8ed368cdf8474f6a5ec7a55889e4ca94018edbdd6deb910630993e7a6fcf2093df47fd6e334ecd69452c7e138cb8fa77db0aa7b8877d370f8586b11fd8e9c1eb1648536eb9bcc98e102484ef3c84c34d3230b4f439694a18b3c4d12182aa830f1729ac007bca6efe0e5b8a12c8c43c8c7af6e0cafc39e9aed7eea820621056d60f2d75c6ffd4650a5de76d30135851fcac372d610bfb8ac600c936020a3dc95ae37551f120dda044b70fe36f32edaf68b46b00c5c9c19647cff08b23946415ed6298f0caff290fdea3048552e208f7e261bfd26dc0f0143b53c98f0d7d749e54f4f5284551d8da5f8480fa4772466260b63c52465e9708311babaa4a2d64e23829d90cc52dd495b9d9fe03e307852f2921abc96dc15593b01234627ba259485aec30963603098ee8666797f43e5ee58e0a127b971c6739c8e11b7405d57e7f329e0744fa0d901bff662e3bc0c78d4cd1488a98c813b7f08ec91cd6bec51c5422df770ad37e4c67f4f1abe021d759584c5c9b215ab1697b007452682a77fc9dd9dd4490f887a914d2beb140d005fab2ed8c16682343be8d70eb5ea22b6e9300b846a00b22c5914943ddc5f166eb72b38426f5c5059fb36051a74c39fdca05e36eecd5a0084f820c064c7596ca9bf99823ba2961998ea7ed9f92fe266d7f1b1b48e469638dc8595c964a22b62c71deee133f33898c4f08844181bc23d523cc1654f07b8cac6cd4ad483dda01a53f6de6a4a9ffe08a5e63dd1f4510889aa069ffb4920bcf16f0a041ddc70863e29aa1a74f819d38e89983a44acb267aa90cc8f8f5214fec53d702a7395cf45b9f54a278e624e77c31bc37e371edebcc48bc9dccdbb4a148910f53224f467e6560a39fb055b1ab5468bf1f42a89e30164ff0f7fd37945a0964a97ed2b03ce275f4e3626478d474fd2875cea8aa597fd119b9c7e5c925df7521d00d3cad95604deea031e032f8fb94449c1fa9fd08bef784017e71daadd30630d00ea16ebd315ef2b1f6926e65dd909c423920e3e4e49608daf2df97512fe0517de3a23b77003e49b5c117b77011ca6f89531f6d5f7024c05a3b29c1988134ba59ef4d3b51651b66c2d324dacff141467df31c7d48c90d9619454b494daabadfb35e428023da636aa3a84c51747479900704dba5975615e15738f69c44a9d29ab163d338cbc56dfcff7f29af3173864afaef43c2e4f74e78f436eaa2cf21acaa1651e1cd7fe1cec3ddebc6fe877e0f09e693133483b8ea07b9fbfaac9647e167724e07b9002624549ed686074a1fe125dbd347c3cba0e85b7352a50270297efab891be0ed8954098a706a92e53cea798d9c09c05ba7c2f130b0454bfb9f3cf1290f404ab98e8e0dedd69cade65df2db79a4b0f25c1256bc6ef5fd06fa2f6d62835670befa525b4abf38dd05bbdb953240ffb648d9a292b9cdcb6895e678b349ff0c296fd2350e710331dcf40c75d96d47dba40f4778b52e56ca63211a0700980d87a0968e2ef83999fa178f572af34397790fdd57e4a37e285cee120cad7f231e953ab25c85d7287c0454c25dfde26119345b564e4ffaa91b915c42a2abe2fe31f9827719ce6ac7de6dadb9492afbbfb0de36126ddf88c7f2dcda068fa56950fba3870ea4ce7ab84a9613b7c49df307aeb1688c2df8adf211d97dba7472673c838730c94b827304cfdfc38c9f9ec6b2b22ac13abea94ee0d3673e26ddf9c5fa6fbfc1fe2741fdcd2a2bb6a066b0e6c8e31e39c92dbbf28d1d6da916f287f33d7266cfb3c08371a4f2953c8b4e4902f4be6de11656f764f7e73d957063b32db23314c9909fde807dbdeccf97259fbcfc0afaabf9fbc2ad4f88eb4e87d13cd9e66d32f190e25c67e14ec0f0497ff411c4bc9f95dee4d88e85e8c6f48ca255300b22d29dc64e5ac83edb39d86613285478b9508b10aa5fd1ddcc2ea06e4b714988000d07106ca00566d64ede0941b6c049de63c15603a9a8cb5c33224293f5d8f6f5940738501415320177a2f14dd73e69c1495ee183052d902bda00d80261c69f1eece4f54984d77ce9047470d2acd716eb77c35f19bf6903473e8aef7eb9696717d1469838db968bbe8fd6279ebeea6364a0f30939b6e2796ce9d67f05e5c75decc399cacc90003c7a85ce1db7f19950faa6e20c6ecf0929d91de6648de639ad7dda4ecfa0aa00ef6852d07aac4d2cbb4f3dd4253762cfb02d0238cb376291e60c4b45648889cf9b25249835e5c417538b1e244da23819d5d74bc7ea79ec56951b2c5e903140234ebdc6cbaf683788710bd81b7769e114960a43cfbedfc7725484e3c05e46b8d0d50fa923ade324de9063a51d4f8822ce5c303970f911424fcdd07ef94f84fbe342c674c3796c8739707004725f1df3923d8ff089ae9fcdfa5dfffcfbba665b2da994809c5dd5e5c3e0d37a423244432df20e4646161cb4aa09106deedd2e84874870f5f7d31a797919464ee4b377c0a28968999666cc070ee507ecae97d8b46f2d0f80a19a1df9ed750f5550c7c379821215f83f42901e2e1cd82b702e8ee2d4d8089da985025498ebd83f140d79ee8bd356a778ae7472489b7b113bfc67352ff9dce3a39e7c1d2b74044614731f7a16ec09ce3b8bbcd80189ba5bd2e5d114dd0c6b13d615347be01503fc43b48796370a8c53372f6396eabb85d569bb55e95ed183dadaf55e9cc47d4e2fdcbb21f30759c05e30f4e9bd0b4bc35536ffacf0031c1c2183efee22070b6d665dde271381cc08bb0165ce9c925b420ecbc1bae6316d7767569dd7f346b4ae8a0ca51a3839fad834eee7cf1e6dc4eedb8baed249aa0341ec5088ccdcfd896cd1c4f187d750e37b93378ac9f2706eae4d8734c88df3a3000b8ae43d0a70d02f65cd319d06449a070f58a3fce4990c61f44b994b9af66c168a6811ee67351a949c8a89eef8e51c17928d273e6bbbb0bc1ed74ce810794a632cce166c5ed6ad3b6e1b75b249ae9be3b363a984437b18379e11e10320b79171d7ecf27d5629fc309d6740b5da3db729517764fb6d295eef51cce35f8785a05c5ccde47c8f513af95afaa01d259a8cd4bba51158ef82d0c894946445f08f2c7e599316b90110966ae7a3d938c5c6db67e30bfddb45b72237ccf78e1e4b613e92d46b699d570d9d345e8634a3ce7d3cb0472635644a48ca976ee9535eeb0d48a3fbe1d20cadafd16a0b2a14d0a1a5da3cb1e661ca1baace07662149ed6a1917573e0ca4110262e17321ada5275acb82938aba2ab138676fcc2a20348dcbb0d81ba46d2e89c0c46c86a32790dd788d04b35da085c6997046878279b90e754056120e66a7a1b78501ffa0d24f0c8a99e1e3f9939a1d7b44dd99ea06f3292176bd1b844e80a271b88b6e8865d45b8632cd89b1197c11ac730227a0cbf62289b34654d2d67ab89459029d035e45d1ea5bdc47d50a4156c52acd4c345661d54c1f776f785a212f83648617dd07b4df5bdd98fbb9e450eebb8acaf13ccd74ee15d131ee3df94079bc5aba1f7b817e255655ed92c904ceff881393729d19dc1e01a000168b3c84d128c797fa742a0a466544cea6d4f0cb8f17f97327a00bd704d4bdc2fcc0a0d484d22618356544495c6e3622d258a4db41a45da5f03ee3678b59c742eaea27911ef8ec16fad9d03b6dc6c5880d0a8c3c4df684b2481152f9da877bcff103e66d62c423dd184c7401905e58bce949992f9a1226344f86d59adc002d9aec6eddd0a58e4b7343671ca4fa6dbc7dcd74284a643b7d1a7fb921b16f51f24957f2c308e447c6079eb22ab9ee08a5cad8e2fa15e673451520744f47554b35be0916eb77a02c72663c67a909aa83e7032bd221de64ab9b9c2428be0ad496ed4f6fe7ab62a618b7bb67597c824f2bccfa8366a1f5ada31b490ceb5fe006abf6b2495fae805d51c20cee6c3e3601b98d74bcbc9d947353f9902b8ed96ffbd592c2273aeaa9cca0ad635bca79439ccaaf25a508bd7c193cf45ee52cf36294bdadc9f73dc241324f429204767286360996788910208cdc66c28484e42c2f267b0e6983eedd98eafdc8efbe7325239b8061b880d865b1880d932b433995616ca975b0faf6eeab31fdf39956fc2bfcf4a782c124a6998f080dfd179e639ca96faa45d8223aa2b10a28a804bea64afe29fd56a5a7f77789a2548d4e89186b382e2f5eb8d93f899ccc6c7544b6f2c45cd1ef2c18b89cb009f2e40a0c51435bd22b214103877952c4501d3609248afd1990076377008864bd0e191adf5b334f9f0c037221cd59e15a8906a5b84c6b3031cb61873e8754a10445881f0e4045ce14832131fdec17decd18d8da116d3242b9cbd86e8e7b0c8ad964576a9f9f283f67586efc9e639e48373974f613da66ab19b8eaaa3f93fb0bc2c945e3b4301e529188d60aac03c694f1b4a3fdbcf8aeef73946a49b53d73ba6cafe370ef8fc94a2af859425e7921ade983af25c9908883f2cfa2cb47099fd12f508fa3e3d73964b756bcea6dab4c38b787f523f8f16f9f096f353252e2ae77efa88fdbf01510a02485a5cc48a98d64da4ec531a69afd19fb9687ec4702736e24aef3a1c4cb8b8da05dff891987956c55973e574d736ee75540e79f0e77b0c4b600ce38b6c3453b6c6b8351ba69c3914804d521b99185ec3ea7b2cd4b03c76ec8cdcf1cc52d9cb2857c0120905473cc4131b8ef5b76ea4e79976b245ccf0ef64278b374ff392c3d1750b827dd76276e30f11c12d2f81cab8e9325697f050593f5da54bd03ff3947b1c4af9cf49f417b69148c52d1216e54534a164bc669a15a0845ae33284bd21dea49272d70ef281d860c5d47cbb9090ce7f4a87ee766379ec725780e0af584ea17af7d6cc285cbe0047f9222a7594ac09ac0ec35747dcbd8151e4979a7dc1d9ec5", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="9eb641bf4661ec717e9a633b343ba4e75e4c210e3fede7e1f075df305f85a50c38e73df01fa021a28cf8c1f7888248e0c1aec0202475629556f6b11018570086c0c1491a62cfdfa8d2f65c0d44656ac229f8b2e14d349c9223aad1fdbe1b6e056aa78a8d643b344213d3b8f1f98475a919d82d057dbf263bc4409ed1bd7a") (async)
sched_rr_get_interval(r1, &(0x7f0000001200)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

[ 1139.067159][T30223] FAULT_INJECTION: forcing a failure.
[ 1139.067159][T30223] name failslab, interval 1, probability 0, space 0, times 0
[ 1139.081303][T30223] CPU: 1 PID: 30223 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1139.091379][T30223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1139.101619][T30223] Call Trace:
[ 1139.104742][T30223]  <TASK>
[ 1139.107571][T30223]  dump_stack_lvl+0x151/0x1b7
[ 1139.112051][T30223]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1139.117336][T30223]  dump_stack+0x15/0x17
[ 1139.121317][T30223]  should_fail+0x3c0/0x510
[ 1139.125570][T30223]  __should_failslab+0x9f/0xe0
[ 1139.130171][T30223]  should_failslab+0x9/0x20
[ 1139.134509][T30223]  kmem_cache_alloc+0x4f/0x2f0
[ 1139.139106][T30223]  ? vm_area_dup+0x26/0x1d0
[ 1139.143450][T30223]  vm_area_dup+0x26/0x1d0
[ 1139.147617][T30223]  dup_mmap+0x6b8/0xea0
[ 1139.151608][T30223]  ? __delayed_free_task+0x20/0x20
[ 1139.156565][T30223]  ? mm_init+0x807/0x960
[ 1139.160635][T30223]  dup_mm+0x91/0x330
[ 1139.164367][T30223]  copy_mm+0x108/0x1b0
[ 1139.168272][T30223]  copy_process+0x1295/0x3250
[ 1139.172788][T30223]  ? proc_fail_nth_write+0x213/0x290
[ 1139.177906][T30223]  ? proc_fail_nth_read+0x220/0x220
[ 1139.182940][T30223]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1139.187887][T30223]  ? vfs_write+0x9af/0x1050
[ 1139.192229][T30223]  ? vmacache_update+0xb7/0x120
[ 1139.196915][T30223]  kernel_clone+0x22d/0x990
[ 1139.201256][T30223]  ? file_end_write+0x1b0/0x1b0
[ 1139.205939][T30223]  ? __kasan_check_write+0x14/0x20
[ 1139.210887][T30223]  ? create_io_thread+0x1e0/0x1e0
06:33:36 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r0=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000300)={<r7=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r7, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='gre0\x00'/16, @ANYRES32=<r8=>0x0, @ANYBLOB="000007000000000100000009440d00d00068000070299078ac1414aae00000018927957f000001ffffffff7f000001000000000a010102ac1e0101ffffffff0a010102ac1e0101830ff6ac1414aae00000027f000001940400008313e4ac1414aa00000000e0000001ac141431010044201ba000000b8ffffffffb00000005000007ff0000000900000006000100014410cff00000000900000007fffffffb443c70a1ac1414bb00000005ac1e010100000009ffffffff800000010a01010100000001ac1414aa00010000ac14143200009a00e00000020000000400"]})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00050000", @ANYRES16=0x0, @ANYBLOB="100028bd7000ffdbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f61646361737400000008000100", @ANYRES32=0x0, @ANYBLOB="dc0102803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000100008038000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000005000300030000000800040006000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000600000008000600", @ANYRES32=r1, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400ff7fffff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004008000000008000600", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6802028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r9, @ANYBLOB="080007000000000044000100240001006d6f646500000000000000000a000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000038000100240001006e6f746966795f70656572735f696e74657276610003000000080004220800000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB], 0x500}, 0x1, 0x0, 0x0, 0x40084}, 0x4048040)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:36 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r0=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0}) (async, rerun: 32)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (rerun: 32)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000300)={<r7=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r7, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='gre0\x00'/16, @ANYRES32=<r8=>0x0, @ANYBLOB="000007000000000100000009440d00d00068000070299078ac1414aae00000018927957f000001ffffffff7f000001000000000a010102ac1e0101ffffffff0a010102ac1e0101830ff6ac1414aae00000027f000001940400008313e4ac1414aa00000000e0000001ac141431010044201ba000000b8ffffffffb00000005000007ff0000000900000006000100014410cff00000000900000007fffffffb443c70a1ac1414bb00000005ac1e010100000009ffffffff800000010a01010100000001ac1414aa00010000ac14143200009a00e00000020000000400"]}) (async, rerun: 32)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00050000", @ANYRES16=0x0, @ANYBLOB="100028bd7000ffdbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f61646361737400000008000100", @ANYRES32=0x0, @ANYBLOB="dc0102803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000100008038000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000005000300030000000800040006000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000600000008000600", @ANYRES32=r1, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400ff7fffff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004008000000008000600", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6802028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r9, @ANYBLOB="080007000000000044000100240001006d6f646500000000000000000a000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000038000100240001006e6f746966795f70656572735f696e74657276610003000000080004220800000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB], 0x500}, 0x1, 0x0, 0x0, 0x40084}, 0x4048040) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1139.215766][T30223]  ? __mutex_lock_slowpath+0x10/0x10
[ 1139.220871][T30223]  __x64_sys_clone+0x289/0x310
[ 1139.225467][T30223]  ? __do_sys_vfork+0x130/0x130
[ 1139.230156][T30223]  ? debug_smp_processor_id+0x17/0x20
[ 1139.235362][T30223]  do_syscall_64+0x44/0xd0
[ 1139.239618][T30223]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1139.245693][T30223] RIP: 0033:0x7f263a8c35a9
06:33:36 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r0=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0}) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async, rerun: 64)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (rerun: 64)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0) (async, rerun: 32)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000300)={<r7=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r7, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='gre0\x00'/16, @ANYRES32=<r8=>0x0, @ANYBLOB="000007000000000100000009440d00d00068000070299078ac1414aae00000018927957f000001ffffffff7f000001000000000a010102ac1e0101ffffffff0a010102ac1e0101830ff6ac1414aae00000027f000001940400008313e4ac1414aa00000000e0000001ac141431010044201ba000000b8ffffffffb00000005000007ff0000000900000006000100014410cff00000000900000007fffffffb443c70a1ac1414bb00000005ac1e010100000009ffffffff800000010a01010100000001ac1414aa00010000ac14143200009a00e00000020000000400"]}) (async, rerun: 64)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00050000", @ANYRES16=0x0, @ANYBLOB="100028bd7000ffdbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f61646361737400000008000100", @ANYRES32=0x0, @ANYBLOB="dc0102803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000100008038000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000005000300030000000800040006000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000600000008000600", @ANYRES32=r1, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400ff7fffff3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004008000000008000600", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6802028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r9, @ANYBLOB="080007000000000044000100240001006d6f646500000000000000000a000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000038000100240001006e6f746966795f70656572735f696e74657276610003000000080004220800000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB], 0x500}, 0x1, 0x0, 0x0, 0x40084}, 0x4048040)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:36 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)

06:33:36 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)

06:33:36 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)

[ 1139.249945][T30223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1139.269390][T30223] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1139.277630][T30223] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1139.285439][T30223] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1139.293253][T30223] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1139.301408][T30223] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1139.309316][T30223] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1139.317124][T30223]  </TASK>
06:33:37 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:37 executing program 0:
clock_gettime(0x1, &(0x7f0000000100)={0x0, <r0=>0x0}) (async, rerun: 64)
r1 = syz_clone(0x80000, &(0x7f0000000200)="80c14788b69e3d71b08b09a2348b27fe55ab7261ef567dc2e8b2bb40b69a7d29a7c2af26a5bd7bae4b4223f599893dd06f341ee4582448e6acd218ebfea3b901c7b949af7cf70088544016d46fefd757a52aa9d913676a1dc5283a1bd478f0f3ccf7708a3ee61c6a4bd79ea7ae06573d573660bc96c5a79b9a6916edfee3c06c06b7baa178d9eb9e1b975376c99b7326fe69d7ea38acbe0fe70db1fb900273b9151a957a8f4e17045c399e62b695850304da43727330d8064f97a0067b29c79b69e0b98b1479002b31ed488811089777fd1c9b09e653e5930ace0d68ef4e7ab76a8aa8afa2c57722a8fe71a6983bda2814c677f78074df47f5596fdf194598686eed9b517876f2569e61c2cbf0084bec84adbac1646ed39836b2f621a7bb8e7d38f8698156d79683352e22cf5f4f35d4c60a7d5aac659cf5390583f176a35ab93476026feb5c3ff165d66332399be23eb0b87d64787b1f1b648262c4a524508aeb86698b51fa7b4631f5d645064b4fe33c53afcb239d5efdf5f8244ca1e8a12febae8f81b40b5c6bdc94d8407bea0fda09186540ca06533d99d50c99a07ccaceaf91fe95237e5989296a6173aad8ccea91bd0f0cabe2e8fb8564a03d3f564954db917c53820d96885badc124fb3ae8282b162852a1a5ac2f5cf8421350779b83a6ff4a5a63f6865240dccb6c8a8c3a8b48fc44b21d81c39025101f7a3ab5a886c821ecefcad64516974ea4e9453f9a6ab673227a2daec49dfe28fb5404a2676064ffcce560ae53071c261c6078d993608899b368a96cd527a9578ea134d92eefc4a16f63f701eff5e0726a0f8425370aacbe2b00311088aaa1fa335d9e84fe6300f8403402b5edd0a76e24974fcc22a5355ee759e1cebd64f8ed368cdf8474f6a5ec7a55889e4ca94018edbdd6deb910630993e7a6fcf2093df47fd6e334ecd69452c7e138cb8fa77db0aa7b8877d370f8586b11fd8e9c1eb1648536eb9bcc98e102484ef3c84c34d3230b4f439694a18b3c4d12182aa830f1729ac007bca6efe0e5b8a12c8c43c8c7af6e0cafc39e9aed7eea820621056d60f2d75c6ffd4650a5de76d30135851fcac372d610bfb8ac600c936020a3dc95ae37551f120dda044b70fe36f32edaf68b46b00c5c9c19647cff08b23946415ed6298f0caff290fdea3048552e208f7e261bfd26dc0f0143b53c98f0d7d749e54f4f5284551d8da5f8480fa4772466260b63c52465e9708311babaa4a2d64e23829d90cc52dd495b9d9fe03e307852f2921abc96dc15593b01234627ba259485aec30963603098ee8666797f43e5ee58e0a127b971c6739c8e11b7405d57e7f329e0744fa0d901bff662e3bc0c78d4cd1488a98c813b7f08ec91cd6bec51c5422df770ad37e4c67f4f1abe021d759584c5c9b215ab1697b007452682a77fc9dd9dd4490f887a914d2beb140d005fab2ed8c16682343be8d70eb5ea22b6e9300b846a00b22c5914943ddc5f166eb72b38426f5c5059fb36051a74c39fdca05e36eecd5a0084f820c064c7596ca9bf99823ba2961998ea7ed9f92fe266d7f1b1b48e469638dc8595c964a22b62c71deee133f33898c4f08844181bc23d523cc1654f07b8cac6cd4ad483dda01a53f6de6a4a9ffe08a5e63dd1f4510889aa069ffb4920bcf16f0a041ddc70863e29aa1a74f819d38e89983a44acb267aa90cc8f8f5214fec53d702a7395cf45b9f54a278e624e77c31bc37e371edebcc48bc9dccdbb4a148910f53224f467e6560a39fb055b1ab5468bf1f42a89e30164ff0f7fd37945a0964a97ed2b03ce275f4e3626478d474fd2875cea8aa597fd119b9c7e5c925df7521d00d3cad95604deea031e032f8fb94449c1fa9fd08bef784017e71daadd30630d00ea16ebd315ef2b1f6926e65dd909c423920e3e4e49608daf2df97512fe0517de3a23b77003e49b5c117b77011ca6f89531f6d5f7024c05a3b29c1988134ba59ef4d3b51651b66c2d324dacff141467df31c7d48c90d9619454b494daabadfb35e428023da636aa3a84c51747479900704dba5975615e15738f69c44a9d29ab163d338cbc56dfcff7f29af3173864afaef43c2e4f74e78f436eaa2cf21acaa1651e1cd7fe1cec3ddebc6fe877e0f09e693133483b8ea07b9fbfaac9647e167724e07b9002624549ed686074a1fe125dbd347c3cba0e85b7352a50270297efab891be0ed8954098a706a92e53cea798d9c09c05ba7c2f130b0454bfb9f3cf1290f404ab98e8e0dedd69cade65df2db79a4b0f25c1256bc6ef5fd06fa2f6d62835670befa525b4abf38dd05bbdb953240ffb648d9a292b9cdcb6895e678b349ff0c296fd2350e710331dcf40c75d96d47dba40f4778b52e56ca63211a0700980d87a0968e2ef83999fa178f572af34397790fdd57e4a37e285cee120cad7f231e953ab25c85d7287c0454c25dfde26119345b564e4ffaa91b915c42a2abe2fe31f9827719ce6ac7de6dadb9492afbbfb0de36126ddf88c7f2dcda068fa56950fba3870ea4ce7ab84a9613b7c49df307aeb1688c2df8adf211d97dba7472673c838730c94b827304cfdfc38c9f9ec6b2b22ac13abea94ee0d3673e26ddf9c5fa6fbfc1fe2741fdcd2a2bb6a066b0e6c8e31e39c92dbbf28d1d6da916f287f33d7266cfb3c08371a4f2953c8b4e4902f4be6de11656f764f7e73d957063b32db23314c9909fde807dbdeccf97259fbcfc0afaabf9fbc2ad4f88eb4e87d13cd9e66d32f190e25c67e14ec0f0497ff411c4bc9f95dee4d88e85e8c6f48ca255300b22d29dc64e5ac83edb39d86613285478b9508b10aa5fd1ddcc2ea06e4b714988000d07106ca00566d64ede0941b6c049de63c15603a9a8cb5c33224293f5d8f6f5940738501415320177a2f14dd73e69c1495ee183052d902bda00d80261c69f1eece4f54984d77ce9047470d2acd716eb77c35f19bf6903473e8aef7eb9696717d1469838db968bbe8fd6279ebeea6364a0f30939b6e2796ce9d67f05e5c75decc399cacc90003c7a85ce1db7f19950faa6e20c6ecf0929d91de6648de639ad7dda4ecfa0aa00ef6852d07aac4d2cbb4f3dd4253762cfb02d0238cb376291e60c4b45648889cf9b25249835e5c417538b1e244da23819d5d74bc7ea79ec56951b2c5e903140234ebdc6cbaf683788710bd81b7769e114960a43cfbedfc7725484e3c05e46b8d0d50fa923ade324de9063a51d4f8822ce5c303970f911424fcdd07ef94f84fbe342c674c3796c8739707004725f1df3923d8ff089ae9fcdfa5dfffcfbba665b2da994809c5dd5e5c3e0d37a423244432df20e4646161cb4aa09106deedd2e84874870f5f7d31a797919464ee4b377c0a28968999666cc070ee507ecae97d8b46f2d0f80a19a1df9ed750f5550c7c379821215f83f42901e2e1cd82b702e8ee2d4d8089da985025498ebd83f140d79ee8bd356a778ae7472489b7b113bfc67352ff9dce3a39e7c1d2b74044614731f7a16ec09ce3b8bbcd80189ba5bd2e5d114dd0c6b13d615347be01503fc43b48796370a8c53372f6396eabb85d569bb55e95ed183dadaf55e9cc47d4e2fdcbb21f30759c05e30f4e9bd0b4bc35536ffacf0031c1c2183efee22070b6d665dde271381cc08bb0165ce9c925b420ecbc1bae6316d7767569dd7f346b4ae8a0ca51a3839fad834eee7cf1e6dc4eedb8baed249aa0341ec5088ccdcfd896cd1c4f187d750e37b93378ac9f2706eae4d8734c88df3a3000b8ae43d0a70d02f65cd319d06449a070f58a3fce4990c61f44b994b9af66c168a6811ee67351a949c8a89eef8e51c17928d273e6bbbb0bc1ed74ce810794a632cce166c5ed6ad3b6e1b75b249ae9be3b363a984437b18379e11e10320b79171d7ecf27d5629fc309d6740b5da3db729517764fb6d295eef51cce35f8785a05c5ccde47c8f513af95afaa01d259a8cd4bba51158ef82d0c894946445f08f2c7e599316b90110966ae7a3d938c5c6db67e30bfddb45b72237ccf78e1e4b613e92d46b699d570d9d345e8634a3ce7d3cb0472635644a48ca976ee9535eeb0d48a3fbe1d20cadafd16a0b2a14d0a1a5da3cb1e661ca1baace07662149ed6a1917573e0ca4110262e17321ada5275acb82938aba2ab138676fcc2a20348dcbb0d81ba46d2e89c0c46c86a32790dd788d04b35da085c6997046878279b90e754056120e66a7a1b78501ffa0d24f0c8a99e1e3f9939a1d7b44dd99ea06f3292176bd1b844e80a271b88b6e8865d45b8632cd89b1197c11ac730227a0cbf62289b34654d2d67ab89459029d035e45d1ea5bdc47d50a4156c52acd4c345661d54c1f776f785a212f83648617dd07b4df5bdd98fbb9e450eebb8acaf13ccd74ee15d131ee3df94079bc5aba1f7b817e255655ed92c904ceff881393729d19dc1e01a000168b3c84d128c797fa742a0a466544cea6d4f0cb8f17f97327a00bd704d4bdc2fcc0a0d484d22618356544495c6e3622d258a4db41a45da5f03ee3678b59c742eaea27911ef8ec16fad9d03b6dc6c5880d0a8c3c4df684b2481152f9da877bcff103e66d62c423dd184c7401905e58bce949992f9a1226344f86d59adc002d9aec6eddd0a58e4b7343671ca4fa6dbc7dcd74284a643b7d1a7fb921b16f51f24957f2c308e447c6079eb22ab9ee08a5cad8e2fa15e673451520744f47554b35be0916eb77a02c72663c67a909aa83e7032bd221de64ab9b9c2428be0ad496ed4f6fe7ab62a618b7bb67597c824f2bccfa8366a1f5ada31b490ceb5fe006abf6b2495fae805d51c20cee6c3e3601b98d74bcbc9d947353f9902b8ed96ffbd592c2273aeaa9cca0ad635bca79439ccaaf25a508bd7c193cf45ee52cf36294bdadc9f73dc241324f429204767286360996788910208cdc66c28484e42c2f267b0e6983eedd98eafdc8efbe7325239b8061b880d865b1880d932b433995616ca975b0faf6eeab31fdf39956fc2bfcf4a782c124a6998f080dfd179e639ca96faa45d8223aa2b10a28a804bea64afe29fd56a5a7f77789a2548d4e89186b382e2f5eb8d93f899ccc6c7544b6f2c45cd1ef2c18b89cb009f2e40a0c51435bd22b214103877952c4501d3609248afd1990076377008864bd0e191adf5b334f9f0c037221cd59e15a8906a5b84c6b3031cb61873e8754a10445881f0e4045ce14832131fdec17decd18d8da116d3242b9cbd86e8e7b0c8ad964576a9f9f283f67586efc9e639e48373974f613da66ab19b8eaaa3f93fb0bc2c945e3b4301e529188d60aac03c694f1b4a3fdbcf8aeef73946a49b53d73ba6cafe370ef8fc94a2af859425e7921ade983af25c9908883f2cfa2cb47099fd12f508fa3e3d73964b756bcea6dab4c38b787f523f8f16f9f096f353252e2ae77efa88fdbf01510a02485a5cc48a98d64da4ec531a69afd19fb9687ec4702736e24aef3a1c4cb8b8da05dff891987956c55973e574d736ee75540e79f0e77b0c4b600ce38b6c3453b6c6b8351ba69c3914804d521b99185ec3ea7b2cd4b03c76ec8cdcf1cc52d9cb2857c0120905473cc4131b8ef5b76ea4e79976b245ccf0ef64278b374ff392c3d1750b827dd76276e30f11c12d2f81cab8e9325697f050593f5da54bd03ff3947b1c4af9cf49f417b69148c52d1216e54534a164bc669a15a0845ae33284bd21dea49272d70ef281d860c5d47cbb9090ce7f4a87ee766379ec725780e0af584ea17af7d6cc285cbe0047f9222a7594ac09ac0ec35747dcbd8151e4979a7dc1d9ec5", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="9eb641bf4661ec717e9a633b343ba4e75e4c210e3fede7e1f075df305f85a50c38e73df01fa021a28cf8c1f7888248e0c1aec0202475629556f6b11018570086c0c1491a62cfdfa8d2f65c0d44656ac229f8b2e14d349c9223aad1fdbe1b6e056aa78a8d643b344213d3b8f1f98475a919d82d057dbf263bc4409ed1bd7a") (rerun: 64)
sched_rr_get_interval(r1, &(0x7f0000001200)) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfdfff000}, 0x8)

06:33:37 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x8a, 0x100000001, 0x6, 0x7, 0x7, 0x9, 0x1f, 0x6}, &(0x7f0000000080)={0x5, 0x2cc, 0x7, 0x8, 0x9, 0x0, 0xd41, 0xffffffffffffffff}, &(0x7f0000000200)={0xc65, 0x0, 0x2, 0x2bd7, 0x0, 0x401, 0xfffffffffffffffc, 0x8}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x1000]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$VHOST_VDPA_GET_VQS_COUNT(0xffffffffffffffff, 0x8004af80, &(0x7f0000000300))
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
clock_gettime(0x6, &(0x7f0000000340))
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000000)='posixacl\x00', 0x0, 0x0)

06:33:37 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfdfff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfdfff000}, 0x8) (async)

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfdfff000}, 0x8)

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = accept4$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r2, 0x0, 0x2d, &(0x7f0000000180)={0x3ff, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f00000000c0)={@hyper})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, 0x0, 0x0)

[ 1140.035719][T30310] FAULT_INJECTION: forcing a failure.
[ 1140.035719][T30310] name failslab, interval 1, probability 0, space 0, times 0
[ 1140.038863][T30260] cgroup: fork rejected by pids controller in /syz0
[ 1140.051328][T30310] CPU: 0 PID: 30310 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1140.064979][T30310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1140.074872][T30310] Call Trace:
[ 1140.078112][T30310]  <TASK>
[ 1140.080881][T30310]  dump_stack_lvl+0x151/0x1b7
[ 1140.085399][T30310]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1140.090687][T30310]  ? do_syscall_64+0x44/0xd0
[ 1140.095116][T30310]  dump_stack+0x15/0x17
[ 1140.099107][T30310]  should_fail+0x3c0/0x510
[ 1140.103367][T30310]  __should_failslab+0x9f/0xe0
[ 1140.107969][T30310]  should_failslab+0x9/0x20
[ 1140.112300][T30310]  kmem_cache_alloc+0x4f/0x2f0
[ 1140.116900][T30310]  ? anon_vma_clone+0xa1/0x4f0
[ 1140.121502][T30310]  anon_vma_clone+0xa1/0x4f0
[ 1140.125926][T30310]  anon_vma_fork+0x91/0x4f0
[ 1140.130264][T30310]  ? anon_vma_name+0x4c/0x70
[ 1140.134695][T30310]  dup_mmap+0x750/0xea0
[ 1140.138692][T30310]  ? __delayed_free_task+0x20/0x20
[ 1140.143633][T30310]  ? mm_init+0x807/0x960
[ 1140.147883][T30310]  dup_mm+0x91/0x330
[ 1140.151622][T30310]  copy_mm+0x108/0x1b0
[ 1140.155524][T30310]  copy_process+0x1295/0x3250
[ 1140.160037][T30310]  ? proc_fail_nth_write+0x213/0x290
[ 1140.165155][T30310]  ? proc_fail_nth_read+0x220/0x220
[ 1140.170188][T30310]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1140.175137][T30310]  ? vfs_write+0x9af/0x1050
[ 1140.179563][T30310]  ? vmacache_update+0xb7/0x120
[ 1140.184427][T30310]  kernel_clone+0x22d/0x990
[ 1140.188762][T30310]  ? file_end_write+0x1b0/0x1b0
[ 1140.193448][T30310]  ? __kasan_check_write+0x14/0x20
[ 1140.198396][T30310]  ? create_io_thread+0x1e0/0x1e0
[ 1140.203251][T30310]  ? __mutex_lock_slowpath+0x10/0x10
[ 1140.208373][T30310]  __x64_sys_clone+0x289/0x310
[ 1140.212972][T30310]  ? __do_sys_vfork+0x130/0x130
[ 1140.217669][T30310]  ? debug_smp_processor_id+0x17/0x20
[ 1140.222868][T30310]  do_syscall_64+0x44/0xd0
[ 1140.227242][T30310]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1140.232968][T30310] RIP: 0033:0x7f263a8c35a9
[ 1140.237220][T30310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1140.256664][T30310] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1140.264909][T30310] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1140.272717][T30310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
06:33:37 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80) (async, rerun: 64)
r2 = accept4$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10, 0x0) (rerun: 64)
setsockopt$inet_MCAST_LEAVE_GROUP(r2, 0x0, 0x2d, &(0x7f0000000180)={0x3ff, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88) (async)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f00000000c0)={@hyper})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

[ 1140.280538][T30310] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1140.288338][T30310] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1140.296588][T30310] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1140.304401][T30310]  </TASK>
[ 1140.326974][T30357] FAULT_INJECTION: forcing a failure.
[ 1140.326974][T30357] name failslab, interval 1, probability 0, space 0, times 0
[ 1140.343462][T30357] CPU: 0 PID: 30357 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1140.353542][T30357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1140.363440][T30357] Call Trace:
[ 1140.366563][T30357]  <TASK>
[ 1140.369426][T30357]  dump_stack_lvl+0x151/0x1b7
[ 1140.373942][T30357]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1140.379405][T30357]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1140.385652][T30357]  dump_stack+0x15/0x17
[ 1140.389730][T30357]  should_fail+0x3c0/0x510
[ 1140.393992][T30357]  __should_failslab+0x9f/0xe0
[ 1140.398580][T30357]  should_failslab+0x9/0x20
[ 1140.403104][T30357]  kmem_cache_alloc+0x4f/0x2f0
[ 1140.407781][T30357]  ? anon_vma_fork+0xf7/0x4f0
[ 1140.412499][T30357]  anon_vma_fork+0xf7/0x4f0
[ 1140.416839][T30357]  ? anon_vma_name+0x4c/0x70
[ 1140.421366][T30357]  dup_mmap+0x750/0xea0
[ 1140.425359][T30357]  ? __delayed_free_task+0x20/0x20
[ 1140.430426][T30357]  ? mm_init+0x807/0x960
[ 1140.434509][T30357]  dup_mm+0x91/0x330
[ 1140.438238][T30357]  copy_mm+0x108/0x1b0
[ 1140.442145][T30357]  copy_process+0x1295/0x3250
[ 1140.446659][T30357]  ? proc_fail_nth_write+0x213/0x290
[ 1140.451775][T30357]  ? proc_fail_nth_read+0x220/0x220
[ 1140.456819][T30357]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1140.461757][T30357]  ? vfs_write+0x9af/0x1050
[ 1140.466095][T30357]  ? vmacache_update+0xb7/0x120
[ 1140.470937][T30357]  kernel_clone+0x22d/0x990
[ 1140.475254][T30357]  ? file_end_write+0x1b0/0x1b0
[ 1140.479940][T30357]  ? __kasan_check_write+0x14/0x20
[ 1140.484891][T30357]  ? create_io_thread+0x1e0/0x1e0
[ 1140.489753][T30357]  ? __mutex_lock_slowpath+0x10/0x10
[ 1140.494899][T30357]  __x64_sys_clone+0x289/0x310
[ 1140.499639][T30357]  ? __do_sys_vfork+0x130/0x130
[ 1140.504323][T30357]  ? debug_smp_processor_id+0x17/0x20
[ 1140.509530][T30357]  do_syscall_64+0x44/0xd0
[ 1140.513784][T30357]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1140.519512][T30357] RIP: 0033:0x7f263a8c35a9
[ 1140.523766][T30357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1140.543210][T30357] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1140.551454][T30357] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1140.559261][T30357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1140.567073][T30357] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1140.574969][T30357] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1140.582789][T30357] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1140.590599][T30357]  </TASK>
06:33:37 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x7fffffffffffffff, 0x3ff, 0x90f5, 0x1f, 0x0, 0x2, 0x1ff, 0x3}, &(0x7f0000000040)={0x2b, 0x1, 0x20, 0x8001, 0x6, 0x0, 0x1, 0x10001}, &(0x7f0000000080)={0x8, 0x0, 0x5, 0x3, 0xa9ba, 0xffffffffffffffff, 0xffffffffffffffff, 0xdbf}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x3ff]}, 0x8})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000280)={0x2020}, 0x2020)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, 0x0, 0x0)

06:33:37 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:37 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x8a, 0x100000001, 0x6, 0x7, 0x7, 0x9, 0x1f, 0x6}, &(0x7f0000000080)={0x5, 0x2cc, 0x7, 0x8, 0x9, 0x0, 0xd41, 0xffffffffffffffff}, &(0x7f0000000200)={0xc65, 0x0, 0x2, 0x2bd7, 0x0, 0x401, 0xfffffffffffffffc, 0x8}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x1000]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$VHOST_VDPA_GET_VQS_COUNT(0xffffffffffffffff, 0x8004af80, &(0x7f0000000300))
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
clock_gettime(0x6, &(0x7f0000000340))
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000000)='posixacl\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x40, &(0x7f0000000040)={0x8a, 0x100000001, 0x6, 0x7, 0x7, 0x9, 0x1f, 0x6}, &(0x7f0000000080)={0x5, 0x2cc, 0x7, 0x8, 0x9, 0x0, 0xd41, 0xffffffffffffffff}, &(0x7f0000000200)={0xc65, 0x0, 0x2, 0x2bd7, 0x0, 0x401, 0xfffffffffffffffc, 0x8}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x1000]}, 0x8}) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
ioctl$VHOST_VDPA_GET_VQS_COUNT(0xffffffffffffffff, 0x8004af80, &(0x7f0000000300)) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
clock_gettime(0x6, &(0x7f0000000340)) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000000)='posixacl\x00', 0x0, 0x0) (async)

06:33:37 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80) (async)
r2 = accept4$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r2, 0x0, 0x2d, &(0x7f0000000180)={0x3ff, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f00000000c0)={@hyper}) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:33:37 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

06:33:37 executing program 2:
syz_open_pts(0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x800}, 0x8)

06:33:37 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, 0x0, 0x0)

[ 1140.757514][T30371] FAULT_INJECTION: forcing a failure.
[ 1140.757514][T30371] name failslab, interval 1, probability 0, space 0, times 0
[ 1140.771221][T30371] CPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1140.781290][T30371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1140.791191][T30371] Call Trace:
[ 1140.794308][T30371]  <TASK>
[ 1140.797192][T30371]  dump_stack_lvl+0x151/0x1b7
[ 1140.801820][T30371]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1140.807120][T30371]  dump_stack+0x15/0x17
[ 1140.811192][T30371]  should_fail+0x3c0/0x510
[ 1140.815449][T30371]  __should_failslab+0x9f/0xe0
[ 1140.820048][T30371]  should_failslab+0x9/0x20
[ 1140.824380][T30371]  kmem_cache_alloc+0x4f/0x2f0
[ 1140.828989][T30371]  ? anon_vma_fork+0x1b9/0x4f0
[ 1140.833585][T30371]  anon_vma_fork+0x1b9/0x4f0
[ 1140.838010][T30371]  dup_mmap+0x750/0xea0
[ 1140.842001][T30371]  ? __delayed_free_task+0x20/0x20
[ 1140.846948][T30371]  ? mm_init+0x807/0x960
[ 1140.851032][T30371]  dup_mm+0x91/0x330
[ 1140.854772][T30371]  copy_mm+0x108/0x1b0
[ 1140.858666][T30371]  copy_process+0x1295/0x3250
[ 1140.863178][T30371]  ? proc_fail_nth_write+0x213/0x290
[ 1140.868306][T30371]  ? proc_fail_nth_read+0x220/0x220
[ 1140.873337][T30371]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1140.878282][T30371]  ? vfs_write+0x9af/0x1050
[ 1140.882619][T30371]  ? vmacache_update+0xb7/0x120
[ 1140.887397][T30371]  kernel_clone+0x22d/0x990
[ 1140.891738][T30371]  ? file_end_write+0x1b0/0x1b0
[ 1140.896419][T30371]  ? __kasan_check_write+0x14/0x20
[ 1140.901471][T30371]  ? create_io_thread+0x1e0/0x1e0
[ 1140.906333][T30371]  ? __mutex_lock_slowpath+0x10/0x10
[ 1140.911460][T30371]  __x64_sys_clone+0x289/0x310
[ 1140.916048][T30371]  ? __do_sys_vfork+0x130/0x130
[ 1140.920825][T30371]  ? debug_smp_processor_id+0x17/0x20
[ 1140.926030][T30371]  do_syscall_64+0x44/0xd0
[ 1140.930281][T30371]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1140.936019][T30371] RIP: 0033:0x7f263a8c35a9
[ 1140.940263][T30371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1140.959707][T30371] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1140.967949][T30371] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1140.975770][T30371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1140.983570][T30371] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1140.991384][T30371] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1140.999195][T30371] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
06:33:38 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040), 0x8)

06:33:38 executing program 2:
syz_open_pts(0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x800}, 0x8)
syz_open_pts(0xffffffffffffffff, 0x0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x800}, 0x8) (async)

06:33:38 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
pselect6(0x40, &(0x7f0000000040)={0x8a, 0x100000001, 0x6, 0x7, 0x7, 0x9, 0x1f, 0x6}, &(0x7f0000000080)={0x5, 0x2cc, 0x7, 0x8, 0x9, 0x0, 0xd41, 0xffffffffffffffff}, &(0x7f0000000200)={0xc65, 0x0, 0x2, 0x2bd7, 0x0, 0x401, 0xfffffffffffffffc, 0x8}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x1000]}, 0x8})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$VHOST_VDPA_GET_VQS_COUNT(0xffffffffffffffff, 0x8004af80, &(0x7f0000000300)) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
clock_gettime(0x6, &(0x7f0000000340)) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000000)='posixacl\x00', 0x0, 0x0)

06:33:38 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040), 0x8)

[ 1141.007020][T30371]  </TASK>
06:33:38 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x7fffffffffffffff, 0x3ff, 0x90f5, 0x1f, 0x0, 0x2, 0x1ff, 0x3}, &(0x7f0000000040)={0x2b, 0x1, 0x20, 0x8001, 0x6, 0x0, 0x1, 0x10001}, &(0x7f0000000080)={0x8, 0x0, 0x5, 0x3, 0xa9ba, 0xffffffffffffffff, 0xffffffffffffffff, 0xdbf}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x3ff]}, 0x8})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000280)={0x2020}, 0x2020)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x40, &(0x7f0000000000)={0x7fffffffffffffff, 0x3ff, 0x90f5, 0x1f, 0x0, 0x2, 0x1ff, 0x3}, &(0x7f0000000040)={0x2b, 0x1, 0x20, 0x8001, 0x6, 0x0, 0x1, 0x10001}, &(0x7f0000000080)={0x8, 0x0, 0x5, 0x3, 0xa9ba, 0xffffffffffffffff, 0xffffffffffffffff, 0xdbf}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x3ff]}, 0x8}) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
read$FUSE(r1, &(0x7f0000000280)={0x2020}, 0x2020) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

06:33:38 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

06:33:38 executing program 2:
syz_open_pts(0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x800}, 0x8)

06:33:38 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040), 0x8)

06:33:38 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x4, &(0x7f0000000000))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r1, 0x8004af80, &(0x7f0000000040))

06:33:38 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:38 executing program 4:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1141.597027][T30403] FAULT_INJECTION: forcing a failure.
[ 1141.597027][T30403] name failslab, interval 1, probability 0, space 0, times 0
[ 1141.612717][T30403] CPU: 1 PID: 30403 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1141.622877][T30403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1141.632772][T30403] Call Trace:
[ 1141.635892][T30403]  <TASK>
[ 1141.638672][T30403]  dump_stack_lvl+0x151/0x1b7
06:33:38 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
pselect6(0x40, &(0x7f0000000000)={0x7fffffffffffffff, 0x3ff, 0x90f5, 0x1f, 0x0, 0x2, 0x1ff, 0x3}, &(0x7f0000000040)={0x2b, 0x1, 0x20, 0x8001, 0x6, 0x0, 0x1, 0x10001}, &(0x7f0000000080)={0x8, 0x0, 0x5, 0x3, 0xa9ba, 0xffffffffffffffff, 0xffffffffffffffff, 0xdbf}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x3ff]}, 0x8}) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
read$FUSE(r1, &(0x7f0000000280)={0x2020}, 0x2020) (async)
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})

06:33:38 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0xfffffffffffffff7]}, 0x8})
socket$bt_hidp(0x1f, 0x3, 0x6)
clock_gettime(0x5, &(0x7f0000000000))

[ 1141.643183][T30403]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1141.648479][T30403]  dump_stack+0x15/0x17
[ 1141.652467][T30403]  should_fail+0x3c0/0x510
[ 1141.656731][T30403]  __should_failslab+0x9f/0xe0
[ 1141.661331][T30403]  should_failslab+0x9/0x20
[ 1141.665665][T30403]  kmem_cache_alloc+0x4f/0x2f0
[ 1141.670281][T30403]  ? vm_area_dup+0x26/0x1d0
[ 1141.674615][T30403]  ? __kasan_check_read+0x11/0x20
[ 1141.679495][T30403]  vm_area_dup+0x26/0x1d0
[ 1141.683631][T30403]  dup_mmap+0x6b8/0xea0
[ 1141.687620][T30403]  ? __delayed_free_task+0x20/0x20
[ 1141.692569][T30403]  ? mm_init+0x807/0x960
[ 1141.696648][T30403]  dup_mm+0x91/0x330
[ 1141.700380][T30403]  copy_mm+0x108/0x1b0
[ 1141.704289][T30403]  copy_process+0x1295/0x3250
[ 1141.708799][T30403]  ? proc_fail_nth_write+0x213/0x290
[ 1141.713918][T30403]  ? proc_fail_nth_read+0x220/0x220
[ 1141.718955][T30403]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1141.723992][T30403]  ? vfs_write+0x9af/0x1050
[ 1141.728334][T30403]  ? vmacache_update+0xb7/0x120
[ 1141.733015][T30403]  kernel_clone+0x22d/0x990
[ 1141.737356][T30403]  ? file_end_write+0x1b0/0x1b0
[ 1141.742055][T30403]  ? __kasan_check_write+0x14/0x20
[ 1141.746986][T30403]  ? create_io_thread+0x1e0/0x1e0
[ 1141.751850][T30403]  ? __mutex_lock_slowpath+0x10/0x10
[ 1141.756971][T30403]  __x64_sys_clone+0x289/0x310
[ 1141.761569][T30403]  ? __do_sys_vfork+0x130/0x130
[ 1141.766256][T30403]  ? debug_smp_processor_id+0x17/0x20
[ 1141.771462][T30403]  do_syscall_64+0x44/0xd0
[ 1141.775718][T30403]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1141.781443][T30403] RIP: 0033:0x7f263a8c35a9
[ 1141.785782][T30403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1141.805248][T30403] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1141.813469][T30403] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1141.821278][T30403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1141.829093][T30403] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1141.836909][T30403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:39 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)

06:33:39 executing program 2:
r0 = fsmount(0xffffffffffffffff, 0x0, 0x70)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x80007, <r1=>0x0}, 0x6)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0x4)

06:33:39 executing program 2:
r0 = fsmount(0xffffffffffffffff, 0x0, 0x70)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x80007, <r1=>0x0}, 0x6)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0x4)

[ 1141.844710][T30403] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1141.852525][T30403]  </TASK>
[ 1141.870997][T30430] FAULT_INJECTION: forcing a failure.
[ 1141.870997][T30430] name failslab, interval 1, probability 0, space 0, times 0
[ 1141.883606][T30430] CPU: 1 PID: 30430 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
06:33:39 executing program 2:
r0 = fsmount(0xffffffffffffffff, 0x0, 0x70)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x80007, <r1=>0x0}, 0x6)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0x4)
fsmount(0xffffffffffffffff, 0x0, 0x70) (async)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x80007}, 0x6) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0x4) (async)

06:33:39 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/intel_idle', 0x880, 0x82)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1)

[ 1141.893753][T30430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1141.903652][T30430] Call Trace:
[ 1141.906782][T30430]  <TASK>
[ 1141.909551][T30430]  dump_stack_lvl+0x151/0x1b7
[ 1141.914061][T30430]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1141.919359][T30430]  dump_stack+0x15/0x17
[ 1141.923357][T30430]  should_fail+0x3c0/0x510
[ 1141.927632][T30430]  __should_failslab+0x9f/0xe0
[ 1141.932199][T30430]  should_failslab+0x9/0x20
[ 1141.936537][T30430]  kmem_cache_alloc+0x4f/0x2f0
[ 1141.941136][T30430]  ? anon_vma_clone+0xa1/0x4f0
06:33:39 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/intel_idle', 0x880, 0x82)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/intel_idle', 0x880, 0x82) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1) (async)

06:33:39 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/intel_idle', 0x880, 0x82)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/intel_idle', 0x880, 0x82) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1) (async)

[ 1141.945741][T30430]  anon_vma_clone+0xa1/0x4f0
[ 1141.950166][T30430]  anon_vma_fork+0x91/0x4f0
[ 1141.954508][T30430]  ? anon_vma_name+0x4c/0x70
[ 1141.958941][T30430]  dup_mmap+0x750/0xea0
[ 1141.963019][T30430]  ? __delayed_free_task+0x20/0x20
[ 1141.967960][T30430]  ? mm_init+0x807/0x960
[ 1141.972125][T30430]  dup_mm+0x91/0x330
[ 1141.975862][T30430]  copy_mm+0x108/0x1b0
[ 1141.979758][T30430]  copy_process+0x1295/0x3250
[ 1141.984278][T30430]  ? proc_fail_nth_write+0x213/0x290
[ 1141.989484][T30430]  ? proc_fail_nth_read+0x220/0x220
[ 1141.994518][T30430]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1141.999467][T30430]  ? vfs_write+0x9af/0x1050
[ 1142.003800][T30430]  ? vmacache_update+0xb7/0x120
[ 1142.008582][T30430]  kernel_clone+0x22d/0x990
[ 1142.012915][T30430]  ? file_end_write+0x1b0/0x1b0
[ 1142.017604][T30430]  ? __kasan_check_write+0x14/0x20
[ 1142.022556][T30430]  ? create_io_thread+0x1e0/0x1e0
[ 1142.027412][T30430]  ? __mutex_lock_slowpath+0x10/0x10
[ 1142.032532][T30430]  __x64_sys_clone+0x289/0x310
[ 1142.037133][T30430]  ? __do_sys_vfork+0x130/0x130
[ 1142.041817][T30430]  ? debug_smp_processor_id+0x17/0x20
[ 1142.047025][T30430]  do_syscall_64+0x44/0xd0
[ 1142.051284][T30430]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1142.057007][T30430] RIP: 0033:0x7f263a8c35a9
[ 1142.061265][T30430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1142.080789][T30430] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1142.089033][T30430] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1142.096848][T30430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1142.104650][T30430] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1142.112594][T30430] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1142.120408][T30430] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1142.128215][T30430]  </TASK>
06:33:39 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x4, &(0x7f0000000000)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r1, 0x8004af80, &(0x7f0000000040))

06:33:39 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:39 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000ffdbdf25050000000c0003000400000000000000654f5d93d0ef08004100000000000c00040003000000000000000c0006000200000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x54)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b80)={0x18, 0x6, &(0x7f0000000400)=ANY=[@ANYBLOB="180800000000eb0000000000002b84baac711915f52e25221317f4033e51050000000000", @ANYRES16=r1, @ANYBLOB="00000000000000009500000000000000", @ANYRES8=r0, @ANYRESHEX=r0, @ANYBLOB="13e2c246b92707ec8392e27b56d78d7b42a043f6707d357c8d2530e753841afae637badc763e9add808631bcb2154dad496085920cc4dfc03726eb97982db1a2a10b5d62f2b63ad61dcd0df8911200d6faca"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x100000001}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, '-(+.,\\'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x74}, 0x1, 0x0, 0x0, 0xc001}, 0x40000)

06:33:39 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0xfffffffffffffff7]}, 0x8})
socket$bt_hidp(0x1f, 0x3, 0x6)
clock_gettime(0x5, &(0x7f0000000000))
clock_gettime(0x5, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0xfffffffffffffff7]}, 0x8}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
clock_gettime(0x5, &(0x7f0000000000)) (async)

06:33:39 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:39 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000ffdbdf25050000000c0003000400000000000000654f5d93d0ef08004100000000000c00040003000000000000000c0006000200000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x54) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0}) (rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b80)={0x18, 0x6, &(0x7f0000000400)=ANY=[@ANYBLOB="180800000000eb0000000000002b84baac711915f52e25221317f4033e51050000000000", @ANYRES16=r1, @ANYBLOB="00000000000000009500000000000000", @ANYRES8=r0, @ANYRESHEX=r0, @ANYBLOB="13e2c246b92707ec8392e27b56d78d7b42a043f6707d357c8d2530e753841afae637badc763e9add808631bcb2154dad496085920cc4dfc03726eb97982db1a2a10b5d62f2b63ad61dcd0df8911200d6faca"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 64)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8) (rerun: 64)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) (async)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x100000001}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, '-(+.,\\'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x74}, 0x1, 0x0, 0x0, 0xc001}, 0x40000)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, 0x0, 0x0)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, 0x0, 0x0)

06:33:39 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, 0x0, 0x0)

[ 1142.471262][T30471] FAULT_INJECTION: forcing a failure.
[ 1142.471262][T30471] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.484170][T30471] CPU: 0 PID: 30471 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1142.494236][T30471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1142.504132][T30471] Call Trace:
[ 1142.507256][T30471]  <TASK>
[ 1142.510031][T30471]  dump_stack_lvl+0x151/0x1b7
[ 1142.514548][T30471]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1142.519845][T30471]  dump_stack+0x15/0x17
[ 1142.523917][T30471]  should_fail+0x3c0/0x510
[ 1142.528178][T30471]  __should_failslab+0x9f/0xe0
[ 1142.532780][T30471]  should_failslab+0x9/0x20
[ 1142.537106][T30471]  kmem_cache_alloc+0x4f/0x2f0
[ 1142.541704][T30471]  ? anon_vma_clone+0xa1/0x4f0
[ 1142.546308][T30471]  anon_vma_clone+0xa1/0x4f0
[ 1142.550736][T30471]  anon_vma_fork+0x91/0x4f0
[ 1142.555073][T30471]  ? anon_vma_name+0x4c/0x70
[ 1142.559501][T30471]  dup_mmap+0x750/0xea0
[ 1142.563691][T30471]  ? __delayed_free_task+0x20/0x20
[ 1142.568641][T30471]  ? mm_init+0x807/0x960
[ 1142.572817][T30471]  dup_mm+0x91/0x330
[ 1142.576544][T30471]  copy_mm+0x108/0x1b0
[ 1142.580448][T30471]  copy_process+0x1295/0x3250
[ 1142.585063][T30471]  ? proc_fail_nth_write+0x213/0x290
[ 1142.590172][T30471]  ? proc_fail_nth_read+0x220/0x220
[ 1142.595205][T30471]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1142.600164][T30471]  ? vfs_write+0x9af/0x1050
[ 1142.604494][T30471]  ? vmacache_update+0xb7/0x120
[ 1142.609182][T30471]  kernel_clone+0x22d/0x990
[ 1142.613538][T30471]  ? file_end_write+0x1b0/0x1b0
[ 1142.618342][T30471]  ? __kasan_check_write+0x14/0x20
[ 1142.623375][T30471]  ? create_io_thread+0x1e0/0x1e0
[ 1142.628234][T30471]  ? __mutex_lock_slowpath+0x10/0x10
[ 1142.633354][T30471]  __x64_sys_clone+0x289/0x310
[ 1142.638039][T30471]  ? __do_sys_vfork+0x130/0x130
[ 1142.642734][T30471]  ? debug_smp_processor_id+0x17/0x20
[ 1142.647935][T30471]  do_syscall_64+0x44/0xd0
[ 1142.652187][T30471]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1142.657915][T30471] RIP: 0033:0x7f263a8c35a9
[ 1142.662169][T30471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1142.681615][T30471] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1142.689856][T30471] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1142.697753][T30471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1142.705565][T30471] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1142.713396][T30471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1142.721189][T30471] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1142.729010][T30471]  </TASK>
06:33:40 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async, rerun: 32)
clock_gettime(0x4, &(0x7f0000000000)) (rerun: 32)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async, rerun: 32)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (rerun: 32)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r1, 0x8004af80, &(0x7f0000000040))

06:33:40 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:40 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040), 0x8)

06:33:40 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000ffdbdf25050000000c0003000400000000000000654f5d93d0ef08004100000000000c00040003000000000000000c0006000200000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x54)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b80)={0x18, 0x6, &(0x7f0000000400)=ANY=[@ANYBLOB="180800000000eb0000000000002b84baac711915f52e25221317f4033e51050000000000", @ANYRES16=r1, @ANYBLOB="00000000000000009500000000000000", @ANYRES8=r0, @ANYRESHEX=r0, @ANYBLOB="13e2c246b92707ec8392e27b56d78d7b42a043f6707d357c8d2530e753841afae637badc763e9add808631bcb2154dad496085920cc4dfc03726eb97982db1a2a10b5d62f2b63ad61dcd0df8911200d6faca"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x100000001}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, '-(+.,\\'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x74}, 0x1, 0x0, 0x0, 0xc001}, 0x40000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000ffdbdf25050000000c0003000400000000000000654f5d93d0ef08004100000000000c00040003000000000000000c0006000200000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x54) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b80)={0x18, 0x6, &(0x7f0000000400)=ANY=[@ANYBLOB="180800000000eb0000000000002b84baac711915f52e25221317f4033e51050000000000", @ANYRES16=r1, @ANYBLOB="00000000000000009500000000000000", @ANYRES8=r0, @ANYRESHEX=r0, @ANYBLOB="13e2c246b92707ec8392e27b56d78d7b42a043f6707d357c8d2530e753841afae637badc763e9add808631bcb2154dad496085920cc4dfc03726eb97982db1a2a10b5d62f2b63ad61dcd0df8911200d6faca"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xfffff000}, 0x8) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) (async)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'vcan0\x00'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x100000001}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, '-(+.,\\'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x74}, 0x1, 0x0, 0x0, 0xc001}, 0x40000) (async)

06:33:40 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040), 0x8)

06:33:40 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x0, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:40 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)

06:33:40 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x5, &(0x7f0000000140))
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
sched_rr_get_interval(r2, &(0x7f00000000c0))
clock_gettime(0x6, &(0x7f0000000000))

06:33:40 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)

06:33:40 executing program 0:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0xfffffffffffffff7]}, 0x8})
socket$bt_hidp(0x1f, 0x3, 0x6)
clock_gettime(0x5, &(0x7f0000000000))
clock_gettime(0x5, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f0000000040)={&(0x7f0000000180)={[0xfffffffffffffff7]}, 0x8}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
clock_gettime(0x5, &(0x7f0000000000)) (async)

06:33:40 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040), 0x8)

06:33:40 executing program 4:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0), 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1143.307547][T30508] FAULT_INJECTION: forcing a failure.
[ 1143.307547][T30508] name failslab, interval 1, probability 0, space 0, times 0
[ 1143.327263][T30508] CPU: 1 PID: 30508 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1143.337341][T30508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1143.347238][T30508] Call Trace:
[ 1143.350358][T30508]  <TASK>
[ 1143.353148][T30508]  dump_stack_lvl+0x151/0x1b7
[ 1143.357763][T30508]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1143.363174][T30508]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1143.369437][T30508]  dump_stack+0x15/0x17
[ 1143.373416][T30508]  should_fail+0x3c0/0x510
[ 1143.377673][T30508]  __should_failslab+0x9f/0xe0
[ 1143.382268][T30508]  should_failslab+0x9/0x20
[ 1143.386607][T30508]  kmem_cache_alloc+0x4f/0x2f0
[ 1143.391205][T30508]  ? anon_vma_fork+0xf7/0x4f0
[ 1143.395725][T30508]  anon_vma_fork+0xf7/0x4f0
[ 1143.400059][T30508]  ? anon_vma_name+0x4c/0x70
[ 1143.404484][T30508]  dup_mmap+0x750/0xea0
[ 1143.408478][T30508]  ? __delayed_free_task+0x20/0x20
[ 1143.413424][T30508]  ? mm_init+0x807/0x960
[ 1143.417512][T30508]  dup_mm+0x91/0x330
[ 1143.421232][T30508]  copy_mm+0x108/0x1b0
[ 1143.425142][T30508]  copy_process+0x1295/0x3250
[ 1143.429653][T30508]  ? proc_fail_nth_write+0x213/0x290
[ 1143.434777][T30508]  ? proc_fail_nth_read+0x220/0x220
[ 1143.439806][T30508]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1143.444754][T30508]  ? vfs_write+0x9af/0x1050
[ 1143.449094][T30508]  ? vmacache_update+0xb7/0x120
[ 1143.453786][T30508]  kernel_clone+0x22d/0x990
[ 1143.458129][T30508]  ? file_end_write+0x1b0/0x1b0
[ 1143.462894][T30508]  ? __kasan_check_write+0x14/0x20
[ 1143.467842][T30508]  ? create_io_thread+0x1e0/0x1e0
[ 1143.472704][T30508]  ? __mutex_lock_slowpath+0x10/0x10
[ 1143.477822][T30508]  __x64_sys_clone+0x289/0x310
[ 1143.482423][T30508]  ? __do_sys_vfork+0x130/0x130
[ 1143.487194][T30508]  ? debug_smp_processor_id+0x17/0x20
[ 1143.492411][T30508]  do_syscall_64+0x44/0xd0
[ 1143.496668][T30508]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1143.502385][T30508] RIP: 0033:0x7f263a8c35a9
[ 1143.506637][T30508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1143.526078][T30508] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1143.534327][T30508] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1143.542147][T30508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1143.549950][T30508] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:33:40 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8) (async)

06:33:40 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)

06:33:40 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0x8)

[ 1143.557753][T30508] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1143.565585][T30508] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1143.573658][T30508]  </TASK>
[ 1143.593420][T30531] FAULT_INJECTION: forcing a failure.
[ 1143.593420][T30531] name failslab, interval 1, probability 0, space 0, times 0
[ 1143.605990][T30531] CPU: 0 PID: 30531 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1143.616758][T30531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1143.626651][T30531] Call Trace:
[ 1143.629769][T30531]  <TASK>
[ 1143.632549][T30531]  dump_stack_lvl+0x151/0x1b7
[ 1143.637202][T30531]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1143.642499][T30531]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1143.648747][T30531]  dump_stack+0x15/0x17
[ 1143.652748][T30531]  should_fail+0x3c0/0x510
[ 1143.656982][T30531]  __should_failslab+0x9f/0xe0
[ 1143.661582][T30531]  should_failslab+0x9/0x20
[ 1143.665921][T30531]  kmem_cache_alloc+0x4f/0x2f0
[ 1143.670530][T30531]  ? anon_vma_fork+0xf7/0x4f0
[ 1143.675040][T30531]  anon_vma_fork+0xf7/0x4f0
[ 1143.679373][T30531]  ? anon_vma_name+0x4c/0x70
[ 1143.683797][T30531]  dup_mmap+0x750/0xea0
[ 1143.687793][T30531]  ? __delayed_free_task+0x20/0x20
[ 1143.692739][T30531]  ? mm_init+0x807/0x960
[ 1143.696820][T30531]  dup_mm+0x91/0x330
[ 1143.700549][T30531]  copy_mm+0x108/0x1b0
[ 1143.704457][T30531]  copy_process+0x1295/0x3250
[ 1143.708971][T30531]  ? proc_fail_nth_write+0x213/0x290
[ 1143.714094][T30531]  ? proc_fail_nth_read+0x220/0x220
[ 1143.719133][T30531]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1143.724082][T30531]  ? vfs_write+0x9af/0x1050
[ 1143.728546][T30531]  ? vmacache_update+0xb7/0x120
[ 1143.733299][T30531]  kernel_clone+0x22d/0x990
[ 1143.737641][T30531]  ? file_end_write+0x1b0/0x1b0
[ 1143.742322][T30531]  ? __kasan_check_write+0x14/0x20
[ 1143.747272][T30531]  ? create_io_thread+0x1e0/0x1e0
[ 1143.752129][T30531]  ? __mutex_lock_slowpath+0x10/0x10
[ 1143.757250][T30531]  __x64_sys_clone+0x289/0x310
[ 1143.761858][T30531]  ? __do_sys_vfork+0x130/0x130
[ 1143.766545][T30531]  ? debug_smp_processor_id+0x17/0x20
[ 1143.771754][T30531]  do_syscall_64+0x44/0xd0
[ 1143.776007][T30531]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1143.781800][T30531] RIP: 0033:0x7f263a8c35a9
[ 1143.785977][T30531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="c9c982688d76fb4bbcb07e4760b53d8a85d3a15710d18edeb3f152a7dde5bf1b282f3c642e317b373114fa3ce9b5f93d041a10370a0b8f8a938d41d786c43f2ad003c7a92868b5b8e60cfed2b7ecc15abffc204622fb478b8a4a5226ec64073716aa5df3a81c8f25e2d21ab896fec2291356a2", 0x73, 0xfffffffffffffff8)

[ 1143.805421][T30531] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1143.813675][T30531] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1143.821476][T30531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1143.829382][T30531] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1143.837197][T30531] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1143.845008][T30531] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1143.852837][T30531]  </TASK>
06:33:41 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x20000008]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0x8, 0x445, 0x7ff, 0x80000001, 0x3, 0x1, 0x8001, 0x7fffffffffffffff}, &(0x7f0000000040)={0x7, 0xffff, 0x0, 0x6, 0x923, 0x9, 0x1, 0xff}, &(0x7f0000000080)={0x7f, 0x0, 0x7, 0x2, 0x8000, 0x4, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1ff]}, 0x8})
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/class/isku', 0x800, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@security={'security\x00', 0xe, 0x4, 0x3e8, 0xffffffff, 0x0, 0x230, 0x230, 0xffffffff, 0xffffffff, 0x350, 0x350, 0x350, 0xffffffff, 0x4, &(0x7f00000002c0), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}, {[0xff000000, 0x7fffffff], 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x6, 0xa, [0x21, 0x33, 0x31, 0x12, 0x11, 0x3, 0x30, 0xd, 0x25, 0x7, 0x9, 0x3a, 0x2d, 0x3f, 0x10, 0x1b], 0x2, 0x80000000, 0x2}}}, {{@ip={@remote, @remote, 0xff000000, 0xff, 'macvtap0\x00', 'erspan0\x00', {}, {0xff}, 0x21, 0x1, 0x5}, 0x0, 0xe8, 0x110, 0x0, {}, [@common=@inet=@set4={{0x50}, {{0x0, 0x3}, {{0x401}, 0x9}, {{0x6}}, 0x7}}, @common=@ttl={{0x28}, {0x3, 0x7}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xf0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x0, 0x2}}, @common=@ah={{0x30}, {[0x200, 0x965]}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x348, 0x8001, 0x4, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:41 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x0, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="c9c982688d76fb4bbcb07e4760b53d8a85d3a15710d18edeb3f152a7dde5bf1b282f3c642e317b373114fa3ce9b5f93d041a10370a0b8f8a938d41d786c43f2ad003c7a92868b5b8e60cfed2b7ecc15abffc204622fb478b8a4a5226ec64073716aa5df3a81c8f25e2d21ab896fec2291356a2", 0x73, 0xfffffffffffffff8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="c9c982688d76fb4bbcb07e4760b53d8a85d3a15710d18edeb3f152a7dde5bf1b282f3c642e317b373114fa3ce9b5f93d041a10370a0b8f8a938d41d786c43f2ad003c7a92868b5b8e60cfed2b7ecc15abffc204622fb478b8a4a5226ec64073716aa5df3a81c8f25e2d21ab896fec2291356a2", 0x73, 0xfffffffffffffff8) (async)

06:33:41 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x5, &(0x7f0000000140))
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
sched_rr_get_interval(r2, &(0x7f00000000c0))
clock_gettime(0x6, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000100)) (async)
clock_gettime(0x0, &(0x7f0000000040)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x5, &(0x7f0000000140)) (async)
getpid() (async)
syz_open_procfs$namespace(r2, 0x0) (async)
sched_rr_get_interval(r2, &(0x7f00000000c0)) (async)
clock_gettime(0x6, &(0x7f0000000000)) (async)

06:33:41 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x20000008]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0x8, 0x445, 0x7ff, 0x80000001, 0x3, 0x1, 0x8001, 0x7fffffffffffffff}, &(0x7f0000000040)={0x7, 0xffff, 0x0, 0x6, 0x923, 0x9, 0x1, 0xff}, &(0x7f0000000080)={0x7f, 0x0, 0x7, 0x2, 0x8000, 0x4, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1ff]}, 0x8}) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/class/isku', 0x800, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@security={'security\x00', 0xe, 0x4, 0x3e8, 0xffffffff, 0x0, 0x230, 0x230, 0xffffffff, 0xffffffff, 0x350, 0x350, 0x350, 0xffffffff, 0x4, &(0x7f00000002c0), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}, {[0xff000000, 0x7fffffff], 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x6, 0xa, [0x21, 0x33, 0x31, 0x12, 0x11, 0x3, 0x30, 0xd, 0x25, 0x7, 0x9, 0x3a, 0x2d, 0x3f, 0x10, 0x1b], 0x2, 0x80000000, 0x2}}}, {{@ip={@remote, @remote, 0xff000000, 0xff, 'macvtap0\x00', 'erspan0\x00', {}, {0xff}, 0x21, 0x1, 0x5}, 0x0, 0xe8, 0x110, 0x0, {}, [@common=@inet=@set4={{0x50}, {{0x0, 0x3}, {{0x401}, 0x9}, {{0x6}}, 0x7}}, @common=@ttl={{0x28}, {0x3, 0x7}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xf0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x0, 0x2}}, @common=@ah={{0x30}, {[0x200, 0x965]}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x348, 0x8001, 0x4, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="c9c982688d76fb4bbcb07e4760b53d8a85d3a15710d18edeb3f152a7dde5bf1b282f3c642e317b373114fa3ce9b5f93d041a10370a0b8f8a938d41d786c43f2ad003c7a92868b5b8e60cfed2b7ecc15abffc204622fb478b8a4a5226ec64073716aa5df3a81c8f25e2d21ab896fec2291356a2", 0x73, 0xfffffffffffffff8)

06:33:41 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)

06:33:41 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x0, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:41 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x20000008]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0x8, 0x445, 0x7ff, 0x80000001, 0x3, 0x1, 0x8001, 0x7fffffffffffffff}, &(0x7f0000000040)={0x7, 0xffff, 0x0, 0x6, 0x923, 0x9, 0x1, 0xff}, &(0x7f0000000080)={0x7f, 0x0, 0x7, 0x2, 0x8000, 0x4, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1ff]}, 0x8}) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/class/isku', 0x800, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@security={'security\x00', 0xe, 0x4, 0x3e8, 0xffffffff, 0x0, 0x230, 0x230, 0xffffffff, 0xffffffff, 0x350, 0x350, 0x350, 0xffffffff, 0x4, &(0x7f00000002c0), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}, {[0xff000000, 0x7fffffff], 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x6, 0xa, [0x21, 0x33, 0x31, 0x12, 0x11, 0x3, 0x30, 0xd, 0x25, 0x7, 0x9, 0x3a, 0x2d, 0x3f, 0x10, 0x1b], 0x2, 0x80000000, 0x2}}}, {{@ip={@remote, @remote, 0xff000000, 0xff, 'macvtap0\x00', 'erspan0\x00', {}, {0xff}, 0x21, 0x1, 0x5}, 0x0, 0xe8, 0x110, 0x0, {}, [@common=@inet=@set4={{0x50}, {{0x0, 0x3}, {{0x401}, 0x9}, {{0x6}}, 0x7}}, @common=@ttl={{0x28}, {0x3, 0x7}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xf0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x0, 0x2}}, @common=@ah={{0x30}, {[0x200, 0x965]}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x348, 0x8001, 0x4, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:41 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0x200, 0x80000000, 0x1, 0x5, 0x3, 0xfffffffffffffffc, 0x9, 0x9}, &(0x7f0000000040)={0x8, 0xb65, 0x2080000, 0x1, 0xcfd, 0x6, 0x800, 0x3}, &(0x7f0000000080)={0x401, 0x6, 0x6, 0x4, 0x0, 0xe80, 0xfffffffffffffffd, 0xeaea}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x8000000000000001]}, 0x8})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
syz_open_pts(r1, 0x345680)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, 0x0, 0x0)

[ 1144.155840][T30551] FAULT_INJECTION: forcing a failure.
[ 1144.155840][T30551] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1144.173253][T30551] CPU: 1 PID: 30551 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1144.183335][T30551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1144.193225][T30551] Call Trace:
[ 1144.196368][T30551]  <TASK>
[ 1144.199128][T30551]  dump_stack_lvl+0x151/0x1b7
06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, 0x0, 0x0)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, 0x0, 0x0)

[ 1144.203641][T30551]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1144.208944][T30551]  ? stack_trace_save+0x1f0/0x1f0
[ 1144.213797][T30551]  ? __kernel_text_address+0x9a/0x110
[ 1144.219005][T30551]  dump_stack+0x15/0x17
[ 1144.223262][T30551]  should_fail+0x3c0/0x510
[ 1144.227516][T30551]  should_fail_alloc_page+0x58/0x70
[ 1144.232550][T30551]  __alloc_pages+0x1de/0x7c0
[ 1144.237494][T30551]  ? stack_trace_save+0x12d/0x1f0
[ 1144.242350][T30551]  ? stack_trace_snprint+0x100/0x100
[ 1144.247562][T30551]  ? __count_vm_events+0x30/0x30
[ 1144.252326][T30551]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1144.257188][T30551]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1144.262042][T30551]  ? kmem_cache_alloc+0x189/0x2f0
[ 1144.266918][T30551]  ? anon_vma_fork+0x1b9/0x4f0
[ 1144.271507][T30551]  get_zeroed_page+0x19/0x40
[ 1144.275931][T30551]  __pud_alloc+0x8b/0x260
[ 1144.280098][T30551]  ? do_handle_mm_fault+0x2370/0x2370
[ 1144.285349][T30551]  copy_page_range+0xd9e/0x1090
[ 1144.290004][T30551]  ? pfn_valid+0x1e0/0x1e0
[ 1144.294251][T30551]  dup_mmap+0x99f/0xea0
[ 1144.298323][T30551]  ? __delayed_free_task+0x20/0x20
[ 1144.303269][T30551]  ? mm_init+0x807/0x960
[ 1144.307353][T30551]  dup_mm+0x91/0x330
[ 1144.311081][T30551]  copy_mm+0x108/0x1b0
[ 1144.314993][T30551]  copy_process+0x1295/0x3250
[ 1144.320022][T30551]  ? proc_fail_nth_write+0x213/0x290
[ 1144.325244][T30551]  ? proc_fail_nth_read+0x220/0x220
[ 1144.330268][T30551]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1144.335302][T30551]  ? vfs_write+0x9af/0x1050
[ 1144.339639][T30551]  ? vmacache_update+0xb7/0x120
[ 1144.344435][T30551]  kernel_clone+0x22d/0x990
[ 1144.348774][T30551]  ? file_end_write+0x1b0/0x1b0
[ 1144.353457][T30551]  ? __kasan_check_write+0x14/0x20
[ 1144.358404][T30551]  ? create_io_thread+0x1e0/0x1e0
[ 1144.363354][T30551]  ? __mutex_lock_slowpath+0x10/0x10
[ 1144.368534][T30551]  __x64_sys_clone+0x289/0x310
[ 1144.373071][T30551]  ? __do_sys_vfork+0x130/0x130
[ 1144.377776][T30551]  ? debug_smp_processor_id+0x17/0x20
[ 1144.382975][T30551]  do_syscall_64+0x44/0xd0
[ 1144.387220][T30551]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1144.392956][T30551] RIP: 0033:0x7f263a8c35a9
[ 1144.397199][T30551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1144.416755][T30551] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1144.425357][T30551] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1144.433259][T30551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1144.441150][T30551] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1144.449155][T30551] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:41 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)) (async, rerun: 32)
clock_gettime(0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0}) (rerun: 32)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={r0, r1+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async, rerun: 64)
clock_gettime(0x5, &(0x7f0000000140)) (async, rerun: 64)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
sched_rr_get_interval(r2, &(0x7f00000000c0)) (async)
clock_gettime(0x6, &(0x7f0000000000))

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040), 0x8)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'}) (async)
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x69e) (async)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8}) (async)

[ 1144.456965][T30551] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1144.464781][T30551]  </TASK>
06:33:41 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:41 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)

06:33:41 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040), 0x8)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'}) (async)
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x69e) (async)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8}) (async)

06:33:41 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0xfffffffffffffe71)

[ 1144.530595][T30614] FAULT_INJECTION: forcing a failure.
[ 1144.530595][T30614] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1144.547911][T30614] CPU: 1 PID: 30614 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1144.557985][T30614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1144.567964][T30614] Call Trace:
[ 1144.571086][T30614]  <TASK>
[ 1144.573880][T30614]  dump_stack_lvl+0x151/0x1b7
[ 1144.578376][T30614]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1144.583673][T30614]  ? stack_trace_save+0x1f0/0x1f0
[ 1144.588531][T30614]  ? __kernel_text_address+0x9a/0x110
[ 1144.593740][T30614]  dump_stack+0x15/0x17
[ 1144.597731][T30614]  should_fail+0x3c0/0x510
[ 1144.602070][T30614]  should_fail_alloc_page+0x58/0x70
[ 1144.607108][T30614]  __alloc_pages+0x1de/0x7c0
[ 1144.611534][T30614]  ? stack_trace_save+0x12d/0x1f0
[ 1144.616392][T30614]  ? stack_trace_snprint+0x100/0x100
[ 1144.621515][T30614]  ? __count_vm_events+0x30/0x30
[ 1144.626290][T30614]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1144.631148][T30614]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1144.636017][T30614]  ? kmem_cache_alloc+0x189/0x2f0
[ 1144.640865][T30614]  ? anon_vma_fork+0x1b9/0x4f0
[ 1144.645481][T30614]  get_zeroed_page+0x19/0x40
[ 1144.649902][T30614]  __pud_alloc+0x8b/0x260
[ 1144.654059][T30614]  ? do_handle_mm_fault+0x2370/0x2370
[ 1144.659269][T30614]  copy_page_range+0xd9e/0x1090
[ 1144.663954][T30614]  ? pfn_valid+0x1e0/0x1e0
[ 1144.668210][T30614]  dup_mmap+0x99f/0xea0
[ 1144.672287][T30614]  ? __delayed_free_task+0x20/0x20
[ 1144.677236][T30614]  ? mm_init+0x807/0x960
[ 1144.681312][T30614]  dup_mm+0x91/0x330
[ 1144.685045][T30614]  copy_mm+0x108/0x1b0
[ 1144.688951][T30614]  copy_process+0x1295/0x3250
[ 1144.693464][T30614]  ? proc_fail_nth_write+0x213/0x290
[ 1144.698585][T30614]  ? proc_fail_nth_read+0x220/0x220
[ 1144.703619][T30614]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1144.708571][T30614]  ? vfs_write+0x9af/0x1050
[ 1144.713167][T30614]  ? vmacache_update+0xb7/0x120
[ 1144.717851][T30614]  kernel_clone+0x22d/0x990
[ 1144.722195][T30614]  ? file_end_write+0x1b0/0x1b0
[ 1144.726881][T30614]  ? __kasan_check_write+0x14/0x20
[ 1144.731826][T30614]  ? create_io_thread+0x1e0/0x1e0
[ 1144.736684][T30614]  ? __mutex_lock_slowpath+0x10/0x10
[ 1144.741806][T30614]  __x64_sys_clone+0x289/0x310
[ 1144.746415][T30614]  ? __do_sys_vfork+0x130/0x130
[ 1144.751211][T30614]  ? debug_smp_processor_id+0x17/0x20
[ 1144.756421][T30614]  do_syscall_64+0x44/0xd0
[ 1144.760669][T30614]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1144.766400][T30614] RIP: 0033:0x7f263a8c35a9
[ 1144.770657][T30614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1144.790107][T30614] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1144.798339][T30614] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1144.806870][T30614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1144.814678][T30614] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1144.822492][T30614] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:42 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0x200, 0x80000000, 0x1, 0x5, 0x3, 0xfffffffffffffffc, 0x9, 0x9}, &(0x7f0000000040)={0x8, 0xb65, 0x2080000, 0x1, 0xcfd, 0x6, 0x800, 0x3}, &(0x7f0000000080)={0x401, 0x6, 0x6, 0x4, 0x0, 0xe80, 0xfffffffffffffffd, 0xeaea}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x8000000000000001]}, 0x8}) (async, rerun: 64)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (rerun: 64)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async, rerun: 32)
syz_open_pts(r1, 0x345680) (rerun: 32)

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040), 0x8)

06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0xfffffffffffffe71)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0xfffffffffffffe71) (async)

06:33:42 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)

[ 1144.830308][T30614] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1144.838111][T30614]  </TASK>
[ 1144.864940][T30625] FAULT_INJECTION: forcing a failure.
[ 1144.864940][T30625] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1144.878183][T30625] CPU: 0 PID: 30625 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1144.888241][T30625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1144.898136][T30625] Call Trace:
[ 1144.901265][T30625]  <TASK>
[ 1144.904125][T30625]  dump_stack_lvl+0x151/0x1b7
[ 1144.908636][T30625]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1144.913943][T30625]  dump_stack+0x15/0x17
[ 1144.917967][T30625]  should_fail+0x3c0/0x510
[ 1144.922183][T30625]  should_fail_alloc_page+0x58/0x70
[ 1144.927215][T30625]  __alloc_pages+0x1de/0x7c0
[ 1144.931636][T30625]  ? __count_vm_events+0x30/0x30
[ 1144.936409][T30625]  ? dup_mm+0x91/0x330
[ 1144.940313][T30625]  ? copy_mm+0x108/0x1b0
[ 1144.944392][T30625]  ? copy_process+0x1295/0x3250
[ 1144.949087][T30625]  ? kernel_clone+0x22d/0x990
[ 1144.953592][T30625]  ? __x64_sys_clone+0x289/0x310
[ 1144.958600][T30625]  pte_alloc_one+0x73/0x1b0
[ 1144.962942][T30625]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1144.967974][T30625]  ? __kasan_check_write+0x14/0x20
[ 1144.972914][T30625]  ? __set_page_owner+0x2ee/0x310
[ 1144.977784][T30625]  __pte_alloc+0x86/0x350
[ 1144.982078][T30625]  ? post_alloc_hook+0x1ab/0x1b0
[ 1144.986834][T30625]  ? free_pgtables+0x210/0x210
[ 1144.991431][T30625]  ? get_page_from_freelist+0x38b/0x400
[ 1144.996813][T30625]  copy_pte_range+0x1b1f/0x20b0
[ 1145.001501][T30625]  ? __kunmap_atomic+0x80/0x80
[ 1145.006098][T30625]  ? __pud_alloc+0x260/0x260
[ 1145.010536][T30625]  ? __pud_alloc+0x218/0x260
[ 1145.014951][T30625]  ? do_handle_mm_fault+0x2370/0x2370
[ 1145.020161][T30625]  copy_page_range+0xc1e/0x1090
[ 1145.024858][T30625]  ? pfn_valid+0x1e0/0x1e0
[ 1145.029109][T30625]  dup_mmap+0x99f/0xea0
[ 1145.033097][T30625]  ? __delayed_free_task+0x20/0x20
[ 1145.038041][T30625]  ? mm_init+0x807/0x960
[ 1145.042119][T30625]  dup_mm+0x91/0x330
[ 1145.045855][T30625]  copy_mm+0x108/0x1b0
[ 1145.049755][T30625]  copy_process+0x1295/0x3250
[ 1145.054280][T30625]  ? proc_fail_nth_write+0x213/0x290
[ 1145.059389][T30625]  ? proc_fail_nth_read+0x220/0x220
[ 1145.064431][T30625]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1145.069373][T30625]  ? vfs_write+0x9af/0x1050
[ 1145.073716][T30625]  ? vmacache_update+0xb7/0x120
[ 1145.078399][T30625]  kernel_clone+0x22d/0x990
[ 1145.082738][T30625]  ? file_end_write+0x1b0/0x1b0
[ 1145.087424][T30625]  ? __kasan_check_write+0x14/0x20
[ 1145.092369][T30625]  ? create_io_thread+0x1e0/0x1e0
[ 1145.097247][T30625]  ? __mutex_lock_slowpath+0x10/0x10
[ 1145.102538][T30625]  __x64_sys_clone+0x289/0x310
[ 1145.107128][T30625]  ? __do_sys_vfork+0x130/0x130
[ 1145.111815][T30625]  ? debug_smp_processor_id+0x17/0x20
[ 1145.117035][T30625]  do_syscall_64+0x44/0xd0
[ 1145.121275][T30625]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1145.127002][T30625] RIP: 0033:0x7f263a8c35a9
[ 1145.131253][T30625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1145.150699][T30625] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1145.158942][T30625] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1145.166752][T30625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1145.174562][T30625] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.182373][T30625] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1145.190184][T30625] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1145.197999][T30625]  </TASK>
06:33:42 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x5, 0x1, 0x400, 0x9, 0x6, 0x2, 0x1, 0x8}, &(0x7f0000000040)={0x2, 0x0, 0x6, 0xffffffffffff5997, 0x1400000000, 0x7fffffff, 0x1ff, 0x1}, &(0x7f0000000080)={0x27, 0x9, 0x3, 0x0, 0x0, 0x5, 0x4, 0x5}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0xffff]}, 0x8})
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000280)={@any, 0x6, 0xfff, 0x1ff, 0x7, 0x7, "49a3f6bffeedb4b870752ed576d166d32f5a045073cb0f655b367ec996fe5fab455a36e06870d60aecabd74f08d6734bb2ac3c82a5b31e325c5e75d516270cf58bac5e51e36cbc1e15fe9fe8e7423715c275c2a7a7737e6d6a445e70ba0131e9e200509c318f1f84013f2ef7c629105d424a5b916600b50794455b2b4d49b73f"})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000340)={@any, 0x0, 0x0, 0x3, 0x4, 0x4, "75372a9a537a3106ef2c2eb8555ff687e26b515646b63708364340b11b9cdab2495891cd42e763bdaf1033055e1de0e3a3fc71d2d4be6bffb7577afe2acae5d34cc81a38b4e1627b451585564a0dc4a2255cb7975f477c81ec75bdd41634bebbd474cb6044784b0e4c889e832c2e7fb779ddfe230e690f233cf933ed5e13796a"})

06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0xfffffffffffffe71)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0xfffffffffffffe71) (async)

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:42 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)
pselect6(0x40, &(0x7f0000000000)={0x200, 0x80000000, 0x1, 0x5, 0x3, 0xfffffffffffffffc, 0x9, 0x9}, &(0x7f0000000040)={0x8, 0xb65, 0x2080000, 0x1, 0xcfd, 0x6, 0x800, 0x3}, &(0x7f0000000080)={0x401, 0x6, 0x6, 0x4, 0x0, 0xe80, 0xfffffffffffffffd, 0xeaea}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x8000000000000001]}, 0x8}) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
syz_open_pts(r1, 0x345680)

06:33:42 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)

06:33:42 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1145.326411][T30641] FAULT_INJECTION: forcing a failure.
[ 1145.326411][T30641] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1145.339883][T30641] CPU: 0 PID: 30641 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1145.350037][T30641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1145.359948][T30641] Call Trace:
[ 1145.363065][T30641]  <TASK>
[ 1145.365851][T30641]  dump_stack_lvl+0x151/0x1b7
[ 1145.370347][T30641]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1145.375642][T30641]  dump_stack+0x15/0x17
[ 1145.379634][T30641]  should_fail+0x3c0/0x510
[ 1145.383887][T30641]  should_fail_alloc_page+0x58/0x70
[ 1145.388922][T30641]  __alloc_pages+0x1de/0x7c0
[ 1145.393350][T30641]  ? __count_vm_events+0x30/0x30
[ 1145.398472][T30641]  ? dup_mm+0x91/0x330
[ 1145.402370][T30641]  ? copy_mm+0x108/0x1b0
[ 1145.406458][T30641]  ? copy_process+0x1295/0x3250
[ 1145.411139][T30641]  ? kernel_clone+0x22d/0x990
[ 1145.415660][T30641]  ? __x64_sys_clone+0x289/0x310
[ 1145.420428][T30641]  pte_alloc_one+0x73/0x1b0
06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000640)={0x2020, 0x0, <r2=>0x0}, 0x2020)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x64, r3, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xa993}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r7 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r2, {{0x7fff, 0x8000000000000000, 0x5, r7}}}, 0x28)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000002680)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000240)={0xa0, 0x0, r8, {{0x1, 0x3, 0x4, 0xe5, 0xfff, 0x7, {0x5, 0xfff, 0xffffffffffffffff, 0x5, 0x2, 0x6, 0x8000, 0x20, 0xfffffff9, 0x4000, 0x40, r9, r10, 0x1, 0x4}}, {0x0, 0x4}}}, 0xa0)
write$FUSE_STATFS(r0, &(0x7f00000001c0)={0x60, 0x0, r8, {{0x4, 0x4, 0x8000, 0x3, 0x9, 0xf05, 0x39aa, 0xbe}}}, 0x60)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r8, {0x1ff}}, 0x18)
read$FUSE(0xffffffffffffffff, &(0x7f00000046c0)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f00000004c0)={0x18, 0x0, r11, {0x3f}}, 0x18)

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
syz_open_dev$char_usb(0xc, 0xb4, 0x69e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000640)={0x2020, 0x0, <r2=>0x0}, 0x2020)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x64, r3, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xa993}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r7 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r2, {{0x7fff, 0x8000000000000000, 0x5, r7}}}, 0x28)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000002680)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000240)={0xa0, 0x0, r8, {{0x1, 0x3, 0x4, 0xe5, 0xfff, 0x7, {0x5, 0xfff, 0xffffffffffffffff, 0x5, 0x2, 0x6, 0x8000, 0x20, 0xfffffff9, 0x4000, 0x40, r9, r10, 0x1, 0x4}}, {0x0, 0x4}}}, 0xa0)
write$FUSE_STATFS(r0, &(0x7f00000001c0)={0x60, 0x0, r8, {{0x4, 0x4, 0x8000, 0x3, 0x9, 0xf05, 0x39aa, 0xbe}}}, 0x60)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r8, {0x1ff}}, 0x18)
read$FUSE(0xffffffffffffffff, &(0x7f00000046c0)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f00000004c0)={0x18, 0x0, r11, {0x3f}}, 0x18)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) (async)
read$FUSE(r1, &(0x7f0000000640)={0x2020}, 0x2020) (async)
syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x64, r3, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xa993}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) (async)
getpid() (async)
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r2, {{0x7fff, 0x8000000000000000, 0x5, r7}}}, 0x28) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
read$FUSE(r0, &(0x7f0000002680)={0x2020}, 0x2020) (async)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000240)={0xa0, 0x0, r8, {{0x1, 0x3, 0x4, 0xe5, 0xfff, 0x7, {0x5, 0xfff, 0xffffffffffffffff, 0x5, 0x2, 0x6, 0x8000, 0x20, 0xfffffff9, 0x4000, 0x40, r9, r10, 0x1, 0x4}}, {0x0, 0x4}}}, 0xa0) (async)
write$FUSE_STATFS(r0, &(0x7f00000001c0)={0x60, 0x0, r8, {{0x4, 0x4, 0x8000, 0x3, 0x9, 0xf05, 0x39aa, 0xbe}}}, 0x60) (async)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r8, {0x1ff}}, 0x18) (async)
read$FUSE(0xffffffffffffffff, &(0x7f00000046c0)={0x2020}, 0x2020) (async)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f00000004c0)={0x18, 0x0, r11, {0x3f}}, 0x18) (async)

[ 1145.424766][T30641]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1145.429796][T30641]  ? __kasan_check_write+0x14/0x20
[ 1145.434744][T30641]  ? __set_page_owner+0x2ee/0x310
[ 1145.439608][T30641]  __pte_alloc+0x86/0x350
[ 1145.443769][T30641]  ? post_alloc_hook+0x1ab/0x1b0
[ 1145.448556][T30641]  ? free_pgtables+0x210/0x210
[ 1145.453231][T30641]  ? get_page_from_freelist+0x38b/0x400
[ 1145.458616][T30641]  copy_pte_range+0x1b1f/0x20b0
[ 1145.463303][T30641]  ? __kunmap_atomic+0x80/0x80
[ 1145.467897][T30641]  ? __pud_alloc+0x260/0x260
[ 1145.472324][T30641]  ? __pud_alloc+0x218/0x260
06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000640)={0x2020, 0x0, <r2=>0x0}, 0x2020) (async)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff}) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x64, r3, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xa993}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) (async)
r7 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r2, {{0x7fff, 0x8000000000000000, 0x5, r7}}}, 0x28)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
read$FUSE(r0, &(0x7f0000002680)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000240)={0xa0, 0x0, r8, {{0x1, 0x3, 0x4, 0xe5, 0xfff, 0x7, {0x5, 0xfff, 0xffffffffffffffff, 0x5, 0x2, 0x6, 0x8000, 0x20, 0xfffffff9, 0x4000, 0x40, r9, r10, 0x1, 0x4}}, {0x0, 0x4}}}, 0xa0)
write$FUSE_STATFS(r0, &(0x7f00000001c0)={0x60, 0x0, r8, {{0x4, 0x4, 0x8000, 0x3, 0x9, 0xf05, 0x39aa, 0xbe}}}, 0x60) (async)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r8, {0x1ff}}, 0x18)
read$FUSE(0xffffffffffffffff, &(0x7f00000046c0)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f00000004c0)={0x18, 0x0, r11, {0x3f}}, 0x18)

[ 1145.476758][T30641]  ? do_handle_mm_fault+0x2370/0x2370
[ 1145.481970][T30641]  copy_page_range+0xc1e/0x1090
[ 1145.486648][T30641]  ? pfn_valid+0x1e0/0x1e0
[ 1145.490908][T30641]  dup_mmap+0x99f/0xea0
[ 1145.494896][T30641]  ? __delayed_free_task+0x20/0x20
[ 1145.499841][T30641]  ? mm_init+0x807/0x960
[ 1145.504003][T30641]  dup_mm+0x91/0x330
[ 1145.507737][T30641]  copy_mm+0x108/0x1b0
[ 1145.511641][T30641]  copy_process+0x1295/0x3250
[ 1145.516152][T30641]  ? proc_fail_nth_write+0x213/0x290
[ 1145.521275][T30641]  ? proc_fail_nth_read+0x220/0x220
[ 1145.526400][T30641]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1145.531343][T30641]  ? vfs_write+0x9af/0x1050
[ 1145.535682][T30641]  ? vmacache_update+0xb7/0x120
[ 1145.540368][T30641]  kernel_clone+0x22d/0x990
[ 1145.544707][T30641]  ? file_end_write+0x1b0/0x1b0
[ 1145.549392][T30641]  ? __kasan_check_write+0x14/0x20
[ 1145.554341][T30641]  ? create_io_thread+0x1e0/0x1e0
[ 1145.559202][T30641]  ? __mutex_lock_slowpath+0x10/0x10
[ 1145.564318][T30641]  __x64_sys_clone+0x289/0x310
[ 1145.568919][T30641]  ? __do_sys_vfork+0x130/0x130
[ 1145.573608][T30641]  ? debug_smp_processor_id+0x17/0x20
[ 1145.578821][T30641]  do_syscall_64+0x44/0xd0
[ 1145.583069][T30641]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1145.588793][T30641] RIP: 0033:0x7f263a8c35a9
[ 1145.593048][T30641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1145.612577][T30641] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f0000000000)={0xc0cb, 0x200, 0xfffffffffffffffe, 0x100, 0x101, 0x1ff, 0xffffffffffffffff, 0x100}, &(0x7f0000000080)={0x8e45, 0x100000000, 0xfa4, 0x4, 0x7, 0x5, 0x100000001, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3f, 0x0, 0x2a, 0x5, 0x7fff, 0x8, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0xfffffffffffff801]}, 0x8})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1145.620912][T30641] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1145.628721][T30641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1145.636539][T30641] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.644348][T30641] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1145.652157][T30641] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1145.660096][T30641]  </TASK>
06:33:42 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
pselect6(0x40, &(0x7f0000000000)={0x5, 0x1, 0x400, 0x9, 0x6, 0x2, 0x1, 0x8}, &(0x7f0000000040)={0x2, 0x0, 0x6, 0xffffffffffff5997, 0x1400000000, 0x7fffffff, 0x1ff, 0x1}, &(0x7f0000000080)={0x27, 0x9, 0x3, 0x0, 0x0, 0x5, 0x4, 0x5}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0xffff]}, 0x8})
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000280)={@any, 0x6, 0xfff, 0x1ff, 0x7, 0x7, "49a3f6bffeedb4b870752ed576d166d32f5a045073cb0f655b367ec996fe5fab455a36e06870d60aecabd74f08d6734bb2ac3c82a5b31e325c5e75d516270cf58bac5e51e36cbc1e15fe9fe8e7423715c275c2a7a7737e6d6a445e70ba0131e9e200509c318f1f84013f2ef7c629105d424a5b916600b50794455b2b4d49b73f"})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000340)={@any, 0x0, 0x0, 0x3, 0x4, 0x4, "75372a9a537a3106ef2c2eb8555ff687e26b515646b63708364340b11b9cdab2495891cd42e763bdaf1033055e1de0e3a3fc71d2d4be6bffb7577afe2acae5d34cc81a38b4e1627b451585564a0dc4a2255cb7975f477c81ec75bdd41634bebbd474cb6044784b0e4c889e832c2e7fb779ddfe230e690f233cf933ed5e13796a"})

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f00000003c0)={r0, r1, 0xffff, 0x76, &(0x7f0000000340)="e7f13b86f4b13786fd27144461b31a170a6308354b0c720aa0b1d703b640f4736b95894ea81b7a71dcb4963789a0488a4a7cf660534c0fb536726b34b74cb93948a1a979857969c4625e4bf832996bdefac700c369eb464ccdc0ab9233db64d295b7295e3be5d5d7f6a17690a2f3b40add2c7e873bdd", 0x8, 0x81, 0x3, 0x8000, 0x1, 0x1, 0xfffffff8, 'syz1\x00'})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:42 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x401}, 0x8)

06:33:42 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:42 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)

06:33:42 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:42 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
pselect6(0x40, &(0x7f0000000000)={0x5, 0x1, 0x400, 0x9, 0x6, 0x2, 0x1, 0x8}, &(0x7f0000000040)={0x2, 0x0, 0x6, 0xffffffffffff5997, 0x1400000000, 0x7fffffff, 0x1ff, 0x1}, &(0x7f0000000080)={0x27, 0x9, 0x3, 0x0, 0x0, 0x5, 0x4, 0x5}, &(0x7f00000000c0), &(0x7f0000000240)={&(0x7f0000000200)={[0xffff]}, 0x8})
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000280)={@any, 0x6, 0xfff, 0x1ff, 0x7, 0x7, "49a3f6bffeedb4b870752ed576d166d32f5a045073cb0f655b367ec996fe5fab455a36e06870d60aecabd74f08d6734bb2ac3c82a5b31e325c5e75d516270cf58bac5e51e36cbc1e15fe9fe8e7423715c275c2a7a7737e6d6a445e70ba0131e9e200509c318f1f84013f2ef7c629105d424a5b916600b50794455b2b4d49b73f"})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000340)={@any, 0x0, 0x0, 0x3, 0x4, 0x4, "75372a9a537a3106ef2c2eb8555ff687e26b515646b63708364340b11b9cdab2495891cd42e763bdaf1033055e1de0e3a3fc71d2d4be6bffb7577afe2acae5d34cc81a38b4e1627b451585564a0dc4a2255cb7975f477c81ec75bdd41634bebbd474cb6044784b0e4c889e832c2e7fb779ddfe230e690f233cf933ed5e13796a"})

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x401}, 0x8)

[ 1145.828471][T30681] FAULT_INJECTION: forcing a failure.
[ 1145.828471][T30681] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.848064][T30681] CPU: 0 PID: 30681 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1145.858157][T30681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1145.868072][T30681] Call Trace:
[ 1145.871169][T30681]  <TASK>
[ 1145.873955][T30681]  dump_stack_lvl+0x151/0x1b7
06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
clock_gettime(0x2, &(0x7f0000000040))
sched_rr_get_interval(r1, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x401}, 0x8)

[ 1145.878457][T30681]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1145.883752][T30681]  dump_stack+0x15/0x17
[ 1145.887749][T30681]  should_fail+0x3c0/0x510
[ 1145.892003][T30681]  __should_failslab+0x9f/0xe0
[ 1145.896594][T30681]  should_failslab+0x9/0x20
[ 1145.900944][T30681]  kmem_cache_alloc+0x4f/0x2f0
[ 1145.905541][T30681]  ? vm_area_dup+0x26/0x1d0
[ 1145.909872][T30681]  vm_area_dup+0x26/0x1d0
[ 1145.914036][T30681]  dup_mmap+0x6b8/0xea0
[ 1145.918034][T30681]  ? __delayed_free_task+0x20/0x20
[ 1145.922993][T30681]  ? mm_init+0x807/0x960
06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7f}, 0x8)

[ 1145.927060][T30681]  dup_mm+0x91/0x330
[ 1145.930792][T30681]  copy_mm+0x108/0x1b0
[ 1145.934693][T30681]  copy_process+0x1295/0x3250
[ 1145.939210][T30681]  ? proc_fail_nth_write+0x213/0x290
[ 1145.944342][T30681]  ? proc_fail_nth_read+0x220/0x220
[ 1145.949363][T30681]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1145.954310][T30681]  ? vfs_write+0x9af/0x1050
[ 1145.958648][T30681]  ? vmacache_update+0xb7/0x120
[ 1145.963336][T30681]  kernel_clone+0x22d/0x990
[ 1145.967683][T30681]  ? file_end_write+0x1b0/0x1b0
[ 1145.972361][T30681]  ? __kasan_check_write+0x14/0x20
[ 1145.977309][T30681]  ? create_io_thread+0x1e0/0x1e0
[ 1145.982186][T30681]  ? __mutex_lock_slowpath+0x10/0x10
[ 1145.987291][T30681]  __x64_sys_clone+0x289/0x310
[ 1145.991899][T30681]  ? __do_sys_vfork+0x130/0x130
[ 1145.996756][T30681]  ? debug_smp_processor_id+0x17/0x20
[ 1146.001960][T30681]  do_syscall_64+0x44/0xd0
[ 1146.006218][T30681]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.011942][T30681] RIP: 0033:0x7f263a8c35a9
[ 1146.016197][T30681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1146.035637][T30681] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1146.044112][T30681] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1146.051899][T30681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1146.059725][T30681] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1146.067691][T30681] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:43 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7f}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r0, 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7f}, 0x8) (async)

06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
clock_gettime(0x2, &(0x7f0000000040)) (async)
sched_rr_get_interval(r1, &(0x7f0000000000)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7f}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r0, 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7f}, 0x8) (async)

[ 1146.075501][T30681] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1146.083318][T30681]  </TASK>
[ 1146.114548][T30727] FAULT_INJECTION: forcing a failure.
[ 1146.114548][T30727] name failslab, interval 1, probability 0, space 0, times 0
06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10) (async)

06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1146.127629][T30727] CPU: 0 PID: 30727 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1146.137776][T30727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1146.148314][T30727] Call Trace:
[ 1146.151439][T30727]  <TASK>
[ 1146.154214][T30727]  dump_stack_lvl+0x151/0x1b7
[ 1146.158725][T30727]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1146.164022][T30727]  dump_stack+0x15/0x17
[ 1146.168216][T30727]  should_fail+0x3c0/0x510
[ 1146.172451][T30727]  __should_failslab+0x9f/0xe0
06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1146.177042][T30727]  should_failslab+0x9/0x20
[ 1146.181410][T30727]  kmem_cache_alloc+0x4f/0x2f0
[ 1146.185982][T30727]  ? vm_area_dup+0x26/0x1d0
[ 1146.190318][T30727]  ? __kasan_check_read+0x11/0x20
[ 1146.195178][T30727]  vm_area_dup+0x26/0x1d0
[ 1146.199348][T30727]  dup_mmap+0x6b8/0xea0
[ 1146.203432][T30727]  ? __delayed_free_task+0x20/0x20
[ 1146.208373][T30727]  ? mm_init+0x807/0x960
[ 1146.212446][T30727]  dup_mm+0x91/0x330
[ 1146.216186][T30727]  copy_mm+0x108/0x1b0
[ 1146.220088][T30727]  copy_process+0x1295/0x3250
[ 1146.224600][T30727]  ? proc_fail_nth_write+0x213/0x290
[ 1146.229717][T30727]  ? proc_fail_nth_read+0x220/0x220
[ 1146.234750][T30727]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1146.239849][T30727]  ? vfs_write+0x9af/0x1050
[ 1146.244689][T30727]  ? vmacache_update+0xb7/0x120
[ 1146.249409][T30727]  kernel_clone+0x22d/0x990
[ 1146.253736][T30727]  ? file_end_write+0x1b0/0x1b0
[ 1146.258406][T30727]  ? __kasan_check_write+0x14/0x20
[ 1146.263357][T30727]  ? create_io_thread+0x1e0/0x1e0
[ 1146.268212][T30727]  ? __mutex_lock_slowpath+0x10/0x10
[ 1146.273333][T30727]  __x64_sys_clone+0x289/0x310
[ 1146.277940][T30727]  ? __do_sys_vfork+0x130/0x130
[ 1146.282618][T30727]  ? debug_smp_processor_id+0x17/0x20
[ 1146.287863][T30727]  do_syscall_64+0x44/0xd0
[ 1146.292100][T30727]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.297804][T30727] RIP: 0033:0x7f263a8c35a9
[ 1146.302061][T30727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1146.321588][T30727] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:33:43 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)

06:33:43 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0x10, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)

06:33:43 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1146.329832][T30727] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1146.337642][T30727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1146.345455][T30727] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1146.353373][T30727] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1146.361182][T30727] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1146.369091][T30727]  </TASK>
06:33:43 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
clock_gettime(0x2, &(0x7f0000000040)) (async)
sched_rr_get_interval(r1, &(0x7f0000000000)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, 0x0, 0x0)

06:33:43 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:43 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, 0x0, 0x0)

[ 1146.410936][T30754] FAULT_INJECTION: forcing a failure.
[ 1146.410936][T30754] name failslab, interval 1, probability 0, space 0, times 0
[ 1146.423763][T30754] CPU: 1 PID: 30754 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1146.433829][T30754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1146.443723][T30754] Call Trace:
[ 1146.446862][T30754]  <TASK>
[ 1146.449619][T30754]  dump_stack_lvl+0x151/0x1b7
[ 1146.454137][T30754]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, 0x0, 0x0)

06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040), 0x8)

[ 1146.459440][T30754]  dump_stack+0x15/0x17
[ 1146.463429][T30754]  should_fail+0x3c0/0x510
[ 1146.467684][T30754]  __should_failslab+0x9f/0xe0
[ 1146.472288][T30754]  should_failslab+0x9/0x20
[ 1146.476614][T30754]  kmem_cache_alloc+0x4f/0x2f0
[ 1146.481212][T30754]  ? vm_area_dup+0x26/0x1d0
[ 1146.485553][T30754]  vm_area_dup+0x26/0x1d0
[ 1146.489720][T30754]  dup_mmap+0x6b8/0xea0
[ 1146.493714][T30754]  ? __delayed_free_task+0x20/0x20
[ 1146.498660][T30754]  ? mm_init+0x807/0x960
[ 1146.502739][T30754]  dup_mm+0x91/0x330
[ 1146.506469][T30754]  copy_mm+0x108/0x1b0
[ 1146.510373][T30754]  copy_process+0x1295/0x3250
[ 1146.514886][T30754]  ? proc_fail_nth_write+0x213/0x290
[ 1146.520008][T30754]  ? proc_fail_nth_read+0x220/0x220
[ 1146.525041][T30754]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1146.529987][T30754]  ? vfs_write+0x9af/0x1050
[ 1146.534329][T30754]  kernel_clone+0x22d/0x990
[ 1146.538674][T30754]  ? file_end_write+0x1b0/0x1b0
[ 1146.543846][T30754]  ? __kasan_check_write+0x14/0x20
[ 1146.548792][T30754]  ? create_io_thread+0x1e0/0x1e0
[ 1146.553653][T30754]  ? __mutex_lock_slowpath+0x10/0x10
[ 1146.558884][T30754]  __x64_sys_clone+0x289/0x310
[ 1146.563485][T30754]  ? __do_sys_vfork+0x130/0x130
[ 1146.568170][T30754]  ? debug_smp_processor_id+0x17/0x20
[ 1146.573378][T30754]  do_syscall_64+0x44/0xd0
[ 1146.577628][T30754]  ? irqentry_exit+0x12/0x40
[ 1146.582054][T30754]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.587891][T30754] RIP: 0033:0x7f263a8c35a9
[ 1146.592138][T30754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
06:33:43 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040), 0x8)

06:33:43 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:43 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)

[ 1146.611580][T30754] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1146.619825][T30754] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1146.627635][T30754] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1146.635539][T30754] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1146.643353][T30754] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1146.651163][T30754] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1146.658971][T30754]  </TASK>
[ 1146.676238][T30782] FAULT_INJECTION: forcing a failure.
[ 1146.676238][T30782] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1146.692177][T30782] CPU: 0 PID: 30782 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1146.702324][T30782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1146.712218][T30782] Call Trace:
[ 1146.715345][T30782]  <TASK>
[ 1146.718129][T30782]  dump_stack_lvl+0x151/0x1b7
[ 1146.722632][T30782]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1146.727929][T30782]  dump_stack+0x15/0x17
[ 1146.732090][T30782]  should_fail+0x3c0/0x510
[ 1146.736349][T30782]  should_fail_alloc_page+0x58/0x70
[ 1146.741387][T30782]  __alloc_pages+0x1de/0x7c0
[ 1146.745812][T30782]  ? __count_vm_events+0x30/0x30
[ 1146.750586][T30782]  ? __this_cpu_preempt_check+0x13/0x20
[ 1146.755959][T30782]  ? __mod_node_page_state+0xac/0xf0
[ 1146.761081][T30782]  pte_alloc_one+0x73/0x1b0
[ 1146.765421][T30782]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1146.770455][T30782]  __pte_alloc+0x86/0x350
[ 1146.774647][T30782]  ? free_pgtables+0x210/0x210
[ 1146.779220][T30782]  ? _raw_spin_lock+0xa3/0x1b0
[ 1146.783821][T30782]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1146.789288][T30782]  ? __kernel_text_address+0x9a/0x110
[ 1146.794497][T30782]  copy_pte_range+0x1b1f/0x20b0
[ 1146.799186][T30782]  ? __kunmap_atomic+0x80/0x80
[ 1146.803781][T30782]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1146.808641][T30782]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1146.813501][T30782]  ? kmem_cache_alloc+0x189/0x2f0
[ 1146.818361][T30782]  ? vm_area_dup+0x26/0x1d0
[ 1146.822704][T30782]  ? dup_mmap+0x6b8/0xea0
[ 1146.826867][T30782]  ? dup_mm+0x91/0x330
[ 1146.830772][T30782]  ? copy_mm+0x108/0x1b0
[ 1146.834851][T30782]  ? copy_process+0x1295/0x3250
[ 1146.839537][T30782]  ? kernel_clone+0x22d/0x990
[ 1146.844051][T30782]  ? __x64_sys_clone+0x289/0x310
[ 1146.848831][T30782]  ? do_syscall_64+0x44/0xd0
[ 1146.853256][T30782]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.859155][T30782]  copy_page_range+0xc1e/0x1090
[ 1146.863846][T30782]  ? pfn_valid+0x1e0/0x1e0
[ 1146.868095][T30782]  dup_mmap+0x99f/0xea0
[ 1146.872092][T30782]  ? __delayed_free_task+0x20/0x20
[ 1146.877035][T30782]  ? mm_init+0x807/0x960
[ 1146.881114][T30782]  dup_mm+0x91/0x330
[ 1146.884846][T30782]  copy_mm+0x108/0x1b0
[ 1146.888753][T30782]  copy_process+0x1295/0x3250
[ 1146.893263][T30782]  ? proc_fail_nth_write+0x213/0x290
[ 1146.898390][T30782]  ? proc_fail_nth_read+0x220/0x220
[ 1146.903766][T30782]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1146.908712][T30782]  ? vfs_write+0x9af/0x1050
[ 1146.913050][T30782]  ? vmacache_update+0xb7/0x120
[ 1146.917741][T30782]  kernel_clone+0x22d/0x990
[ 1146.922081][T30782]  ? file_end_write+0x1b0/0x1b0
[ 1146.926762][T30782]  ? __kasan_check_write+0x14/0x20
[ 1146.931713][T30782]  ? create_io_thread+0x1e0/0x1e0
[ 1146.936570][T30782]  ? __mutex_lock_slowpath+0x10/0x10
[ 1146.941866][T30782]  __x64_sys_clone+0x289/0x310
[ 1146.946466][T30782]  ? __do_sys_vfork+0x130/0x130
[ 1146.951154][T30782]  ? debug_smp_processor_id+0x17/0x20
[ 1146.956362][T30782]  do_syscall_64+0x44/0xd0
[ 1146.960621][T30782]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.966349][T30782] RIP: 0033:0x7f263a8c35a9
[ 1146.970601][T30782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1146.990038][T30782] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1146.998280][T30782] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1147.006093][T30782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1147.013906][T30782] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1147.021713][T30782] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1147.029525][T30782] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1147.037436][T30782]  </TASK>
06:33:44 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}}) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:44 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040), 0x8)

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)

06:33:44 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f00000004c0))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000480)="e9ca03bc0b484dc07c494395fb666b6d", 0x10)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x7, 0x5, 0x4, 0x8, 0x7, 0x4, 0x1e, 0x100}, &(0x7f0000000500)={0x4000000008001, 0xcd, 0x0, 0x100000001, 0x40, 0x10001, 0xe9, 0x8000}, &(0x7f0000000080)={0x3, 0x5, 0x80000000, 0x8, 0x73f, 0x4, 0x1000, 0x9}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8})
clock_gettime(0x0, &(0x7f0000000380)={<r3=>0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x200, 0x2, 0x5, 0x4, 0x9c, 0xb4, 0x0, 0x8}, &(0x7f0000000300)={0x3, 0x0, 0x9, 0x2, 0x7, 0x6, 0x401, 0x2}, &(0x7f0000000340)={0x0, 0x1, 0x7fffffffffffffff, 0x1, 0x7, 0x800, 0xffffffffffffffff, 0x80000}, &(0x7f00000003c0)={r3, r4+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7fffffffffffffff]}, 0x8})

06:33:44 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:44 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}}) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:44 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffffffb}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x800002, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x10)

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffffffb}, 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x800002, 0x0) (async)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x10)

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffffffb}, 0x8) (async)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x800002, 0x0) (async)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x10)

[ 1147.153939][T30801] FAULT_INJECTION: forcing a failure.
[ 1147.153939][T30801] name failslab, interval 1, probability 0, space 0, times 0
[ 1147.168166][T30801] CPU: 0 PID: 30801 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1147.178467][T30801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1147.188359][T30801] Call Trace:
[ 1147.191479][T30801]  <TASK>
[ 1147.194259][T30801]  dump_stack_lvl+0x151/0x1b7
[ 1147.198771][T30801]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1147.204155][T30801]  dump_stack+0x15/0x17
[ 1147.208142][T30801]  should_fail+0x3c0/0x510
[ 1147.212405][T30801]  __should_failslab+0x9f/0xe0
[ 1147.216994][T30801]  should_failslab+0x9/0x20
[ 1147.221338][T30801]  kmem_cache_alloc+0x4f/0x2f0
[ 1147.225939][T30801]  ? vm_area_dup+0x26/0x1d0
[ 1147.230276][T30801]  vm_area_dup+0x26/0x1d0
[ 1147.234442][T30801]  dup_mmap+0x6b8/0xea0
[ 1147.238438][T30801]  ? __delayed_free_task+0x20/0x20
[ 1147.243407][T30801]  ? mm_init+0x807/0x960
[ 1147.247543][T30801]  dup_mm+0x91/0x330
[ 1147.251281][T30801]  copy_mm+0x108/0x1b0
[ 1147.255182][T30801]  copy_process+0x1295/0x3250
[ 1147.259703][T30801]  ? proc_fail_nth_write+0x213/0x290
[ 1147.264814][T30801]  ? proc_fail_nth_read+0x220/0x220
[ 1147.269848][T30801]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1147.274800][T30801]  ? vfs_write+0x9af/0x1050
[ 1147.279136][T30801]  ? vmacache_update+0xb7/0x120
[ 1147.284480][T30801]  kernel_clone+0x22d/0x990
[ 1147.288908][T30801]  ? file_end_write+0x1b0/0x1b0
[ 1147.293588][T30801]  ? __kasan_check_write+0x14/0x20
[ 1147.298531][T30801]  ? create_io_thread+0x1e0/0x1e0
[ 1147.303478][T30801]  ? __mutex_lock_slowpath+0x10/0x10
[ 1147.308604][T30801]  __x64_sys_clone+0x289/0x310
[ 1147.313199][T30801]  ? __do_sys_vfork+0x130/0x130
[ 1147.318006][T30801]  ? debug_smp_processor_id+0x17/0x20
[ 1147.323214][T30801]  do_syscall_64+0x44/0xd0
[ 1147.327591][T30801]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1147.333377][T30801] RIP: 0033:0x7f263a8c35a9
[ 1147.337683][T30801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1147.357127][T30801] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1147.365544][T30801] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1147.373360][T30801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1147.381172][T30801] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1147.389066][T30801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1147.396876][T30801] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
06:33:44 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f00000004c0)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000480)="e9ca03bc0b484dc07c494395fb666b6d", 0x10)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x7, 0x5, 0x4, 0x8, 0x7, 0x4, 0x1e, 0x100}, &(0x7f0000000500)={0x4000000008001, 0xcd, 0x0, 0x100000001, 0x40, 0x10001, 0xe9, 0x8000}, &(0x7f0000000080)={0x3, 0x5, 0x80000000, 0x8, 0x73f, 0x4, 0x1000, 0x9}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8})
clock_gettime(0x0, &(0x7f0000000380)={<r3=>0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x200, 0x2, 0x5, 0x4, 0x9c, 0xb4, 0x0, 0x8}, &(0x7f0000000300)={0x3, 0x0, 0x9, 0x2, 0x7, 0x6, 0x401, 0x2}, &(0x7f0000000340)={0x0, 0x1, 0x7fffffffffffffff, 0x1, 0x7, 0x800, 0xffffffffffffffff, 0x80000}, &(0x7f00000003c0)={r3, r4+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7fffffffffffffff]}, 0x8})

06:33:44 executing program 2:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x205}, 0xff8b)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000200)=0x6)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delrule={0x60, 0x21, 0x200, 0x70bd2b, 0x25dfdbfb, {0xa, 0x14, 0x10, 0x8, 0x7, 0x0, 0x0, 0x3, 0x2}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x4}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040010}, 0x50)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_free_security\x00')

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)

[ 1147.404699][T30801]  </TASK>
[ 1147.454217][T30834] FAULT_INJECTION: forcing a failure.
[ 1147.454217][T30834] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1147.469522][T30834] CPU: 1 PID: 30834 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1147.479607][T30834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1147.489488][T30834] Call Trace:
[ 1147.492609][T30834]  <TASK>
[ 1147.495387][T30834]  dump_stack_lvl+0x151/0x1b7
[ 1147.500018][T30834]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1147.505415][T30834]  dump_stack+0x15/0x17
[ 1147.509406][T30834]  should_fail+0x3c0/0x510
[ 1147.513667][T30834]  should_fail_alloc_page+0x58/0x70
[ 1147.518718][T30834]  __alloc_pages+0x1de/0x7c0
[ 1147.523121][T30834]  ? __count_vm_events+0x30/0x30
[ 1147.527898][T30834]  ? __this_cpu_preempt_check+0x13/0x20
[ 1147.533270][T30834]  ? __mod_node_page_state+0xac/0xf0
[ 1147.538392][T30834]  pte_alloc_one+0x73/0x1b0
[ 1147.542731][T30834]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1147.547776][T30834]  __pte_alloc+0x86/0x350
[ 1147.551938][T30834]  ? free_pgtables+0x210/0x210
[ 1147.556530][T30834]  ? _raw_spin_lock+0xa3/0x1b0
[ 1147.561130][T30834]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1147.566340][T30834]  ? __kernel_text_address+0x9a/0x110
[ 1147.571546][T30834]  copy_pte_range+0x1b1f/0x20b0
[ 1147.576234][T30834]  ? __kunmap_atomic+0x80/0x80
[ 1147.580832][T30834]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1147.585693][T30834]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1147.590553][T30834]  ? kmem_cache_alloc+0x189/0x2f0
[ 1147.595412][T30834]  ? vm_area_dup+0x26/0x1d0
[ 1147.599760][T30834]  ? dup_mmap+0x6b8/0xea0
[ 1147.603919][T30834]  ? dup_mm+0x91/0x330
[ 1147.607824][T30834]  ? copy_mm+0x108/0x1b0
[ 1147.611902][T30834]  ? copy_process+0x1295/0x3250
[ 1147.616590][T30834]  ? kernel_clone+0x22d/0x990
[ 1147.621202][T30834]  ? __x64_sys_clone+0x289/0x310
[ 1147.625965][T30834]  ? do_syscall_64+0x44/0xd0
[ 1147.630399][T30834]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1147.636309][T30834]  copy_page_range+0xc1e/0x1090
[ 1147.640992][T30834]  ? pfn_valid+0x1e0/0x1e0
[ 1147.645235][T30834]  dup_mmap+0x99f/0xea0
[ 1147.649245][T30834]  ? __delayed_free_task+0x20/0x20
[ 1147.654170][T30834]  ? mm_init+0x807/0x960
[ 1147.658249][T30834]  dup_mm+0x91/0x330
[ 1147.661983][T30834]  copy_mm+0x108/0x1b0
[ 1147.665890][T30834]  copy_process+0x1295/0x3250
[ 1147.670402][T30834]  ? proc_fail_nth_write+0x213/0x290
[ 1147.675523][T30834]  ? proc_fail_nth_read+0x220/0x220
[ 1147.680554][T30834]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1147.685504][T30834]  ? vfs_write+0x9af/0x1050
[ 1147.689845][T30834]  ? vmacache_update+0xb7/0x120
[ 1147.694530][T30834]  kernel_clone+0x22d/0x990
[ 1147.698882][T30834]  ? file_end_write+0x1b0/0x1b0
[ 1147.703732][T30834]  ? __kasan_check_write+0x14/0x20
[ 1147.708677][T30834]  ? create_io_thread+0x1e0/0x1e0
[ 1147.713536][T30834]  ? __mutex_lock_slowpath+0x10/0x10
[ 1147.719354][T30834]  __x64_sys_clone+0x289/0x310
[ 1147.723960][T30834]  ? __do_sys_vfork+0x130/0x130
[ 1147.728641][T30834]  ? debug_smp_processor_id+0x17/0x20
[ 1147.733953][T30834]  do_syscall_64+0x44/0xd0
[ 1147.738535][T30834]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1147.744260][T30834] RIP: 0033:0x7f263a8c35a9
[ 1147.748516][T30834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1147.767960][T30834] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1147.776212][T30834] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1147.784013][T30834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1147.791833][T30834] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:33:44 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:44 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x0, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:44 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:44 executing program 2:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x205}, 0xff8b)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000200)=0x6)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delrule={0x60, 0x21, 0x200, 0x70bd2b, 0x25dfdbfb, {0xa, 0x14, 0x10, 0x8, 0x7, 0x0, 0x0, 0x3, 0x2}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x4}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040010}, 0x50)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_free_security\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00') (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x205}, 0xff8b) (async)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000200)=0x6) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delrule={0x60, 0x21, 0x200, 0x70bd2b, 0x25dfdbfb, {0xa, 0x14, 0x10, 0x8, 0x7, 0x0, 0x0, 0x3, 0x2}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x4}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040010}, 0x50) (async)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_free_security\x00') (async)

06:33:44 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)

06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x0, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1147.799729][T30834] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1147.807637][T30834] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1147.815521][T30834]  </TASK>
[ 1147.851637][T30844] FAULT_INJECTION: forcing a failure.
[ 1147.851637][T30844] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1147.869996][T30844] CPU: 1 PID: 30844 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1147.880072][T30844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1147.889965][T30844] Call Trace:
[ 1147.893087][T30844]  <TASK>
[ 1147.895866][T30844]  dump_stack_lvl+0x151/0x1b7
06:33:45 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1147.900379][T30844]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1147.905674][T30844]  ? __kasan_check_write+0x14/0x20
[ 1147.910618][T30844]  ? __set_page_owner+0x2ee/0x310
[ 1147.915481][T30844]  dump_stack+0x15/0x17
[ 1147.919467][T30844]  should_fail+0x3c0/0x510
[ 1147.923723][T30844]  should_fail_alloc_page+0x58/0x70
[ 1147.928757][T30844]  __alloc_pages+0x1de/0x7c0
[ 1147.933179][T30844]  ? __count_vm_events+0x30/0x30
[ 1147.937959][T30844]  ? __count_vm_events+0x30/0x30
[ 1147.942831][T30844]  ? __kasan_check_write+0x14/0x20
[ 1147.947770][T30844]  ? _raw_spin_lock+0xa3/0x1b0
[ 1147.952363][T30844]  __pmd_alloc+0xb1/0x550
[ 1147.956536][T30844]  ? kmem_cache_alloc+0x189/0x2f0
[ 1147.961390][T30844]  ? anon_vma_fork+0x1b9/0x4f0
[ 1147.965996][T30844]  ? __pud_alloc+0x260/0x260
[ 1147.970415][T30844]  ? __pud_alloc+0x218/0x260
[ 1147.974929][T30844]  ? do_handle_mm_fault+0x2370/0x2370
[ 1147.980142][T30844]  copy_page_range+0xd04/0x1090
[ 1147.984828][T30844]  ? pfn_valid+0x1e0/0x1e0
[ 1147.989269][T30844]  dup_mmap+0x99f/0xea0
[ 1147.993245][T30844]  ? __delayed_free_task+0x20/0x20
[ 1147.998276][T30844]  ? mm_init+0x807/0x960
[ 1148.002442][T30844]  dup_mm+0x91/0x330
[ 1148.006218][T30844]  copy_mm+0x108/0x1b0
[ 1148.010076][T30844]  copy_process+0x1295/0x3250
[ 1148.014683][T30844]  ? proc_fail_nth_write+0x213/0x290
[ 1148.019912][T30844]  ? proc_fail_nth_read+0x220/0x220
[ 1148.025026][T30844]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1148.029976][T30844]  ? vfs_write+0x9af/0x1050
[ 1148.034320][T30844]  ? vmacache_update+0xb7/0x120
[ 1148.039004][T30844]  kernel_clone+0x22d/0x990
[ 1148.043427][T30844]  ? file_end_write+0x1b0/0x1b0
[ 1148.048137][T30844]  ? __kasan_check_write+0x14/0x20
[ 1148.053170][T30844]  ? create_io_thread+0x1e0/0x1e0
[ 1148.058007][T30844]  ? __mutex_lock_slowpath+0x10/0x10
[ 1148.063217][T30844]  __x64_sys_clone+0x289/0x310
[ 1148.067830][T30844]  ? __do_sys_vfork+0x130/0x130
[ 1148.072511][T30844]  ? debug_smp_processor_id+0x17/0x20
[ 1148.077846][T30844]  do_syscall_64+0x44/0xd0
[ 1148.082137][T30844]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1148.087816][T30844] RIP: 0033:0x7f263a8c35a9
[ 1148.092073][T30844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1148.111610][T30844] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1148.120277][T30844] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1148.128089][T30844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1148.136015][T30844] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1148.143827][T30844] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:45 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f00000004c0))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000480)="e9ca03bc0b484dc07c494395fb666b6d", 0x10)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x7, 0x5, 0x4, 0x8, 0x7, 0x4, 0x1e, 0x100}, &(0x7f0000000500)={0x4000000008001, 0xcd, 0x0, 0x100000001, 0x40, 0x10001, 0xe9, 0x8000}, &(0x7f0000000080)={0x3, 0x5, 0x80000000, 0x8, 0x73f, 0x4, 0x1000, 0x9}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8})
clock_gettime(0x0, &(0x7f0000000380)={<r3=>0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000002c0)={0x200, 0x2, 0x5, 0x4, 0x9c, 0xb4, 0x0, 0x8}, &(0x7f0000000300)={0x3, 0x0, 0x9, 0x2, 0x7, 0x6, 0x401, 0x2}, &(0x7f0000000340)={0x0, 0x1, 0x7fffffffffffffff, 0x1, 0x7, 0x800, 0xffffffffffffffff, 0x80000}, &(0x7f00000003c0)={r3, r4+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7fffffffffffffff]}, 0x8})
clock_gettime(0x0, &(0x7f0000000100)) (async)
clock_gettime(0x0, &(0x7f00000004c0)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000480)="e9ca03bc0b484dc07c494395fb666b6d", 0x10) (async)
clock_gettime(0x0, &(0x7f00000000c0)) (async)
pselect6(0x40, &(0x7f0000000000)={0x7, 0x5, 0x4, 0x8, 0x7, 0x4, 0x1e, 0x100}, &(0x7f0000000500)={0x4000000008001, 0xcd, 0x0, 0x100000001, 0x40, 0x10001, 0xe9, 0x8000}, &(0x7f0000000080)={0x3, 0x5, 0x80000000, 0x8, 0x73f, 0x4, 0x1000, 0x9}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0x6]}, 0x8}) (async)
clock_gettime(0x0, &(0x7f0000000380)) (async)
pselect6(0x40, &(0x7f00000002c0)={0x200, 0x2, 0x5, 0x4, 0x9c, 0xb4, 0x0, 0x8}, &(0x7f0000000300)={0x3, 0x0, 0x9, 0x2, 0x7, 0x6, 0x401, 0x2}, &(0x7f0000000340)={0x0, 0x1, 0x7fffffffffffffff, 0x1, 0x7, 0x800, 0xffffffffffffffff, 0x80000}, &(0x7f00000003c0)={r3, r4+60000000}, &(0x7f0000000440)={&(0x7f0000000400)={[0x7fffffffffffffff]}, 0x8}) (async)

06:33:45 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))

06:33:45 executing program 2:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00') (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x205}, 0xff8b) (async)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000200)=0x6)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delrule={0x60, 0x21, 0x200, 0x70bd2b, 0x25dfdbfb, {0xa, 0x14, 0x10, 0x8, 0x7, 0x0, 0x0, 0x3, 0x2}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x4}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040010}, 0x50) (async)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_free_security\x00')

06:33:45 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)

06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x0, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1148.151636][T30844] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1148.160581][T30844]  </TASK>
[ 1148.187790][T30864] FAULT_INJECTION: forcing a failure.
[ 1148.187790][T30864] name fail_page_alloc, interval 1, probability 0, space 0, times 0
06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)

06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1148.201000][T30864] CPU: 0 PID: 30864 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1148.210956][T30864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1148.220859][T30864] Call Trace:
[ 1148.223976][T30864]  <TASK>
[ 1148.226755][T30864]  dump_stack_lvl+0x151/0x1b7
[ 1148.231267][T30864]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1148.236561][T30864]  dump_stack+0x15/0x17
[ 1148.240572][T30864]  should_fail+0x3c0/0x510
[ 1148.244892][T30864]  should_fail_alloc_page+0x58/0x70
06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)

06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1}, 0x8) (async)

[ 1148.249927][T30864]  __alloc_pages+0x1de/0x7c0
[ 1148.254356][T30864]  ? __count_vm_events+0x30/0x30
[ 1148.259129][T30864]  ? dup_mm+0x91/0x330
[ 1148.263032][T30864]  ? copy_mm+0x108/0x1b0
[ 1148.267110][T30864]  ? copy_process+0x1295/0x3250
[ 1148.271796][T30864]  ? kernel_clone+0x22d/0x990
[ 1148.276309][T30864]  ? __x64_sys_clone+0x289/0x310
[ 1148.281089][T30864]  pte_alloc_one+0x73/0x1b0
[ 1148.285425][T30864]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1148.290458][T30864]  ? __kasan_check_write+0x14/0x20
[ 1148.295407][T30864]  ? __set_page_owner+0x2ee/0x310
[ 1148.300267][T30864]  __pte_alloc+0x86/0x350
[ 1148.304429][T30864]  ? post_alloc_hook+0x1ab/0x1b0
[ 1148.309215][T30864]  ? free_pgtables+0x210/0x210
[ 1148.313811][T30864]  ? get_page_from_freelist+0x38b/0x400
[ 1148.319190][T30864]  copy_pte_range+0x1b1f/0x20b0
[ 1148.323989][T30864]  ? __kunmap_atomic+0x80/0x80
[ 1148.328557][T30864]  ? __pud_alloc+0x260/0x260
[ 1148.332982][T30864]  ? __pud_alloc+0x218/0x260
[ 1148.337414][T30864]  ? do_handle_mm_fault+0x2370/0x2370
[ 1148.342617][T30864]  copy_page_range+0xc1e/0x1090
[ 1148.347313][T30864]  ? pfn_valid+0x1e0/0x1e0
[ 1148.351555][T30864]  dup_mmap+0x99f/0xea0
[ 1148.355549][T30864]  ? __delayed_free_task+0x20/0x20
[ 1148.360494][T30864]  ? mm_init+0x807/0x960
[ 1148.364577][T30864]  dup_mm+0x91/0x330
[ 1148.368308][T30864]  copy_mm+0x108/0x1b0
[ 1148.372210][T30864]  copy_process+0x1295/0x3250
[ 1148.376724][T30864]  ? proc_fail_nth_write+0x213/0x290
[ 1148.381846][T30864]  ? proc_fail_nth_read+0x220/0x220
[ 1148.386881][T30864]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1148.391825][T30864]  ? vfs_write+0x9af/0x1050
[ 1148.396164][T30864]  ? vmacache_update+0xb7/0x120
[ 1148.400852][T30864]  kernel_clone+0x22d/0x990
[ 1148.405190][T30864]  ? file_end_write+0x1b0/0x1b0
[ 1148.409879][T30864]  ? __kasan_check_write+0x14/0x20
[ 1148.414826][T30864]  ? create_io_thread+0x1e0/0x1e0
[ 1148.419701][T30864]  ? __mutex_lock_slowpath+0x10/0x10
[ 1148.424808][T30864]  __x64_sys_clone+0x289/0x310
[ 1148.429503][T30864]  ? __do_sys_vfork+0x130/0x130
[ 1148.434179][T30864]  ? debug_smp_processor_id+0x17/0x20
[ 1148.439389][T30864]  do_syscall_64+0x44/0xd0
[ 1148.443643][T30864]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1148.449369][T30864] RIP: 0033:0x7f263a8c35a9
[ 1148.453620][T30864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1148.473080][T30864] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1148.481307][T30864] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1148.489305][T30864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1148.497194][T30864] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:33:45 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:45 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)

06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x81}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)

06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)

06:33:45 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x0, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1148.505007][T30864] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1148.512902][T30864] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1148.520716][T30864]  </TASK>
06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x81}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x81}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) (async)

[ 1148.562260][T30908] FAULT_INJECTION: forcing a failure.
[ 1148.562260][T30908] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.575190][T30908] CPU: 1 PID: 30908 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1148.585275][T30908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1148.595172][T30908] Call Trace:
[ 1148.598280][T30908]  <TASK>
[ 1148.601061][T30908]  dump_stack_lvl+0x151/0x1b7
[ 1148.605580][T30908]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1148.610867][T30908]  dump_stack+0x15/0x17
[ 1148.614851][T30908]  should_fail+0x3c0/0x510
[ 1148.619110][T30908]  __should_failslab+0x9f/0xe0
[ 1148.623706][T30908]  should_failslab+0x9/0x20
[ 1148.628044][T30908]  kmem_cache_alloc+0x4f/0x2f0
[ 1148.632642][T30908]  ? vm_area_dup+0x26/0x1d0
[ 1148.636992][T30908]  vm_area_dup+0x26/0x1d0
[ 1148.641150][T30908]  dup_mmap+0x6b8/0xea0
[ 1148.645143][T30908]  ? __delayed_free_task+0x20/0x20
[ 1148.650088][T30908]  ? mm_init+0x807/0x960
[ 1148.654187][T30908]  dup_mm+0x91/0x330
[ 1148.657901][T30908]  copy_mm+0x108/0x1b0
[ 1148.661835][T30908]  copy_process+0x1295/0x3250
[ 1148.666318][T30908]  ? proc_fail_nth_write+0x213/0x290
[ 1148.671440][T30908]  ? proc_fail_nth_read+0x220/0x220
[ 1148.676474][T30908]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1148.681421][T30908]  ? vfs_write+0x9af/0x1050
[ 1148.685759][T30908]  ? vmacache_update+0xb7/0x120
[ 1148.690538][T30908]  kernel_clone+0x22d/0x990
[ 1148.694875][T30908]  ? file_end_write+0x1b0/0x1b0
[ 1148.699564][T30908]  ? __kasan_check_write+0x14/0x20
[ 1148.704510][T30908]  ? create_io_thread+0x1e0/0x1e0
[ 1148.709368][T30908]  ? __mutex_lock_slowpath+0x10/0x10
[ 1148.714490][T30908]  __x64_sys_clone+0x289/0x310
[ 1148.719671][T30908]  ? __do_sys_vfork+0x130/0x130
[ 1148.724358][T30908]  ? debug_smp_processor_id+0x17/0x20
[ 1148.729564][T30908]  do_syscall_64+0x44/0xd0
[ 1148.733818][T30908]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1148.739720][T30908] RIP: 0033:0x7f263a8c35a9
[ 1148.744319][T30908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1148.763766][T30908] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1148.772008][T30908] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1148.780167][T30908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1148.787975][T30908] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1148.795785][T30908] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1148.803942][T30908] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:45 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x81}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x81}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) (async)

06:33:45 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)

[ 1148.812020][T30908]  </TASK>
06:33:45 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:46 executing program 2:
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1148.837282][T30928] FAULT_INJECTION: forcing a failure.
[ 1148.837282][T30928] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.851505][T30928] CPU: 0 PID: 30928 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1148.861568][T30928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1148.871463][T30928] Call Trace:
[ 1148.874585][T30928]  <TASK>
[ 1148.877368][T30928]  dump_stack_lvl+0x151/0x1b7
[ 1148.881872][T30928]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1148.887167][T30928]  dump_stack+0x15/0x17
[ 1148.891159][T30928]  should_fail+0x3c0/0x510
[ 1148.895415][T30928]  __should_failslab+0x9f/0xe0
[ 1148.900015][T30928]  should_failslab+0x9/0x20
[ 1148.904354][T30928]  kmem_cache_alloc+0x4f/0x2f0
[ 1148.908957][T30928]  ? vm_area_dup+0x26/0x1d0
[ 1148.913292][T30928]  vm_area_dup+0x26/0x1d0
[ 1148.917458][T30928]  dup_mmap+0x6b8/0xea0
[ 1148.921449][T30928]  ? __delayed_free_task+0x20/0x20
[ 1148.926395][T30928]  ? mm_init+0x807/0x960
[ 1148.930475][T30928]  dup_mm+0x91/0x330
[ 1148.934212][T30928]  copy_mm+0x108/0x1b0
[ 1148.938116][T30928]  copy_process+0x1295/0x3250
[ 1148.942627][T30928]  ? proc_fail_nth_write+0x213/0x290
[ 1148.947751][T30928]  ? proc_fail_nth_read+0x220/0x220
[ 1148.952790][T30928]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1148.957729][T30928]  ? vfs_write+0x9af/0x1050
[ 1148.962081][T30928]  ? vmacache_update+0xb7/0x120
[ 1148.966891][T30928]  kernel_clone+0x22d/0x990
[ 1148.971230][T30928]  ? file_end_write+0x1b0/0x1b0
[ 1148.975908][T30928]  ? __kasan_check_write+0x14/0x20
[ 1148.980862][T30928]  ? create_io_thread+0x1e0/0x1e0
[ 1148.985717][T30928]  ? __mutex_lock_slowpath+0x10/0x10
[ 1148.990856][T30928]  __x64_sys_clone+0x289/0x310
[ 1148.995440][T30928]  ? __do_sys_vfork+0x130/0x130
[ 1149.000128][T30928]  ? debug_smp_processor_id+0x17/0x20
[ 1149.005330][T30928]  do_syscall_64+0x44/0xd0
[ 1149.009588][T30928]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.015314][T30928] RIP: 0033:0x7f263a8c35a9
[ 1149.019566][T30928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1149.039012][T30928] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1149.047261][T30928] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1149.055060][T30928] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1149.062873][T30928] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1149.070687][T30928] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1149.078495][T30928] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1149.086311][T30928]  </TASK>
06:33:46 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x5, &(0x7f0000000100)) (async)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)

06:33:46 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)

06:33:46 executing program 2:
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:46 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:46 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)

06:33:46 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x0, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:46 executing program 2:
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), &(0x7f00000000c0)=0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)

[ 1149.295033][T30942] FAULT_INJECTION: forcing a failure.
[ 1149.295033][T30942] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1149.309111][T30942] CPU: 1 PID: 30942 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1149.319184][T30942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1149.329075][T30942] Call Trace:
[ 1149.332206][T30942]  <TASK>
[ 1149.334982][T30942]  dump_stack_lvl+0x151/0x1b7
[ 1149.339582][T30942]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1149.344875][T30942]  dump_stack+0x15/0x17
[ 1149.348864][T30942]  should_fail+0x3c0/0x510
[ 1149.353116][T30942]  should_fail_alloc_page+0x58/0x70
[ 1149.358151][T30942]  __alloc_pages+0x1de/0x7c0
[ 1149.362580][T30942]  ? __count_vm_events+0x30/0x30
[ 1149.367351][T30942]  ? __this_cpu_preempt_check+0x13/0x20
[ 1149.372730][T30942]  ? __mod_node_page_state+0xac/0xf0
[ 1149.377852][T30942]  pte_alloc_one+0x73/0x1b0
[ 1149.382194][T30942]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1149.387431][T30942]  __pte_alloc+0x86/0x350
[ 1149.391594][T30942]  ? free_pgtables+0x210/0x210
[ 1149.396194][T30942]  ? _raw_spin_lock+0xa3/0x1b0
[ 1149.400788][T30942]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1149.405997][T30942]  ? __kernel_text_address+0x9a/0x110
[ 1149.411319][T30942]  copy_pte_range+0x1b1f/0x20b0
[ 1149.416005][T30942]  ? __kunmap_atomic+0x80/0x80
[ 1149.420597][T30942]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1149.425474][T30942]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1149.430315][T30942]  ? kmem_cache_alloc+0x189/0x2f0
[ 1149.435176][T30942]  ? vm_area_dup+0x26/0x1d0
[ 1149.439515][T30942]  ? dup_mmap+0x6b8/0xea0
[ 1149.443682][T30942]  ? dup_mm+0x91/0x330
[ 1149.447591][T30942]  ? copy_mm+0x108/0x1b0
[ 1149.451666][T30942]  ? copy_process+0x1295/0x3250
[ 1149.456357][T30942]  ? kernel_clone+0x22d/0x990
[ 1149.460866][T30942]  ? __x64_sys_clone+0x289/0x310
[ 1149.465640][T30942]  ? do_syscall_64+0x44/0xd0
[ 1149.470067][T30942]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.475975][T30942]  copy_page_range+0xc1e/0x1090
[ 1149.480655][T30942]  ? pfn_valid+0x1e0/0x1e0
[ 1149.484919][T30942]  dup_mmap+0x99f/0xea0
[ 1149.488903][T30942]  ? __delayed_free_task+0x20/0x20
[ 1149.493968][T30942]  ? mm_init+0x807/0x960
[ 1149.498051][T30942]  dup_mm+0x91/0x330
[ 1149.501880][T30942]  copy_mm+0x108/0x1b0
[ 1149.505794][T30942]  copy_process+0x1295/0x3250
[ 1149.510308][T30942]  ? proc_fail_nth_write+0x213/0x290
[ 1149.515422][T30942]  ? proc_fail_nth_read+0x220/0x220
[ 1149.520462][T30942]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1149.525441][T30942]  ? vfs_write+0x9af/0x1050
[ 1149.530000][T30942]  ? vmacache_update+0xb7/0x120
[ 1149.534682][T30942]  kernel_clone+0x22d/0x990
[ 1149.539049][T30942]  ? file_end_write+0x1b0/0x1b0
[ 1149.543849][T30942]  ? __kasan_check_write+0x14/0x20
[ 1149.548796][T30942]  ? create_io_thread+0x1e0/0x1e0
[ 1149.553661][T30942]  ? __mutex_lock_slowpath+0x10/0x10
[ 1149.558782][T30942]  __x64_sys_clone+0x289/0x310
[ 1149.563375][T30942]  ? __do_sys_vfork+0x130/0x130
[ 1149.568151][T30942]  ? debug_smp_processor_id+0x17/0x20
[ 1149.573355][T30942]  do_syscall_64+0x44/0xd0
[ 1149.577695][T30942]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.583420][T30942] RIP: 0033:0x7f263a8c35a9
[ 1149.587674][T30942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1149.607205][T30942] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1149.615447][T30942] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1149.623260][T30942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1149.631073][T30942] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:33:46 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400)

06:33:46 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:46 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)

06:33:46 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400)

06:33:46 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async, rerun: 64)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400) (rerun: 64)

[ 1149.639060][T30942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1149.646865][T30942] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1149.654677][T30942]  </TASK>
[ 1149.683240][T30962] FAULT_INJECTION: forcing a failure.
[ 1149.683240][T30962] name failslab, interval 1, probability 0, space 0, times 0
[ 1149.699482][T30962] CPU: 1 PID: 30962 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1149.709553][T30962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1149.719446][T30962] Call Trace:
[ 1149.722566][T30962]  <TASK>
[ 1149.725345][T30962]  dump_stack_lvl+0x151/0x1b7
[ 1149.729859][T30962]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1149.735157][T30962]  dump_stack+0x15/0x17
[ 1149.739146][T30962]  should_fail+0x3c0/0x510
[ 1149.743408][T30962]  __should_failslab+0x9f/0xe0
[ 1149.747998][T30962]  should_failslab+0x9/0x20
[ 1149.752349][T30962]  kmem_cache_alloc+0x4f/0x2f0
[ 1149.756940][T30962]  ? vm_area_dup+0x26/0x1d0
[ 1149.761280][T30962]  vm_area_dup+0x26/0x1d0
[ 1149.765442][T30962]  dup_mmap+0x6b8/0xea0
[ 1149.769443][T30962]  ? __delayed_free_task+0x20/0x20
[ 1149.774383][T30962]  ? mm_init+0x807/0x960
[ 1149.778463][T30962]  dup_mm+0x91/0x330
[ 1149.782318][T30962]  copy_mm+0x108/0x1b0
[ 1149.786207][T30962]  copy_process+0x1295/0x3250
[ 1149.790724][T30962]  ? proc_fail_nth_write+0x213/0x290
[ 1149.795845][T30962]  ? proc_fail_nth_read+0x220/0x220
[ 1149.800995][T30962]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1149.805951][T30962]  ? vfs_write+0x9af/0x1050
[ 1149.810383][T30962]  ? vmacache_update+0xb7/0x120
[ 1149.815154][T30962]  kernel_clone+0x22d/0x990
[ 1149.819491][T30962]  ? file_end_write+0x1b0/0x1b0
[ 1149.824190][T30962]  ? __kasan_check_write+0x14/0x20
[ 1149.829288][T30962]  ? create_io_thread+0x1e0/0x1e0
[ 1149.834258][T30962]  ? __mutex_lock_slowpath+0x10/0x10
[ 1149.839374][T30962]  __x64_sys_clone+0x289/0x310
[ 1149.843976][T30962]  ? __do_sys_vfork+0x130/0x130
[ 1149.848662][T30962]  ? debug_smp_processor_id+0x17/0x20
[ 1149.853871][T30962]  do_syscall_64+0x44/0xd0
[ 1149.858124][T30962]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.863855][T30962] RIP: 0033:0x7f263a8c35a9
[ 1149.868102][T30962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1149.887548][T30962] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:33:47 executing program 3:
clock_gettime(0x5, &(0x7f0000000100)={0x0, <r0=>0x0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})

06:33:47 executing program 2:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000024c0)={{{@in=@local, @in=@private=0xa010102, 0x4e23, 0x0, 0x4e22, 0x7, 0xa, 0x20, 0x0, 0x8, 0x0, 0xee01}, {0x1, 0x6, 0xe9c2, 0xffffffffffffff0b, 0x3ff, 0x2, 0xd8dc, 0x7ff}, {0x5, 0x20, 0x6d, 0xe8}, 0x5, 0x6e6bbc, 0x1, 0x0, 0x2, 0x1}, {{@in=@multicast2, 0x4d4, 0x33}, 0x2, @in=@local, 0x3503, 0x0, 0x1, 0x9, 0x9, 0xfff, 0x2}}, 0xe8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000002780)={0x9, {{0x2, 0x4e22, @local}}, 0x0, 0x3, [{{0x2, 0x4e20, @rand_addr=0x64010101}}, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e22, @rand_addr=0x64010101}}]}, 0x210)
r3 = fsopen(&(0x7f00000029c0)='iso9660\x00', 0x0)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', &(0x7f0000002ac0)={0x605000, 0x10, 0x2}, 0x18)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000002a00)='nat\x00', &(0x7f0000002a40)='./file0\x00', r4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x9, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020, 0x0, 0x0, <r6=>0x0}, 0x2020)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000023c0)={{{@in=@rand_addr=0x64010100, @in=@loopback, 0x4e23, 0x1000, 0x4e20, 0x4, 0x2, 0x0, 0x40, 0x33, r5, r6}, {0x3d19, 0x7, 0x9, 0xc1b, 0x3, 0x5, 0x35, 0x7f5}, {0x0, 0x6, 0x7fffffffffffffff, 0x9}, 0x5, 0x0, 0x1, 0x0, 0x2}, {{@in=@empty, 0x4d3, 0xff}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x34ff, 0x4, 0x2, 0x40, 0x3, 0x80000000, 0x4}}, 0xe8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x1)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000026c0)={'nat\x00', 0x0, 0x4, 0x32, [0x2, 0x8001, 0x400, 0x0, 0x3, 0x3], 0xa, &(0x7f00000025c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000002680)=""/50}, &(0x7f0000002740)=0x78)

06:33:47 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:47 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:47 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x0, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:47 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)

[ 1149.895789][T30962] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1149.903598][T30962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1149.911411][T30962] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1149.919228][T30962] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1149.927034][T30962] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1149.934847][T30962]  </TASK>
06:33:47 executing program 2:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000024c0)={{{@in=@local, @in=@private=0xa010102, 0x4e23, 0x0, 0x4e22, 0x7, 0xa, 0x20, 0x0, 0x8, 0x0, 0xee01}, {0x1, 0x6, 0xe9c2, 0xffffffffffffff0b, 0x3ff, 0x2, 0xd8dc, 0x7ff}, {0x5, 0x20, 0x6d, 0xe8}, 0x5, 0x6e6bbc, 0x1, 0x0, 0x2, 0x1}, {{@in=@multicast2, 0x4d4, 0x33}, 0x2, @in=@local, 0x3503, 0x0, 0x1, 0x9, 0x9, 0xfff, 0x2}}, 0xe8) (async, rerun: 64)
r2 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 64)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000002780)={0x9, {{0x2, 0x4e22, @local}}, 0x0, 0x3, [{{0x2, 0x4e20, @rand_addr=0x64010101}}, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e22, @rand_addr=0x64010101}}]}, 0x210) (async)
r3 = fsopen(&(0x7f00000029c0)='iso9660\x00', 0x0) (async)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', &(0x7f0000002ac0)={0x605000, 0x10, 0x2}, 0x18)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000002a00)='nat\x00', &(0x7f0000002a40)='./file0\x00', r4) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x9, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000200)}}, 0x10) (async, rerun: 64)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020, 0x0, 0x0, <r6=>0x0}, 0x2020)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000023c0)={{{@in=@rand_addr=0x64010100, @in=@loopback, 0x4e23, 0x1000, 0x4e20, 0x4, 0x2, 0x0, 0x40, 0x33, r5, r6}, {0x3d19, 0x7, 0x9, 0xc1b, 0x3, 0x5, 0x35, 0x7f5}, {0x0, 0x6, 0x7fffffffffffffff, 0x9}, 0x5, 0x0, 0x1, 0x0, 0x2}, {{@in=@empty, 0x4d3, 0xff}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x34ff, 0x4, 0x2, 0x40, 0x3, 0x80000000, 0x4}}, 0xe8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x1)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000026c0)={'nat\x00', 0x0, 0x4, 0x32, [0x2, 0x8001, 0x400, 0x0, 0x3, 0x3], 0xa, &(0x7f00000025c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000002680)=""/50}, &(0x7f0000002740)=0x78)

06:33:47 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:47 executing program 2:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000024c0)={{{@in=@local, @in=@private=0xa010102, 0x4e23, 0x0, 0x4e22, 0x7, 0xa, 0x20, 0x0, 0x8, 0x0, 0xee01}, {0x1, 0x6, 0xe9c2, 0xffffffffffffff0b, 0x3ff, 0x2, 0xd8dc, 0x7ff}, {0x5, 0x20, 0x6d, 0xe8}, 0x5, 0x6e6bbc, 0x1, 0x0, 0x2, 0x1}, {{@in=@multicast2, 0x4d4, 0x33}, 0x2, @in=@local, 0x3503, 0x0, 0x1, 0x9, 0x9, 0xfff, 0x2}}, 0xe8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000002780)={0x9, {{0x2, 0x4e22, @local}}, 0x0, 0x3, [{{0x2, 0x4e20, @rand_addr=0x64010101}}, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e22, @rand_addr=0x64010101}}]}, 0x210)
r3 = fsopen(&(0x7f00000029c0)='iso9660\x00', 0x0)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', &(0x7f0000002ac0)={0x605000, 0x10, 0x2}, 0x18)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000002a00)='nat\x00', &(0x7f0000002a40)='./file0\x00', r4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x9, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020, 0x0, 0x0, <r6=>0x0}, 0x2020)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000023c0)={{{@in=@rand_addr=0x64010100, @in=@loopback, 0x4e23, 0x1000, 0x4e20, 0x4, 0x2, 0x0, 0x40, 0x33, r5, r6}, {0x3d19, 0x7, 0x9, 0xc1b, 0x3, 0x5, 0x35, 0x7f5}, {0x0, 0x6, 0x7fffffffffffffff, 0x9}, 0x5, 0x0, 0x1, 0x0, 0x2}, {{@in=@empty, 0x4d3, 0xff}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x34ff, 0x4, 0x2, 0x40, 0x3, 0x80000000, 0x4}}, 0xe8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x1)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000026c0)={'nat\x00', 0x0, 0x4, 0x32, [0x2, 0x8001, 0x400, 0x0, 0x3, 0x3], 0xa, &(0x7f00000025c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000002680)=""/50}, &(0x7f0000002740)=0x78)
socket$inet_udp(0x2, 0x2, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r1, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000024c0)={{{@in=@local, @in=@private=0xa010102, 0x4e23, 0x0, 0x4e22, 0x7, 0xa, 0x20, 0x0, 0x8, 0x0, 0xee01}, {0x1, 0x6, 0xe9c2, 0xffffffffffffff0b, 0x3ff, 0x2, 0xd8dc, 0x7ff}, {0x5, 0x20, 0x6d, 0xe8}, 0x5, 0x6e6bbc, 0x1, 0x0, 0x2, 0x1}, {{@in=@multicast2, 0x4d4, 0x33}, 0x2, @in=@local, 0x3503, 0x0, 0x1, 0x9, 0x9, 0xfff, 0x2}}, 0xe8) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000002780)={0x9, {{0x2, 0x4e22, @local}}, 0x0, 0x3, [{{0x2, 0x4e20, @rand_addr=0x64010101}}, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e22, @rand_addr=0x64010101}}]}, 0x210) (async)
fsopen(&(0x7f00000029c0)='iso9660\x00', 0x0) (async)
openat2$dir(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', &(0x7f0000002ac0)={0x605000, 0x10, 0x2}, 0x18) (async)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000002a00)='nat\x00', &(0x7f0000002a40)='./file0\x00', r4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000200)}}, 0x10) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x2020) (async)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000023c0)={{{@in=@rand_addr=0x64010100, @in=@loopback, 0x4e23, 0x1000, 0x4e20, 0x4, 0x2, 0x0, 0x40, 0x33, r5, r6}, {0x3d19, 0x7, 0x9, 0xc1b, 0x3, 0x5, 0x35, 0x7f5}, {0x0, 0x6, 0x7fffffffffffffff, 0x9}, 0x5, 0x0, 0x1, 0x0, 0x2}, {{@in=@empty, 0x4d3, 0xff}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x34ff, 0x4, 0x2, 0x40, 0x3, 0x80000000, 0x4}}, 0xe8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x1) (async)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000026c0)={'nat\x00', 0x0, 0x4, 0x32, [0x2, 0x8001, 0x400, 0x0, 0x3, 0x3], 0xa, &(0x7f00000025c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000002680)=""/50}, &(0x7f0000002740)=0x78) (async)

[ 1149.959873][T30978] FAULT_INJECTION: forcing a failure.
[ 1149.959873][T30978] name failslab, interval 1, probability 0, space 0, times 0
[ 1149.979002][T30978] CPU: 1 PID: 30978 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1149.989090][T30978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1149.999073][T30978] Call Trace:
[ 1150.002312][T30978]  <TASK>
[ 1150.005098][T30978]  dump_stack_lvl+0x151/0x1b7
06:33:47 executing program 2:
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

06:33:47 executing program 2:
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) (async)

[ 1150.009606][T30978]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1150.014898][T30978]  dump_stack+0x15/0x17
[ 1150.018890][T30978]  should_fail+0x3c0/0x510
[ 1150.023148][T30978]  __should_failslab+0x9f/0xe0
[ 1150.027741][T30978]  should_failslab+0x9/0x20
[ 1150.032084][T30978]  kmem_cache_alloc+0x4f/0x2f0
[ 1150.036679][T30978]  ? vm_area_dup+0x26/0x1d0
[ 1150.041027][T30978]  vm_area_dup+0x26/0x1d0
[ 1150.045185][T30978]  dup_mmap+0x6b8/0xea0
[ 1150.049180][T30978]  ? __delayed_free_task+0x20/0x20
[ 1150.055609][T30978]  ? mm_init+0x807/0x960
06:33:47 executing program 2:
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

[ 1150.059682][T30978]  dup_mm+0x91/0x330
[ 1150.063423][T30978]  copy_mm+0x108/0x1b0
[ 1150.067323][T30978]  copy_process+0x1295/0x3250
[ 1150.071834][T30978]  ? proc_fail_nth_write+0x213/0x290
[ 1150.077035][T30978]  ? proc_fail_nth_read+0x220/0x220
[ 1150.082073][T30978]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1150.087021][T30978]  ? vfs_write+0x9af/0x1050
[ 1150.091505][T30978]  ? vmacache_update+0xb7/0x120
[ 1150.096180][T30978]  kernel_clone+0x22d/0x990
[ 1150.100517][T30978]  ? file_end_write+0x1b0/0x1b0
[ 1150.105352][T30978]  ? __kasan_check_write+0x14/0x20
[ 1150.110298][T30978]  ? create_io_thread+0x1e0/0x1e0
[ 1150.115165][T30978]  ? __mutex_lock_slowpath+0x10/0x10
[ 1150.120281][T30978]  __x64_sys_clone+0x289/0x310
[ 1150.124902][T30978]  ? __do_sys_vfork+0x130/0x130
[ 1150.129564][T30978]  ? debug_smp_processor_id+0x17/0x20
[ 1150.134771][T30978]  do_syscall_64+0x44/0xd0
[ 1150.139034][T30978]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1150.145230][T30978] RIP: 0033:0x7f263a8c35a9
[ 1150.149479][T30978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1150.168925][T30978] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1150.177169][T30978] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1150.184989][T30978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1150.192791][T30978] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1150.200601][T30978] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:47 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:47 executing program 2:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000100)='trusted\x00', 0x0, 0x0, 0x0, r0)
pipe2$watch_queue(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x3b)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:47 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:47 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:47 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)

06:33:47 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f00000002c0))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
pselect6(0x40, &(0x7f0000000300)={0x6, 0xffffffff, 0x80, 0x1, 0x8, 0x4, 0xff, 0x7}, &(0x7f0000000340)={0x7ff, 0x6, 0x8c, 0x6, 0x4, 0x401, 0x1, 0x7f}, &(0x7f0000000380)={0x1, 0x8000000000000001, 0x4, 0x10000, 0x80000001, 0x9, 0x2, 0x2}, &(0x7f00000003c0)={0x0, 0x989680}, &(0x7f0000000440)={&(0x7f0000000400)={[0x54]}, 0x8})
pselect6(0x40, &(0x7f0000000000)={0xbb, 0x7, 0xad, 0x1f, 0x2, 0x0, 0x5, 0x8}, &(0x7f0000000040)={0x3, 0x80000000, 0xed77, 0x0, 0x40, 0x0, 0x0, 0x100000001}, &(0x7f0000000080)={0xce, 0x1, 0xc28, 0xd46c000000000000, 0x3, 0x5, 0x80000001, 0x7ff}, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1]}, 0x8})
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000280))

06:33:47 executing program 2:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000100)='trusted\x00', 0x0, 0x0, 0x0, r0) (async)
pipe2$watch_queue(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x3b) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1150.208417][T30978] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1150.216234][T30978]  </TASK>
[ 1150.248229][T31023] FAULT_INJECTION: forcing a failure.
[ 1150.248229][T31023] name fail_page_alloc, interval 1, probability 0, space 0, times 0
06:33:47 executing program 2:
r0 = add_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="be", 0x1, 0xffffffffffffffff)
add_key(&(0x7f0000000100)='trusted\x00', 0x0, 0x0, 0x0, r0)
pipe2$watch_queue(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x3b) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:47 executing program 2:
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000080)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x49, 0x0, "95a7512907ae9c2eee44589aefe34a230b33b4ee9dcb25096f03411de671b8a42d4da95ee62279f50de9f2c3b95fb13cc12ebfa1c5290e485f5d220b79afad0fde7fd034e43dc0d27e0a41cb3e60928d"}, 0xd8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1150.261450][T31023] CPU: 0 PID: 31023 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1150.271509][T31023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1150.281575][T31023] Call Trace:
[ 1150.284789][T31023]  <TASK>
[ 1150.287574][T31023]  dump_stack_lvl+0x151/0x1b7
[ 1150.292253][T31023]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1150.297641][T31023]  dump_stack+0x15/0x17
[ 1150.301626][T31023]  should_fail+0x3c0/0x510
[ 1150.305889][T31023]  should_fail_alloc_page+0x58/0x70
06:33:47 executing program 2:
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000080)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x49, 0x0, "95a7512907ae9c2eee44589aefe34a230b33b4ee9dcb25096f03411de671b8a42d4da95ee62279f50de9f2c3b95fb13cc12ebfa1c5290e485f5d220b79afad0fde7fd034e43dc0d27e0a41cb3e60928d"}, 0xd8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:47 executing program 2:
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000080)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x49, 0x0, "95a7512907ae9c2eee44589aefe34a230b33b4ee9dcb25096f03411de671b8a42d4da95ee62279f50de9f2c3b95fb13cc12ebfa1c5290e485f5d220b79afad0fde7fd034e43dc0d27e0a41cb3e60928d"}, 0xd8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1150.310912][T31023]  __alloc_pages+0x1de/0x7c0
[ 1150.315429][T31023]  ? __count_vm_events+0x30/0x30
[ 1150.320201][T31023]  ? __this_cpu_preempt_check+0x13/0x20
[ 1150.325581][T31023]  ? __mod_node_page_state+0xac/0xf0
[ 1150.330704][T31023]  pte_alloc_one+0x73/0x1b0
[ 1150.335039][T31023]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1150.340077][T31023]  __pte_alloc+0x86/0x350
[ 1150.344253][T31023]  ? free_pgtables+0x210/0x210
[ 1150.348839][T31023]  ? _raw_spin_lock+0xa3/0x1b0
[ 1150.353440][T31023]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
06:33:47 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

[ 1150.358647][T31023]  ? __kernel_text_address+0x9a/0x110
[ 1150.363860][T31023]  copy_pte_range+0x1b1f/0x20b0
[ 1150.368550][T31023]  ? __kunmap_atomic+0x80/0x80
[ 1150.373143][T31023]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1150.378003][T31023]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1150.382949][T31023]  ? kmem_cache_alloc+0x189/0x2f0
[ 1150.387808][T31023]  ? vm_area_dup+0x26/0x1d0
[ 1150.392152][T31023]  ? dup_mmap+0x6b8/0xea0
[ 1150.396317][T31023]  ? dup_mm+0x91/0x330
[ 1150.400216][T31023]  ? copy_mm+0x108/0x1b0
[ 1150.404295][T31023]  ? copy_process+0x1295/0x3250
[ 1150.408981][T31023]  ? kernel_clone+0x22d/0x990
[ 1150.413501][T31023]  ? __x64_sys_clone+0x289/0x310
[ 1150.418273][T31023]  ? do_syscall_64+0x44/0xd0
[ 1150.422702][T31023]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1150.428603][T31023]  copy_page_range+0xc1e/0x1090
[ 1150.433296][T31023]  ? pfn_valid+0x1e0/0x1e0
[ 1150.437539][T31023]  dup_mmap+0x99f/0xea0
[ 1150.441878][T31023]  ? __delayed_free_task+0x20/0x20
[ 1150.446834][T31023]  ? mm_init+0x807/0x960
[ 1150.450901][T31023]  dup_mm+0x91/0x330
[ 1150.454638][T31023]  copy_mm+0x108/0x1b0
[ 1150.458717][T31023]  copy_process+0x1295/0x3250
[ 1150.463229][T31023]  ? proc_fail_nth_write+0x213/0x290
[ 1150.468355][T31023]  ? proc_fail_nth_read+0x220/0x220
[ 1150.473400][T31023]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1150.478417][T31023]  ? vfs_write+0x9af/0x1050
[ 1150.482764][T31023]  ? vmacache_update+0xb7/0x120
[ 1150.487445][T31023]  kernel_clone+0x22d/0x990
[ 1150.491786][T31023]  ? file_end_write+0x1b0/0x1b0
[ 1150.496685][T31023]  ? __kasan_check_write+0x14/0x20
[ 1150.501622][T31023]  ? create_io_thread+0x1e0/0x1e0
[ 1150.506482][T31023]  ? __mutex_lock_slowpath+0x10/0x10
[ 1150.511602][T31023]  __x64_sys_clone+0x289/0x310
[ 1150.516201][T31023]  ? __do_sys_vfork+0x130/0x130
[ 1150.520889][T31023]  ? debug_smp_processor_id+0x17/0x20
[ 1150.526212][T31023]  do_syscall_64+0x44/0xd0
[ 1150.530723][T31023]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1150.536546][T31023] RIP: 0033:0x7f263a8c35a9
[ 1150.540790][T31023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1150.560238][T31023] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1150.568479][T31023] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1150.576284][T31023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1150.584094][T31023] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1150.591909][T31023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1150.599719][T31023] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1150.607531][T31023]  </TASK>
06:33:48 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:48 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8) (async)

06:33:48 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)

06:33:48 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:48 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0}) (async)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f00000002c0))
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
pselect6(0x40, &(0x7f0000000300)={0x6, 0xffffffff, 0x80, 0x1, 0x8, 0x4, 0xff, 0x7}, &(0x7f0000000340)={0x7ff, 0x6, 0x8c, 0x6, 0x4, 0x401, 0x1, 0x7f}, &(0x7f0000000380)={0x1, 0x8000000000000001, 0x4, 0x10000, 0x80000001, 0x9, 0x2, 0x2}, &(0x7f00000003c0)={0x0, 0x989680}, &(0x7f0000000440)={&(0x7f0000000400)={[0x54]}, 0x8}) (async)
pselect6(0x40, &(0x7f0000000000)={0xbb, 0x7, 0xad, 0x1f, 0x2, 0x0, 0x5, 0x8}, &(0x7f0000000040)={0x3, 0x80000000, 0xed77, 0x0, 0x40, 0x0, 0x0, 0x100000001}, &(0x7f0000000080)={0xce, 0x1, 0xc28, 0xd46c000000000000, 0x3, 0x5, 0x80000001, 0x7ff}, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1]}, 0x8}) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000280))

06:33:48 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:48 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:48 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0) (async)
sched_rr_get_interval(r1, &(0x7f00000002c0)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
pselect6(0x40, &(0x7f0000000300)={0x6, 0xffffffff, 0x80, 0x1, 0x8, 0x4, 0xff, 0x7}, &(0x7f0000000340)={0x7ff, 0x6, 0x8c, 0x6, 0x4, 0x401, 0x1, 0x7f}, &(0x7f0000000380)={0x1, 0x8000000000000001, 0x4, 0x10000, 0x80000001, 0x9, 0x2, 0x2}, &(0x7f00000003c0)={0x0, 0x989680}, &(0x7f0000000440)={&(0x7f0000000400)={[0x54]}, 0x8}) (async)
pselect6(0x40, &(0x7f0000000000)={0xbb, 0x7, 0xad, 0x1f, 0x2, 0x0, 0x5, 0x8}, &(0x7f0000000040)={0x3, 0x80000000, 0xed77, 0x0, 0x40, 0x0, 0x0, 0x100000001}, &(0x7f0000000080)={0xce, 0x1, 0xc28, 0xd46c000000000000, 0x3, 0x5, 0x80000001, 0x7ff}, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000240)={&(0x7f0000000200)={[0x1]}, 0x8}) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000280))

[ 1151.085171][T31057] FAULT_INJECTION: forcing a failure.
[ 1151.085171][T31057] name failslab, interval 1, probability 0, space 0, times 0
[ 1151.101135][T31057] CPU: 0 PID: 31057 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1151.111221][T31057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1151.121108][T31057] Call Trace:
[ 1151.124230][T31057]  <TASK>
[ 1151.127006][T31057]  dump_stack_lvl+0x151/0x1b7
[ 1151.131519][T31057]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1151.136819][T31057]  dump_stack+0x15/0x17
[ 1151.141191][T31057]  should_fail+0x3c0/0x510
[ 1151.145442][T31057]  __should_failslab+0x9f/0xe0
[ 1151.150039][T31057]  should_failslab+0x9/0x20
[ 1151.154379][T31057]  kmem_cache_alloc+0x4f/0x2f0
[ 1151.158983][T31057]  ? vm_area_dup+0x26/0x1d0
[ 1151.163319][T31057]  vm_area_dup+0x26/0x1d0
[ 1151.167488][T31057]  dup_mmap+0x6b8/0xea0
[ 1151.171478][T31057]  ? __delayed_free_task+0x20/0x20
[ 1151.176531][T31057]  ? mm_init+0x807/0x960
[ 1151.180609][T31057]  dup_mm+0x91/0x330
[ 1151.184348][T31057]  copy_mm+0x108/0x1b0
[ 1151.188328][T31057]  copy_process+0x1295/0x3250
[ 1151.192851][T31057]  ? proc_fail_nth_write+0x213/0x290
[ 1151.197961][T31057]  ? proc_fail_nth_read+0x220/0x220
[ 1151.202998][T31057]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1151.208060][T31057]  ? vfs_write+0x9af/0x1050
[ 1151.212394][T31057]  ? vmacache_update+0xb7/0x120
[ 1151.218037][T31057]  kernel_clone+0x22d/0x990
[ 1151.222462][T31057]  ? file_end_write+0x1b0/0x1b0
[ 1151.227153][T31057]  ? __kasan_check_write+0x14/0x20
[ 1151.232097][T31057]  ? create_io_thread+0x1e0/0x1e0
[ 1151.236958][T31057]  ? __mutex_lock_slowpath+0x10/0x10
[ 1151.242076][T31057]  __x64_sys_clone+0x289/0x310
[ 1151.246682][T31057]  ? __do_sys_vfork+0x130/0x130
[ 1151.251491][T31057]  ? debug_smp_processor_id+0x17/0x20
[ 1151.256802][T31057]  do_syscall_64+0x44/0xd0
[ 1151.261053][T31057]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1151.266809][T31057] RIP: 0033:0x7f263a8c35a9
[ 1151.271034][T31057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1151.290473][T31057] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1151.298715][T31057] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1151.306529][T31057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1151.314337][T31057] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1151.322151][T31057] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:48 executing program 2:
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000080)=0x1e)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:48 executing program 2:
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000080)=0x1e) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)

06:33:48 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:48 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1151.329969][T31057] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1151.337775][T31057]  </TASK>
06:33:49 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:49 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

06:33:49 executing program 2:
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000080)=0x1e)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8)
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000080)=0x1e) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040), 0x8) (async)

06:33:49 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:49 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'})
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000000)='lazytime\x00', 0x0, 0x0)

06:33:49 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x0, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff002}, 0x8)

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff002}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff002}, 0x8) (async)

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff002}, 0x8)

[ 1151.931521][T31089] FAULT_INJECTION: forcing a failure.
[ 1151.931521][T31089] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1151.946837][T31089] CPU: 1 PID: 31089 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1151.956912][T31089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1151.966799][T31089] Call Trace:
[ 1151.969929][T31089]  <TASK>
[ 1151.972695][T31089]  dump_stack_lvl+0x151/0x1b7
06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x1}, 0x18)

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x1}, 0x18)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000000), 0x80) (async)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x1}, 0x18) (async)

06:33:49 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

[ 1151.977216][T31089]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1151.982508][T31089]  dump_stack+0x15/0x17
[ 1151.986500][T31089]  should_fail+0x3c0/0x510
[ 1151.990773][T31089]  should_fail_alloc_page+0x58/0x70
[ 1151.995793][T31089]  __alloc_pages+0x1de/0x7c0
[ 1152.000215][T31089]  ? __count_vm_events+0x30/0x30
[ 1152.004985][T31089]  ? __this_cpu_preempt_check+0x13/0x20
[ 1152.010366][T31089]  ? __mod_node_page_state+0xac/0xf0
[ 1152.015488][T31089]  pte_alloc_one+0x73/0x1b0
[ 1152.019825][T31089]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1152.024871][T31089]  __pte_alloc+0x86/0x350
[ 1152.029030][T31089]  ? free_pgtables+0x210/0x210
[ 1152.033628][T31089]  ? _raw_spin_lock+0xa3/0x1b0
[ 1152.038226][T31089]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1152.043433][T31089]  ? __kernel_text_address+0x9a/0x110
[ 1152.048640][T31089]  copy_pte_range+0x1b1f/0x20b0
[ 1152.053334][T31089]  ? __kunmap_atomic+0x80/0x80
[ 1152.057930][T31089]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1152.062783][T31089]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1152.067650][T31089]  ? kmem_cache_alloc+0x189/0x2f0
[ 1152.072633][T31089]  ? vm_area_dup+0x26/0x1d0
[ 1152.076984][T31089]  ? dup_mmap+0x6b8/0xea0
[ 1152.081133][T31089]  ? dup_mm+0x91/0x330
[ 1152.085042][T31089]  ? copy_mm+0x108/0x1b0
[ 1152.089116][T31089]  ? copy_process+0x1295/0x3250
[ 1152.093804][T31089]  ? kernel_clone+0x22d/0x990
[ 1152.098316][T31089]  ? __x64_sys_clone+0x289/0x310
[ 1152.103106][T31089]  ? do_syscall_64+0x44/0xd0
[ 1152.107516][T31089]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1152.113423][T31089]  copy_page_range+0xc1e/0x1090
[ 1152.118114][T31089]  ? pfn_valid+0x1e0/0x1e0
[ 1152.122361][T31089]  dup_mmap+0x99f/0xea0
[ 1152.126353][T31089]  ? __delayed_free_task+0x20/0x20
[ 1152.131300][T31089]  ? mm_init+0x807/0x960
[ 1152.135384][T31089]  dup_mm+0x91/0x330
[ 1152.139109][T31089]  copy_mm+0x108/0x1b0
[ 1152.143016][T31089]  copy_process+0x1295/0x3250
[ 1152.147529][T31089]  ? proc_fail_nth_write+0x213/0x290
[ 1152.152649][T31089]  ? proc_fail_nth_read+0x220/0x220
[ 1152.157691][T31089]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1152.162629][T31089]  ? vfs_write+0x9af/0x1050
[ 1152.166974][T31089]  ? vmacache_update+0xb7/0x120
[ 1152.171661][T31089]  kernel_clone+0x22d/0x990
[ 1152.175996][T31089]  ? file_end_write+0x1b0/0x1b0
[ 1152.180684][T31089]  ? __kasan_check_write+0x14/0x20
[ 1152.185633][T31089]  ? create_io_thread+0x1e0/0x1e0
[ 1152.190491][T31089]  ? __mutex_lock_slowpath+0x10/0x10
[ 1152.195612][T31089]  __x64_sys_clone+0x289/0x310
[ 1152.200220][T31089]  ? __do_sys_vfork+0x130/0x130
[ 1152.204984][T31089]  ? debug_smp_processor_id+0x17/0x20
[ 1152.210193][T31089]  do_syscall_64+0x44/0xd0
[ 1152.214486][T31089]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1152.220176][T31089] RIP: 0033:0x7f263a8c35a9
[ 1152.224431][T31089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1152.243956][T31089] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1152.252208][T31089] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1152.260009][T31089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1152.267820][T31089] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1152.275634][T31089] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1152.283459][T31089] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1152.291265][T31089]  </TASK>
06:33:49 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x1}, 0x18)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
pipe2$watch_queue(&(0x7f0000000000), 0x80) (async)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x1}, 0x18) (async)

06:33:49 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:49 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:49 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'}) (async)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000000)='lazytime\x00', 0x0, 0x0)

06:33:49 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

06:33:49 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001140)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/4096, 0x1000, <r0=>0x0, &(0x7f0000001080)=""/167, 0xa7}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001180)=r0, 0x4)

[ 1152.775984][T31123] FAULT_INJECTION: forcing a failure.
[ 1152.775984][T31123] name failslab, interval 1, probability 0, space 0, times 0
[ 1152.790117][T31123] CPU: 1 PID: 31123 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1152.800186][T31123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1152.810080][T31123] Call Trace:
[ 1152.813209][T31123]  <TASK>
[ 1152.815980][T31123]  dump_stack_lvl+0x151/0x1b7
[ 1152.820492][T31123]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1152.825789][T31123]  dump_stack+0x15/0x17
[ 1152.829779][T31123]  should_fail+0x3c0/0x510
[ 1152.834034][T31123]  __should_failslab+0x9f/0xe0
[ 1152.838655][T31123]  should_failslab+0x9/0x20
[ 1152.842970][T31123]  kmem_cache_alloc+0x4f/0x2f0
[ 1152.847570][T31123]  ? vm_area_dup+0x26/0x1d0
[ 1152.851919][T31123]  vm_area_dup+0x26/0x1d0
[ 1152.856077][T31123]  dup_mmap+0x6b8/0xea0
[ 1152.860069][T31123]  ? __delayed_free_task+0x20/0x20
[ 1152.865016][T31123]  ? mm_init+0x807/0x960
[ 1152.869095][T31123]  dup_mm+0x91/0x330
[ 1152.872827][T31123]  copy_mm+0x108/0x1b0
[ 1152.876735][T31123]  copy_process+0x1295/0x3250
[ 1152.881249][T31123]  ? proc_fail_nth_write+0x213/0x290
[ 1152.886365][T31123]  ? proc_fail_nth_read+0x220/0x220
[ 1152.891401][T31123]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1152.896351][T31123]  ? vfs_write+0x9af/0x1050
[ 1152.900685][T31123]  ? vmacache_update+0xb7/0x120
[ 1152.905375][T31123]  kernel_clone+0x22d/0x990
[ 1152.909798][T31123]  ? file_end_write+0x1b0/0x1b0
[ 1152.914505][T31123]  ? __kasan_check_write+0x14/0x20
[ 1152.919555][T31123]  ? create_io_thread+0x1e0/0x1e0
[ 1152.924418][T31123]  ? __mutex_lock_slowpath+0x10/0x10
[ 1152.929535][T31123]  __x64_sys_clone+0x289/0x310
[ 1152.934137][T31123]  ? __do_sys_vfork+0x130/0x130
[ 1152.938828][T31123]  ? debug_smp_processor_id+0x17/0x20
[ 1152.944032][T31123]  do_syscall_64+0x44/0xd0
[ 1152.948287][T31123]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1152.954008][T31123] RIP: 0033:0x7f263a8c35a9
[ 1152.958262][T31123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1152.977721][T31123] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1152.985951][T31123] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1152.993773][T31123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1153.001572][T31123] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1153.009402][T31123] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1153.017194][T31123] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
06:33:50 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001140)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/4096, 0x1000, <r0=>0x0, &(0x7f0000001080)=""/167, 0xa7}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001180)=r0, 0x4)

06:33:50 executing program 4:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:50 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001140)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/4096, 0x1000, <r0=>0x0, &(0x7f0000001080)=""/167, 0xa7}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001180)=r0, 0x4)

06:33:50 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

[ 1153.025008][T31123]  </TASK>
06:33:50 executing program 2:
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000080)={@local})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r1, {{0x7fff, 0x8000000000000000, 0x5, r2}}}, 0x28)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r1, {0x8}}, 0x18)

06:33:50 executing program 2:
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000080)={@local}) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r1=>0x0}, 0x2020) (async)
r2 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r1, {{0x7fff, 0x8000000000000000, 0x5, r2}}}, 0x28) (async, rerun: 32)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r1, {0x8}}, 0x18) (rerun: 32)

06:33:50 executing program 2:
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000080)={@local}) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async, rerun: 32)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/block/ram13', 0xce40a4a5842bcb35, 0x6a) (async, rerun: 32)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020, 0x0, <r1=>0x0}, 0x2020) (async)
r2 = getpid()
write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, r1, {{0x7fff, 0x8000000000000000, 0x5, r2}}}, 0x28) (async)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r1, {0x8}}, 0x18)

[ 1153.058055][T31140] FAULT_INJECTION: forcing a failure.
[ 1153.058055][T31140] name failslab, interval 1, probability 0, space 0, times 0
[ 1153.070692][T31140] CPU: 1 PID: 31140 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1153.080839][T31140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1153.090731][T31140] Call Trace:
[ 1153.093854][T31140]  <TASK>
[ 1153.096764][T31140]  dump_stack_lvl+0x151/0x1b7
[ 1153.101282][T31140]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1153.106580][T31140]  dump_stack+0x15/0x17
[ 1153.110562][T31140]  should_fail+0x3c0/0x510
[ 1153.114817][T31140]  __should_failslab+0x9f/0xe0
[ 1153.119415][T31140]  should_failslab+0x9/0x20
[ 1153.123761][T31140]  kmem_cache_alloc+0x4f/0x2f0
[ 1153.128357][T31140]  ? anon_vma_fork+0x1b9/0x4f0
[ 1153.132955][T31140]  anon_vma_fork+0x1b9/0x4f0
[ 1153.137385][T31140]  dup_mmap+0x750/0xea0
[ 1153.141378][T31140]  ? __delayed_free_task+0x20/0x20
[ 1153.146320][T31140]  ? mm_init+0x807/0x960
[ 1153.150400][T31140]  dup_mm+0x91/0x330
[ 1153.154147][T31140]  copy_mm+0x108/0x1b0
[ 1153.158039][T31140]  copy_process+0x1295/0x3250
[ 1153.162550][T31140]  ? proc_fail_nth_write+0x213/0x290
[ 1153.167672][T31140]  ? proc_fail_nth_read+0x220/0x220
[ 1153.172705][T31140]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1153.177651][T31140]  ? vfs_write+0x9af/0x1050
[ 1153.181990][T31140]  ? vmacache_update+0xb7/0x120
[ 1153.186677][T31140]  kernel_clone+0x22d/0x990
[ 1153.191017][T31140]  ? file_end_write+0x1b0/0x1b0
[ 1153.195701][T31140]  ? __kasan_check_write+0x14/0x20
[ 1153.200647][T31140]  ? create_io_thread+0x1e0/0x1e0
[ 1153.205594][T31140]  ? __mutex_lock_slowpath+0x10/0x10
[ 1153.210719][T31140]  __x64_sys_clone+0x289/0x310
[ 1153.215316][T31140]  ? __do_sys_vfork+0x130/0x130
[ 1153.220003][T31140]  ? debug_smp_processor_id+0x17/0x20
[ 1153.225212][T31140]  do_syscall_64+0x44/0xd0
[ 1153.229462][T31140]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1153.235189][T31140] RIP: 0033:0x7f263a8c35a9
[ 1153.239447][T31140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1153.258885][T31140] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1153.267130][T31140] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1153.274940][T31140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1153.282752][T31140] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1153.290579][T31140] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1153.298376][T31140] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1153.306191][T31140]  </TASK>
06:33:50 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:50 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
r2 = geteuid()
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x8, 0xe04b, 0xfc, 0x401, {0x4, 0x1, 0x2f7b, 0x9, 0x8000000000000001, 0x36, 0x7, 0x5, 0x8, 0x1000, 0x1, r2, 0x0, 0x2, 0x9}}, {0x0, 0xe}}}, 0xa0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/189, 0xbd, 0x0, &(0x7f0000000000)=""/41, 0x29}}, 0x10)

06:33:50 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'})
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000000)='lazytime\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'}) (async)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000000)='lazytime\x00', 0x0, 0x0) (async)

06:33:50 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:50 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:50 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
r2 = geteuid()
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x8, 0xe04b, 0xfc, 0x401, {0x4, 0x1, 0x2f7b, 0x9, 0x8000000000000001, 0x36, 0x7, 0x5, 0x8, 0x1000, 0x1, r2, 0x0, 0x2, 0x9}}, {0x0, 0xe}}}, 0xa0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/189, 0xbd, 0x0, &(0x7f0000000000)=""/41, 0x29}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
geteuid() (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x8, 0xe04b, 0xfc, 0x401, {0x4, 0x1, 0x2f7b, 0x9, 0x8000000000000001, 0x36, 0x7, 0x5, 0x8, 0x1000, 0x1, r2, 0x0, 0x2, 0x9}}, {0x0, 0xe}}}, 0xa0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/189, 0xbd, 0x0, &(0x7f0000000000)=""/41, 0x29}}, 0x10) (async)

06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1153.625472][T31164] FAULT_INJECTION: forcing a failure.
[ 1153.625472][T31164] name failslab, interval 1, probability 0, space 0, times 0
[ 1153.639387][T31164] CPU: 0 PID: 31164 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1153.649446][T31164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1153.659347][T31164] Call Trace:
[ 1153.662470][T31164]  <TASK>
[ 1153.665245][T31164]  dump_stack_lvl+0x151/0x1b7
[ 1153.669760][T31164]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:50 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1153.675049][T31164]  dump_stack+0x15/0x17
[ 1153.679043][T31164]  should_fail+0x3c0/0x510
[ 1153.683298][T31164]  __should_failslab+0x9f/0xe0
[ 1153.687896][T31164]  should_failslab+0x9/0x20
[ 1153.692239][T31164]  kmem_cache_alloc+0x4f/0x2f0
[ 1153.696836][T31164]  ? vm_area_dup+0x26/0x1d0
[ 1153.701179][T31164]  vm_area_dup+0x26/0x1d0
[ 1153.705345][T31164]  dup_mmap+0x6b8/0xea0
[ 1153.709333][T31164]  ? __delayed_free_task+0x20/0x20
[ 1153.714287][T31164]  ? mm_init+0x807/0x960
[ 1153.718357][T31164]  dup_mm+0x91/0x330
[ 1153.722098][T31164]  copy_mm+0x108/0x1b0
[ 1153.725996][T31164]  copy_process+0x1295/0x3250
[ 1153.730508][T31164]  ? proc_fail_nth_write+0x213/0x290
[ 1153.735629][T31164]  ? proc_fail_nth_read+0x220/0x220
[ 1153.740667][T31164]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1153.745612][T31164]  ? vfs_write+0x9af/0x1050
[ 1153.749948][T31164]  ? vmacache_update+0xb7/0x120
[ 1153.754638][T31164]  kernel_clone+0x22d/0x990
[ 1153.758975][T31164]  ? file_end_write+0x1b0/0x1b0
[ 1153.763663][T31164]  ? __kasan_check_write+0x14/0x20
[ 1153.768612][T31164]  ? create_io_thread+0x1e0/0x1e0
[ 1153.773473][T31164]  ? __mutex_lock_slowpath+0x10/0x10
[ 1153.778590][T31164]  __x64_sys_clone+0x289/0x310
[ 1153.783194][T31164]  ? __do_sys_vfork+0x130/0x130
[ 1153.787877][T31164]  ? debug_smp_processor_id+0x17/0x20
[ 1153.793087][T31164]  do_syscall_64+0x44/0xd0
[ 1153.797336][T31164]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1153.803064][T31164] RIP: 0033:0x7f263a8c35a9
[ 1153.807325][T31164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1153.826760][T31164] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1153.835013][T31164] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1153.843267][T31164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1153.851066][T31164] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1153.858871][T31164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1153.866702][T31164] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1153.874507][T31164]  </TASK>
06:33:51 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:51 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:51 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
r2 = geteuid()
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x8, 0xe04b, 0xfc, 0x401, {0x4, 0x1, 0x2f7b, 0x9, 0x8000000000000001, 0x36, 0x7, 0x5, 0x8, 0x1000, 0x1, r2, 0x0, 0x2, 0x9}}, {0x0, 0xe}}}, 0xa0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/189, 0xbd, 0x0, &(0x7f0000000000)=""/41, 0x29}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
geteuid() (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0x0, 0x0, {{0x2, 0x2, 0x8, 0xe04b, 0xfc, 0x401, {0x4, 0x1, 0x2f7b, 0x9, 0x8000000000000001, 0x36, 0x7, 0x5, 0x8, 0x1000, 0x1, r2, 0x0, 0x2, 0x9}}, {0x0, 0xe}}}, 0xa0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/189, 0xbd, 0x0, &(0x7f0000000000)=""/41, 0x29}}, 0x10) (async)

06:33:51 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

[ 1154.417983][T31202] FAULT_INJECTION: forcing a failure.
[ 1154.417983][T31202] name failslab, interval 1, probability 0, space 0, times 0
[ 1154.430549][T31202] CPU: 1 PID: 31202 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1154.440610][T31202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1154.450511][T31202] Call Trace:
[ 1154.453626][T31202]  <TASK>
[ 1154.456405][T31202]  dump_stack_lvl+0x151/0x1b7
[ 1154.460918][T31202]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1154.466319][T31202]  dump_stack+0x15/0x17
[ 1154.470306][T31202]  should_fail+0x3c0/0x510
[ 1154.474561][T31202]  __should_failslab+0x9f/0xe0
[ 1154.479157][T31202]  should_failslab+0x9/0x20
[ 1154.483502][T31202]  kmem_cache_alloc+0x4f/0x2f0
[ 1154.488096][T31202]  ? vm_area_dup+0x26/0x1d0
[ 1154.492432][T31202]  ? __kasan_check_read+0x11/0x20
[ 1154.497295][T31202]  vm_area_dup+0x26/0x1d0
[ 1154.501460][T31202]  dup_mmap+0x6b8/0xea0
[ 1154.505451][T31202]  ? __delayed_free_task+0x20/0x20
[ 1154.510400][T31202]  ? mm_init+0x807/0x960
[ 1154.514478][T31202]  dup_mm+0x91/0x330
[ 1154.518208][T31202]  copy_mm+0x108/0x1b0
[ 1154.522125][T31202]  copy_process+0x1295/0x3250
[ 1154.526629][T31202]  ? proc_fail_nth_write+0x213/0x290
[ 1154.531749][T31202]  ? proc_fail_nth_read+0x220/0x220
[ 1154.536785][T31202]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1154.541728][T31202]  ? vfs_write+0x9af/0x1050
[ 1154.546068][T31202]  ? vmacache_update+0xb7/0x120
[ 1154.550759][T31202]  kernel_clone+0x22d/0x990
[ 1154.555096][T31202]  ? file_end_write+0x1b0/0x1b0
[ 1154.559783][T31202]  ? __kasan_check_write+0x14/0x20
[ 1154.564727][T31202]  ? create_io_thread+0x1e0/0x1e0
[ 1154.569589][T31202]  ? __mutex_lock_slowpath+0x10/0x10
[ 1154.574718][T31202]  __x64_sys_clone+0x289/0x310
[ 1154.579312][T31202]  ? __do_sys_vfork+0x130/0x130
[ 1154.583999][T31202]  ? debug_smp_processor_id+0x17/0x20
[ 1154.589212][T31202]  do_syscall_64+0x44/0xd0
[ 1154.593461][T31202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1154.599192][T31202] RIP: 0033:0x7f263a8c35a9
[ 1154.603443][T31202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1154.622892][T31202] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1154.631128][T31202] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1154.638936][T31202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1154.646747][T31202] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1154.654565][T31202] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:51 executing program 3:
clock_gettime(0x3, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000000c0)={&(0x7f0000000080), 0x8})
pselect6(0x40, &(0x7f0000000040)={0x6, 0xfffffffffffffeff, 0x4, 0xd527, 0x4, 0x9, 0x8, 0x8000000000000001}, &(0x7f0000000100)={0xffffffff, 0x5, 0xd66, 0x1692e376, 0x100, 0x400, 0x1, 0x676f}, &(0x7f0000000180)={0x551, 0xf9, 0x1f, 0x100000000, 0x4, 0xffffffffffffffff, 0x80000001, 0x8}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x3]}, 0x8})

06:33:51 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:51 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:51 executing program 2:
pipe2$watch_queue(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r0, 0x5760, 0x13)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))

06:33:51 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:51 executing program 2:
pipe2$watch_queue(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r0, 0x5760, 0x13)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
pipe2$watch_queue(&(0x7f0000000080), 0x80) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r0, 0x5760, 0x13) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)

06:33:51 executing program 3:
clock_gettime(0x3, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000000c0)={&(0x7f0000000080), 0x8})
pselect6(0x40, &(0x7f0000000040)={0x6, 0xfffffffffffffeff, 0x4, 0xd527, 0x4, 0x9, 0x8, 0x8000000000000001}, &(0x7f0000000100)={0xffffffff, 0x5, 0xd66, 0x1692e376, 0x100, 0x400, 0x1, 0x676f}, &(0x7f0000000180)={0x551, 0xf9, 0x1f, 0x100000000, 0x4, 0xffffffffffffffff, 0x80000001, 0x8}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x3]}, 0x8})

06:33:51 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

[ 1154.662367][T31202] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1154.670187][T31202]  </TASK>
[ 1154.715736][T31222] FAULT_INJECTION: forcing a failure.
[ 1154.715736][T31222] name failslab, interval 1, probability 0, space 0, times 0
[ 1154.728508][T31222] CPU: 1 PID: 31222 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1154.738571][T31222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1154.748459][T31222] Call Trace:
[ 1154.751582][T31222]  <TASK>
[ 1154.754363][T31222]  dump_stack_lvl+0x151/0x1b7
[ 1154.758873][T31222]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1154.764167][T31222]  ? do_syscall_64+0x44/0xd0
[ 1154.768595][T31222]  dump_stack+0x15/0x17
[ 1154.772585][T31222]  should_fail+0x3c0/0x510
[ 1154.776844][T31222]  __should_failslab+0x9f/0xe0
[ 1154.781438][T31222]  should_failslab+0x9/0x20
[ 1154.785781][T31222]  kmem_cache_alloc+0x4f/0x2f0
[ 1154.790379][T31222]  ? anon_vma_clone+0xa1/0x4f0
[ 1154.794980][T31222]  anon_vma_clone+0xa1/0x4f0
[ 1154.799406][T31222]  anon_vma_fork+0x91/0x4f0
[ 1154.803748][T31222]  ? anon_vma_name+0x43/0x70
[ 1154.808171][T31222]  dup_mmap+0x750/0xea0
[ 1154.812169][T31222]  ? __delayed_free_task+0x20/0x20
[ 1154.817109][T31222]  ? mm_init+0x807/0x960
[ 1154.821195][T31222]  dup_mm+0x91/0x330
[ 1154.824929][T31222]  copy_mm+0x108/0x1b0
[ 1154.828833][T31222]  copy_process+0x1295/0x3250
[ 1154.833342][T31222]  ? proc_fail_nth_write+0x213/0x290
[ 1154.838481][T31222]  ? proc_fail_nth_read+0x220/0x220
[ 1154.843494][T31222]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1154.848460][T31222]  ? vfs_write+0x9af/0x1050
[ 1154.852786][T31222]  ? vmacache_update+0xb7/0x120
[ 1154.857470][T31222]  kernel_clone+0x22d/0x990
[ 1154.861807][T31222]  ? file_end_write+0x1b0/0x1b0
[ 1154.866930][T31222]  ? __kasan_check_write+0x14/0x20
[ 1154.871878][T31222]  ? create_io_thread+0x1e0/0x1e0
[ 1154.876738][T31222]  ? __mutex_lock_slowpath+0x10/0x10
[ 1154.881858][T31222]  __x64_sys_clone+0x289/0x310
[ 1154.886459][T31222]  ? __do_sys_vfork+0x130/0x130
[ 1154.891148][T31222]  ? debug_smp_processor_id+0x17/0x20
[ 1154.896354][T31222]  do_syscall_64+0x44/0xd0
[ 1154.900605][T31222]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1154.906341][T31222] RIP: 0033:0x7f263a8c35a9
[ 1154.910585][T31222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1154.930029][T31222] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1154.938272][T31222] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1154.946089][T31222] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1154.953896][T31222] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1154.961705][T31222] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1154.969519][T31222] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1154.977339][T31222]  </TASK>
06:33:52 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:52 executing program 3:
clock_gettime(0x3, &(0x7f0000000000))
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000000c0)={&(0x7f0000000080), 0x8})
pselect6(0x40, &(0x7f0000000040)={0x6, 0xfffffffffffffeff, 0x4, 0xd527, 0x4, 0x9, 0x8, 0x8000000000000001}, &(0x7f0000000100)={0xffffffff, 0x5, 0xd66, 0x1692e376, 0x100, 0x400, 0x1, 0x676f}, &(0x7f0000000180)={0x551, 0xf9, 0x1f, 0x100000000, 0x4, 0xffffffffffffffff, 0x80000001, 0x8}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x3]}, 0x8})
clock_gettime(0x3, &(0x7f0000000000)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000000c0)={&(0x7f0000000080), 0x8}) (async)
pselect6(0x40, &(0x7f0000000040)={0x6, 0xfffffffffffffeff, 0x4, 0xd527, 0x4, 0x9, 0x8, 0x8000000000000001}, &(0x7f0000000100)={0xffffffff, 0x5, 0xd66, 0x1692e376, 0x100, 0x400, 0x1, 0x676f}, &(0x7f0000000180)={0x551, 0xf9, 0x1f, 0x100000000, 0x4, 0xffffffffffffffff, 0x80000001, 0x8}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x3]}, 0x8}) (async)

06:33:52 executing program 2:
pipe2$watch_queue(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r0, 0x5760, 0x13)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))

06:33:52 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

[ 1155.056413][T31240] FAULT_INJECTION: forcing a failure.
[ 1155.056413][T31240] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1155.069563][T31240] CPU: 1 PID: 31240 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1155.079623][T31240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1155.089513][T31240] Call Trace:
[ 1155.092634][T31240]  <TASK>
[ 1155.095414][T31240]  dump_stack_lvl+0x151/0x1b7
[ 1155.099923][T31240]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1155.105220][T31240]  dump_stack+0x15/0x17
[ 1155.109210][T31240]  should_fail+0x3c0/0x510
[ 1155.113466][T31240]  should_fail_alloc_page+0x58/0x70
[ 1155.118500][T31240]  __alloc_pages+0x1de/0x7c0
[ 1155.122925][T31240]  ? __count_vm_events+0x30/0x30
[ 1155.127698][T31240]  ? __this_cpu_preempt_check+0x13/0x20
[ 1155.133080][T31240]  ? __mod_node_page_state+0xac/0xf0
[ 1155.138200][T31240]  pte_alloc_one+0x73/0x1b0
[ 1155.142540][T31240]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1155.147572][T31240]  __pte_alloc+0x86/0x350
[ 1155.151740][T31240]  ? free_pgtables+0x210/0x210
[ 1155.156337][T31240]  ? _raw_spin_lock+0xa3/0x1b0
[ 1155.160952][T31240]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1155.166148][T31240]  ? __kernel_text_address+0x9a/0x110
[ 1155.171356][T31240]  copy_pte_range+0x1b1f/0x20b0
[ 1155.176042][T31240]  ? __kunmap_atomic+0x80/0x80
[ 1155.180641][T31240]  ? __kasan_slab_alloc+0xc4/0xe0
[ 1155.185499][T31240]  ? __kasan_slab_alloc+0xb2/0xe0
[ 1155.190362][T31240]  ? kmem_cache_alloc+0x189/0x2f0
[ 1155.195265][T31240]  ? vm_area_dup+0x26/0x1d0
[ 1155.199574][T31240]  ? dup_mmap+0x6b8/0xea0
[ 1155.203730][T31240]  ? dup_mm+0x91/0x330
[ 1155.207634][T31240]  ? copy_mm+0x108/0x1b0
[ 1155.211709][T31240]  ? copy_process+0x1295/0x3250
[ 1155.216399][T31240]  ? kernel_clone+0x22d/0x990
[ 1155.220911][T31240]  ? __x64_sys_clone+0x289/0x310
[ 1155.225686][T31240]  ? do_syscall_64+0x44/0xd0
[ 1155.230119][T31240]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1155.236013][T31240]  copy_page_range+0xc1e/0x1090
[ 1155.240704][T31240]  ? pfn_valid+0x1e0/0x1e0
[ 1155.244953][T31240]  dup_mmap+0x99f/0xea0
[ 1155.248949][T31240]  ? __delayed_free_task+0x20/0x20
[ 1155.253922][T31240]  ? mm_init+0x807/0x960
[ 1155.257972][T31240]  dup_mm+0x91/0x330
[ 1155.261703][T31240]  copy_mm+0x108/0x1b0
[ 1155.265609][T31240]  copy_process+0x1295/0x3250
[ 1155.270122][T31240]  ? proc_fail_nth_write+0x213/0x290
[ 1155.275245][T31240]  ? proc_fail_nth_read+0x220/0x220
[ 1155.280397][T31240]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1155.285339][T31240]  ? vfs_write+0x9af/0x1050
[ 1155.289677][T31240]  ? vmacache_update+0xb7/0x120
[ 1155.294362][T31240]  kernel_clone+0x22d/0x990
[ 1155.298701][T31240]  ? file_end_write+0x1b0/0x1b0
[ 1155.303389][T31240]  ? __kasan_check_write+0x14/0x20
[ 1155.308334][T31240]  ? create_io_thread+0x1e0/0x1e0
[ 1155.313198][T31240]  ? __mutex_lock_slowpath+0x10/0x10
[ 1155.318316][T31240]  __x64_sys_clone+0x289/0x310
[ 1155.322917][T31240]  ? __do_sys_vfork+0x130/0x130
[ 1155.327691][T31240]  ? debug_smp_processor_id+0x17/0x20
[ 1155.332901][T31240]  do_syscall_64+0x44/0xd0
[ 1155.337150][T31240]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1155.342882][T31240] RIP: 0033:0x7f263a8c35a9
[ 1155.347134][T31240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1155.366585][T31240] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1155.374847][T31240] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1155.382629][T31240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1155.390439][T31240] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1155.398257][T31240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1155.406063][T31240] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1155.413882][T31240]  </TASK>
06:33:52 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:52 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:52 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/100, 0x64, <r0=>0x0, &(0x7f0000000000)=""/9, 0x9}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)

06:33:52 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

06:33:52 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x7, &(0x7f0000000200))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000400)={0x2a68, 0x8001, 0x1ff, 0x101, 0x7fffffffffffffff, 0x7f, 0x6, 0x200}, &(0x7f0000000440)={0x2, 0x7fffffffffffffff, 0x9, 0x0, 0x8000, 0x2, 0x9e, 0x80}, &(0x7f0000000480)={0x2, 0x7fffffffffffffff, 0x800, 0xffff, 0x5, 0xb7b5, 0x3689, 0x3}, &(0x7f00000004c0), &(0x7f0000000540)={&(0x7f0000000500)={[0x7]}, 0x8})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x3f190d4d, 0x4)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)=""/30, &(0x7f00000003c0)=0x1e)
clock_gettime(0x5, &(0x7f0000000000))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf2504000040080002000800000008000300040000000800030007fff93227ea44f02dc78a9cb05f85503600000070f22c024a4a157f5af9f8ffbe661e834c7885bcdde85a3167a9ba28cc42db48c45655814e9215cbafd4"], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000854)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f00000000c0))
syz_open_dev$char_usb(0xc, 0xb4, 0x7)
clock_gettime(0x3, &(0x7f0000000040))

06:33:52 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async, rerun: 64)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/100, 0x64, <r0=>0x0, &(0x7f0000000000)=""/9, 0x9}}, 0x10) (rerun: 64)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)

[ 1155.536365][T31251] FAULT_INJECTION: forcing a failure.
[ 1155.536365][T31251] name failslab, interval 1, probability 0, space 0, times 0
[ 1155.551939][T31251] CPU: 1 PID: 31251 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1155.562269][T31251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1155.572166][T31251] Call Trace:
[ 1155.575288][T31251]  <TASK>
[ 1155.578066][T31251]  dump_stack_lvl+0x151/0x1b7
06:33:52 executing program 0:
clock_gettime(0x0, &(0x7f0000000100))
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:52 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/100, 0x64, <r0=>0x0, &(0x7f0000000000)=""/9, 0x9}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=r0, 0x4)

[ 1155.582582][T31251]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1155.587875][T31251]  dump_stack+0x15/0x17
[ 1155.591949][T31251]  should_fail+0x3c0/0x510
[ 1155.596206][T31251]  __should_failslab+0x9f/0xe0
[ 1155.600910][T31251]  should_failslab+0x9/0x20
[ 1155.605229][T31251]  kmem_cache_alloc+0x4f/0x2f0
[ 1155.609831][T31251]  ? vm_area_dup+0x26/0x1d0
[ 1155.614257][T31251]  vm_area_dup+0x26/0x1d0
[ 1155.618422][T31251]  dup_mmap+0x6b8/0xea0
[ 1155.622418][T31251]  ? __delayed_free_task+0x20/0x20
[ 1155.627362][T31251]  ? mm_init+0x807/0x960
[ 1155.631535][T31251]  dup_mm+0x91/0x330
[ 1155.635269][T31251]  copy_mm+0x108/0x1b0
[ 1155.639174][T31251]  copy_process+0x1295/0x3250
[ 1155.643688][T31251]  ? proc_fail_nth_write+0x213/0x290
[ 1155.648806][T31251]  ? proc_fail_nth_read+0x220/0x220
[ 1155.653843][T31251]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1155.658793][T31251]  ? vfs_write+0x9af/0x1050
[ 1155.663130][T31251]  ? vmacache_update+0xb7/0x120
[ 1155.667815][T31251]  kernel_clone+0x22d/0x990
[ 1155.672152][T31251]  ? file_end_write+0x1b0/0x1b0
[ 1155.676840][T31251]  ? __kasan_check_write+0x14/0x20
[ 1155.681787][T31251]  ? create_io_thread+0x1e0/0x1e0
[ 1155.686646][T31251]  ? __mutex_lock_slowpath+0x10/0x10
[ 1155.691777][T31251]  __x64_sys_clone+0x289/0x310
[ 1155.696393][T31251]  ? __do_sys_vfork+0x130/0x130
[ 1155.701056][T31251]  ? debug_smp_processor_id+0x17/0x20
[ 1155.706261][T31251]  do_syscall_64+0x44/0xd0
[ 1155.710517][T31251]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1155.716251][T31251] RIP: 0033:0x7f263a8c35a9
[ 1155.720604][T31251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1155.740043][T31251] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1155.748288][T31251] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1155.756099][T31251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1155.763913][T31251] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1155.771737][T31251] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1155.779536][T31251] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1155.787346][T31251]  </TASK>
06:33:53 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:53 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff004}, 0x22)

06:33:53 executing program 0:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:53 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:53 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

06:33:53 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x7, &(0x7f0000000200)) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000400)={0x2a68, 0x8001, 0x1ff, 0x101, 0x7fffffffffffffff, 0x7f, 0x6, 0x200}, &(0x7f0000000440)={0x2, 0x7fffffffffffffff, 0x9, 0x0, 0x8000, 0x2, 0x9e, 0x80}, &(0x7f0000000480)={0x2, 0x7fffffffffffffff, 0x800, 0xffff, 0x5, 0xb7b5, 0x3689, 0x3}, &(0x7f00000004c0), &(0x7f0000000540)={&(0x7f0000000500)={[0x7]}, 0x8}) (async)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x3f190d4d, 0x4) (async)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)=""/30, &(0x7f00000003c0)=0x1e) (async)
clock_gettime(0x5, &(0x7f0000000000)) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf2504000040080002000800000008000300040000000800030007fff93227ea44f02dc78a9cb05f85503600000070f22c024a4a157f5af9f8ffbe661e834c7885bcdde85a3167a9ba28cc42db48c45655814e9215cbafd4"], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000854) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f00000000c0)) (async, rerun: 64)
syz_open_dev$char_usb(0xc, 0xb4, 0x7) (async, rerun: 64)
clock_gettime(0x3, &(0x7f0000000040))

06:33:53 executing program 0:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:53 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff004}, 0x22)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff004}, 0x22) (async)

06:33:53 executing program 0:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

[ 1156.258195][T31275] FAULT_INJECTION: forcing a failure.
[ 1156.258195][T31275] name failslab, interval 1, probability 0, space 0, times 0
[ 1156.274813][T31275] CPU: 1 PID: 31275 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1156.284906][T31275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1156.294811][T31275] Call Trace:
[ 1156.297933][T31275]  <TASK>
[ 1156.300698][T31275]  dump_stack_lvl+0x151/0x1b7
06:33:53 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff004}, 0x22)

[ 1156.305213][T31275]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1156.310530][T31275]  dump_stack+0x15/0x17
[ 1156.314496][T31275]  should_fail+0x3c0/0x510
[ 1156.318748][T31275]  __should_failslab+0x9f/0xe0
[ 1156.323356][T31275]  should_failslab+0x9/0x20
[ 1156.327689][T31275]  kmem_cache_alloc+0x4f/0x2f0
[ 1156.332286][T31275]  ? vm_area_dup+0x26/0x1d0
[ 1156.336725][T31275]  vm_area_dup+0x26/0x1d0
[ 1156.340881][T31275]  dup_mmap+0x6b8/0xea0
[ 1156.344876][T31275]  ? __delayed_free_task+0x20/0x20
[ 1156.349820][T31275]  ? mm_init+0x807/0x960
[ 1156.353904][T31275]  dup_mm+0x91/0x330
06:33:53 executing program 3:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
clock_gettime(0x7, &(0x7f0000000200))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000400)={0x2a68, 0x8001, 0x1ff, 0x101, 0x7fffffffffffffff, 0x7f, 0x6, 0x200}, &(0x7f0000000440)={0x2, 0x7fffffffffffffff, 0x9, 0x0, 0x8000, 0x2, 0x9e, 0x80}, &(0x7f0000000480)={0x2, 0x7fffffffffffffff, 0x800, 0xffff, 0x5, 0xb7b5, 0x3689, 0x3}, &(0x7f00000004c0), &(0x7f0000000540)={&(0x7f0000000500)={[0x7]}, 0x8})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x3f190d4d, 0x4)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)=""/30, &(0x7f00000003c0)=0x1e)
clock_gettime(0x5, &(0x7f0000000000))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf2504000040080002000800000008000300040000000800030007fff93227ea44f02dc78a9cb05f85503600000070f22c024a4a157f5af9f8ffbe661e834c7885bcdde85a3167a9ba28cc42db48c45655814e9215cbafd4"], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000854)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f00000000c0))
syz_open_dev$char_usb(0xc, 0xb4, 0x7)
clock_gettime(0x3, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000100)) (async)
pselect6(0x64, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) (async)
clock_gettime(0x7, &(0x7f0000000200)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
pselect6(0x40, &(0x7f0000000400)={0x2a68, 0x8001, 0x1ff, 0x101, 0x7fffffffffffffff, 0x7f, 0x6, 0x200}, &(0x7f0000000440)={0x2, 0x7fffffffffffffff, 0x9, 0x0, 0x8000, 0x2, 0x9e, 0x80}, &(0x7f0000000480)={0x2, 0x7fffffffffffffff, 0x800, 0xffff, 0x5, 0xb7b5, 0x3689, 0x3}, &(0x7f00000004c0), &(0x7f0000000540)={&(0x7f0000000500)={[0x7]}, 0x8}) (async)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x3f190d4d, 0x4) (async)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)=""/30, &(0x7f00000003c0)=0x1e) (async)
clock_gettime(0x5, &(0x7f0000000000)) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf2504000040080002000800000008000300040000000800030007fff93227ea44f02dc78a9cb05f85503600000070f22c024a4a157f5af9f8ffbe661e834c7885bcdde85a3167a9ba28cc42db48c45655814e9215cbafd4"], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000854) (async)
sched_rr_get_interval(0xffffffffffffffff, &(0x7f00000000c0)) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x7) (async)
clock_gettime(0x3, &(0x7f0000000040)) (async)

06:33:53 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x88, r1, 0x110, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f00000001c0)=0x271e, 0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000980)={0x2020, 0x0, <r4=>0x0}, 0x2020)
r5 = getegid()
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000340)={0xa0, 0x0, r4, {{0x1, 0x1, 0x0, 0x8, 0x2, 0x200, {0x5, 0x7f, 0x3f83, 0x3, 0x48100000000, 0x20, 0x0, 0x4948, 0x1, 0x2000, 0x0, 0xffffffffffffffff, r5, 0x8001, 0xdc}}, {0x0, 0x1}}}, 0xa0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0xfffffffffffffffe, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1156.357634][T31275]  copy_mm+0x108/0x1b0
[ 1156.361539][T31275]  copy_process+0x1295/0x3250
[ 1156.366050][T31275]  ? proc_fail_nth_write+0x213/0x290
[ 1156.371171][T31275]  ? proc_fail_nth_read+0x220/0x220
[ 1156.376208][T31275]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1156.381151][T31275]  ? vfs_write+0x9af/0x1050
[ 1156.385498][T31275]  ? vmacache_update+0xb7/0x120
[ 1156.390180][T31275]  kernel_clone+0x22d/0x990
[ 1156.394521][T31275]  ? file_end_write+0x1b0/0x1b0
[ 1156.399204][T31275]  ? __kasan_check_write+0x14/0x20
[ 1156.404149][T31275]  ? create_io_thread+0x1e0/0x1e0
[ 1156.409014][T31275]  ? __mutex_lock_slowpath+0x10/0x10
[ 1156.414138][T31275]  __x64_sys_clone+0x289/0x310
[ 1156.418735][T31275]  ? __do_sys_vfork+0x130/0x130
[ 1156.423433][T31275]  ? debug_smp_processor_id+0x17/0x20
[ 1156.428625][T31275]  do_syscall_64+0x44/0xd0
[ 1156.432878][T31275]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1156.438606][T31275] RIP: 0033:0x7f263a8c35a9
[ 1156.442865][T31275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1156.462304][T31275] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1156.470543][T31275] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1156.478351][T31275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1156.486167][T31275] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1156.493988][T31275] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1156.501789][T31275] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1156.509605][T31275]  </TASK>
06:33:53 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:53 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x88, r1, 0x110, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f00000001c0)=0x271e, 0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000980)={0x2020, 0x0, <r4=>0x0}, 0x2020)
r5 = getegid()
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000340)={0xa0, 0x0, r4, {{0x1, 0x1, 0x0, 0x8, 0x2, 0x200, {0x5, 0x7f, 0x3f83, 0x3, 0x48100000000, 0x20, 0x0, 0x4948, 0x1, 0x2000, 0x0, 0xffffffffffffffff, r5, 0x8001, 0xdc}}, {0x0, 0x1}}}, 0xa0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0xfffffffffffffffe, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x88, r1, 0x110, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x800) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f00000001c0)=0x271e, 0x4) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000980)={0x2020}, 0x2020) (async)
getegid() (async)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000340)={0xa0, 0x0, r4, {{0x1, 0x1, 0x0, 0x8, 0x2, 0x200, {0x5, 0x7f, 0x3f83, 0x3, 0x48100000000, 0x20, 0x0, 0x4948, 0x1, 0x2000, 0x0, 0xffffffffffffffff, r5, 0x8001, 0xdc}}, {0x0, 0x1}}}, 0xa0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0xfffffffffffffffe, 0x0) (async)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40000) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)

06:33:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

06:33:53 executing program 3:
clock_gettime(0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:53 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:53 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

06:33:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

06:33:53 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:53 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x88, r1, 0x110, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x800) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f00000001c0)=0x271e, 0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000980)={0x2020, 0x0, <r4=>0x0}, 0x2020) (async)
r5 = getegid()
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000340)={0xa0, 0x0, r4, {{0x1, 0x1, 0x0, 0x8, 0x2, 0x200, {0x5, 0x7f, 0x3f83, 0x3, 0x48100000000, 0x20, 0x0, 0x4948, 0x1, 0x2000, 0x0, 0xffffffffffffffff, r5, 0x8001, 0xdc}}, {0x0, 0x1}}}, 0xa0) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0xfffffffffffffffe, 0x0) (async)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

06:33:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})

06:33:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})

[ 1156.781542][T31331] FAULT_INJECTION: forcing a failure.
[ 1156.781542][T31331] name failslab, interval 1, probability 0, space 0, times 0
[ 1156.797368][T31331] CPU: 1 PID: 31331 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1156.807434][T31331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1156.817334][T31331] Call Trace:
[ 1156.820455][T31331]  <TASK>
[ 1156.823231][T31331]  dump_stack_lvl+0x151/0x1b7
[ 1156.827742][T31331]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1156.833038][T31331]  dump_stack+0x15/0x17
[ 1156.837030][T31331]  should_fail+0x3c0/0x510
[ 1156.841283][T31331]  __should_failslab+0x9f/0xe0
[ 1156.845882][T31331]  should_failslab+0x9/0x20
[ 1156.850221][T31331]  kmem_cache_alloc+0x4f/0x2f0
[ 1156.854821][T31331]  ? anon_vma_clone+0xa1/0x4f0
[ 1156.859421][T31331]  anon_vma_clone+0xa1/0x4f0
[ 1156.863845][T31331]  anon_vma_fork+0x91/0x4f0
[ 1156.868182][T31331]  ? anon_vma_name+0x43/0x70
[ 1156.872622][T31331]  dup_mmap+0x750/0xea0
[ 1156.876604][T31331]  ? __delayed_free_task+0x20/0x20
[ 1156.881547][T31331]  ? mm_init+0x807/0x960
[ 1156.885627][T31331]  dup_mm+0x91/0x330
[ 1156.889364][T31331]  copy_mm+0x108/0x1b0
[ 1156.893274][T31331]  copy_process+0x1295/0x3250
[ 1156.897789][T31331]  ? proc_fail_nth_write+0x213/0x290
[ 1156.902900][T31331]  ? proc_fail_nth_read+0x220/0x220
[ 1156.907934][T31331]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1156.912888][T31331]  ? vfs_write+0x9af/0x1050
[ 1156.917220][T31331]  ? vmacache_update+0xb7/0x120
[ 1156.921907][T31331]  kernel_clone+0x22d/0x990
[ 1156.926254][T31331]  ? file_end_write+0x1b0/0x1b0
[ 1156.930932][T31331]  ? __kasan_check_write+0x14/0x20
[ 1156.935880][T31331]  ? create_io_thread+0x1e0/0x1e0
[ 1156.940740][T31331]  ? __mutex_lock_slowpath+0x10/0x10
[ 1156.945863][T31331]  __x64_sys_clone+0x289/0x310
[ 1156.950465][T31331]  ? __do_sys_vfork+0x130/0x130
[ 1156.955150][T31331]  ? fpregs_restore_userregs+0x1f0/0x3a0
[ 1156.960625][T31331]  ? switch_fpu_return+0xe/0x10
[ 1156.965309][T31331]  do_syscall_64+0x44/0xd0
[ 1156.969558][T31331]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1156.975283][T31331] RIP: 0033:0x7f263a8c35a9
[ 1156.979538][T31331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1156.998979][T31331] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1157.007423][T31331] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1157.015232][T31331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1157.023045][T31331] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1157.030855][T31331] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1157.038664][T31331] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1157.046478][T31331]  </TASK>
06:33:54 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r2, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})

06:33:54 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:33:54 executing program 3:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x205}, 0xff8b)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000200)=0x6)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delrule={0x60, 0x21, 0x200, 0x70bd2b, 0x25dfdbfb, {0xa, 0x14, 0x10, 0x8, 0x7, 0x0, 0x0, 0x3, 0x2}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x4}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040010}, 0x50)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_sb_free_security\x00')

06:33:54 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:54 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

06:33:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:54 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)

06:33:54 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

[ 1157.633064][T31362] FAULT_INJECTION: forcing a failure.
[ 1157.633064][T31362] name failslab, interval 1, probability 0, space 0, times 0
[ 1157.652735][T31362] CPU: 0 PID: 31362 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1157.662823][T31362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1157.672740][T31362] Call Trace:
[ 1157.675833][T31362]  <TASK>
[ 1157.678612][T31362]  dump_stack_lvl+0x151/0x1b7
06:33:54 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:54 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1157.683128][T31362]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1157.688421][T31362]  dump_stack+0x15/0x17
[ 1157.692412][T31362]  should_fail+0x3c0/0x510
[ 1157.696669][T31362]  __should_failslab+0x9f/0xe0
[ 1157.701270][T31362]  should_failslab+0x9/0x20
[ 1157.705604][T31362]  kmem_cache_alloc+0x4f/0x2f0
[ 1157.710205][T31362]  ? vm_area_dup+0x26/0x1d0
[ 1157.714541][T31362]  vm_area_dup+0x26/0x1d0
[ 1157.718746][T31362]  dup_mmap+0x6b8/0xea0
[ 1157.722704][T31362]  ? __delayed_free_task+0x20/0x20
[ 1157.727652][T31362]  ? mm_init+0x807/0x960
[ 1157.731725][T31362]  dup_mm+0x91/0x330
[ 1157.735455][T31362]  copy_mm+0x108/0x1b0
[ 1157.739383][T31362]  copy_process+0x1295/0x3250
[ 1157.743876][T31362]  ? proc_fail_nth_write+0x213/0x290
[ 1157.748995][T31362]  ? proc_fail_nth_read+0x220/0x220
[ 1157.754027][T31362]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1157.758975][T31362]  ? vfs_write+0x9af/0x1050
[ 1157.763318][T31362]  ? vmacache_update+0xb7/0x120
[ 1157.768003][T31362]  kernel_clone+0x22d/0x990
[ 1157.772342][T31362]  ? file_end_write+0x1b0/0x1b0
[ 1157.777028][T31362]  ? __kasan_check_write+0x14/0x20
[ 1157.781975][T31362]  ? create_io_thread+0x1e0/0x1e0
[ 1157.786834][T31362]  ? __mutex_lock_slowpath+0x10/0x10
[ 1157.792045][T31362]  __x64_sys_clone+0x289/0x310
[ 1157.796648][T31362]  ? __do_sys_vfork+0x130/0x130
[ 1157.801333][T31362]  ? debug_smp_processor_id+0x17/0x20
[ 1157.806539][T31362]  do_syscall_64+0x44/0xd0
[ 1157.810791][T31362]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1157.816519][T31362] RIP: 0033:0x7f263a8c35a9
[ 1157.820772][T31362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1157.840214][T31362] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1157.848458][T31362] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1157.856268][T31362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1157.864080][T31362] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1157.871889][T31362] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1157.879703][T31362] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1157.887522][T31362]  </TASK>
06:33:55 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:55 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:55 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:33:55 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

06:33:55 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:55 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000), 0x8)

06:33:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:55 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:55 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000), 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000), 0x8) (async)

06:33:55 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1158.455620][T31386] FAULT_INJECTION: forcing a failure.
[ 1158.455620][T31386] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.469236][T31386] CPU: 0 PID: 31386 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1158.479309][T31386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1158.489204][T31386] Call Trace:
[ 1158.492327][T31386]  <TASK>
[ 1158.495109][T31386]  dump_stack_lvl+0x151/0x1b7
[ 1158.499623][T31386]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1158.504914][T31386]  dump_stack+0x15/0x17
[ 1158.508904][T31386]  should_fail+0x3c0/0x510
[ 1158.513161][T31386]  __should_failslab+0x9f/0xe0
[ 1158.517760][T31386]  should_failslab+0x9/0x20
[ 1158.522096][T31386]  kmem_cache_alloc+0x4f/0x2f0
[ 1158.526703][T31386]  ? anon_vma_fork+0x1b9/0x4f0
[ 1158.531295][T31386]  anon_vma_fork+0x1b9/0x4f0
[ 1158.535717][T31386]  dup_mmap+0x750/0xea0
[ 1158.539712][T31386]  ? __delayed_free_task+0x20/0x20
[ 1158.544656][T31386]  ? mm_init+0x807/0x960
[ 1158.548740][T31386]  dup_mm+0x91/0x330
[ 1158.552469][T31386]  copy_mm+0x108/0x1b0
[ 1158.556374][T31386]  copy_process+0x1295/0x3250
[ 1158.560891][T31386]  ? proc_fail_nth_write+0x213/0x290
[ 1158.566008][T31386]  ? proc_fail_nth_read+0x220/0x220
[ 1158.571072][T31386]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1158.575990][T31386]  ? vfs_write+0x9af/0x1050
[ 1158.580329][T31386]  ? vmacache_update+0xb7/0x120
[ 1158.585015][T31386]  kernel_clone+0x22d/0x990
[ 1158.589355][T31386]  ? file_end_write+0x1b0/0x1b0
[ 1158.594041][T31386]  ? __kasan_check_write+0x14/0x20
[ 1158.598988][T31386]  ? create_io_thread+0x1e0/0x1e0
[ 1158.603853][T31386]  ? __mutex_lock_slowpath+0x10/0x10
[ 1158.608968][T31386]  __x64_sys_clone+0x289/0x310
[ 1158.613594][T31386]  ? __do_sys_vfork+0x130/0x130
[ 1158.618259][T31386]  ? debug_smp_processor_id+0x17/0x20
[ 1158.623466][T31386]  do_syscall_64+0x44/0xd0
[ 1158.627718][T31386]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1158.633442][T31386] RIP: 0033:0x7f263a8c35a9
[ 1158.637697][T31386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1158.657138][T31386] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1158.665382][T31386] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1158.673196][T31386] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1158.681006][T31386] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1158.688819][T31386] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1158.696627][T31386] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1158.704444][T31386]  </TASK>
06:33:56 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:56 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:56 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000), 0x8)

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)

06:33:56 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

06:33:56 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)

06:33:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:56 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1159.144857][T31407] FAULT_INJECTION: forcing a failure.
[ 1159.144857][T31407] name failslab, interval 1, probability 0, space 0, times 0
[ 1159.158695][T31407] CPU: 0 PID: 31407 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1159.168783][T31407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1159.178680][T31407] Call Trace:
[ 1159.181803][T31407]  <TASK>
[ 1159.184580][T31407]  dump_stack_lvl+0x151/0x1b7
[ 1159.189092][T31407]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)

06:33:56 executing program 2:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/watchdog', 0x2a141, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r0, 0x20, &(0x7f0000000200)={&(0x7f0000000100)=""/136, 0x88, 0x0, &(0x7f00000001c0)=""/6, 0x6}}, 0x10)

[ 1159.194387][T31407]  dump_stack+0x15/0x17
[ 1159.198383][T31407]  should_fail+0x3c0/0x510
[ 1159.202635][T31407]  __should_failslab+0x9f/0xe0
[ 1159.207234][T31407]  should_failslab+0x9/0x20
[ 1159.211568][T31407]  kmem_cache_alloc+0x4f/0x2f0
[ 1159.216344][T31407]  ? vm_area_dup+0x26/0x1d0
[ 1159.220683][T31407]  ? __kasan_check_read+0x11/0x20
[ 1159.225547][T31407]  vm_area_dup+0x26/0x1d0
[ 1159.229710][T31407]  dup_mmap+0x6b8/0xea0
[ 1159.233702][T31407]  ? __delayed_free_task+0x20/0x20
[ 1159.238664][T31407]  ? mm_init+0x807/0x960
[ 1159.242728][T31407]  dup_mm+0x91/0x330
[ 1159.246459][T31407]  copy_mm+0x108/0x1b0
[ 1159.250451][T31407]  copy_process+0x1295/0x3250
[ 1159.254969][T31407]  ? proc_fail_nth_write+0x213/0x290
[ 1159.260089][T31407]  ? proc_fail_nth_read+0x220/0x220
[ 1159.265122][T31407]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1159.270075][T31407]  ? vfs_write+0x9af/0x1050
[ 1159.274405][T31407]  ? vmacache_update+0xb7/0x120
[ 1159.279113][T31407]  kernel_clone+0x22d/0x990
[ 1159.283452][T31407]  ? file_end_write+0x1b0/0x1b0
[ 1159.288118][T31407]  ? __kasan_check_write+0x14/0x20
[ 1159.293152][T31407]  ? create_io_thread+0x1e0/0x1e0
[ 1159.298012][T31407]  ? __mutex_lock_slowpath+0x10/0x10
[ 1159.303144][T31407]  __x64_sys_clone+0x289/0x310
[ 1159.307735][T31407]  ? __do_sys_vfork+0x130/0x130
[ 1159.312425][T31407]  ? debug_smp_processor_id+0x17/0x20
[ 1159.317717][T31407]  do_syscall_64+0x44/0xd0
[ 1159.321966][T31407]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1159.327694][T31407] RIP: 0033:0x7f263a8c35a9
[ 1159.332134][T31407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1159.351674][T31407] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1159.359915][T31407] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1159.367723][T31407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1159.375536][T31407] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1159.383351][T31407] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1159.391163][T31407] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1159.398981][T31407]  </TASK>
06:33:56 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:56 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, @empty, 0x20, 0x1, 0x733, 0x2}})

06:33:56 executing program 2:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/watchdog', 0x2a141, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async, rerun: 32)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80) (rerun: 32)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r0, 0x20, &(0x7f0000000200)={&(0x7f0000000100)=""/136, 0x88, 0x0, &(0x7f00000001c0)=""/6, 0x6}}, 0x10)

06:33:56 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

06:33:56 executing program 2:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/watchdog', 0x2a141, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r0, 0x20, &(0x7f0000000200)={&(0x7f0000000100)=""/136, 0x88, 0x0, &(0x7f00000001c0)=""/6, 0x6}}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/watchdog', 0x2a141, 0x0) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r0, 0x20, &(0x7f0000000200)={&(0x7f0000000100)=""/136, 0x88, 0x0, &(0x7f00000001c0)=""/6, 0x6}}, 0x10) (async)

06:33:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x0, 0x1, 0x733, 0x2}})

[ 1159.700098][T31434] FAULT_INJECTION: forcing a failure.
[ 1159.700098][T31434] name failslab, interval 1, probability 0, space 0, times 0
[ 1159.716443][T31434] CPU: 0 PID: 31434 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1159.726526][T31434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1159.736508][T31434] Call Trace:
[ 1159.739633][T31434]  <TASK>
[ 1159.742408][T31434]  dump_stack_lvl+0x151/0x1b7
[ 1159.746930][T31434]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1159.752226][T31434]  dump_stack+0x15/0x17
[ 1159.756217][T31434]  should_fail+0x3c0/0x510
[ 1159.760466][T31434]  __should_failslab+0x9f/0xe0
[ 1159.765066][T31434]  should_failslab+0x9/0x20
[ 1159.769411][T31434]  kmem_cache_alloc+0x4f/0x2f0
[ 1159.774000][T31434]  ? anon_vma_clone+0xa1/0x4f0
[ 1159.778603][T31434]  anon_vma_clone+0xa1/0x4f0
[ 1159.783029][T31434]  anon_vma_fork+0x91/0x4f0
[ 1159.787366][T31434]  ? anon_vma_name+0x43/0x70
[ 1159.791801][T31434]  dup_mmap+0x750/0xea0
06:33:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x0, 0x0, 0x733, 0x2}})

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:56 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1159.795787][T31434]  ? __delayed_free_task+0x20/0x20
[ 1159.800731][T31434]  ? mm_init+0x807/0x960
[ 1159.804812][T31434]  dup_mm+0x91/0x330
[ 1159.808541][T31434]  copy_mm+0x108/0x1b0
[ 1159.812448][T31434]  copy_process+0x1295/0x3250
[ 1159.816982][T31434]  ? proc_fail_nth_write+0x213/0x290
[ 1159.822086][T31434]  ? proc_fail_nth_read+0x220/0x220
[ 1159.827115][T31434]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1159.832064][T31434]  ? vfs_write+0x9af/0x1050
[ 1159.836402][T31434]  ? vmacache_update+0xb7/0x120
[ 1159.841089][T31434]  kernel_clone+0x22d/0x990
[ 1159.845429][T31434]  ? file_end_write+0x1b0/0x1b0
[ 1159.850117][T31434]  ? __kasan_check_write+0x14/0x20
[ 1159.855190][T31434]  ? create_io_thread+0x1e0/0x1e0
[ 1159.860043][T31434]  ? __mutex_lock_slowpath+0x10/0x10
[ 1159.865165][T31434]  __x64_sys_clone+0x289/0x310
[ 1159.869764][T31434]  ? __do_sys_vfork+0x130/0x130
[ 1159.874446][T31434]  ? debug_smp_processor_id+0x17/0x20
[ 1159.879659][T31434]  do_syscall_64+0x44/0xd0
[ 1159.883906][T31434]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1159.889635][T31434] RIP: 0033:0x7f263a8c35a9
[ 1159.893925][T31434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1159.913596][T31434] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1159.921836][T31434] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1159.929649][T31434] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1159.937458][T31434] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1159.945292][T31434] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1159.953080][T31434] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1159.960894][T31434]  </TASK>
06:33:57 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:57 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:57 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socketpair(0x1, 0x800, 0x401, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000006c0)={0xa, &(0x7f00000000c0)=[{}, {@none}, {@none}, {@fixed}, {@fixed}, {}, {}, {@none}, {}, {@none}]})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040028bd0500fcdbdf251100000007fff800", @ANYRES32=r2, @ANYBLOB="0600ab00040000000a000600ffffffffffff00000600be00a00a0000"], 0x38}, 0x1, 0x0, 0x0, 0x24008010}, 0x9329fac41c8c29a4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r4, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000940)={0x9, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r6, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
r7 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r7, 0x800448d2, &(0x7f0000000a40)={0x0, &(0x7f0000000a00)})
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e20, 0x7fff, 0x4e21, 0x0, 0x2, 0x0, 0x20, 0x16, r6, 0xffffffffffffffff}, {0x100000001, 0x10001, 0x7ff, 0x1, 0x4, 0x5, 0x9, 0x5}, {0x7fffffff, 0x4, 0x3}, 0x8, 0x6e6bba, 0x1, 0x0, 0x3, 0x2}, {{@in6=@local, 0x4d5, 0xff}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0xf}, 0x3507, 0x3, 0x0, 0x81, 0x38a, 0x10000, 0x5d3}}, 0xe8)
accept4$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10, 0x800)

06:33:57 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x0, 0x0, 0x0, 0x2}})

06:33:57 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

06:33:57 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:57 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:57 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty}})

06:33:57 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:57 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff7fffffff, 0x20, 0x10000, 0x9, 0x2, 0x8000000000000001, 0x7}, &(0x7f0000000200)={0x4, 0xfffffffffffffffd, 0xfffffffffffff001, 0x7, 0x7, 0x56a, 0x7fffffff, 0x4}, &(0x7f0000000240)={0x10, 0x1, 0x5, 0x0, 0x0, 0x0, 0x4, 0x4}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

[ 1160.532859][T31465] FAULT_INJECTION: forcing a failure.
[ 1160.532859][T31465] name failslab, interval 1, probability 0, space 0, times 0
[ 1160.553788][T31465] CPU: 1 PID: 31465 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1160.563878][T31465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1160.573775][T31465] Call Trace:
[ 1160.576897][T31465]  <TASK>
06:33:57 executing program 0:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:57 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1160.579677][T31465]  dump_stack_lvl+0x151/0x1b7
[ 1160.584187][T31465]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1160.589484][T31465]  dump_stack+0x15/0x17
[ 1160.593474][T31465]  should_fail+0x3c0/0x510
[ 1160.597733][T31465]  __should_failslab+0x9f/0xe0
[ 1160.602333][T31465]  should_failslab+0x9/0x20
[ 1160.606664][T31465]  kmem_cache_alloc+0x4f/0x2f0
[ 1160.611263][T31465]  ? anon_vma_clone+0xa1/0x4f0
[ 1160.615864][T31465]  anon_vma_clone+0xa1/0x4f0
[ 1160.620286][T31465]  anon_vma_fork+0x91/0x4f0
[ 1160.624626][T31465]  ? anon_vma_name+0x43/0x70
[ 1160.629054][T31465]  dup_mmap+0x750/0xea0
[ 1160.633049][T31465]  ? __delayed_free_task+0x20/0x20
[ 1160.637994][T31465]  ? mm_init+0x807/0x960
[ 1160.642075][T31465]  dup_mm+0x91/0x330
[ 1160.645804][T31465]  copy_mm+0x108/0x1b0
[ 1160.649716][T31465]  copy_process+0x1295/0x3250
[ 1160.654228][T31465]  ? proc_fail_nth_write+0x213/0x290
[ 1160.659352][T31465]  ? proc_fail_nth_read+0x220/0x220
[ 1160.664379][T31465]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1160.669331][T31465]  ? vfs_write+0x9af/0x1050
[ 1160.673665][T31465]  ? vmacache_update+0xb7/0x120
[ 1160.678351][T31465]  kernel_clone+0x22d/0x990
[ 1160.682712][T31465]  ? file_end_write+0x1b0/0x1b0
[ 1160.687406][T31465]  ? __kasan_check_write+0x14/0x20
[ 1160.692326][T31465]  ? create_io_thread+0x1e0/0x1e0
[ 1160.697189][T31465]  ? __mutex_lock_slowpath+0x10/0x10
[ 1160.702304][T31465]  __x64_sys_clone+0x289/0x310
[ 1160.706905][T31465]  ? __do_sys_vfork+0x130/0x130
[ 1160.711594][T31465]  ? debug_smp_processor_id+0x17/0x20
[ 1160.716807][T31465]  do_syscall_64+0x44/0xd0
[ 1160.721053][T31465]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1160.726790][T31465] RIP: 0033:0x7f263a8c35a9
[ 1160.731126][T31465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1160.750576][T31465] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1160.758917][T31465] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1160.766706][T31465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1160.774519][T31465] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1160.782331][T31465] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1160.790143][T31465] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1160.797955][T31465]  </TASK>
06:33:58 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:58 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socketpair(0x1, 0x800, 0x401, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000006c0)={0xa, &(0x7f00000000c0)=[{}, {@none}, {@none}, {@fixed}, {@fixed}, {}, {}, {@none}, {}, {@none}]})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040028bd0500fcdbdf251100000007fff800", @ANYRES32=r2, @ANYBLOB="0600ab00040000000a000600ffffffffffff00000600be00a00a0000"], 0x38}, 0x1, 0x0, 0x0, 0x24008010}, 0x9329fac41c8c29a4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r4, 0x0, 0x14, 0x0, &(0x7f00000014c0))
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000940)={0x9, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r6, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
r7 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r7, 0x800448d2, &(0x7f0000000a40)={0x0, &(0x7f0000000a00)})
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e20, 0x7fff, 0x4e21, 0x0, 0x2, 0x0, 0x20, 0x16, r6, 0xffffffffffffffff}, {0x100000001, 0x10001, 0x7ff, 0x1, 0x4, 0x5, 0x9, 0x5}, {0x7fffffff, 0x4, 0x3}, 0x8, 0x6e6bba, 0x1, 0x0, 0x3, 0x2}, {{@in6=@local, 0x4d5, 0xff}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0xf}, 0x3507, 0x3, 0x0, 0x81, 0x38a, 0x10000, 0x5d3}}, 0xe8)
accept4$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10, 0x800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair(0x1, 0x800, 0x401, &(0x7f0000000000)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000006c0)={0xa, &(0x7f00000000c0)=[{}, {@none}, {@none}, {@fixed}, {@fixed}, {}, {}, {@none}, {}, {@none}]}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040028bd0500fcdbdf251100000007fff800", @ANYRES32=r2, @ANYBLOB="0600ab00040000000a000600ffffffffffff00000600be00a00a0000"], 0x38}, 0x1, 0x0, 0x0, 0x24008010}, 0x9329fac41c8c29a4) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80) (async)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_int(r4, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000940)={0x9, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r6, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r7, 0x800448d2, &(0x7f0000000a40)={0x0, &(0x7f0000000a00)}) (async)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e20, 0x7fff, 0x4e21, 0x0, 0x2, 0x0, 0x20, 0x16, r6, 0xffffffffffffffff}, {0x100000001, 0x10001, 0x7ff, 0x1, 0x4, 0x5, 0x9, 0x5}, {0x7fffffff, 0x4, 0x3}, 0x8, 0x6e6bba, 0x1, 0x0, 0x3, 0x2}, {{@in6=@local, 0x4d5, 0xff}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0xf}, 0x3507, 0x3, 0x0, 0x81, 0x38a, 0x10000, 0x5d3}}, 0xe8) (async)
accept4$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10, 0x800) (async)

06:33:58 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1161.301359][T31513] FAULT_INJECTION: forcing a failure.
[ 1161.301359][T31513] name failslab, interval 1, probability 0, space 0, times 0
[ 1161.314023][T31513] CPU: 1 PID: 31513 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1161.324088][T31513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1161.333982][T31513] Call Trace:
[ 1161.337103][T31513]  <TASK>
[ 1161.339892][T31513]  dump_stack_lvl+0x151/0x1b7
[ 1161.344394][T31513]  ? bfq_pos_tree_add_move+0x43e/0x43e
06:33:58 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={[0xffffffffffffffff]}, 0x8})

06:33:58 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socketpair(0x1, 0x800, 0x401, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000006c0)={0xa, &(0x7f00000000c0)=[{}, {@none}, {@none}, {@fixed}, {@fixed}, {}, {}, {@none}, {}, {@none}]}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040028bd0500fcdbdf251100000007fff800", @ANYRES32=r2, @ANYBLOB="0600ab00040000000a000600ffffffffffff00000600be00a00a0000"], 0x38}, 0x1, 0x0, 0x0, 0x24008010}, 0x9329fac41c8c29a4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r4, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000940)={0x9, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0) (async, rerun: 64)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc) (rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r6, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}}) (async)
r7 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r7, 0x800448d2, &(0x7f0000000a40)={0x0, &(0x7f0000000a00)})
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e20, 0x7fff, 0x4e21, 0x0, 0x2, 0x0, 0x20, 0x16, r6, 0xffffffffffffffff}, {0x100000001, 0x10001, 0x7ff, 0x1, 0x4, 0x5, 0x9, 0x5}, {0x7fffffff, 0x4, 0x3}, 0x8, 0x6e6bba, 0x1, 0x0, 0x3, 0x2}, {{@in6=@local, 0x4d5, 0xff}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0xf}, 0x3507, 0x3, 0x0, 0x81, 0x38a, 0x10000, 0x5d3}}, 0xe8)
accept4$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10, 0x800)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1161.349690][T31513]  dump_stack+0x15/0x17
[ 1161.353687][T31513]  should_fail+0x3c0/0x510
[ 1161.357934][T31513]  __should_failslab+0x9f/0xe0
[ 1161.362536][T31513]  should_failslab+0x9/0x20
[ 1161.366893][T31513]  kmem_cache_alloc+0x4f/0x2f0
[ 1161.371477][T31513]  ? anon_vma_clone+0xa1/0x4f0
[ 1161.376074][T31513]  anon_vma_clone+0xa1/0x4f0
[ 1161.380588][T31513]  anon_vma_fork+0x91/0x4f0
[ 1161.384931][T31513]  ? anon_vma_name+0x4c/0x70
[ 1161.389447][T31513]  dup_mmap+0x750/0xea0
[ 1161.393530][T31513]  ? __delayed_free_task+0x20/0x20
06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1161.398470][T31513]  ? mm_init+0x807/0x960
[ 1161.402552][T31513]  dup_mm+0x91/0x330
[ 1161.406295][T31513]  copy_mm+0x108/0x1b0
[ 1161.410190][T31513]  copy_process+0x1295/0x3250
[ 1161.414701][T31513]  ? proc_fail_nth_write+0x213/0x290
[ 1161.419821][T31513]  ? proc_fail_nth_read+0x220/0x220
[ 1161.424865][T31513]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1161.429896][T31513]  ? vfs_write+0x9af/0x1050
[ 1161.434251][T31513]  ? vmacache_update+0xb7/0x120
[ 1161.438917][T31513]  kernel_clone+0x22d/0x990
[ 1161.443257][T31513]  ? file_end_write+0x1b0/0x1b0
[ 1161.447936][T31513]  ? __kasan_check_write+0x14/0x20
[ 1161.452883][T31513]  ? create_io_thread+0x1e0/0x1e0
[ 1161.457746][T31513]  ? __mutex_lock_slowpath+0x10/0x10
[ 1161.462866][T31513]  __x64_sys_clone+0x289/0x310
[ 1161.467463][T31513]  ? __do_sys_vfork+0x130/0x130
[ 1161.472149][T31513]  ? debug_smp_processor_id+0x17/0x20
[ 1161.477359][T31513]  do_syscall_64+0x44/0xd0
[ 1161.481618][T31513]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1161.487459][T31513] RIP: 0033:0x7f263a8c35a9
[ 1161.491711][T31513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1161.511156][T31513] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1161.519398][T31513] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1161.527207][T31513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1161.535019][T31513] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1161.542834][T31513] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:33:58 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1161.550656][T31513] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1161.558460][T31513]  </TASK>
06:33:58 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:58 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', 0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:58 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "32b0db42a62d5199", "d42e9a52b90d949ca46d99e46e6e5e6ed4a96e4c94e0ef0a5fba210e3639bcf7", "44f538c1", "0ef1c4c36009e487"}, 0x38)

06:33:58 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

06:33:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1161.804406][T31544] FAULT_INJECTION: forcing a failure.
[ 1161.804406][T31544] name failslab, interval 1, probability 0, space 0, times 0
[ 1161.816887][T31544] CPU: 0 PID: 31544 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1161.826898][T31544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1161.836790][T31544] Call Trace:
[ 1161.839911][T31544]  <TASK>
[ 1161.842691][T31544]  dump_stack_lvl+0x151/0x1b7
[ 1161.847203][T31544]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1161.852499][T31544]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1161.858747][T31544]  dump_stack+0x15/0x17
[ 1161.862738][T31544]  should_fail+0x3c0/0x510
[ 1161.867001][T31544]  __should_failslab+0x9f/0xe0
[ 1161.871594][T31544]  should_failslab+0x9/0x20
[ 1161.876024][T31544]  kmem_cache_alloc+0x4f/0x2f0
[ 1161.880616][T31544]  ? anon_vma_fork+0xf7/0x4f0
[ 1161.885131][T31544]  anon_vma_fork+0xf7/0x4f0
[ 1161.889472][T31544]  ? anon_vma_name+0x43/0x70
[ 1161.893896][T31544]  dup_mmap+0x750/0xea0
[ 1161.897892][T31544]  ? __delayed_free_task+0x20/0x20
[ 1161.902933][T31544]  ? mm_init+0x807/0x960
[ 1161.907004][T31544]  dup_mm+0x91/0x330
[ 1161.910733][T31544]  copy_mm+0x108/0x1b0
[ 1161.914642][T31544]  copy_process+0x1295/0x3250
[ 1161.919162][T31544]  ? proc_fail_nth_write+0x213/0x290
[ 1161.924274][T31544]  ? proc_fail_nth_read+0x220/0x220
[ 1161.929311][T31544]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1161.934256][T31544]  ? vfs_write+0x9af/0x1050
[ 1161.938598][T31544]  ? vmacache_update+0xb7/0x120
[ 1161.943491][T31544]  kernel_clone+0x22d/0x990
[ 1161.947948][T31544]  ? file_end_write+0x1b0/0x1b0
[ 1161.952625][T31544]  ? __kasan_check_write+0x14/0x20
[ 1161.957565][T31544]  ? create_io_thread+0x1e0/0x1e0
[ 1161.962429][T31544]  ? __mutex_lock_slowpath+0x10/0x10
[ 1161.967551][T31544]  __x64_sys_clone+0x289/0x310
[ 1161.972150][T31544]  ? __do_sys_vfork+0x130/0x130
[ 1161.976836][T31544]  ? debug_smp_processor_id+0x17/0x20
[ 1161.982040][T31544]  do_syscall_64+0x44/0xd0
[ 1161.986292][T31544]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1161.992108][T31544] RIP: 0033:0x7f263a8c35a9
[ 1161.996364][T31544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1162.015807][T31544] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1162.024047][T31544] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1162.031856][T31544] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1162.039668][T31544] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1162.047480][T31544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1162.055378][T31544] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1162.063201][T31544]  </TASK>
06:33:59 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:33:59 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "32b0db42a62d5199", "d42e9a52b90d949ca46d99e46e6e5e6ed4a96e4c94e0ef0a5fba210e3639bcf7", "44f538c1", "0ef1c4c36009e487"}, 0x38)

06:33:59 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:59 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

06:33:59 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "32b0db42a62d5199", "d42e9a52b90d949ca46d99e46e6e5e6ed4a96e4c94e0ef0a5fba210e3639bcf7", "44f538c1", "0ef1c4c36009e487"}, 0x38)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, 0x0, 0x0)

[ 1162.271735][T31549] FAULT_INJECTION: forcing a failure.
[ 1162.271735][T31549] name failslab, interval 1, probability 0, space 0, times 0
[ 1162.286205][T31549] CPU: 1 PID: 31549 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1162.296283][T31549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1162.306174][T31549] Call Trace:
[ 1162.309294][T31549]  <TASK>
[ 1162.312066][T31549]  dump_stack_lvl+0x151/0x1b7
[ 1162.316583][T31549]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1162.321884][T31549]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1162.328131][T31549]  dump_stack+0x15/0x17
[ 1162.332269][T31549]  should_fail+0x3c0/0x510
[ 1162.336498][T31549]  __should_failslab+0x9f/0xe0
[ 1162.341094][T31549]  should_failslab+0x9/0x20
[ 1162.345444][T31549]  kmem_cache_alloc+0x4f/0x2f0
[ 1162.350122][T31549]  ? anon_vma_fork+0xf7/0x4f0
[ 1162.354745][T31549]  anon_vma_fork+0xf7/0x4f0
[ 1162.359080][T31549]  ? anon_vma_name+0x43/0x70
[ 1162.363511][T31549]  dup_mmap+0x750/0xea0
[ 1162.367500][T31549]  ? __delayed_free_task+0x20/0x20
[ 1162.372449][T31549]  ? mm_init+0x807/0x960
[ 1162.376669][T31549]  dup_mm+0x91/0x330
[ 1162.380396][T31549]  copy_mm+0x108/0x1b0
[ 1162.384303][T31549]  copy_process+0x1295/0x3250
[ 1162.388823][T31549]  ? proc_fail_nth_write+0x213/0x290
[ 1162.393940][T31549]  ? proc_fail_nth_read+0x220/0x220
[ 1162.398978][T31549]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1162.403917][T31549]  ? vfs_write+0x9af/0x1050
[ 1162.408263][T31549]  ? vmacache_update+0xb7/0x120
[ 1162.412944][T31549]  kernel_clone+0x22d/0x990
[ 1162.417284][T31549]  ? file_end_write+0x1b0/0x1b0
[ 1162.421967][T31549]  ? __kasan_check_write+0x14/0x20
[ 1162.427002][T31549]  ? create_io_thread+0x1e0/0x1e0
[ 1162.431864][T31549]  ? __mutex_lock_slowpath+0x10/0x10
[ 1162.436989][T31549]  __x64_sys_clone+0x289/0x310
[ 1162.441586][T31549]  ? __do_sys_vfork+0x130/0x130
[ 1162.446272][T31549]  ? debug_smp_processor_id+0x17/0x20
[ 1162.451479][T31549]  do_syscall_64+0x44/0xd0
[ 1162.455732][T31549]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1162.461463][T31549] RIP: 0033:0x7f263a8c35a9
[ 1162.465710][T31549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1162.485241][T31549] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1162.493573][T31549] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1162.501386][T31549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1162.509208][T31549] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1162.517006][T31549] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1162.524903][T31549] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1162.532720][T31549]  </TASK>
06:33:59 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:33:59 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x876}, 0x8)

06:33:59 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, 0x0, 0x0)

06:33:59 executing program 4:
clock_gettime(0x5, &(0x7f0000000040)={0x0, <r0=>0x0})
clock_gettime(0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f0000000380)={0x7233b87e, 0xcc, 0xe4a, 0x101, 0x5, 0x1ff, 0x7fffffffffffffff, 0x100000002}, &(0x7f00000003c0)={0x2, 0x2, 0x8, 0x9, 0x3, 0x9, 0x2, 0x2}, &(0x7f0000000400)={0x7b14, 0x3454, 0x4, 0x10001, 0x3, 0x3, 0x8, 0x7f}, &(0x7f0000000440)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x9]}, 0x8})
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
clock_gettime(0x7, &(0x7f0000000080))
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3ff, 0x7, 0x5, 0x7, 0x4, 0x4}, &(0x7f0000000200)={0x657, 0x20, 0xd1b7, 0x7f, 0x400, 0x5, 0xffffffffffff8000, 0x882f}, &(0x7f0000000240)={0x3, 0xac, 0x1ff, 0x20a54b1b, 0x8000000000000000, 0x4, 0x10001, 0x2}, &(0x7f0000000280)={0x0, 0x3938700}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x100000000]}, 0x8})
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
sched_rr_get_interval(r1, &(0x7f0000000500))
clock_gettime(0x6, &(0x7f0000000340))
clock_gettime(0x7, &(0x7f0000000540))

06:33:59 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

06:33:59 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x876}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x876}, 0x8) (async)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, 0x0, 0x0)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040), 0x8)

06:33:59 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:33:59 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x876}, 0x8)

06:33:59 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040), 0x8)

[ 1162.651793][T31572] FAULT_INJECTION: forcing a failure.
[ 1162.651793][T31572] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1162.680697][T31572] CPU: 0 PID: 31572 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1162.690871][T31572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1162.700776][T31572] Call Trace:
[ 1162.703885][T31572]  <TASK>
[ 1162.706674][T31572]  dump_stack_lvl+0x151/0x1b7
[ 1162.711176][T31572]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1162.716476][T31572]  dump_stack+0x15/0x17
[ 1162.720462][T31572]  should_fail+0x3c0/0x510
[ 1162.724715][T31572]  should_fail_alloc_page+0x58/0x70
[ 1162.729754][T31572]  __alloc_pages+0x1de/0x7c0
[ 1162.734186][T31572]  ? __count_vm_events+0x30/0x30
[ 1162.739644][T31572]  pte_alloc_one+0x73/0x1b0
[ 1162.743980][T31572]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1162.749047][T31572]  __pte_alloc+0x86/0x350
[ 1162.753185][T31572]  ? is_module_text_address+0xe1/0x140
[ 1162.758478][T31572]  ? free_pgtables+0x210/0x210
[ 1162.763259][T31572]  ? __kernel_text_address+0x9a/0x110
[ 1162.768459][T31572]  ? unwind_get_return_address+0x4c/0x90
[ 1162.773927][T31572]  copy_pte_range+0x1b1f/0x20b0
[ 1162.778612][T31572]  ? stack_trace_save+0x12d/0x1f0
[ 1162.783581][T31572]  ? anon_vma_clone+0xa1/0x4f0
[ 1162.788172][T31572]  ? __kunmap_atomic+0x80/0x80
[ 1162.792769][T31572]  ? dup_mmap+0x750/0xea0
[ 1162.797051][T31572]  ? dup_mm+0x91/0x330
[ 1162.800955][T31572]  ? copy_mm+0x108/0x1b0
[ 1162.805035][T31572]  ? copy_process+0x1295/0x3250
[ 1162.809716][T31572]  ? kernel_clone+0x22d/0x990
[ 1162.814242][T31572]  ? __x64_sys_clone+0x289/0x310
[ 1162.819130][T31572]  ? do_syscall_64+0x44/0xd0
[ 1162.823552][T31572]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1162.829455][T31572]  copy_page_range+0xc1e/0x1090
[ 1162.834142][T31572]  ? pfn_valid+0x1e0/0x1e0
[ 1162.838396][T31572]  dup_mmap+0x99f/0xea0
[ 1162.842392][T31572]  ? __delayed_free_task+0x20/0x20
[ 1162.847331][T31572]  ? mm_init+0x807/0x960
[ 1162.851412][T31572]  dup_mm+0x91/0x330
[ 1162.855144][T31572]  copy_mm+0x108/0x1b0
[ 1162.859047][T31572]  copy_process+0x1295/0x3250
[ 1162.863592][T31572]  ? proc_fail_nth_write+0x213/0x290
[ 1162.868681][T31572]  ? proc_fail_nth_read+0x220/0x220
[ 1162.873720][T31572]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1162.878661][T31572]  ? vfs_write+0x9af/0x1050
[ 1162.883000][T31572]  ? vmacache_update+0xb7/0x120
[ 1162.887698][T31572]  kernel_clone+0x22d/0x990
[ 1162.892031][T31572]  ? file_end_write+0x1b0/0x1b0
[ 1162.896717][T31572]  ? __kasan_check_write+0x14/0x20
[ 1162.901663][T31572]  ? create_io_thread+0x1e0/0x1e0
[ 1162.906525][T31572]  ? __mutex_lock_slowpath+0x10/0x10
[ 1162.911642][T31572]  __x64_sys_clone+0x289/0x310
[ 1162.916250][T31572]  ? __do_sys_vfork+0x130/0x130
[ 1162.920929][T31572]  ? debug_smp_processor_id+0x17/0x20
[ 1162.926136][T31572]  do_syscall_64+0x44/0xd0
[ 1162.930389][T31572]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1162.936122][T31572] RIP: 0033:0x7f263a8c35a9
[ 1162.940374][T31572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1162.959812][T31572] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1162.968058][T31572] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1162.975957][T31572] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1162.983767][T31572] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1162.991577][T31572] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1162.999502][T31572] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1163.007311][T31572]  </TASK>
06:34:00 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:00 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000c00)='-)N[\xb0\xc1\x04{\xb0\x14\xa6\x8f5y\xcd\x1e^\x00_\xa39-YT\x96P\xcf\x0e\x11\xc9D\x16\xaf\xf8\xf4yX\xae\xa4\xcc3\xaeF.g!w<\xa0\x0fD\xbd\x93\x9e\xf3[\x16H\xa2q\x92u\xb5Vv\x1b.\xf0]\\\'-\xbd\xaf\x86o\xbc\xdc\xb0\xa3\xff\x12\xddB\x875\xd8d\xa8\x9d(\xe1\xbd\xb9\x905I\t\x15mu|.\x1f\xd0\x9c\xb6\x9a\xf6\xc9f\xb8\x94\t\xb6\xf8\xb2g\xcf\x98\xa9U\x95d\x1bC\xf4\xb5q_-\xa2\x90\x9b2\x006mbIq$', 0x0, r0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r1=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280)=r1, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0xf, 0x80000, 0x5, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x14, 0x0, &(0x7f00000014c0))
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NBD_CMD_STATUS(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB='8\x00\x00\x00\x00b', @ANYRES16=0x0, @ANYBLOB="00042abd7000ffdbdf25050000000c00050000000000000000000c0005000b000000000000000c0002008600000000000000f066ba530d05cf32c7484561ef01038e9d6b7b0c0abfc8d160e982ad6b1283d3c7e9bfcf2f7a8fbdb859d576eaf85baa722cd8e04b4e1be4a3f8c7"], 0x38}, 0x1, 0x0, 0x0, 0x8001}, 0x4810)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000ac0)='bpf_lsm_perf_event_free\x00')
ioctl$BINDER_CTL_ADD(r3, 0xc1086201, &(0x7f0000000980)={'custom0\x00'})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x179)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='rpc_xdr_overflow\x00', r6}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000480)=@nat={'nat\x00', 0x1b, 0x5, 0x488, 0x0, 0x1a8, 0xffffffff, 0xe8, 0x1a8, 0x3f0, 0x3f0, 0xffffffff, 0x3f0, 0x3f0, 0x5, &(0x7f0000000400), {[{{@uncond, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x2, 0x4, 0x3, 0x5, 0x1], 0x6, 0x6}}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x1f, @empty, @local, @gre_key=0x3edf, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x3, 0x2d}}]}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@ah={{0x30}, {[0x101, 0x200], 0x1}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0xff000000, 0xff000000], @ipv6=@private2, [0xff000000, 0xff000000, 0xffffffff, 0xffffff00], @ipv4=@empty, [0xffffff, 0xff, 0x0, 0xff], @ipv4=@local, [0xff000000, 0xffffff00, 0xffffffff, 0xffffffff], 0x8, 0x1, 0x6, 0x4e20, 0x4e21, 0x4e24, 0x4e24, 0x2429, 0x2c13}, 0x81, 0x803, 0x4e21, 0x4e21, 0x4e24, 0x4e22}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x15, @multicast1, @remote, @gre_key, @port=0x4e22}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x26}, @private=0xa010100, 0xffffffff, 0xffffff00, 'nicvf0\x00', 'veth1_to_bridge\x00', {0xff}, {}, 0x73, 0x1}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x7, @loopback, @multicast1, @icmp_id=0x67, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fddbdf25010000004800018008000300e0000001060005004e23000014000400fe8000000000000000000000000000aa050002001f000000080006000100000005000200060000000500020002000000040001800800020002000000040001802c000180080006000000000008000700", @ANYRES32=0x0, @ANYBLOB="060005004e20000008000600040000000600010000000000040001800800030002000000"], 0xa4}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000100)='bpf_lsm_path_notify\x00')

06:34:00 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040), 0x8)

06:34:00 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:00 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 1)

06:34:00 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

06:34:00 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:00 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8) (fail_nth: 1)

06:34:00 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1163.480139][T31599] FAULT_INJECTION: forcing a failure.
[ 1163.480139][T31599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1163.497622][T31603] FAULT_INJECTION: forcing a failure.
[ 1163.497622][T31603] name failslab, interval 1, probability 0, space 0, times 0
[ 1163.500160][T31604] FAULT_INJECTION: forcing a failure.
[ 1163.500160][T31604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1163.524137][T31599] CPU: 0 PID: 31599 Comm: syz-executor.0 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1163.534209][T31599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1163.544101][T31599] Call Trace:
[ 1163.547224][T31599]  <TASK>
[ 1163.549999][T31599]  dump_stack_lvl+0x151/0x1b7
[ 1163.554517][T31599]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1163.559814][T31599]  dump_stack+0x15/0x17
[ 1163.563800][T31599]  should_fail+0x3c0/0x510
[ 1163.568059][T31599]  should_fail_usercopy+0x1a/0x20
[ 1163.572912][T31599]  _copy_from_user+0x20/0xd0
[ 1163.577339][T31599]  __sys_bpf+0x1f6/0x750
[ 1163.581419][T31599]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 1163.586629][T31599]  ? debug_smp_processor_id+0x17/0x20
[ 1163.591831][T31599]  __x64_sys_bpf+0x7c/0x90
[ 1163.596086][T31599]  do_syscall_64+0x44/0xd0
[ 1163.600337][T31599]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1163.606069][T31599] RIP: 0033:0x7f39d8eaa5a9
[ 1163.610321][T31599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1163.629758][T31599] RSP: 002b:00007f39d7c1e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1163.638005][T31599] RAX: ffffffffffffffda RBX: 00007f39d8fcaf80 RCX: 00007f39d8eaa5a9
[ 1163.645814][T31599] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003
[ 1163.653626][T31599] RBP: 00007f39d7c1e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1163.661439][T31599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1163.669252][T31599] R13: 00007fff7257baaf R14: 00007f39d7c1e300 R15: 0000000000022000
[ 1163.677062][T31599]  </TASK>
[ 1163.679926][T31603] CPU: 1 PID: 31603 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1163.690006][T31603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1163.699886][T31603] Call Trace:
[ 1163.703010][T31603]  <TASK>
[ 1163.705791][T31603]  dump_stack_lvl+0x151/0x1b7
[ 1163.710302][T31603]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1163.715596][T31603]  ? do_syscall_64+0x44/0xd0
[ 1163.720033][T31603]  dump_stack+0x15/0x17
[ 1163.724015][T31603]  should_fail+0x3c0/0x510
[ 1163.728270][T31603]  __should_failslab+0x9f/0xe0
[ 1163.732869][T31603]  should_failslab+0x9/0x20
[ 1163.737208][T31603]  kmem_cache_alloc+0x4f/0x2f0
[ 1163.741814][T31603]  ? anon_vma_clone+0xa1/0x4f0
[ 1163.746408][T31603]  anon_vma_clone+0xa1/0x4f0
[ 1163.750835][T31603]  anon_vma_fork+0x91/0x4f0
[ 1163.755180][T31603]  ? anon_vma_name+0x43/0x70
[ 1163.759599][T31603]  dup_mmap+0x750/0xea0
[ 1163.763592][T31603]  ? __delayed_free_task+0x20/0x20
[ 1163.768540][T31603]  ? mm_init+0x807/0x960
[ 1163.772616][T31603]  dup_mm+0x91/0x330
[ 1163.776698][T31603]  copy_mm+0x108/0x1b0
[ 1163.780603][T31603]  copy_process+0x1295/0x3250
[ 1163.785117][T31603]  ? proc_fail_nth_write+0x213/0x290
[ 1163.790236][T31603]  ? proc_fail_nth_read+0x220/0x220
[ 1163.795270][T31603]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1163.800218][T31603]  ? vfs_write+0x9af/0x1050
[ 1163.804565][T31603]  ? vmacache_update+0xb7/0x120
[ 1163.809243][T31603]  kernel_clone+0x22d/0x990
[ 1163.813598][T31603]  ? file_end_write+0x1b0/0x1b0
[ 1163.818280][T31603]  ? __kasan_check_write+0x14/0x20
[ 1163.823219][T31603]  ? create_io_thread+0x1e0/0x1e0
[ 1163.828078][T31603]  ? __mutex_lock_slowpath+0x10/0x10
[ 1163.833200][T31603]  __x64_sys_clone+0x289/0x310
[ 1163.837800][T31603]  ? __do_sys_vfork+0x130/0x130
[ 1163.842484][T31603]  ? debug_smp_processor_id+0x17/0x20
[ 1163.847694][T31603]  do_syscall_64+0x44/0xd0
[ 1163.851956][T31603]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1163.857673][T31603] RIP: 0033:0x7f263a8c35a9
[ 1163.861925][T31603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
06:34:00 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1163.881366][T31603] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1163.889611][T31603] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1163.897423][T31603] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1163.905233][T31603] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1163.913042][T31603] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1163.920855][T31603] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1163.928674][T31603]  </TASK>
[ 1163.933935][T31604] CPU: 0 PID: 31604 Comm: syz-executor.4 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1163.943997][T31604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1163.953982][T31604] Call Trace:
[ 1163.957114][T31604]  <TASK>
[ 1163.959882][T31604]  dump_stack_lvl+0x151/0x1b7
[ 1163.964404][T31604]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1163.969699][T31604]  ? security_file_permission+0xf3/0x5f0
[ 1163.975156][T31604]  ? preempt_count_add+0x90/0x1a0
[ 1163.980016][T31604]  dump_stack+0x15/0x17
[ 1163.984009][T31604]  should_fail+0x3c0/0x510
[ 1163.988265][T31604]  should_fail_usercopy+0x1a/0x20
[ 1163.993125][T31604]  _copy_from_user+0x20/0xd0
[ 1163.997556][T31604]  get_timespec64+0x91/0x260
[ 1164.001977][T31604]  ? timespec64_add_safe+0x230/0x230
[ 1164.007101][T31604]  ? mutex_unlock+0xa2/0x110
[ 1164.011519][T31604]  ? __mutex_lock_slowpath+0x10/0x10
[ 1164.016642][T31604]  __do_sys_pselect6+0x11d/0x3e0
[ 1164.021414][T31604]  ? ksys_write+0x25f/0x2c0
[ 1164.025753][T31604]  ? poll_select_finish+0x7a0/0x7a0
[ 1164.030788][T31604]  ? __ia32_sys_read+0x90/0x90
[ 1164.035390][T31604]  __x64_sys_pselect6+0xe5/0x100
[ 1164.040161][T31604]  do_syscall_64+0x44/0xd0
[ 1164.044415][T31604]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1164.050142][T31604] RIP: 0033:0x7f8cbabee5a9
[ 1164.054397][T31604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1164.073835][T31604] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
06:34:01 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000c00)='-)N[\xb0\xc1\x04{\xb0\x14\xa6\x8f5y\xcd\x1e^\x00_\xa39-YT\x96P\xcf\x0e\x11\xc9D\x16\xaf\xf8\xf4yX\xae\xa4\xcc3\xaeF.g!w<\xa0\x0fD\xbd\x93\x9e\xf3[\x16H\xa2q\x92u\xb5Vv\x1b.\xf0]\\\'-\xbd\xaf\x86o\xbc\xdc\xb0\xa3\xff\x12\xddB\x875\xd8d\xa8\x9d(\xe1\xbd\xb9\x905I\t\x15mu|.\x1f\xd0\x9c\xb6\x9a\xf6\xc9f\xb8\x94\t\xb6\xf8\xb2g\xcf\x98\xa9U\x95d\x1bC\xf4\xb5q_-\xa2\x90\x9b2\x006mbIq$', 0x0, r0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r1=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280)=r1, 0x4) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair(0xf, 0x80000, 0x5, &(0x7f0000000200)={<r3=>0xffffffffffffffff}) (async)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) (async)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) (async)
sendmsg$NBD_CMD_STATUS(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB='8\x00\x00\x00\x00b', @ANYRES16=0x0, @ANYBLOB="00042abd7000ffdbdf25050000000c00050000000000000000000c0005000b000000000000000c0002008600000000000000f066ba530d05cf32c7484561ef01038e9d6b7b0c0abfc8d160e982ad6b1283d3c7e9bfcf2f7a8fbdb859d576eaf85baa722cd8e04b4e1be4a3f8c7"], 0x38}, 0x1, 0x0, 0x0, 0x8001}, 0x4810) (async, rerun: 64)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000ac0)='bpf_lsm_perf_event_free\x00') (rerun: 64)
ioctl$BINDER_CTL_ADD(r3, 0xc1086201, &(0x7f0000000980)={'custom0\x00'})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x179)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='rpc_xdr_overflow\x00', r6}, 0x10) (async)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000480)=@nat={'nat\x00', 0x1b, 0x5, 0x488, 0x0, 0x1a8, 0xffffffff, 0xe8, 0x1a8, 0x3f0, 0x3f0, 0xffffffff, 0x3f0, 0x3f0, 0x5, &(0x7f0000000400), {[{{@uncond, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x2, 0x4, 0x3, 0x5, 0x1], 0x6, 0x6}}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x1f, @empty, @local, @gre_key=0x3edf, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x3, 0x2d}}]}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@ah={{0x30}, {[0x101, 0x200], 0x1}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0xff000000, 0xff000000], @ipv6=@private2, [0xff000000, 0xff000000, 0xffffffff, 0xffffff00], @ipv4=@empty, [0xffffff, 0xff, 0x0, 0xff], @ipv4=@local, [0xff000000, 0xffffff00, 0xffffffff, 0xffffffff], 0x8, 0x1, 0x6, 0x4e20, 0x4e21, 0x4e24, 0x4e24, 0x2429, 0x2c13}, 0x81, 0x803, 0x4e21, 0x4e21, 0x4e24, 0x4e22}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x15, @multicast1, @remote, @gre_key, @port=0x4e22}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x26}, @private=0xa010100, 0xffffffff, 0xffffff00, 'nicvf0\x00', 'veth1_to_bridge\x00', {0xff}, {}, 0x73, 0x1}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x7, @loopback, @multicast1, @icmp_id=0x67, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fddbdf25010000004800018008000300e0000001060005004e23000014000400fe8000000000000000000000000000aa050002001f000000080006000100000005000200060000000500020002000000040001800800020002000000040001802c000180080006000000000008000700", @ANYRES32=0x0, @ANYBLOB="060005004e20000008000600040000000600010000000000040001800800030002000000"], 0xa4}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000100)='bpf_lsm_path_notify\x00')

06:34:01 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

06:34:01 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r3, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:01 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8) (fail_nth: 2)

[ 1164.082080][T31604] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
[ 1164.089890][T31604] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1164.097796][T31604] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1164.105613][T31604] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1164.113426][T31604] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1164.121234][T31604]  </TASK>
06:34:01 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1164.144948][T31620] FAULT_INJECTION: forcing a failure.
[ 1164.144948][T31620] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.160487][T31623] FAULT_INJECTION: forcing a failure.
[ 1164.160487][T31623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1164.178821][T31620] CPU: 0 PID: 31620 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1164.188894][T31620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1164.198786][T31620] Call Trace:
[ 1164.201913][T31620]  <TASK>
[ 1164.204685][T31620]  dump_stack_lvl+0x151/0x1b7
[ 1164.209208][T31620]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1164.214501][T31620]  dump_stack+0x15/0x17
[ 1164.218487][T31620]  should_fail+0x3c0/0x510
[ 1164.222739][T31620]  __should_failslab+0x9f/0xe0
[ 1164.227341][T31620]  should_failslab+0x9/0x20
[ 1164.231861][T31620]  kmem_cache_alloc+0x4f/0x2f0
[ 1164.236461][T31620]  ? anon_vma_clone+0xa1/0x4f0
[ 1164.241055][T31620]  anon_vma_clone+0xa1/0x4f0
[ 1164.245487][T31620]  anon_vma_fork+0x91/0x4f0
[ 1164.249826][T31620]  ? anon_vma_name+0x4c/0x70
[ 1164.254246][T31620]  dup_mmap+0x750/0xea0
[ 1164.258242][T31620]  ? __delayed_free_task+0x20/0x20
[ 1164.263188][T31620]  ? mm_init+0x807/0x960
[ 1164.267446][T31620]  dup_mm+0x91/0x330
[ 1164.271179][T31620]  copy_mm+0x108/0x1b0
[ 1164.275084][T31620]  copy_process+0x1295/0x3250
[ 1164.279690][T31620]  ? proc_fail_nth_write+0x213/0x290
[ 1164.284812][T31620]  ? proc_fail_nth_read+0x220/0x220
[ 1164.289840][T31620]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1164.294792][T31620]  ? vfs_write+0x9af/0x1050
[ 1164.299126][T31620]  ? vmacache_update+0xb7/0x120
[ 1164.303819][T31620]  kernel_clone+0x22d/0x990
[ 1164.308155][T31620]  ? file_end_write+0x1b0/0x1b0
[ 1164.312839][T31620]  ? __kasan_check_write+0x14/0x20
[ 1164.317812][T31620]  ? create_io_thread+0x1e0/0x1e0
[ 1164.322645][T31620]  ? __mutex_lock_slowpath+0x10/0x10
[ 1164.327767][T31620]  __x64_sys_clone+0x289/0x310
[ 1164.332367][T31620]  ? __do_sys_vfork+0x130/0x130
[ 1164.337056][T31620]  ? debug_smp_processor_id+0x17/0x20
06:34:01 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 2)

06:34:01 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1164.342263][T31620]  do_syscall_64+0x44/0xd0
[ 1164.346511][T31620]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1164.352243][T31620] RIP: 0033:0x7f263a8c35a9
[ 1164.356494][T31620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1164.357564][T31630] FAULT_INJECTION: forcing a failure.
[ 1164.357564][T31630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1164.375932][T31620] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1164.375962][T31620] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1164.375975][T31620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1164.375986][T31620] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1164.375996][T31620] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1164.376006][T31620] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1164.376021][T31620]  </TASK>
[ 1164.439937][T31630] CPU: 1 PID: 31630 Comm: syz-executor.4 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1164.450011][T31630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1164.459989][T31630] Call Trace:
[ 1164.463107][T31630]  <TASK>
[ 1164.465988][T31630]  dump_stack_lvl+0x151/0x1b7
[ 1164.470484][T31630]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1164.475778][T31630]  ? compat_start_thread+0x20/0x20
[ 1164.480724][T31630]  dump_stack+0x15/0x17
[ 1164.484718][T31630]  should_fail+0x3c0/0x510
[ 1164.488969][T31630]  should_fail_usercopy+0x1a/0x20
[ 1164.493838][T31630]  _copy_from_user+0x20/0xd0
[ 1164.498264][T31630]  core_sys_select+0x372/0x7e0
[ 1164.502861][T31630]  ? poll_select_set_timeout+0x160/0x160
[ 1164.508332][T31630]  ? __kasan_check_read+0x11/0x20
[ 1164.513363][T31630]  ? sigprocmask+0x280/0x280
[ 1164.517794][T31630]  ? __do_sys_pselect6+0x20b/0x3e0
[ 1164.522731][T31630]  ? __do_sys_pselect6+0x2d3/0x3e0
[ 1164.527681][T31630]  __do_sys_pselect6+0x25d/0x3e0
[ 1164.532455][T31630]  ? poll_select_finish+0x7a0/0x7a0
[ 1164.537487][T31630]  ? __ia32_sys_read+0x90/0x90
[ 1164.542088][T31630]  __x64_sys_pselect6+0xe5/0x100
[ 1164.546868][T31630]  do_syscall_64+0x44/0xd0
[ 1164.551114][T31630]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1164.556839][T31630] RIP: 0033:0x7f8cbabee5a9
[ 1164.561098][T31630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1164.580535][T31630] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1164.588784][T31630] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
06:34:01 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1164.596592][T31630] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1164.604669][T31630] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1164.612475][T31630] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1164.620285][T31630] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1164.628099][T31630]  </TASK>
[ 1164.631052][T31623] CPU: 0 PID: 31623 Comm: syz-executor.0 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
06:34:01 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x0, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:01 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000c00)='-)N[\xb0\xc1\x04{\xb0\x14\xa6\x8f5y\xcd\x1e^\x00_\xa39-YT\x96P\xcf\x0e\x11\xc9D\x16\xaf\xf8\xf4yX\xae\xa4\xcc3\xaeF.g!w<\xa0\x0fD\xbd\x93\x9e\xf3[\x16H\xa2q\x92u\xb5Vv\x1b.\xf0]\\\'-\xbd\xaf\x86o\xbc\xdc\xb0\xa3\xff\x12\xddB\x875\xd8d\xa8\x9d(\xe1\xbd\xb9\x905I\t\x15mu|.\x1f\xd0\x9c\xb6\x9a\xf6\xc9f\xb8\x94\t\xb6\xf8\xb2g\xcf\x98\xa9U\x95d\x1bC\xf4\xb5q_-\xa2\x90\x9b2\x006mbIq$', 0x0, r0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r1=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280)=r1, 0x4) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0xf, 0x80000, 0x5, &(0x7f0000000200)={<r3=>0xffffffffffffffff}) (async)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) (async)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x14, 0x0, &(0x7f00000014c0)) (async)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) (async, rerun: 32)
sendmsg$NBD_CMD_STATUS(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB='8\x00\x00\x00\x00b', @ANYRES16=0x0, @ANYBLOB="00042abd7000ffdbdf25050000000c00050000000000000000000c0005000b000000000000000c0002008600000000000000f066ba530d05cf32c7484561ef01038e9d6b7b0c0abfc8d160e982ad6b1283d3c7e9bfcf2f7a8fbdb859d576eaf85baa722cd8e04b4e1be4a3f8c7"], 0x38}, 0x1, 0x0, 0x0, 0x8001}, 0x4810) (async, rerun: 32)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000ac0)='bpf_lsm_perf_event_free\x00')
ioctl$BINDER_CTL_ADD(r3, 0xc1086201, &(0x7f0000000980)={'custom0\x00'}) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x179)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='rpc_xdr_overflow\x00', r6}, 0x10) (async, rerun: 32)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000480)=@nat={'nat\x00', 0x1b, 0x5, 0x488, 0x0, 0x1a8, 0xffffffff, 0xe8, 0x1a8, 0x3f0, 0x3f0, 0xffffffff, 0x3f0, 0x3f0, 0x5, &(0x7f0000000400), {[{{@uncond, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x2, 0x4, 0x3, 0x5, 0x1], 0x6, 0x6}}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x1f, @empty, @local, @gre_key=0x3edf, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x3, 0x2d}}]}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@ah={{0x30}, {[0x101, 0x200], 0x1}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0xff000000, 0xff000000], @ipv6=@private2, [0xff000000, 0xff000000, 0xffffffff, 0xffffff00], @ipv4=@empty, [0xffffff, 0xff, 0x0, 0xff], @ipv4=@local, [0xff000000, 0xffffff00, 0xffffffff, 0xffffffff], 0x8, 0x1, 0x6, 0x4e20, 0x4e21, 0x4e24, 0x4e24, 0x2429, 0x2c13}, 0x81, 0x803, 0x4e21, 0x4e21, 0x4e24, 0x4e22}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x15, @multicast1, @remote, @gre_key, @port=0x4e22}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x26}, @private=0xa010100, 0xffffffff, 0xffffff00, 'nicvf0\x00', 'veth1_to_bridge\x00', {0xff}, {}, 0x73, 0x1}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x7, @loopback, @multicast1, @icmp_id=0x67, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) (rerun: 32)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fddbdf25010000004800018008000300e0000001060005004e23000014000400fe8000000000000000000000000000aa050002001f000000080006000100000005000200060000000500020002000000040001800800020002000000040001802c000180080006000000000008000700", @ANYRES32=0x0, @ANYBLOB="060005004e20000008000600040000000600010000000000040001800800030002000000"], 0xa4}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000) (async, rerun: 32)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10) (rerun: 32)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000100)='bpf_lsm_path_notify\x00')

06:34:01 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

06:34:01 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 3)

[ 1164.641118][T31623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1164.651013][T31623] Call Trace:
[ 1164.654137][T31623]  <TASK>
[ 1164.656917][T31623]  dump_stack_lvl+0x151/0x1b7
[ 1164.661428][T31623]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1164.666730][T31623]  dump_stack+0x15/0x17
[ 1164.670715][T31623]  should_fail+0x3c0/0x510
[ 1164.674968][T31623]  should_fail_usercopy+0x1a/0x20
[ 1164.679828][T31623]  _copy_to_user+0x20/0x90
[ 1164.684080][T31623]  simple_read_from_buffer+0xdd/0x160
[ 1164.689375][T31623]  proc_fail_nth_read+0x1af/0x220
[ 1164.694255][T31623]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1164.699706][T31623]  ? security_file_permission+0x497/0x5f0
[ 1164.700486][T31644] FAULT_INJECTION: forcing a failure.
[ 1164.700486][T31644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1164.705256][T31623]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1164.705281][T31623]  vfs_read+0x299/0xd80
[ 1164.705299][T31623]  ? __fget_files+0x310/0x370
[ 1164.726829][T31646] FAULT_INJECTION: forcing a failure.
[ 1164.726829][T31646] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.727561][T31623]  ? kernel_read+0x1f0/0x1f0
[ 1164.748921][T31623]  ? __kasan_check_write+0x14/0x20
[ 1164.753863][T31623]  ? mutex_lock+0xb6/0x130
[ 1164.758115][T31623]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1164.764536][T31623]  ? __fdget_pos+0x26d/0x310
[ 1164.768962][T31623]  ? ksys_read+0x77/0x2c0
[ 1164.773126][T31623]  ksys_read+0x198/0x2c0
[ 1164.777206][T31623]  ? vfs_write+0x1050/0x1050
[ 1164.781632][T31623]  ? debug_smp_processor_id+0x17/0x20
[ 1164.786839][T31623]  __x64_sys_read+0x7b/0x90
[ 1164.791189][T31623]  do_syscall_64+0x44/0xd0
[ 1164.795430][T31623]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1164.801165][T31623] RIP: 0033:0x7f39d8e5c2ec
[ 1164.805426][T31623] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1164.824854][T31623] RSP: 002b:00007f39d7c1e160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1164.833100][T31623] RAX: ffffffffffffffda RBX: 00007f39d8fcaf80 RCX: 00007f39d8e5c2ec
[ 1164.840907][T31623] RDX: 000000000000000f RSI: 00007f39d7c1e1e0 RDI: 0000000000000003
[ 1164.848808][T31623] RBP: 00007f39d7c1e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1164.856618][T31623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1164.864429][T31623] R13: 00007fff7257baaf R14: 00007f39d7c1e300 R15: 0000000000022000
[ 1164.872244][T31623]  </TASK>
[ 1164.875106][T31644] CPU: 1 PID: 31644 Comm: syz-executor.4 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1164.885194][T31644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1164.895067][T31644] Call Trace:
[ 1164.898192][T31644]  <TASK>
[ 1164.900969][T31644]  dump_stack_lvl+0x151/0x1b7
[ 1164.905481][T31644]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1164.910778][T31644]  dump_stack+0x15/0x17
[ 1164.914767][T31644]  should_fail+0x3c0/0x510
[ 1164.919022][T31644]  should_fail_usercopy+0x1a/0x20
[ 1164.923882][T31644]  _copy_from_user+0x20/0xd0
[ 1164.928310][T31644]  core_sys_select+0x4ef/0x7e0
[ 1164.932912][T31644]  ? poll_select_set_timeout+0x160/0x160
[ 1164.938377][T31644]  ? security_file_permission+0xf3/0x5f0
[ 1164.943847][T31644]  ? sigprocmask+0x280/0x280
[ 1164.948271][T31644]  ? mutex_unlock+0xa2/0x110
[ 1164.952697][T31644]  ? __mutex_lock_slowpath+0x10/0x10
[ 1164.957818][T31644]  __do_sys_pselect6+0x25d/0x3e0
[ 1164.962591][T31644]  ? poll_select_finish+0x7a0/0x7a0
[ 1164.967629][T31644]  ? __ia32_sys_read+0x90/0x90
[ 1164.972225][T31644]  __x64_sys_pselect6+0xe5/0x100
[ 1164.977002][T31644]  do_syscall_64+0x44/0xd0
[ 1164.981252][T31644]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1164.986987][T31644] RIP: 0033:0x7f8cbabee5a9
[ 1164.991233][T31644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1165.010671][T31644] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1165.018918][T31644] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
[ 1165.026817][T31644] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1165.034625][T31644] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1165.042440][T31644] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1165.050544][T31644] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1165.058357][T31644]  </TASK>
[ 1165.061219][T31646] CPU: 0 PID: 31646 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1165.071291][T31646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1165.081182][T31646] Call Trace:
[ 1165.084305][T31646]  <TASK>
[ 1165.087082][T31646]  dump_stack_lvl+0x151/0x1b7
[ 1165.091596][T31646]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1165.096890][T31646]  dump_stack+0x15/0x17
[ 1165.100883][T31646]  should_fail+0x3c0/0x510
[ 1165.105135][T31646]  __should_failslab+0x9f/0xe0
[ 1165.109737][T31646]  should_failslab+0x9/0x20
[ 1165.114074][T31646]  kmem_cache_alloc+0x4f/0x2f0
[ 1165.118671][T31646]  ? anon_vma_clone+0xa1/0x4f0
[ 1165.123272][T31646]  anon_vma_clone+0xa1/0x4f0
[ 1165.127847][T31646]  anon_vma_fork+0x91/0x4f0
[ 1165.132166][T31646]  ? anon_vma_name+0x43/0x70
[ 1165.136591][T31646]  dup_mmap+0x750/0xea0
[ 1165.140587][T31646]  ? __delayed_free_task+0x20/0x20
[ 1165.145535][T31646]  ? mm_init+0x807/0x960
[ 1165.149622][T31646]  dup_mm+0x91/0x330
[ 1165.153346][T31646]  copy_mm+0x108/0x1b0
[ 1165.157250][T31646]  copy_process+0x1295/0x3250
[ 1165.161763][T31646]  ? proc_fail_nth_write+0x213/0x290
[ 1165.166882][T31646]  ? proc_fail_nth_read+0x220/0x220
[ 1165.171916][T31646]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1165.176862][T31646]  ? vfs_write+0x9af/0x1050
[ 1165.181203][T31646]  ? vmacache_update+0xb7/0x120
[ 1165.185888][T31646]  kernel_clone+0x22d/0x990
[ 1165.190260][T31646]  ? file_end_write+0x1b0/0x1b0
[ 1165.194916][T31646]  ? __kasan_check_write+0x14/0x20
[ 1165.199862][T31646]  ? create_io_thread+0x1e0/0x1e0
[ 1165.204723][T31646]  ? __mutex_lock_slowpath+0x10/0x10
[ 1165.209843][T31646]  __x64_sys_clone+0x289/0x310
[ 1165.214444][T31646]  ? __do_sys_vfork+0x130/0x130
[ 1165.219132][T31646]  ? debug_smp_processor_id+0x17/0x20
[ 1165.224337][T31646]  do_syscall_64+0x44/0xd0
[ 1165.228591][T31646]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1165.234316][T31646] RIP: 0033:0x7f263a8c35a9
[ 1165.238572][T31646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1165.258019][T31646] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1165.266268][T31646] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1165.274068][T31646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1165.281883][T31646] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.289694][T31646] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:34:02 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x3, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x0, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:02 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x0)

06:34:02 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x2, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x4, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1165.297501][T31646] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1165.305315][T31646]  </TASK>
06:34:02 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x0) (async)

06:34:02 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 4)

06:34:02 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83)

06:34:02 executing program 3:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x5, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x200}, 0x0) (async)

[ 1165.398308][T31671] FAULT_INJECTION: forcing a failure.
[ 1165.398308][T31671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.416514][T31675] FAULT_INJECTION: forcing a failure.
[ 1165.416514][T31675] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.435744][T31671] CPU: 0 PID: 31671 Comm: syz-executor.4 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1165.445831][T31671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1165.455719][T31671] Call Trace:
[ 1165.458842][T31671]  <TASK>
[ 1165.461620][T31671]  dump_stack_lvl+0x151/0x1b7
[ 1165.466141][T31671]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1165.471424][T31671]  dump_stack+0x15/0x17
[ 1165.475419][T31671]  should_fail+0x3c0/0x510
[ 1165.479668][T31671]  should_fail_usercopy+0x1a/0x20
[ 1165.484532][T31671]  set_fd_set+0x2d/0x80
[ 1165.488524][T31671]  core_sys_select+0x61e/0x7e0
[ 1165.493125][T31671]  ? poll_select_set_timeout+0x160/0x160
[ 1165.498594][T31671]  ? security_file_permission+0xf3/0x5f0
[ 1165.504060][T31671]  ? sigprocmask+0x280/0x280
[ 1165.508483][T31671]  ? mutex_unlock+0xa2/0x110
[ 1165.512907][T31671]  ? __mutex_lock_slowpath+0x10/0x10
[ 1165.518028][T31671]  __do_sys_pselect6+0x25d/0x3e0
[ 1165.522809][T31671]  ? poll_select_finish+0x7a0/0x7a0
[ 1165.527834][T31671]  ? __ia32_sys_read+0x90/0x90
[ 1165.532441][T31671]  __x64_sys_pselect6+0xe5/0x100
[ 1165.537211][T31671]  do_syscall_64+0x44/0xd0
[ 1165.541468][T31671]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1165.547190][T31671] RIP: 0033:0x7f8cbabee5a9
[ 1165.551446][T31671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1165.570883][T31671] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1165.579133][T31671] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
[ 1165.586946][T31671] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1165.594749][T31671] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1165.602568][T31671] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1165.610409][T31671] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1165.618193][T31671]  </TASK>
[ 1165.621053][T31675] CPU: 1 PID: 31675 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1165.631125][T31675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1165.641014][T31675] Call Trace:
[ 1165.644138][T31675]  <TASK>
[ 1165.646912][T31675]  dump_stack_lvl+0x151/0x1b7
[ 1165.651426][T31675]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1165.656722][T31675]  dump_stack+0x15/0x17
[ 1165.660711][T31675]  should_fail+0x3c0/0x510
[ 1165.664967][T31675]  __should_failslab+0x9f/0xe0
[ 1165.669568][T31675]  should_failslab+0x9/0x20
[ 1165.673917][T31675]  kmem_cache_alloc+0x4f/0x2f0
[ 1165.678515][T31675]  ? anon_vma_fork+0x1b9/0x4f0
[ 1165.683104][T31675]  anon_vma_fork+0x1b9/0x4f0
[ 1165.687533][T31675]  dup_mmap+0x750/0xea0
[ 1165.691526][T31675]  ? __delayed_free_task+0x20/0x20
[ 1165.696470][T31675]  ? mm_init+0x807/0x960
[ 1165.700640][T31675]  dup_mm+0x91/0x330
[ 1165.704369][T31675]  copy_mm+0x108/0x1b0
[ 1165.708280][T31675]  copy_process+0x1295/0x3250
[ 1165.712789][T31675]  ? proc_fail_nth_write+0x213/0x290
[ 1165.717907][T31675]  ? proc_fail_nth_read+0x220/0x220
[ 1165.722942][T31675]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1165.727977][T31675]  ? vfs_write+0x9af/0x1050
[ 1165.732318][T31675]  ? vmacache_update+0xb7/0x120
[ 1165.737007][T31675]  kernel_clone+0x22d/0x990
[ 1165.741351][T31675]  ? file_end_write+0x1b0/0x1b0
[ 1165.746119][T31675]  ? __kasan_check_write+0x14/0x20
[ 1165.751072][T31675]  ? create_io_thread+0x1e0/0x1e0
[ 1165.755923][T31675]  ? __mutex_lock_slowpath+0x10/0x10
[ 1165.761055][T31675]  __x64_sys_clone+0x289/0x310
[ 1165.765644][T31675]  ? __do_sys_vfork+0x130/0x130
[ 1165.770464][T31675]  ? debug_smp_processor_id+0x17/0x20
[ 1165.775643][T31675]  do_syscall_64+0x44/0xd0
[ 1165.779899][T31675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1165.785625][T31675] RIP: 0033:0x7f263a8c35a9
06:34:02 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x0, 0x46, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:02 executing program 3:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x6, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:02 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="baba908147c785f1ff1760ef20363451", 0x10)

06:34:02 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 5)

06:34:03 executing program 3:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1165.789969][T31675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1165.809536][T31675] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1165.818446][T31675] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1165.826254][T31675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1165.834072][T31675] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.841882][T31675] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:34:03 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x7, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:03 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1165.849695][T31675] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1165.853623][T31683] FAULT_INJECTION: forcing a failure.
[ 1165.853623][T31683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.857503][T31675]  </TASK>
[ 1165.872694][T31675] ==================================================================
[ 1165.881115][T31675] BUG: KASAN: use-after-free in vm_area_free+0x7e/0x230
[ 1165.887977][T31675] Write of size 4 at addr ffff88811e491058 by task syz-executor.1/31675
[ 1165.896157][T31675] 
[ 1165.896158][T31683] CPU: 0 PID: 31683 Comm: syz-executor.4 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1165.908363][T31683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1165.918260][T31683] Call Trace:
[ 1165.921382][T31683]  <TASK>
[ 1165.924159][T31683]  dump_stack_lvl+0x151/0x1b7
[ 1165.928670][T31683]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1165.933967][T31683]  dump_stack+0x15/0x17
[ 1165.937957][T31683]  should_fail+0x3c0/0x510
[ 1165.942209][T31683]  should_fail_usercopy+0x1a/0x20
[ 1165.947069][T31683]  set_fd_set+0x2d/0x80
[ 1165.951088][T31683]  core_sys_select+0x75b/0x7e0
[ 1165.955665][T31683]  ? poll_select_set_timeout+0x160/0x160
[ 1165.961130][T31683]  ? security_file_permission+0xf3/0x5f0
[ 1165.966621][T31683]  ? sigprocmask+0x280/0x280
[ 1165.971022][T31683]  ? mutex_unlock+0xa2/0x110
[ 1165.975448][T31683]  ? __mutex_lock_slowpath+0x10/0x10
[ 1165.980571][T31683]  __do_sys_pselect6+0x25d/0x3e0
[ 1165.985345][T31683]  ? poll_select_finish+0x7a0/0x7a0
[ 1165.990378][T31683]  ? __ia32_sys_read+0x90/0x90
[ 1165.994979][T31683]  __x64_sys_pselect6+0xe5/0x100
[ 1166.000101][T31683]  do_syscall_64+0x44/0xd0
[ 1166.004402][T31683]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.010077][T31683] RIP: 0033:0x7f8cbabee5a9
[ 1166.014331][T31683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1166.033772][T31683] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1166.042019][T31683] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
[ 1166.049834][T31683] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1166.057642][T31683] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1166.065457][T31683] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1166.073356][T31683] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1166.081165][T31683]  </TASK>
[ 1166.084035][T31675] CPU: 1 PID: 31675 Comm: syz-executor.1 Not tainted 5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1166.094183][T31675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1166.104077][T31675] Call Trace:
[ 1166.107201][T31675]  <TASK>
[ 1166.109982][T31675]  dump_stack_lvl+0x151/0x1b7
[ 1166.114495][T31675]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1166.119785][T31675]  ? panic+0x727/0x727
[ 1166.123688][T31675]  ? slab_free_freelist_hook+0xc9/0x1a0
[ 1166.129163][T31675]  print_address_description+0x87/0x3d0
[ 1166.134552][T31675]  kasan_report+0x1a6/0x1f0
[ 1166.138878][T31675]  ? vm_area_free+0x7e/0x230
[ 1166.143303][T31675]  ? vm_area_free+0x7e/0x230
[ 1166.147730][T31675]  kasan_check_range+0x2aa/0x2e0
[ 1166.152531][T31675]  __kasan_check_write+0x14/0x20
[ 1166.157276][T31675]  vm_area_free+0x7e/0x230
[ 1166.161529][T31675]  dup_mmap+0xbcd/0xea0
[ 1166.165523][T31675]  ? __delayed_free_task+0x20/0x20
[ 1166.170469][T31675]  ? mm_init+0x807/0x960
[ 1166.174557][T31675]  dup_mm+0x91/0x330
[ 1166.178288][T31675]  copy_mm+0x108/0x1b0
[ 1166.182184][T31675]  copy_process+0x1295/0x3250
[ 1166.186708][T31675]  ? proc_fail_nth_write+0x213/0x290
[ 1166.191819][T31675]  ? proc_fail_nth_read+0x220/0x220
[ 1166.196855][T31675]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1166.201803][T31675]  ? vfs_write+0x9af/0x1050
[ 1166.206142][T31675]  ? vmacache_update+0xb7/0x120
[ 1166.210833][T31675]  kernel_clone+0x22d/0x990
[ 1166.215165][T31675]  ? file_end_write+0x1b0/0x1b0
[ 1166.219853][T31675]  ? __kasan_check_write+0x14/0x20
[ 1166.224802][T31675]  ? create_io_thread+0x1e0/0x1e0
[ 1166.229659][T31675]  ? __mutex_lock_slowpath+0x10/0x10
[ 1166.234890][T31675]  __x64_sys_clone+0x289/0x310
[ 1166.239490][T31675]  ? __do_sys_vfork+0x130/0x130
[ 1166.244192][T31675]  ? debug_smp_processor_id+0x17/0x20
[ 1166.249654][T31675]  do_syscall_64+0x44/0xd0
[ 1166.253897][T31675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.259627][T31675] RIP: 0033:0x7f263a8c35a9
[ 1166.263881][T31675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1166.283336][T31675] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1166.291575][T31675] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1166.299376][T31675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1166.307300][T31675] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1166.315112][T31675] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1166.322923][T31675] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1166.330745][T31675]  </TASK>
[ 1166.333597][T31675] 
[ 1166.335767][T31675] Allocated by task 31646:
[ 1166.340459][T31675]  __kasan_slab_alloc+0xb2/0xe0
[ 1166.345402][T31675]  kmem_cache_alloc+0x189/0x2f0
[ 1166.350089][T31675]  vm_area_dup+0x26/0x1d0
[ 1166.354354][T31675]  dup_mmap+0x6b8/0xea0
[ 1166.358354][T31675]  dup_mm+0x91/0x330
[ 1166.362100][T31675]  copy_mm+0x108/0x1b0
[ 1166.365970][T31675]  copy_process+0x1295/0x3250
[ 1166.370484][T31675]  kernel_clone+0x22d/0x990
[ 1166.374841][T31675]  __x64_sys_clone+0x289/0x310
[ 1166.379423][T31675]  do_syscall_64+0x44/0xd0
[ 1166.383681][T31675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.389427][T31675] 
[ 1166.391575][T31675] Freed by task 31654:
[ 1166.395482][T31675]  kasan_set_track+0x4c/0x70
[ 1166.399937][T31675]  kasan_set_free_info+0x23/0x40
[ 1166.404685][T31675]  ____kasan_slab_free+0x126/0x160
[ 1166.409636][T31675]  __kasan_slab_free+0x11/0x20
[ 1166.414227][T31675]  slab_free_freelist_hook+0xc9/0x1a0
[ 1166.419440][T31675]  kmem_cache_free+0x11a/0x2e0
[ 1166.424036][T31675]  vm_area_free+0x1ae/0x230
[ 1166.428395][T31675]  exit_mmap+0x5dd/0x7a0
[ 1166.432454][T31675]  __mmput+0x95/0x300
[ 1166.436271][T31675]  mmput+0x50/0x60
[ 1166.439830][T31675]  exit_mm+0x50d/0x760
[ 1166.443740][T31675]  do_exit+0x63c/0x24d0
[ 1166.447729][T31675]  do_group_exit+0x13a/0x300
[ 1166.452155][T31675]  get_signal+0x77e/0x1600
[ 1166.456406][T31675]  arch_do_signal_or_restart+0x9f/0x670
[ 1166.461789][T31675]  exit_to_user_mode_loop+0xd4/0x110
[ 1166.466912][T31675]  exit_to_user_mode_prepare+0x3b/0x40
[ 1166.472204][T31675]  irqentry_exit_to_user_mode+0x9/0x20
[ 1166.477498][T31675]  irqentry_exit+0x12/0x40
[ 1166.481752][T31675]  exc_page_fault+0x75/0x1a0
[ 1166.486177][T31675]  asm_exc_page_fault+0x27/0x30
[ 1166.490872][T31675] 
[ 1166.493126][T31675] The buggy address belongs to the object at ffff88811e491000
[ 1166.493126][T31675]  which belongs to the cache vm_area_struct of size 232
[ 1166.507265][T31675] The buggy address is located 88 bytes inside of
[ 1166.507265][T31675]  232-byte region [ffff88811e491000, ffff88811e4910e8)
[ 1166.520288][T31675] The buggy address belongs to the page:
[ 1166.525756][T31675] page:ffffea0004792440 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e491
[ 1166.535820][T31675] flags: 0x4000000000000200(slab|zone=1)
[ 1166.541295][T31675] raw: 4000000000000200 ffffea00042ae480 0000000700000007 ffff888100275380
[ 1166.549713][T31675] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[ 1166.558128][T31675] page dumped because: kasan: bad access detected
[ 1166.564377][T31675] page_owner tracks the page as allocated
[ 1166.569947][T31675] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 16571, ts 921369570393, free_ts 921369188251
[ 1166.586077][T31675]  post_alloc_hook+0x1ab/0x1b0
[ 1166.590677][T31675]  get_page_from_freelist+0x38b/0x400
[ 1166.595883][T31675]  __alloc_pages+0x3a8/0x7c0
[ 1166.600306][T31675]  allocate_slab+0x62/0x580
[ 1166.604647][T31675]  ___slab_alloc+0x2e2/0x6f0
[ 1166.609074][T31675]  __slab_alloc+0x4a/0x90
[ 1166.613246][T31675]  kmem_cache_alloc+0x205/0x2f0
[ 1166.617925][T31675]  vm_area_dup+0x26/0x1d0
[ 1166.622095][T31675]  dup_mmap+0x6b8/0xea0
[ 1166.626094][T31675]  dup_mm+0x91/0x330
[ 1166.629815][T31675]  copy_mm+0x108/0x1b0
[ 1166.633722][T31675]  copy_process+0x1295/0x3250
[ 1166.638235][T31675]  kernel_clone+0x22d/0x990
[ 1166.642573][T31675]  __x64_sys_clone+0x289/0x310
[ 1166.647175][T31675]  do_syscall_64+0x44/0xd0
[ 1166.651431][T31675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.657156][T31675] page last free stack trace:
[ 1166.661671][T31675]  free_pcp_prepare+0x448/0x450
[ 1166.666354][T31675]  free_unref_page_list+0x16a/0xad0
[ 1166.671394][T31675]  release_pages+0xf3e/0xf90
[ 1166.675814][T31675]  free_pages_and_swap_cache+0x97/0xb0
[ 1166.681109][T31675]  tlb_flush_mmu+0x860/0xa00
[ 1166.685538][T31675]  tlb_finish_mmu+0xd2/0x1f0
[ 1166.689970][T31675]  exit_mmap+0x46e/0x7a0
[ 1166.694044][T31675]  __mmput+0x95/0x300
[ 1166.697860][T31675]  mmput+0x50/0x60
[ 1166.701430][T31675]  copy_process+0x275b/0x3250
[ 1166.706108][T31675]  kernel_clone+0x22d/0x990
[ 1166.710452][T31675]  __x64_sys_clone+0x289/0x310
[ 1166.715046][T31675]  do_syscall_64+0x44/0xd0
[ 1166.719298][T31675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.725030][T31675] 
[ 1166.727198][T31675] Memory state around the buggy address:
[ 1166.732668][T31675]  ffff88811e490f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1166.740567][T31675]  ffff88811e490f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
06:34:03 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84)

06:34:03 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:03 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 6)

06:34:03 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="baba908147c785f1ff1760ef20363451", 0x10)

06:34:03 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x0, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:03 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x8, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1166.748463][T31675] >ffff88811e491000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1166.756358][T31675]                                                     ^
[ 1166.763151][T31675]  ffff88811e491080: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[ 1166.771031][T31675]  ffff88811e491100: fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb
[ 1166.778924][T31675] ==================================================================
[ 1166.786826][T31675] Disabling lock debugging due to kernel taint
06:34:03 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:03 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="baba908147c785f1ff1760ef20363451", 0x10)

06:34:04 executing program 3:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1166.814981][T31698] FAULT_INJECTION: forcing a failure.
[ 1166.814981][T31698] name failslab, interval 1, probability 0, space 0, times 0
[ 1166.829594][T31698] CPU: 1 PID: 31698 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1166.841055][T31698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1166.851056][T31698] Call Trace:
[ 1166.854164][T31698]  <TASK>
[ 1166.856942][T31698]  dump_stack_lvl+0x151/0x1b7
06:34:04 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xee4}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x6}, 0x8)

06:34:04 executing program 3:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:04 executing program 3:
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1166.861460][T31698]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1166.866754][T31698]  dump_stack+0x15/0x17
[ 1166.870746][T31698]  should_fail+0x3c0/0x510
[ 1166.874995][T31698]  __should_failslab+0x9f/0xe0
[ 1166.879596][T31698]  should_failslab+0x9/0x20
[ 1166.883931][T31698]  kmem_cache_alloc+0x4f/0x2f0
[ 1166.888538][T31698]  ? anon_vma_fork+0x1b9/0x4f0
[ 1166.893140][T31698]  anon_vma_fork+0x1b9/0x4f0
[ 1166.897564][T31698]  dup_mmap+0x750/0xea0
[ 1166.901554][T31698]  ? __delayed_free_task+0x20/0x20
[ 1166.906505][T31698]  ? mm_init+0x807/0x960
[ 1166.910574][T31698]  dup_mm+0x91/0x330
[ 1166.914310][T31698]  copy_mm+0x108/0x1b0
[ 1166.918217][T31698]  copy_process+0x1295/0x3250
[ 1166.922734][T31698]  ? proc_fail_nth_write+0x213/0x290
[ 1166.927864][T31698]  ? proc_fail_nth_read+0x220/0x220
[ 1166.932882][T31698]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1166.937828][T31698]  ? vfs_write+0x9af/0x1050
[ 1166.942359][T31698]  ? vmacache_update+0xb7/0x120
[ 1166.947032][T31698]  kernel_clone+0x22d/0x990
[ 1166.951386][T31698]  ? file_end_write+0x1b0/0x1b0
[ 1166.956174][T31698]  ? __kasan_check_write+0x14/0x20
[ 1166.961120][T31698]  ? create_io_thread+0x1e0/0x1e0
[ 1166.966154][T31698]  ? __mutex_lock_slowpath+0x10/0x10
[ 1166.971281][T31698]  __x64_sys_clone+0x289/0x310
[ 1166.975877][T31698]  ? __do_sys_vfork+0x130/0x130
[ 1166.980563][T31698]  ? debug_smp_processor_id+0x17/0x20
[ 1166.985771][T31698]  do_syscall_64+0x44/0xd0
[ 1166.990027][T31698]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1166.995748][T31698] RIP: 0033:0x7f263a8c35a9
[ 1167.000003][T31698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1167.019444][T31698] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1167.027706][T31698] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1167.035501][T31698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1167.043403][T31698] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.051222][T31698] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:34:04 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85)

06:34:04 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x9, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1167.059025][T31698] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1167.066836][T31698]  </TASK>
[ 1167.080278][T31700] FAULT_INJECTION: forcing a failure.
[ 1167.080278][T31700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1167.106561][T31700] CPU: 1 PID: 31700 Comm: syz-executor.4 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1167.118041][T31700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1167.122231][T31723] FAULT_INJECTION: forcing a failure.
[ 1167.122231][T31723] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.127928][T31700] Call Trace:
[ 1167.127949][T31700]  <TASK>
[ 1167.127956][T31700]  dump_stack_lvl+0x151/0x1b7
[ 1167.150752][T31700]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1167.156046][T31700]  ? set_fd_set+0x6d/0x80
[ 1167.160379][T31700]  dump_stack+0x15/0x17
[ 1167.164383][T31700]  should_fail+0x3c0/0x510
[ 1167.168635][T31700]  should_fail_usercopy+0x1a/0x20
[ 1167.173495][T31700]  _copy_to_user+0x20/0x90
[ 1167.177748][T31700]  put_timespec64+0xf6/0x150
[ 1167.182173][T31700]  ? get_timespec64+0x260/0x260
[ 1167.186861][T31700]  poll_select_finish+0x55a/0x7a0
[ 1167.191721][T31700]  ? pollwake+0x260/0x260
[ 1167.195897][T31700]  ? sigprocmask+0x280/0x280
[ 1167.200313][T31700]  ? mutex_unlock+0xa2/0x110
[ 1167.204738][T31700]  ? __mutex_lock_slowpath+0x10/0x10
[ 1167.209859][T31700]  __do_sys_pselect6+0x274/0x3e0
[ 1167.214637][T31700]  ? poll_select_finish+0x7a0/0x7a0
[ 1167.219669][T31700]  ? __ia32_sys_read+0x90/0x90
[ 1167.224268][T31700]  __x64_sys_pselect6+0xe5/0x100
[ 1167.229043][T31700]  do_syscall_64+0x44/0xd0
[ 1167.233293][T31700]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1167.239038][T31700] RIP: 0033:0x7f8cbabee5a9
[ 1167.243303][T31700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1167.262811][T31700] RSP: 002b:00007f8cb9962168 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1167.271138][T31700] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbabee5a9
[ 1167.278945][T31700] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1167.286756][T31700] RBP: 00007f8cb99621d0 R08: 0000000020000280 R09: 0000000000000000
[ 1167.294566][T31700] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1167.302383][T31700] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1167.310201][T31700]  </TASK>
[ 1167.313057][T31723] CPU: 0 PID: 31723 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1167.324513][T31723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1167.334567][T31723] Call Trace:
[ 1167.337686][T31723]  <TASK>
[ 1167.340462][T31723]  dump_stack_lvl+0x151/0x1b7
[ 1167.344992][T31723]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1167.350279][T31723]  dump_stack+0x15/0x17
[ 1167.356108][T31723]  should_fail+0x3c0/0x510
[ 1167.360338][T31723]  __should_failslab+0x9f/0xe0
[ 1167.364936][T31723]  should_failslab+0x9/0x20
[ 1167.369400][T31723]  kmem_cache_alloc+0x4f/0x2f0
[ 1167.373990][T31723]  ? vm_area_dup+0x26/0x1d0
[ 1167.378444][T31723]  ? __kasan_check_read+0x11/0x20
[ 1167.383301][T31723]  vm_area_dup+0x26/0x1d0
[ 1167.387494][T31723]  dup_mmap+0x6b8/0xea0
[ 1167.391458][T31723]  ? __delayed_free_task+0x20/0x20
[ 1167.396404][T31723]  ? mm_init+0x807/0x960
[ 1167.400483][T31723]  dup_mm+0x91/0x330
[ 1167.404212][T31723]  copy_mm+0x108/0x1b0
[ 1167.408115][T31723]  copy_process+0x1295/0x3250
[ 1167.412629][T31723]  ? proc_fail_nth_write+0x213/0x290
[ 1167.417750][T31723]  ? proc_fail_nth_read+0x220/0x220
[ 1167.422783][T31723]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1167.427732][T31723]  ? vfs_write+0x9af/0x1050
[ 1167.432068][T31723]  ? vmacache_update+0xb7/0x120
[ 1167.436758][T31723]  kernel_clone+0x22d/0x990
[ 1167.441095][T31723]  ? file_end_write+0x1b0/0x1b0
[ 1167.446041][T31723]  ? __kasan_check_write+0x14/0x20
[ 1167.450990][T31723]  ? create_io_thread+0x1e0/0x1e0
[ 1167.456021][T31723]  ? __mutex_lock_slowpath+0x10/0x10
[ 1167.461234][T31723]  __x64_sys_clone+0x289/0x310
[ 1167.465839][T31723]  ? __do_sys_vfork+0x130/0x130
[ 1167.470517][T31723]  ? debug_smp_processor_id+0x17/0x20
[ 1167.475725][T31723]  do_syscall_64+0x44/0xd0
[ 1167.479977][T31723]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1167.485707][T31723] RIP: 0033:0x7f263a8c35a9
[ 1167.489967][T31723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1167.509575][T31723] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:34:04 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0) (fail_nth: 7)

06:34:04 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xee4}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x6}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xee4}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x6}, 0x8) (async)

[ 1167.517822][T31723] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1167.525631][T31723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1167.533533][T31723] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.541337][T31723] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1167.549158][T31723] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1167.557233][T31723]  </TASK>
[ 1167.583314][T31728] FAULT_INJECTION: forcing a failure.
[ 1167.583314][T31728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1167.596297][T31728] CPU: 1 PID: 31728 Comm: syz-executor.4 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1167.607759][T31728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1167.617643][T31728] Call Trace:
[ 1167.620768][T31728]  <TASK>
[ 1167.623544][T31728]  dump_stack_lvl+0x151/0x1b7
[ 1167.628060][T31728]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1167.633356][T31728]  dump_stack+0x15/0x17
[ 1167.637355][T31728]  should_fail+0x3c0/0x510
[ 1167.641598][T31728]  should_fail_usercopy+0x1a/0x20
[ 1167.646458][T31728]  _copy_to_user+0x20/0x90
[ 1167.650712][T31728]  simple_read_from_buffer+0xdd/0x160
[ 1167.656052][T31728]  proc_fail_nth_read+0x1af/0x220
[ 1167.660909][T31728]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1167.666373][T31728]  ? security_file_permission+0x497/0x5f0
[ 1167.671941][T31728]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1167.677404][T31728]  vfs_read+0x299/0xd80
[ 1167.681391][T31728]  ? kernel_read+0x1f0/0x1f0
[ 1167.685819][T31728]  ? __kasan_check_write+0x14/0x20
[ 1167.690935][T31728]  ? mutex_lock+0xb6/0x130
[ 1167.695188][T31728]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1167.701610][T31728]  ? __fdget_pos+0x26d/0x310
[ 1167.706037][T31728]  ? ksys_read+0x77/0x2c0
[ 1167.710200][T31728]  ksys_read+0x198/0x2c0
[ 1167.714281][T31728]  ? __kasan_check_write+0x14/0x20
[ 1167.719231][T31728]  ? vfs_write+0x1050/0x1050
[ 1167.723656][T31728]  __x64_sys_read+0x7b/0x90
[ 1167.727997][T31728]  do_syscall_64+0x44/0xd0
[ 1167.732247][T31728]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1167.737975][T31728] RIP: 0033:0x7f8cbaba02ec
[ 1167.742255][T31728] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1167.761788][T31728] RSP: 002b:00007f8cb9962160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1167.770032][T31728] RAX: ffffffffffffffda RBX: 00007f8cbad0ef80 RCX: 00007f8cbaba02ec
06:34:04 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x0, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:04 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:04 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xa, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:04 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86)

06:34:04 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xee4}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x6}, 0x8)

06:34:04 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

[ 1167.777937][T31728] RDX: 000000000000000f RSI: 00007f8cb99621e0 RDI: 0000000000000005
[ 1167.785745][T31728] RBP: 00007f8cb99621d0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.793560][T31728] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[ 1167.801368][T31728] R13: 00007ffe6c6cab6f R14: 00007f8cb9962300 R15: 0000000000022000
[ 1167.809176][T31728]  </TASK>
06:34:05 executing program 2:
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xf099}]}, 0x20}}, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000004}, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 2:
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xf099}]}, 0x20}}, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000004}, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xf099}]}, 0x20}}, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff) (async)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000004}, 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)

[ 1167.831258][T31734] FAULT_INJECTION: forcing a failure.
[ 1167.831258][T31734] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.848129][T31734] CPU: 0 PID: 31734 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1167.859587][T31734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1167.869482][T31734] Call Trace:
[ 1167.872605][T31734]  <TASK>
[ 1167.875384][T31734]  dump_stack_lvl+0x151/0x1b7
06:34:05 executing program 2:
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xf099}]}, 0x20}}, 0x10) (async)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000004}, 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1167.879906][T31734]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1167.885194][T31734]  ? do_syscall_64+0x44/0xd0
[ 1167.889644][T31734]  dump_stack+0x15/0x17
[ 1167.893614][T31734]  should_fail+0x3c0/0x510
[ 1167.897866][T31734]  __should_failslab+0x9f/0xe0
[ 1167.902465][T31734]  should_failslab+0x9/0x20
[ 1167.906894][T31734]  kmem_cache_alloc+0x4f/0x2f0
[ 1167.911492][T31734]  ? anon_vma_clone+0xa1/0x4f0
[ 1167.916090][T31734]  anon_vma_clone+0xa1/0x4f0
[ 1167.920540][T31734]  anon_vma_fork+0x91/0x4f0
[ 1167.924856][T31734]  ? anon_vma_name+0x4c/0x70
[ 1167.929288][T31734]  dup_mmap+0x750/0xea0
06:34:05 executing program 2:
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0xff, 0x1f, 0x11, 0x22, @private1, @remote, 0x7, 0x8000, 0x7, 0x8000}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0xffffffffffffff4a)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'ip6gre0\x00', 0x0, 0x29, 0x6, 0xd3, 0x8, 0x8, @mcast2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x7800, 0xf811, 0x3, 0x1}})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/77, 0x4d, 0x0, &(0x7f0000000240)=""/11, 0xb}, &(0x7f00000002c0)=0x40)

06:34:05 executing program 2:
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0xff, 0x1f, 0x11, 0x22, @private1, @remote, 0x7, 0x8000, 0x7, 0x8000}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0xffffffffffffff4a)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'ip6gre0\x00', 0x0, 0x29, 0x6, 0xd3, 0x8, 0x8, @mcast2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x7800, 0xf811, 0x3, 0x1}})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/77, 0x4d, 0x0, &(0x7f0000000240)=""/11, 0xb}, &(0x7f00000002c0)=0x40)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0xff, 0x1f, 0x11, 0x22, @private1, @remote, 0x7, 0x8000, 0x7, 0x8000}}) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0xffffffffffffff4a) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'ip6gre0\x00', 0x0, 0x29, 0x6, 0xd3, 0x8, 0x8, @mcast2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x7800, 0xf811, 0x3, 0x1}}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff) (async)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/77, 0x4d, 0x0, &(0x7f0000000240)=""/11, 0xb}, &(0x7f00000002c0)=0x40) (async)

[ 1167.933272][T31734]  ? __delayed_free_task+0x20/0x20
[ 1167.938223][T31734]  ? mm_init+0x807/0x960
[ 1167.942302][T31734]  dup_mm+0x91/0x330
[ 1167.946028][T31734]  copy_mm+0x108/0x1b0
[ 1167.949934][T31734]  copy_process+0x1295/0x3250
[ 1167.954450][T31734]  ? proc_fail_nth_write+0x213/0x290
[ 1167.959577][T31734]  ? proc_fail_nth_read+0x220/0x220
[ 1167.964609][T31734]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1167.969552][T31734]  ? vfs_write+0x9af/0x1050
[ 1167.973900][T31734]  ? vmacache_update+0xb7/0x120
[ 1167.978576][T31734]  kernel_clone+0x22d/0x990
[ 1167.982915][T31734]  ? file_end_write+0x1b0/0x1b0
[ 1167.987612][T31734]  ? __kasan_check_write+0x14/0x20
[ 1167.992553][T31734]  ? create_io_thread+0x1e0/0x1e0
[ 1167.997416][T31734]  ? __mutex_lock_slowpath+0x10/0x10
[ 1168.002534][T31734]  __x64_sys_clone+0x289/0x310
[ 1168.007135][T31734]  ? __do_sys_vfork+0x130/0x130
[ 1168.011817][T31734]  ? debug_smp_processor_id+0x17/0x20
[ 1168.017032][T31734]  do_syscall_64+0x44/0xd0
[ 1168.021283][T31734]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1168.027010][T31734] RIP: 0033:0x7f263a8c35a9
[ 1168.031262][T31734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1168.050798][T31734] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1168.059030][T31734] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1168.066838][T31734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1168.074828][T31734] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:34:05 executing program 2:
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0xff, 0x1f, 0x11, 0x22, @private1, @remote, 0x7, 0x8000, 0x7, 0x8000}}) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xfffff000}, 0xffffffffffffff4a) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'ip6gre0\x00', 0x0, 0x29, 0x6, 0xd3, 0x8, 0x8, @mcast2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x7800, 0xf811, 0x3, 0x1}}) (rerun: 32)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/77, 0x4d, 0x0, &(0x7f0000000240)=""/11, 0xb}, &(0x7f00000002c0)=0x40)

06:34:05 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x0, 0x4, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:05 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xb, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87)

06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x3}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:05 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)

[ 1168.082723][T31734] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1168.091319][T31734] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1168.099133][T31734]  </TASK>
06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xc, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x5}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1168.133105][T31786] FAULT_INJECTION: forcing a failure.
[ 1168.133105][T31786] name failslab, interval 1, probability 0, space 0, times 0
[ 1168.149248][T31786] CPU: 0 PID: 31786 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1168.160716][T31786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1168.170700][T31786] Call Trace:
[ 1168.173823][T31786]  <TASK>
[ 1168.176685][T31786]  dump_stack_lvl+0x151/0x1b7
[ 1168.181287][T31786]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1168.186586][T31786]  dump_stack+0x15/0x17
[ 1168.190658][T31786]  should_fail+0x3c0/0x510
[ 1168.194912][T31786]  __should_failslab+0x9f/0xe0
[ 1168.199516][T31786]  should_failslab+0x9/0x20
[ 1168.203853][T31786]  kmem_cache_alloc+0x4f/0x2f0
[ 1168.208453][T31786]  ? anon_vma_clone+0xa1/0x4f0
[ 1168.213047][T31786]  anon_vma_clone+0xa1/0x4f0
[ 1168.217480][T31786]  anon_vma_fork+0x91/0x4f0
[ 1168.223899][T31786]  ? anon_vma_name+0x4c/0x70
[ 1168.228424][T31786]  dup_mmap+0x750/0xea0
[ 1168.232409][T31786]  ? __delayed_free_task+0x20/0x20
[ 1168.237354][T31786]  ? mm_init+0x807/0x960
[ 1168.241436][T31786]  dup_mm+0x91/0x330
[ 1168.245177][T31786]  copy_mm+0x108/0x1b0
[ 1168.249072][T31786]  copy_process+0x1295/0x3250
[ 1168.253588][T31786]  ? proc_fail_nth_write+0x213/0x290
[ 1168.258717][T31786]  ? proc_fail_nth_read+0x220/0x220
[ 1168.263763][T31786]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1168.268774][T31786]  ? vfs_write+0x9af/0x1050
[ 1168.273120][T31786]  ? vmacache_update+0xb7/0x120
[ 1168.277820][T31786]  kernel_clone+0x22d/0x990
[ 1168.282146][T31786]  ? file_end_write+0x1b0/0x1b0
[ 1168.286829][T31786]  ? __kasan_check_write+0x14/0x20
[ 1168.291781][T31786]  ? create_io_thread+0x1e0/0x1e0
[ 1168.296633][T31786]  ? __mutex_lock_slowpath+0x10/0x10
[ 1168.301879][T31786]  __x64_sys_clone+0x289/0x310
[ 1168.306475][T31786]  ? __do_sys_vfork+0x130/0x130
[ 1168.311150][T31786]  ? debug_smp_processor_id+0x17/0x20
[ 1168.316362][T31786]  do_syscall_64+0x44/0xd0
[ 1168.320619][T31786]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1168.326341][T31786] RIP: 0033:0x7f263a8c35a9
[ 1168.330713][T31786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1168.350238][T31786] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1168.358486][T31786] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1168.366292][T31786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1168.374116][T31786] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
06:34:05 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x0, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xd, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88)

06:34:05 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

06:34:05 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xe, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:05 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x8001}, 0x8)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0xf, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1168.381915][T31786] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1168.389811][T31786] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1168.397716][T31786]  </TASK>
06:34:05 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x8}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:05 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x10, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1168.475469][T31817] FAULT_INJECTION: forcing a failure.
[ 1168.475469][T31817] name failslab, interval 1, probability 0, space 0, times 0
[ 1168.490090][T31817] CPU: 0 PID: 31817 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1168.501554][T31817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1168.511443][T31817] Call Trace:
[ 1168.514567][T31817]  <TASK>
[ 1168.517444][T31817]  dump_stack_lvl+0x151/0x1b7
[ 1168.521962][T31817]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1168.527255][T31817]  dump_stack+0x15/0x17
[ 1168.531249][T31817]  should_fail+0x3c0/0x510
[ 1168.535497][T31817]  __should_failslab+0x9f/0xe0
[ 1168.540096][T31817]  should_failslab+0x9/0x20
[ 1168.544440][T31817]  kmem_cache_alloc+0x4f/0x2f0
[ 1168.549033][T31817]  ? anon_vma_clone+0xa1/0x4f0
[ 1168.553635][T31817]  anon_vma_clone+0xa1/0x4f0
[ 1168.558065][T31817]  anon_vma_fork+0x91/0x4f0
[ 1168.562408][T31817]  ? anon_vma_name+0x4c/0x70
[ 1168.566832][T31817]  dup_mmap+0x750/0xea0
[ 1168.570911][T31817]  ? __delayed_free_task+0x20/0x20
[ 1168.575852][T31817]  ? mm_init+0x807/0x960
[ 1168.579949][T31817]  dup_mm+0x91/0x330
[ 1168.584100][T31817]  copy_mm+0x108/0x1b0
[ 1168.588004][T31817]  copy_process+0x1295/0x3250
[ 1168.592519][T31817]  ? proc_fail_nth_write+0x213/0x290
[ 1168.597647][T31817]  ? proc_fail_nth_read+0x220/0x220
[ 1168.602760][T31817]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1168.607709][T31817]  ? vfs_write+0x9af/0x1050
[ 1168.612045][T31817]  ? vmacache_update+0xb7/0x120
[ 1168.616829][T31817]  kernel_clone+0x22d/0x990
[ 1168.621236][T31817]  ? file_end_write+0x1b0/0x1b0
[ 1168.625857][T31817]  ? __kasan_check_write+0x14/0x20
[ 1168.630899][T31817]  ? create_io_thread+0x1e0/0x1e0
[ 1168.635751][T31817]  ? __mutex_lock_slowpath+0x10/0x10
[ 1168.640872][T31817]  __x64_sys_clone+0x289/0x310
[ 1168.645470][T31817]  ? __do_sys_vfork+0x130/0x130
[ 1168.650173][T31817]  ? debug_smp_processor_id+0x17/0x20
[ 1168.655370][T31817]  do_syscall_64+0x44/0xd0
[ 1168.659615][T31817]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1168.665346][T31817] RIP: 0033:0x7f263a8c35a9
[ 1168.669604][T31817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1168.689128][T31817] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1168.697370][T31817] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1168.705187][T31817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1168.713090][T31817] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1168.720901][T31817] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1168.728726][T31817] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1168.736701][T31817]  </TASK>
06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x11, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x0, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x9}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:06 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x8001}, 0x8)

06:34:06 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89)

06:34:06 executing program 2:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x8001}, 0x8)

06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x12, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={<r4=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r4, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r1, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x64}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

[ 1169.027066][T31833] FAULT_INJECTION: forcing a failure.
[ 1169.027066][T31833] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.044409][T31833] CPU: 1 PID: 31833 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1169.055881][T31833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1169.065775][T31833] Call Trace:
[ 1169.068898][T31833]  <TASK>
[ 1169.071677][T31833]  dump_stack_lvl+0x151/0x1b7
06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x13, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x4, 0x4000010, r1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)=0xfffffffffffffea2)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x3f0, 0x1f8, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000040), {[{{@arp={@empty, @remote, 0xffffffff, 0xff, 0x8, 0x1, {@mac=@broadcast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@broadcast, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, 0xd0e, 0x8000, 0x3, 0x8, 0x401, 0x4, 'dummy0\x00', 'veth1_to_team\x00', {0xff}, {}, 0x0, 0x202}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @broadcast, @loopback, 0x4, 0x1}}}, {{@arp={@loopback, @remote, 0x0, 0xff000000, 0xe, 0x7, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff]}}, 0xfff, 0x20, 0xe2d2, 0x9, 0x9, 0x1, 'bond0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010101, @broadcast, 0x2, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000000)=0x81, 0x4)

06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x14, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1169.076191][T31833]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1169.081488][T31833]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 1169.087743][T31833]  dump_stack+0x15/0x17
[ 1169.091728][T31833]  should_fail+0x3c0/0x510
[ 1169.095981][T31833]  __should_failslab+0x9f/0xe0
[ 1169.100663][T31833]  should_failslab+0x9/0x20
[ 1169.105008][T31833]  kmem_cache_alloc+0x4f/0x2f0
[ 1169.109641][T31833]  ? anon_vma_fork+0xf7/0x4f0
[ 1169.114122][T31833]  anon_vma_fork+0xf7/0x4f0
[ 1169.118637][T31833]  ? anon_vma_name+0x4c/0x70
[ 1169.123066][T31833]  dup_mmap+0x750/0xea0
06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x15, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1169.127064][T31833]  ? __delayed_free_task+0x20/0x20
[ 1169.132008][T31833]  ? mm_init+0x807/0x960
[ 1169.136092][T31833]  dup_mm+0x91/0x330
[ 1169.139810][T31833]  copy_mm+0x108/0x1b0
[ 1169.143714][T31833]  copy_process+0x1295/0x3250
[ 1169.148227][T31833]  ? proc_fail_nth_write+0x213/0x290
[ 1169.153517][T31833]  ? proc_fail_nth_read+0x220/0x220
[ 1169.156898][T31853] x_tables: duplicate underflow at hook 1
[ 1169.158551][T31833]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1169.158578][T31833]  ? vfs_write+0x9af/0x1050
[ 1169.173493][T31833]  ? vmacache_update+0xb7/0x120
[ 1169.178188][T31833]  kernel_clone+0x22d/0x990
[ 1169.182590][T31833]  ? file_end_write+0x1b0/0x1b0
[ 1169.187481][T31833]  ? __kasan_check_write+0x14/0x20
[ 1169.192594][T31833]  ? create_io_thread+0x1e0/0x1e0
[ 1169.197453][T31833]  ? __mutex_lock_slowpath+0x10/0x10
[ 1169.202570][T31833]  __x64_sys_clone+0x289/0x310
[ 1169.207171][T31833]  ? __do_sys_vfork+0x130/0x130
[ 1169.211858][T31833]  ? debug_smp_processor_id+0x17/0x20
[ 1169.217066][T31833]  do_syscall_64+0x44/0xd0
[ 1169.221319][T31833]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
06:34:06 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x0, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x300}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x16, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1169.227052][T31833] RIP: 0033:0x7f263a8c35a9
[ 1169.231299][T31833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1169.250833][T31833] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1169.259077][T31833] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1169.266891][T31833] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
06:34:06 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x0, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x4, 0x4000010, r1, 0x0) (async, rerun: 64)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)=0xfffffffffffffea2) (async, rerun: 64)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x3f0, 0x1f8, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000040), {[{{@arp={@empty, @remote, 0xffffffff, 0xff, 0x8, 0x1, {@mac=@broadcast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@broadcast, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, 0xd0e, 0x8000, 0x3, 0x8, 0x401, 0x4, 'dummy0\x00', 'veth1_to_team\x00', {0xff}, {}, 0x0, 0x202}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @broadcast, @loopback, 0x4, 0x1}}}, {{@arp={@loopback, @remote, 0x0, 0xff000000, 0xe, 0x7, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff]}}, 0xfff, 0x20, 0xe2d2, 0x9, 0x9, 0x1, 'bond0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010101, @broadcast, 0x2, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000000)=0x81, 0x4)

06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x48f}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

[ 1169.274712][T31833] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1169.282508][T31833] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1169.290319][T31833] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1169.298136][T31833]  </TASK>
06:34:06 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x4, 0x4000010, r1, 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x14, 0x0, &(0x7f00000014c0)=0xfffffffffffffea2)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x3f0, 0x1f8, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000040), {[{{@arp={@empty, @remote, 0xffffffff, 0xff, 0x8, 0x1, {@mac=@broadcast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@broadcast, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, 0xd0e, 0x8000, 0x3, 0x8, 0x401, 0x4, 'dummy0\x00', 'veth1_to_team\x00', {0xff}, {}, 0x0, 0x202}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @broadcast, @loopback, 0x4, 0x1}}}, {{@arp={@loopback, @remote, 0x0, 0xff000000, 0xe, 0x7, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff]}}, 0xfff, 0x20, 0xe2d2, 0x9, 0x9, 0x1, 'bond0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010101, @broadcast, 0x2, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x14}, 0x14}}, 0x0) (async)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000000)=0x81, 0x4)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x0, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x500}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x0, 0x2, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

[ 1169.322960][T31875] FAULT_INJECTION: forcing a failure.
[ 1169.322960][T31875] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.341223][T31883] x_tables: duplicate underflow at hook 1
[ 1169.345951][T31875] CPU: 1 PID: 31875 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1169.358246][T31875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1169.368301][T31875] Call Trace:
[ 1169.371424][T31875]  <TASK>
[ 1169.374205][T31875]  dump_stack_lvl+0x151/0x1b7
[ 1169.378716][T31875]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1169.384009][T31875]  ? kernel_clone+0x22d/0x990
[ 1169.388526][T31875]  ? __kasan_check_write+0x14/0x20
[ 1169.393467][T31875]  ? _raw_spin_lock_irq+0xa4/0x1b0
[ 1169.398499][T31875]  ? _raw_spin_lock_irqsave+0x210/0x210
[ 1169.403884][T31875]  dump_stack+0x15/0x17
[ 1169.407874][T31875]  should_fail+0x3c0/0x510
[ 1169.412123][T31875]  ? alloc_mnt_ns+0xb5/0x420
[ 1169.416663][T31875]  __should_failslab+0x9f/0xe0
[ 1169.421254][T31875]  should_failslab+0x9/0x20
[ 1169.425598][T31875]  kmem_cache_alloc_trace+0x4a/0x310
[ 1169.430723][T31875]  ? inc_ucount+0x1c4/0x2b0
[ 1169.435059][T31875]  alloc_mnt_ns+0xb5/0x420
[ 1169.439308][T31875]  copy_mnt_ns+0xd0/0x9d0
[ 1169.443475][T31875]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1169.448421][T31875]  ? create_new_namespaces+0x35/0x6e0
[ 1169.453630][T31875]  create_new_namespaces+0xc4/0x6e0
[ 1169.458669][T31875]  ? security_capable+0xb2/0xd0
[ 1169.463349][T31875]  copy_namespaces+0x1d1/0x220
[ 1169.467946][T31875]  ? copy_mm+0x119/0x1b0
[ 1169.472039][T31875]  copy_process+0x12dd/0x3250
[ 1169.476539][T31875]  ? proc_fail_nth_write+0x213/0x290
[ 1169.481664][T31875]  ? proc_fail_nth_read+0x220/0x220
[ 1169.486698][T31875]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1169.491641][T31875]  ? vfs_write+0x9af/0x1050
[ 1169.495986][T31875]  ? vmacache_update+0xb7/0x120
[ 1169.500931][T31875]  kernel_clone+0x22d/0x990
[ 1169.505268][T31875]  ? file_end_write+0x1b0/0x1b0
[ 1169.509955][T31875]  ? __kasan_check_write+0x14/0x20
[ 1169.514902][T31875]  ? create_io_thread+0x1e0/0x1e0
[ 1169.519763][T31875]  ? __mutex_lock_slowpath+0x10/0x10
[ 1169.524883][T31875]  __x64_sys_clone+0x289/0x310
[ 1169.529482][T31875]  ? __do_sys_vfork+0x130/0x130
[ 1169.534177][T31875]  ? debug_smp_processor_id+0x17/0x20
[ 1169.539376][T31875]  do_syscall_64+0x44/0xd0
[ 1169.543630][T31875]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1169.549356][T31875] RIP: 0033:0x7f263a8c35a9
[ 1169.553610][T31875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1169.573058][T31875] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1169.581297][T31875] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1169.589106][T31875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1169.596920][T31875] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1169.604729][T31875] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1169.612545][T31875] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1169.620356][T31875]  </TASK>
06:34:06 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:06 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x18, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x0, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x700}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:06 executing program 2:
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ftdi_sio', 0x20ad01, 0xa5)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=""/130, &(0x7f0000000180)=""/242, 0x2000})

06:34:06 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91)

06:34:06 executing program 2:
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ftdi_sio', 0x20ad01, 0xa5)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=""/130, &(0x7f0000000180)=""/242, 0x2000})

06:34:06 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x900}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:06 executing program 2:
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ftdi_sio', 0x20ad01, 0xa5)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=""/130, &(0x7f0000000180)=""/242, 0x2000})
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ftdi_sio', 0x20ad01, 0xa5) (async)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=""/130, &(0x7f0000000180)=""/242, 0x2000}) (async)

06:34:06 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x0, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:06 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @private, @broadcast}, &(0x7f0000000080)=0xc)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000000c0)={0x4, {{0x2, 0x4e24, @multicast1}}}, 0x88)

[ 1169.719993][T31895] FAULT_INJECTION: forcing a failure.
[ 1169.719993][T31895] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1169.738775][T31895] CPU: 0 PID: 31895 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1169.750249][T31895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1169.760140][T31895] Call Trace:
[ 1169.763268][T31895]  <TASK>
06:34:06 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @private, @broadcast}, &(0x7f0000000080)=0xc)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000000c0)={0x4, {{0x2, 0x4e24, @multicast1}}}, 0x88)

[ 1169.766050][T31895]  dump_stack_lvl+0x151/0x1b7
[ 1169.770558][T31895]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1169.775964][T31895]  dump_stack+0x15/0x17
[ 1169.779941][T31895]  should_fail+0x3c0/0x510
[ 1169.784183][T31895]  should_fail_alloc_page+0x58/0x70
[ 1169.789218][T31895]  __alloc_pages+0x1de/0x7c0
[ 1169.793726][T31895]  ? __count_vm_events+0x30/0x30
[ 1169.798501][T31895]  pte_alloc_one+0x73/0x1b0
[ 1169.802839][T31895]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 1169.807875][T31895]  __pte_alloc+0x86/0x350
[ 1169.812045][T31895]  ? free_pgtables+0x210/0x210
[ 1169.816639][T31895]  ? _raw_spin_lock+0xa3/0x1b0
[ 1169.821242][T31895]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 1169.826440][T31895]  ? unwind_get_return_address+0x4c/0x90
[ 1169.831909][T31895]  copy_pte_range+0x1b1f/0x20b0
[ 1169.836599][T31895]  ? stack_trace_save+0x12d/0x1f0
[ 1169.841459][T31895]  ? anon_vma_clone+0xa1/0x4f0
[ 1169.846055][T31895]  ? __kunmap_atomic+0x80/0x80
[ 1169.850654][T31895]  ? dup_mmap+0x750/0xea0
[ 1169.854822][T31895]  ? copy_mm+0x108/0x1b0
[ 1169.858900][T31895]  ? copy_process+0x1295/0x3250
[ 1169.863588][T31895]  ? kernel_clone+0x22d/0x990
[ 1169.868099][T31895]  ? __x64_sys_clone+0x289/0x310
[ 1169.872871][T31895]  ? do_syscall_64+0x44/0xd0
[ 1169.877299][T31895]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1169.883376][T31895]  copy_page_range+0xc1e/0x1090
[ 1169.888066][T31895]  ? pfn_valid+0x1e0/0x1e0
[ 1169.892406][T31895]  dup_mmap+0x99f/0xea0
[ 1169.896397][T31895]  ? __delayed_free_task+0x20/0x20
[ 1169.901340][T31895]  ? mm_init+0x807/0x960
[ 1169.905422][T31895]  dup_mm+0x91/0x330
[ 1169.909152][T31895]  copy_mm+0x108/0x1b0
[ 1169.913058][T31895]  copy_process+0x1295/0x3250
[ 1169.917585][T31895]  ? proc_fail_nth_write+0x213/0x290
[ 1169.922701][T31895]  ? proc_fail_nth_read+0x220/0x220
[ 1169.927815][T31895]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1169.932769][T31895]  ? vfs_write+0x9af/0x1050
[ 1169.937099][T31895]  ? vmacache_update+0xb7/0x120
[ 1169.941786][T31895]  kernel_clone+0x22d/0x990
[ 1169.946221][T31895]  ? file_end_write+0x1b0/0x1b0
[ 1169.950987][T31895]  ? __kasan_check_write+0x14/0x20
[ 1169.955951][T31895]  ? create_io_thread+0x1e0/0x1e0
[ 1169.960793][T31895]  ? __mutex_lock_slowpath+0x10/0x10
[ 1169.965913][T31895]  __x64_sys_clone+0x289/0x310
[ 1169.970517][T31895]  ? __do_sys_vfork+0x130/0x130
[ 1169.975200][T31895]  ? debug_smp_processor_id+0x17/0x20
[ 1169.980418][T31895]  do_syscall_64+0x44/0xd0
[ 1169.984662][T31895]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1169.990390][T31895] RIP: 0033:0x7f263a8c35a9
[ 1169.994738][T31895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1170.014176][T31895] RSP: 002b:00007f2639637118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1170.022424][T31895] RAX: ffffffffffffffda RBX: 00007f263a9e3f80 RCX: 00007f263a8c35a9
[ 1170.030322][T31895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000034ca2000
[ 1170.038132][T31895] RBP: 00007f26396371d0 R08: 0000000000000000 R09: 0000000000000000
[ 1170.045941][T31895] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1170.053755][T31895] R13: 00007ffe966fb36f R14: 00007f2639637300 R15: 0000000000022000
[ 1170.061790][T31895]  </TASK>
06:34:07 executing program 5:
clock_gettime(0x0, &(0x7f0000000100)={0x0, <r0=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000004c0)=0x1, 0x4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time_for_children\x00')
clock_gettime(0x5, &(0x7f0000000000))
pselect6(0x320, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, r0+10000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$inet_group_source_req(r1, 0x0, 0x2b, &(0x7f0000000240)={0x7, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e21, @private=0xa010102}}}, 0x108)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000500)={'vcan0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x4, 0x46, 0x4, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, @empty, 0x20, 0x1, 0x733, 0x2}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r4, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x12}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x24008000)
clock_gettime(0x7, &(0x7f0000000040))
prctl$PR_CAPBSET_READ(0x17, 0x0)

06:34:07 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2000}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:07 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x0, 0xb7, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:07 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @private, @broadcast}, &(0x7f0000000080)=0xc)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000000c0)={0x4, {{0x2, 0x4e24, @multicast1}}}, 0x88)
socket$inet_udp(0x2, 0x2, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @private, @broadcast}, &(0x7f0000000080)=0xc) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000000c0)={0x4, {{0x2, 0x4e24, @multicast1}}}, 0x88) (async)

06:34:07 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x19, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:07 executing program 1:
syz_clone(0x34ca2000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92)

06:34:07 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x1a, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:07 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x4000}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:07 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x6400}, 0x0, &(0x7f0000000240)={0x10}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

06:34:07 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x1b, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:07 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x2f, 0x2, 0x0, 0x0, 0x8, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x700, 0x20, 0x100}})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r5=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r5, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xc4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xfffff000}, 0x8)

06:34:07 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/msr', 0x216000, 0x80)
getsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/thermal', 0x0, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @initdev, @multicast1}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', r3, 0x29, 0xfc, 0x6, 0x9, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @remote}, 0x80, 0x20, 0xffffffff}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000100)={'syztnl0\x00', r3, 0x29, 0xff, 0x2, 0x5, 0x40, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x8000, 0x8, 0xfc, 0x5}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0xfffff000}, 0x1)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x4)

[ 1170.576823][T31934] FAULT_INJECTION: forcing a failure.
[ 1170.576823][T31934] name failslab, interval 1, probability 0, space 0, times 0
[ 1170.594897][T31934] CPU: 0 PID: 31934 Comm: syz-executor.1 Tainted: G    B             5.15.74-syzkaller-04383-g7f2e600bf63a #0
[ 1170.606369][T31934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[ 1170.616285][T31934] Call Trace:
[ 1170.619386][T31934]  <TASK>
[ 1170.622165][T31934]  dump_stack_lvl+0x151/0x1b7
[ 1170.626687][T31934]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1170.631970][T31934]  dump_stack+0x15/0x17
[ 1170.635965][T31934]  should_fail+0x3c0/0x510
[ 1170.640212][T31934]  __should_failslab+0x9f/0xe0
[ 1170.644809][T31934]  should_failslab+0x9/0x20
[ 1170.649161][T31934]  kmem_cache_alloc+0x4f/0x2f0
[ 1170.653760][T31934]  ? alloc_vfsmnt+0x27/0x4a0
[ 1170.658184][T31934]  alloc_vfsmnt+0x27/0x4a0
[ 1170.662429][T31934]  clone_mnt+0x6e/0xd70
[ 1170.666426][T31934]  ? is_subdir+0x101/0x120
[ 1170.670674][T31934]  copy_tree+0x423/0xce0
[ 1170.674752][T31934]  ? down_write+0xdd/0x140
[ 1170.679015][T31934]  copy_mnt_ns+0x179/0x9d0
[ 1170.683261][T31934]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 1170.688129][T31934]  create_new_namespaces+0xc4/0x6e0
[ 1170.693160][T31934]  ? security_capable+0xb2/0xd0
[ 1170.697845][T31934]  copy_namespaces+0x1d1/0x220
[ 1170.702445][T31934]  ? copy_mm+0x119/0x1b0
[ 1170.706521][T31934]  copy_process+0x12dd/0x3250
[ 1170.711034][T31934]  ? proc_fail_nth_write+0x213/0x290
[ 1170.716155][T31934]  ? proc_fail_nth_read+0x220/0x220
[ 1170.721276][T31934]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1170.726245][T31934]  ? vfs_write+0x9af/0x1050
[ 1170.730574][T31934]  ? vmacache_update+0xb7/0x120
[ 1170.735254][T31934]  kernel_clone+0x22d/0x990
[ 1170.739588][T31934]  ? file_end_write+0x1b0/0x1b0
[ 1170.74428