ocess+0x5c4/0x3290
[ 2358.765792][T19728]  ? __kasan_check_write+0x14/0x20
[ 2358.770731][T19728]  copy_process+0x5c4/0x3290
[ 2358.775162][T19728]  ? check_stack_object+0xf4/0x130
[ 2358.780101][T19728]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2358.785049][T19728]  ? copy_clone_args_from_user+0x744/0x830
[ 2358.790780][T19728]  kernel_clone+0x21e/0x9e0
[ 2358.795130][T19728]  ? __delayed_free_task+0x20/0x20
[ 2358.800064][T19728]  ? create_io_thread+0x1e0/0x1e0
[ 2358.804926][T19728]  __x64_sys_clone3+0x376/0x3a0
[ 2358.809621][T19728]  ? __ia32_sys_clone+0x290/0x290
[ 2358.814478][T19728]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2358.819594][T19728]  ? __traceiter_sys_enter+0x2a/0x40
[ 2358.824721][T19728]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2358.830617][T19728]  do_syscall_64+0x3d/0xb0
[ 2358.834870][T19728]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2358.840603][T19728] RIP: 0033:0x7f9d5f592da9
[ 2358.844850][T19728] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:11 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:11 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffa}}, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r2, 0x0, 0x0)

03:36:11 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10)

03:36:11 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffa}}, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r2, 0x0) (async)
connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r2, 0x0, 0x0)

03:36:11 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket(0x21, 0x806, 0x0) (async)
r2 = socket(0x21, 0x806, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbf91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) (async)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, 0x0, 0x4, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=<r5=>0x0)
fcntl$setown(r3, 0x8, r5)
splice(r0, 0x0, r1, 0x0, 0x4ff9f, 0xe)

[ 2358.864290][T19728] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2358.872535][T19728] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2358.880347][T19728] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2358.888159][T19728] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2358.895983][T19728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2358.903779][T19728] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2358.911600][T19728]  </TASK>
03:36:11 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:11 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffa}}, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) (async)
r1 = socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async, rerun: 64)
listen(r2, 0x0) (async, rerun: 64)
connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r2, 0x0, 0x0)

[ 2358.955106][T19888] FAULT_INJECTION: forcing a failure.
[ 2358.955106][T19888] name failslab, interval 1, probability 0, space 0, times 0
[ 2358.978861][T19888] CPU: 1 PID: 19888 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2358.989016][T19888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2358.998909][T19888] Call Trace:
[ 2359.002034][T19888]  <TASK>
[ 2359.004812][T19888]  dump_stack_lvl+0x151/0x1b7
[ 2359.009325][T19888]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2359.014797][T19888]  dump_stack+0x15/0x17
[ 2359.018788][T19888]  should_fail+0x3c6/0x510
[ 2359.023039][T19888]  __should_failslab+0xa4/0xe0
[ 2359.027638][T19888]  ? copy_sighand+0x54/0x250
[ 2359.032064][T19888]  should_failslab+0x9/0x20
[ 2359.036402][T19888]  slab_pre_alloc_hook+0x37/0xd0
[ 2359.041177][T19888]  ? copy_sighand+0x54/0x250
[ 2359.045602][T19888]  kmem_cache_alloc+0x44/0x200
[ 2359.050203][T19888]  copy_sighand+0x54/0x250
[ 2359.054459][T19888]  copy_process+0x10d6/0x3290
[ 2359.059008][T19888]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2359.063917][T19888]  ? copy_clone_args_from_user+0x744/0x830
[ 2359.069559][T19888]  kernel_clone+0x21e/0x9e0
[ 2359.073908][T19888]  ? __delayed_free_task+0x20/0x20
[ 2359.078848][T19888]  ? create_io_thread+0x1e0/0x1e0
[ 2359.083711][T19888]  __x64_sys_clone3+0x376/0x3a0
[ 2359.088395][T19888]  ? __ia32_sys_clone+0x290/0x290
[ 2359.093258][T19888]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2359.098375][T19888]  ? __traceiter_sys_enter+0x2a/0x40
[ 2359.103495][T19888]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2359.109396][T19888]  do_syscall_64+0x3d/0xb0
[ 2359.113653][T19888]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2359.119378][T19888] RIP: 0033:0x7f9d5f592da9
[ 2359.123652][T19888] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2359.143072][T19888] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
03:36:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async, rerun: 32)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 64)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (rerun: 64)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 32)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async, rerun: 32)
r12 = signalfd4(r3, &(0x7f0000000700)={[0x7]}, 0x8, 0x80800) (rerun: 32)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b40)=@bpf_tracing={0x1a, 0x31, &(0x7f0000000900)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r12}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}], &(0x7f00000007c0)='syzkaller\x00', 0x71e, 0x42, &(0x7f0000000800)=""/66, 0x100, 0x5, '\x00', r8, 0x18, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x2, 0xe, 0xfffff1ec, 0x5940c000}, 0x10, 0x5bf4, r5, 0x1, &(0x7f0000000ac0)=[r4], &(0x7f0000000b00)=[{0x1, 0x1, 0x0, 0xb}], 0x10, 0x6b}, 0x90)

03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x21, 0x806, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbf91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, 0x0, 0x4, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=<r5=>0x0)
fcntl$setown(r3, 0x8, r5)
splice(r0, 0x0, r1, 0x0, 0x4ff9f, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)) (async)
socket(0x21, 0x806, 0x0) (async)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbf91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42) (async)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) (async)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, 0x0, 0x4, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) (async)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)) (async)
fcntl$setown(r3, 0x8, r5) (async)
splice(r0, 0x0, r1, 0x0, 0x4ff9f, 0xe) (async)

03:36:12 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11)

03:36:12 executing program 2:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000380)=0x4000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086607, &(0x7f0000000040))
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0xb04, 0x61cdf1ef})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="000000000000f8ff00000000bfa200000000000007020000f8bfffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)
getsockname$packet(r0, &(0x7f0000000440)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000480)=0x14)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8)
readv(r6, &(0x7f0000000000)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000000040)=""/26, 0x1a}], 0x2)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)='%-5lx  \x00'}, 0x20)
ioctl$PPPIOCSACTIVE(r6, 0x40107446, &(0x7f0000001840)={0x2, &(0x7f0000000800)=[{0x9, 0x80, 0x62, 0x6}, {0x94de, 0x1, 0x0, 0x740}]})
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x1, 0x0, r0, 0x1, '\x00', 0x0, r0, 0x2, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x14, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x4, 0x4, 0x0, 0x5}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x8}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='syzkaller\x00', 0x3f, 0x3b, &(0x7f0000000400)=""/59, 0x40f00, 0x41, '\x00', r5, 0x25, r6, 0x8, &(0x7f00000004c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0xd, 0x1, 0x32e}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000680)=[r0, r0, r7, r8, r1], &(0x7f00000006c0)=[{0x4, 0x1, 0x1, 0xb}, {0x4, 0x5, 0x2, 0xa}, {0x4, 0x1, 0x8, 0x1}, {0x0, 0x1, 0x3, 0x4}], 0x10, 0xff}, 0x90)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.151316][T19888] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2359.159301][T19888] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2359.167113][T19888] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2359.174924][T19888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2359.182736][T19888] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2359.190556][T19888]  </TASK>
03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
close(r0)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1f, 0x800, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES32=r2, @ANYRESOCT=r1], 0x2000011a)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x5, 0x8, 0x2, 0x600, r2, 0x1000, '\x00', 0x0, r2, 0x4, 0x1, 0x5}, 0x48)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

03:36:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 32)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 32)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
r12 = signalfd4(r3, &(0x7f0000000700)={[0x7]}, 0x8, 0x80800)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b40)=@bpf_tracing={0x1a, 0x31, &(0x7f0000000900)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r12}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}], &(0x7f00000007c0)='syzkaller\x00', 0x71e, 0x42, &(0x7f0000000800)=""/66, 0x100, 0x5, '\x00', r8, 0x18, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x2, 0xe, 0xfffff1ec, 0x5940c000}, 0x10, 0x5bf4, r5, 0x1, &(0x7f0000000ac0)=[r4], &(0x7f0000000b00)=[{0x1, 0x1, 0x0, 0xb}], 0x10, 0x6b}, 0x90)

03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
close(r0) (async)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
r3 = socket(0x1f, 0x800, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES32=r2, @ANYRESOCT=r1], 0x2000011a) (async)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x5, 0x8, 0x2, 0x600, r2, 0x1000, '\x00', 0x0, r2, 0x4, 0x1, 0x5}, 0x48) (async)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
close(r0) (async)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async, rerun: 32)
r3 = socket(0x1f, 0x800, 0x0) (rerun: 32)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES32=r2, @ANYRESOCT=r1], 0x2000011a) (async)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x5, 0x8, 0x2, 0x600, r2, 0x1000, '\x00', 0x0, r2, 0x4, 0x1, 0x5}, 0x48) (async)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r1 = dup3(r0, r0, 0x0)
dup3(r1, r0, 0x0)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

[ 2359.411400][T20110] FAULT_INJECTION: forcing a failure.
[ 2359.411400][T20110] name failslab, interval 1, probability 0, space 0, times 0
[ 2359.429069][T20110] CPU: 0 PID: 20110 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2359.439408][T20110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2359.449298][T20110] Call Trace:
[ 2359.452420][T20110]  <TASK>
[ 2359.455201][T20110]  dump_stack_lvl+0x151/0x1b7
[ 2359.459713][T20110]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2359.465183][T20110]  dump_stack+0x15/0x17
[ 2359.469169][T20110]  should_fail+0x3c6/0x510
[ 2359.473425][T20110]  __should_failslab+0xa4/0xe0
[ 2359.478025][T20110]  ? copy_signal+0x55/0x610
[ 2359.482362][T20110]  should_failslab+0x9/0x20
[ 2359.486703][T20110]  slab_pre_alloc_hook+0x37/0xd0
[ 2359.491482][T20110]  ? copy_signal+0x55/0x610
[ 2359.495816][T20110]  kmem_cache_alloc+0x44/0x200
[ 2359.500421][T20110]  copy_signal+0x55/0x610
[ 2359.504583][T20110]  copy_process+0x1101/0x3290
03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r1 = dup3(r0, r0, 0x0)
dup3(r1, r0, 0x0) (async)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

[ 2359.509103][T20110]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2359.514043][T20110]  ? copy_clone_args_from_user+0x744/0x830
[ 2359.519687][T20110]  kernel_clone+0x21e/0x9e0
[ 2359.524027][T20110]  ? __delayed_free_task+0x20/0x20
[ 2359.528970][T20110]  ? create_io_thread+0x1e0/0x1e0
[ 2359.533839][T20110]  __x64_sys_clone3+0x376/0x3a0
[ 2359.538521][T20110]  ? __ia32_sys_clone+0x290/0x290
[ 2359.543389][T20110]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2359.548502][T20110]  ? __traceiter_sys_enter+0x2a/0x40
[ 2359.553627][T20110]  ? syscall_enter_from_user_mode+0x14d/0x1b0
03:36:12 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r1 = dup3(r0, r0, 0x0)
dup3(r1, r0, 0x0) (async)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

[ 2359.559525][T20110]  do_syscall_64+0x3d/0xb0
[ 2359.563777][T20110]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2359.569503][T20110] RIP: 0033:0x7f9d5f592da9
[ 2359.573755][T20110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2359.593202][T20110] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2359.601448][T20110] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12)

03:36:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000003e0100402020702500000000002020207b1a800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2359.609258][T20110] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2359.617066][T20110] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2359.624877][T20110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2359.632691][T20110] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2359.640511][T20110]  </TASK>
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r5 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff})
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bd9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bda, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.689401][T20244] FAULT_INJECTION: forcing a failure.
[ 2359.689401][T20244] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2359.714987][T20244] CPU: 1 PID: 20244 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2359.725149][T20244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2359.735044][T20244] Call Trace:
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bdb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bdc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bdd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.738172][T20244]  <TASK>
[ 2359.740950][T20244]  dump_stack_lvl+0x151/0x1b7
[ 2359.745458][T20244]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2359.750927][T20244]  ? __stack_depot_save+0x34/0x470
[ 2359.755877][T20244]  dump_stack+0x15/0x17
[ 2359.759952][T20244]  should_fail+0x3c6/0x510
[ 2359.764205][T20244]  should_fail_alloc_page+0x5a/0x80
[ 2359.769246][T20244]  prepare_alloc_pages+0x15c/0x700
[ 2359.774187][T20244]  ? __alloc_pages+0x8f0/0x8f0
[ 2359.778907][T20244]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2359.784112][T20244]  __alloc_pages+0x18c/0x8f0
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bde, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bdf, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.788539][T20244]  ? prep_new_page+0x110/0x110
[ 2359.793139][T20244]  ? __kasan_kmalloc+0x9/0x10
[ 2359.797653][T20244]  ? __kmalloc+0x13a/0x270
[ 2359.801902][T20244]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 2359.807116][T20244]  __vmalloc_node_range+0x482/0x8d0
[ 2359.812151][T20244]  dup_task_struct+0x416/0xc60
[ 2359.816744][T20244]  ? copy_process+0x5c4/0x3290
[ 2359.821430][T20244]  ? __kasan_check_write+0x14/0x20
[ 2359.826381][T20244]  copy_process+0x5c4/0x3290
[ 2359.830813][T20244]  ? check_stack_object+0xf4/0x130
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.835755][T20244]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2359.840704][T20244]  ? copy_clone_args_from_user+0x744/0x830
[ 2359.846343][T20244]  kernel_clone+0x21e/0x9e0
[ 2359.850681][T20244]  ? __delayed_free_task+0x20/0x20
[ 2359.855628][T20244]  ? create_io_thread+0x1e0/0x1e0
[ 2359.860581][T20244]  __x64_sys_clone3+0x376/0x3a0
[ 2359.865265][T20244]  ? __ia32_sys_clone+0x290/0x290
[ 2359.870128][T20244]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2359.875247][T20244]  ? __traceiter_sys_enter+0x2a/0x40
[ 2359.880362][T20244]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2359.886267][T20244]  do_syscall_64+0x3d/0xb0
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.890520][T20244]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2359.896248][T20244] RIP: 0033:0x7f9d5f592da9
[ 2359.900497][T20244] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2359.919950][T20244] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2359.928189][T20244] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:12 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2359.936006][T20244] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2359.943811][T20244] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2359.951642][T20244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2359.959435][T20244] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2359.967254][T20244]  </TASK>
03:36:13 executing program 2:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000380)=0x4000) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086607, &(0x7f0000000040)) (async)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0xb04, 0x61cdf1ef}) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="000000000000f8ff00000000bfa200000000000007020000f8bfffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0) (async)
getsockname$packet(r0, &(0x7f0000000440)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000480)=0x14) (async)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8)
readv(r6, &(0x7f0000000000)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000000040)=""/26, 0x1a}], 0x2) (async, rerun: 64)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)='%-5lx  \x00'}, 0x20) (rerun: 64)
ioctl$PPPIOCSACTIVE(r6, 0x40107446, &(0x7f0000001840)={0x2, &(0x7f0000000800)=[{0x9, 0x80, 0x62, 0x6}, {0x94de, 0x1, 0x0, 0x740}]}) (async)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x1, 0x0, r0, 0x1, '\x00', 0x0, r0, 0x2, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x14, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x4, 0x4, 0x0, 0x5}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x8}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='syzkaller\x00', 0x3f, 0x3b, &(0x7f0000000400)=""/59, 0x40f00, 0x41, '\x00', r5, 0x25, r6, 0x8, &(0x7f00000004c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0xd, 0x1, 0x32e}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000680)=[r0, r0, r7, r8, r1], &(0x7f00000006c0)=[{0x4, 0x1, 0x1, 0xb}, {0x4, 0x5, 0x2, 0xa}, {0x4, 0x1, 0x8, 0x1}, {0x0, 0x1, 0x3, 0x4}], 0x10, 0xff}, 0x90)

03:36:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000003e0100402020702500000000002020207b1a800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:13 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13)

03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7be9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bea, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2360.078815][T20393] FAULT_INJECTION: forcing a failure.
[ 2360.078815][T20393] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2360.092043][T20393] CPU: 1 PID: 20393 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2360.102192][T20393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2360.112087][T20393] Call Trace:
[ 2360.115207][T20393]  <TASK>
[ 2360.117984][T20393]  dump_stack_lvl+0x151/0x1b7
[ 2360.122496][T20393]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2360.127964][T20393]  ? __stack_depot_save+0x34/0x470
[ 2360.132922][T20393]  dump_stack+0x15/0x17
[ 2360.136909][T20393]  should_fail+0x3c6/0x510
[ 2360.141162][T20393]  should_fail_alloc_page+0x5a/0x80
[ 2360.146194][T20393]  prepare_alloc_pages+0x15c/0x700
[ 2360.151146][T20393]  ? __alloc_pages+0x8f0/0x8f0
[ 2360.155740][T20393]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2360.160775][T20393]  __alloc_pages+0x18c/0x8f0
[ 2360.165201][T20393]  ? prep_new_page+0x110/0x110
[ 2360.169805][T20393]  ? __kasan_kmalloc+0x9/0x10
[ 2360.174311][T20393]  ? __kmalloc+0x13a/0x270
[ 2360.178692][T20393]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 2360.183899][T20393]  __vmalloc_node_range+0x482/0x8d0
[ 2360.188933][T20393]  dup_task_struct+0x416/0xc60
[ 2360.193531][T20393]  ? copy_process+0x5c4/0x3290
[ 2360.198129][T20393]  ? __kasan_check_write+0x14/0x20
[ 2360.203078][T20393]  copy_process+0x5c4/0x3290
[ 2360.207507][T20393]  ? check_stack_object+0xf4/0x130
[ 2360.212796][T20393]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2360.217748][T20393]  ? copy_clone_args_from_user+0x744/0x830
[ 2360.223388][T20393]  kernel_clone+0x21e/0x9e0
[ 2360.227735][T20393]  ? __delayed_free_task+0x20/0x20
[ 2360.232678][T20393]  ? create_io_thread+0x1e0/0x1e0
[ 2360.237535][T20393]  __x64_sys_clone3+0x376/0x3a0
[ 2360.242223][T20393]  ? __ia32_sys_clone+0x290/0x290
[ 2360.247086][T20393]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2360.252201][T20393]  ? __traceiter_sys_enter+0x2a/0x40
[ 2360.257325][T20393]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2360.263233][T20393]  do_syscall_64+0x3d/0xb0
[ 2360.267485][T20393]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2360.273205][T20393] RIP: 0033:0x7f9d5f592da9
[ 2360.277461][T20393] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2360.296902][T20393] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2360.305587][T20393] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2360.313397][T20393] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2360.321202][T20393] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000003e0100402020702500000000002020207b1a800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:13 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14)

[ 2360.329012][T20393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2360.336824][T20393] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2360.344643][T20393]  </TASK>
03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7beb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2360.450139][T20507] FAULT_INJECTION: forcing a failure.
[ 2360.450139][T20507] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2360.467832][T20507] CPU: 0 PID: 20507 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2360.478001][T20507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2360.487890][T20507] Call Trace:
[ 2360.491017][T20507]  <TASK>
[ 2360.493797][T20507]  dump_stack_lvl+0x151/0x1b7
[ 2360.498305][T20507]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2360.503773][T20507]  ? __stack_depot_save+0x34/0x470
[ 2360.508720][T20507]  dump_stack+0x15/0x17
[ 2360.512712][T20507]  should_fail+0x3c6/0x510
[ 2360.517015][T20507]  should_fail_alloc_page+0x5a/0x80
[ 2360.521999][T20507]  prepare_alloc_pages+0x15c/0x700
[ 2360.526946][T20507]  ? __alloc_pages+0x8f0/0x8f0
[ 2360.531553][T20507]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2360.536583][T20507]  __alloc_pages+0x18c/0x8f0
[ 2360.541006][T20507]  ? prep_new_page+0x110/0x110
[ 2360.545609][T20507]  ? __kasan_kmalloc+0x9/0x10
[ 2360.550119][T20507]  ? __kmalloc+0x13a/0x270
[ 2360.554372][T20507]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 2360.559580][T20507]  __vmalloc_node_range+0x482/0x8d0
[ 2360.564619][T20507]  dup_task_struct+0x416/0xc60
[ 2360.569214][T20507]  ? copy_process+0x5c4/0x3290
[ 2360.573815][T20507]  ? __kasan_check_write+0x14/0x20
[ 2360.578763][T20507]  copy_process+0x5c4/0x3290
[ 2360.583191][T20507]  ? check_stack_object+0xf4/0x130
[ 2360.588139][T20507]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2360.593107][T20507]  ? copy_clone_args_from_user+0x744/0x830
[ 2360.598726][T20507]  kernel_clone+0x21e/0x9e0
[ 2360.603066][T20507]  ? __delayed_free_task+0x20/0x20
[ 2360.608018][T20507]  ? create_io_thread+0x1e0/0x1e0
[ 2360.613135][T20507]  __x64_sys_clone3+0x376/0x3a0
[ 2360.617820][T20507]  ? __ia32_sys_clone+0x290/0x290
[ 2360.622683][T20507]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2360.627808][T20507]  ? __traceiter_sys_enter+0x2a/0x40
[ 2360.632921][T20507]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2360.638827][T20507]  do_syscall_64+0x3d/0xb0
[ 2360.643092][T20507]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2360.648893][T20507] RIP: 0033:0x7f9d5f592da9
[ 2360.653145][T20507] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2360.672586][T20507] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2360.680833][T20507] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2360.688643][T20507] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bec, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
r9 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
shutdown(r9, 0x1)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:13 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15)

03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bed, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2360.696453][T20507] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2360.704266][T20507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2360.712075][T20507] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2360.719898][T20507]  </TASK>
03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bee, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bef, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:13 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2360.747576][T20616] FAULT_INJECTION: forcing a failure.
[ 2360.747576][T20616] name failslab, interval 1, probability 0, space 0, times 0
[ 2360.760063][T20616] CPU: 0 PID: 20616 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2360.770149][T20616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2360.780048][T20616] Call Trace:
[ 2360.783170][T20616]  <TASK>
[ 2360.785945][T20616]  dump_stack_lvl+0x151/0x1b7
[ 2360.790460][T20616]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2360.795927][T20616]  ? __alloc_pages+0x27e/0x8f0
[ 2360.800621][T20616]  dump_stack+0x15/0x17
[ 2360.804606][T20616]  should_fail+0x3c6/0x510
[ 2360.808868][T20616]  __should_failslab+0xa4/0xe0
[ 2360.813457][T20616]  ? vm_area_dup+0x26/0x230
[ 2360.817793][T20616]  should_failslab+0x9/0x20
[ 2360.822209][T20616]  slab_pre_alloc_hook+0x37/0xd0
[ 2360.826911][T20616]  ? vm_area_dup+0x26/0x230
[ 2360.831248][T20616]  kmem_cache_alloc+0x44/0x200
[ 2360.835851][T20616]  vm_area_dup+0x26/0x230
[ 2360.840013][T20616]  copy_mm+0x9a1/0x13e0
[ 2360.844008][T20616]  ? copy_signal+0x610/0x610
[ 2360.848430][T20616]  ? __init_rwsem+0xd6/0x1c0
[ 2360.852871][T20616]  ? copy_signal+0x4e3/0x610
[ 2360.857284][T20616]  copy_process+0x1149/0x3290
[ 2360.861802][T20616]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2360.866746][T20616]  ? copy_clone_args_from_user+0x744/0x830
[ 2360.872476][T20616]  kernel_clone+0x21e/0x9e0
[ 2360.876814][T20616]  ? __delayed_free_task+0x20/0x20
[ 2360.881768][T20616]  ? create_io_thread+0x1e0/0x1e0
[ 2360.886623][T20616]  __x64_sys_clone3+0x376/0x3a0
[ 2360.891307][T20616]  ? __ia32_sys_clone+0x290/0x290
[ 2360.896177][T20616]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2360.901289][T20616]  ? __traceiter_sys_enter+0x2a/0x40
[ 2360.906409][T20616]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2360.912311][T20616]  do_syscall_64+0x3d/0xb0
[ 2360.916571][T20616]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2360.922295][T20616] RIP: 0033:0x7f9d5f592da9
[ 2360.926548][T20616] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2360.945986][T20616] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2360.954230][T20616] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2360.962044][T20616] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2360.969863][T20616] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2360.977665][T20616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2360.985477][T20616] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2360.993307][T20616]  </TASK>
03:36:15 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'}) (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0) (async)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)
r5 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff}) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 2:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000380)=0x4000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086607, &(0x7f0000000040)) (async, rerun: 32)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0xb04, 0x61cdf1ef}) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="000000000000f8ff00000000bfa200000000000007020000f8bfffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
r4 = socket$unix(0x1, 0x1, 0x0) (rerun: 64)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0) (async)
getsockname$packet(r0, &(0x7f0000000440)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000480)=0x14) (async)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8)
readv(r6, &(0x7f0000000000)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000000040)=""/26, 0x1a}], 0x2)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)='%-5lx  \x00'}, 0x20) (async)
ioctl$PPPIOCSACTIVE(r6, 0x40107446, &(0x7f0000001840)={0x2, &(0x7f0000000800)=[{0x9, 0x80, 0x62, 0x6}, {0x94de, 0x1, 0x0, 0x740}]})
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x1, 0x0, r0, 0x1, '\x00', 0x0, r0, 0x2, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x14, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x4, 0x4, 0x0, 0x5}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x8}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='syzkaller\x00', 0x3f, 0x3b, &(0x7f0000000400)=""/59, 0x40f00, 0x41, '\x00', r5, 0x25, r6, 0x8, &(0x7f00000004c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0xd, 0x1, 0x32e}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000680)=[r0, r0, r7, r8, r1], &(0x7f00000006c0)=[{0x4, 0x1, 0x1, 0xb}, {0x4, 0x5, 0x2, 0xa}, {0x4, 0x1, 0x8, 0x1}, {0x0, 0x1, 0x3, 0x4}], 0x10, 0xff}, 0x90)

03:36:15 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16)

03:36:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
r9 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
shutdown(r9, 0x1)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.729113][T20733] FAULT_INJECTION: forcing a failure.
[ 2362.729113][T20733] name failslab, interval 1, probability 0, space 0, times 0
[ 2362.742528][T20733] CPU: 0 PID: 20733 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2362.752675][T20733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2362.762564][T20733] Call Trace:
[ 2362.765698][T20733]  <TASK>
[ 2362.768466][T20733]  dump_stack_lvl+0x151/0x1b7
[ 2362.772980][T20733]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.778447][T20733]  ? vmap_pages_range_noflush+0x7d5/0x800
[ 2362.784019][T20733]  dump_stack+0x15/0x17
[ 2362.787995][T20733]  should_fail+0x3c6/0x510
[ 2362.792260][T20733]  __should_failslab+0xa4/0xe0
[ 2362.796853][T20733]  ? prepare_creds+0x2f/0x6a0
[ 2362.801363][T20733]  should_failslab+0x9/0x20
[ 2362.805704][T20733]  slab_pre_alloc_hook+0x37/0xd0
[ 2362.810479][T20733]  ? prepare_creds+0x2f/0x6a0
[ 2362.814991][T20733]  kmem_cache_alloc+0x44/0x200
[ 2362.819591][T20733]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 2362.824890][T20733]  prepare_creds+0x2f/0x6a0
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.829231][T20733]  copy_creds+0xf0/0x630
[ 2362.833305][T20733]  ? dup_task_struct+0x7e6/0xc60
[ 2362.838082][T20733]  copy_process+0x7c3/0x3290
[ 2362.842544][T20733]  ? check_stack_object+0xf4/0x130
[ 2362.847459][T20733]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2362.852407][T20733]  ? copy_clone_args_from_user+0x744/0x830
[ 2362.858041][T20733]  kernel_clone+0x21e/0x9e0
[ 2362.862385][T20733]  ? __delayed_free_task+0x20/0x20
[ 2362.867327][T20733]  ? create_io_thread+0x1e0/0x1e0
[ 2362.872189][T20733]  __x64_sys_clone3+0x376/0x3a0
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bf9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.876874][T20733]  ? __ia32_sys_clone+0x290/0x290
[ 2362.881755][T20733]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2362.886856][T20733]  ? __traceiter_sys_enter+0x2a/0x40
[ 2362.891976][T20733]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2362.897879][T20733]  do_syscall_64+0x3d/0xb0
[ 2362.902132][T20733]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2362.907857][T20733] RIP: 0033:0x7f9d5f592da9
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bfa, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bfb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bfc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.912115][T20733] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2362.931556][T20733] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2362.939800][T20733] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2362.948739][T20733] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2362.956551][T20733] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2362.964361][T20733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2362.972176][T20733] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bfd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async, rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 32)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 64)
r9 = socket$bt_rfcomm(0x1f, 0x1, 0x3) (rerun: 64)
shutdown(r9, 0x1) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:15 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17)

03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bfe, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2362.980113][T20733]  </TASK>
03:36:15 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7bff, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="d59950658f8623b2301609bf7e68752600db5efa00a7f6cf8841f6add97647695634912ffc11ceb7b56823f38dd49f29bf6d4b525b652c78802145287d5ce88cd7fadc82e3152aab329c4e48b7c21df7fd7ed7e5a294ec4da3db6a557d6135cba7406ab76bde4cdf8c4b750f29ed2cb3227999c8cb07b848ea9690e36c6a1a4fc561f81709af720153ef652b472549d4c2041767b8a5f915ef70e0b073efd6dc25d8700a675500b1c503ab9eda7a35d6c79a2ab36a005b104eda096c9f5dff8b61eb0b8012cce4cddb376d110f2191b0236d437c1bc8ff32fe2dcd87e96a95350c83b113d8a68f9b40df47a3ae60c11425f1049ae3041a8fb41acd1a3d9bcaaeaed8c22d285b3165eabe72b38ce07d000aab5f9dd108f01aa930c27b2f771dc5ef0bfc8de482fbccc6fcedabb65ec42378fdec6983484bec2b22734b286405edd9962ab0f726514b18b5ab5be78afd30d43eb0013d23dbe3909d6efe4fc07440e1ef806e3c781f19dd3f42fe750fafddfc72e07a46f6e89d5bd27b92efe21bdf48105c9dea87020598facfd9f63e1167"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c00, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c01, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2363.023206][T20880] FAULT_INJECTION: forcing a failure.
[ 2363.023206][T20880] name failslab, interval 1, probability 0, space 0, times 0
[ 2363.036774][T20880] CPU: 0 PID: 20880 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2363.046929][T20880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2363.056822][T20880] Call Trace:
[ 2363.059946][T20880]  <TASK>
[ 2363.062733][T20880]  dump_stack_lvl+0x151/0x1b7
[ 2363.067249][T20880]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c02, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c03, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c04, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2363.072712][T20880]  dump_stack+0x15/0x17
[ 2363.076699][T20880]  should_fail+0x3c6/0x510
[ 2363.080953][T20880]  __should_failslab+0xa4/0xe0
[ 2363.085552][T20880]  ? anon_vma_clone+0x9a/0x500
[ 2363.090152][T20880]  should_failslab+0x9/0x20
[ 2363.094492][T20880]  slab_pre_alloc_hook+0x37/0xd0
[ 2363.099268][T20880]  ? anon_vma_clone+0x9a/0x500
[ 2363.103864][T20880]  kmem_cache_alloc+0x44/0x200
[ 2363.108469][T20880]  anon_vma_clone+0x9a/0x500
[ 2363.112900][T20880]  anon_vma_fork+0x91/0x4e0
[ 2363.117229][T20880]  ? anon_vma_name+0x4c/0x70
03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c05, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c06, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c07, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2363.121659][T20880]  ? vm_area_dup+0x17a/0x230
[ 2363.126083][T20880]  copy_mm+0xa3a/0x13e0
[ 2363.130080][T20880]  ? copy_signal+0x610/0x610
[ 2363.134502][T20880]  ? __init_rwsem+0xd6/0x1c0
[ 2363.138930][T20880]  ? copy_signal+0x4e3/0x610
[ 2363.143359][T20880]  copy_process+0x1149/0x3290
[ 2363.147876][T20880]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2363.152817][T20880]  ? copy_clone_args_from_user+0x744/0x830
[ 2363.158461][T20880]  kernel_clone+0x21e/0x9e0
[ 2363.162795][T20880]  ? __delayed_free_task+0x20/0x20
[ 2363.167748][T20880]  ? create_io_thread+0x1e0/0x1e0
03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c08, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:16 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c09, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2363.172613][T20880]  __x64_sys_clone3+0x376/0x3a0
[ 2363.177290][T20880]  ? __ia32_sys_clone+0x290/0x290
[ 2363.182158][T20880]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2363.187274][T20880]  ? __traceiter_sys_enter+0x2a/0x40
[ 2363.192394][T20880]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2363.198301][T20880]  do_syscall_64+0x3d/0xb0
[ 2363.202548][T20880]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2363.208275][T20880] RIP: 0033:0x7f9d5f592da9
[ 2363.212530][T20880] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2363.231970][T20880] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2363.240215][T20880] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2363.248022][T20880] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2363.255832][T20880] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2363.263645][T20880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2363.271457][T20880] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2363.279274][T20880]  </TASK>
03:36:18 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:18 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r5 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff})
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)) (async)
socket(0x1e, 0x1, 0x0) (async)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'}) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00') (async)
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0) (async)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)
fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0) (async)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff}) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) (async)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10) (async)

03:36:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async, rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 32)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 32)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (rerun: 32)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="d59950658f8623b2301609bf7e68752600db5efa00a7f6cf8841f6add97647695634912ffc11ceb7b56823f38dd49f29bf6d4b525b652c78802145287d5ce88cd7fadc82e3152aab329c4e48b7c21df7fd7ed7e5a294ec4da3db6a557d6135cba7406ab76bde4cdf8c4b750f29ed2cb3227999c8cb07b848ea9690e36c6a1a4fc561f81709af720153ef652b472549d4c2041767b8a5f915ef70e0b073efd6dc25d8700a675500b1c503ab9eda7a35d6c79a2ab36a005b104eda096c9f5dff8b61eb0b8012cce4cddb376d110f2191b0236d437c1bc8ff32fe2dcd87e96a95350c83b113d8a68f9b40df47a3ae60c11425f1049ae3041a8fb41acd1a3d9bcaaeaed8c22d285b3165eabe72b38ce07d000aab5f9dd108f01aa930c27b2f771dc5ef0bfc8de482fbccc6fcedabb65ec42378fdec6983484bec2b22734b286405edd9962ab0f726514b18b5ab5be78afd30d43eb0013d23dbe3909d6efe4fc07440e1ef806e3c781f19dd3f42fe750fafddfc72e07a46f6e89d5bd27b92efe21bdf48105c9dea87020598facfd9f63e1167"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async, rerun: 64)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:18 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={<r4=>0x0, @initdev, @dev}, &(0x7f0000000440)=0xc)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x3, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1c, 0x11, &(0x7f00000002c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}, @call={0x85, 0x0, 0x0, 0xb1}, @exit, @alu={0x4, 0x0, 0x2, 0x6, 0x1, 0x1}, @ldst={0x1, 0x1, 0x6, 0x6, 0x5, 0x18, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x0, 0x4, 0x1, 0x80, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x5, 0x8, 0xa, 0x1, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000000)='GPL\x00', 0x5ff, 0x98, &(0x7f0000000380)=""/152, 0x41000, 0x40, '\x00', r4, 0x8, r5, 0x8, &(0x7f00000004c0)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r1, 0x7, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r2, r0], &(0x7f0000000580)=[{0x1, 0x5, 0x5, 0xa}, {0x5, 0x1, 0xe}, {0x2, 0x5, 0xf}, {0x4, 0x1, 0xd}, {0x2, 0x2, 0x2, 0x4}, {0x2, 0x2, 0xc, 0x8}, {0x3, 0x5, 0x2, 0x6}], 0x10, 0x80000000}, 0x90)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:18 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18)

03:36:18 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={<r4=>0x0, @initdev, @dev}, &(0x7f0000000440)=0xc)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x3, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1c, 0x11, &(0x7f00000002c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}, @call={0x85, 0x0, 0x0, 0xb1}, @exit, @alu={0x4, 0x0, 0x2, 0x6, 0x1, 0x1}, @ldst={0x1, 0x1, 0x6, 0x6, 0x5, 0x18, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x0, 0x4, 0x1, 0x80, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x5, 0x8, 0xa, 0x1, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000000)='GPL\x00', 0x5ff, 0x98, &(0x7f0000000380)=""/152, 0x41000, 0x40, '\x00', r4, 0x8, r5, 0x8, &(0x7f00000004c0)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r1, 0x7, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r2, r0], &(0x7f0000000580)=[{0x1, 0x5, 0x5, 0xa}, {0x5, 0x1, 0xe}, {0x2, 0x5, 0xf}, {0x4, 0x1, 0xd}, {0x2, 0x2, 0x2, 0x4}, {0x2, 0x2, 0xc, 0x8}, {0x3, 0x5, 0x2, 0x6}], 0x10, 0x80000000}, 0x90)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @initdev, @dev}, &(0x7f0000000440)=0xc) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x3}, 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1c, 0x11, &(0x7f00000002c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}, @call={0x85, 0x0, 0x0, 0xb1}, @exit, @alu={0x4, 0x0, 0x2, 0x6, 0x1, 0x1}, @ldst={0x1, 0x1, 0x6, 0x6, 0x5, 0x18, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x0, 0x4, 0x1, 0x80, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x5, 0x8, 0xa, 0x1, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000000)='GPL\x00', 0x5ff, 0x98, &(0x7f0000000380)=""/152, 0x41000, 0x40, '\x00', r4, 0x8, r5, 0x8, &(0x7f00000004c0)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r1, 0x7, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r2, r0], &(0x7f0000000580)=[{0x1, 0x5, 0x5, 0xa}, {0x5, 0x1, 0xe}, {0x2, 0x5, 0xf}, {0x4, 0x1, 0xd}, {0x2, 0x2, 0x2, 0x4}, {0x2, 0x2, 0xc, 0x8}, {0x3, 0x5, 0x2, 0x6}], 0x10, 0x80000000}, 0x90) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0) (async)

[ 2365.741375][T21116] FAULT_INJECTION: forcing a failure.
[ 2365.741375][T21116] name failslab, interval 1, probability 0, space 0, times 0
[ 2365.761918][T21116] CPU: 0 PID: 21116 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2365.772088][T21116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2365.781984][T21116] Call Trace:
[ 2365.785102][T21116]  <TASK>
[ 2365.787879][T21116]  dump_stack_lvl+0x151/0x1b7
[ 2365.792500][T21116]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2365.797959][T21116]  ? avc_has_perm_noaudit+0x348/0x430
[ 2365.803165][T21116]  dump_stack+0x15/0x17
[ 2365.807167][T21116]  should_fail+0x3c6/0x510
[ 2365.811414][T21116]  __should_failslab+0xa4/0xe0
[ 2365.816011][T21116]  ? dup_fd+0x72/0xb00
[ 2365.819922][T21116]  should_failslab+0x9/0x20
[ 2365.824275][T21116]  slab_pre_alloc_hook+0x37/0xd0
[ 2365.829036][T21116]  ? dup_fd+0x72/0xb00
[ 2365.832935][T21116]  kmem_cache_alloc+0x44/0x200
[ 2365.837538][T21116]  dup_fd+0x72/0xb00
[ 2365.841267][T21116]  ? avc_has_perm+0x16f/0x260
[ 2365.845785][T21116]  ? avc_has_perm_noaudit+0x430/0x430
[ 2365.851264][T21116]  copy_files+0xe6/0x200
[ 2365.856023][T21116]  ? perf_event_attrs+0x30/0x30
[ 2365.860707][T21116]  ? dup_task_struct+0xc60/0xc60
[ 2365.865484][T21116]  ? security_task_alloc+0xf9/0x130
[ 2365.870519][T21116]  copy_process+0x1080/0x3290
[ 2365.875050][T21116]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2365.879979][T21116]  ? copy_clone_args_from_user+0x744/0x830
[ 2365.885622][T21116]  kernel_clone+0x21e/0x9e0
[ 2365.889961][T21116]  ? __delayed_free_task+0x20/0x20
[ 2365.895005][T21116]  ? create_io_thread+0x1e0/0x1e0
[ 2365.899857][T21116]  __x64_sys_clone3+0x376/0x3a0
[ 2365.904550][T21116]  ? __ia32_sys_clone+0x290/0x290
[ 2365.909405][T21116]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2365.914526][T21116]  ? __traceiter_sys_enter+0x2a/0x40
[ 2365.919642][T21116]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2365.925546][T21116]  do_syscall_64+0x3d/0xb0
[ 2365.929796][T21116]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2365.935612][T21116] RIP: 0033:0x7f9d5f592da9
[ 2365.939866][T21116] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2365.959305][T21116] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2365.967551][T21116] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2365.975361][T21116] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2365.983185][T21116] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:18 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={<r4=>0x0, @initdev, @dev}, &(0x7f0000000440)=0xc)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x3, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1c, 0x11, &(0x7f00000002c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}, @call={0x85, 0x0, 0x0, 0xb1}, @exit, @alu={0x4, 0x0, 0x2, 0x6, 0x1, 0x1}, @ldst={0x1, 0x1, 0x6, 0x6, 0x5, 0x18, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x0, 0x4, 0x1, 0x80, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x5, 0x8, 0xa, 0x1, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000000)='GPL\x00', 0x5ff, 0x98, &(0x7f0000000380)=""/152, 0x41000, 0x40, '\x00', r4, 0x8, r5, 0x8, &(0x7f00000004c0)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r1, 0x7, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r2, r0], &(0x7f0000000580)=[{0x1, 0x5, 0x5, 0xa}, {0x5, 0x1, 0xe}, {0x2, 0x5, 0xf}, {0x4, 0x1, 0xd}, {0x2, 0x2, 0x2, 0x4}, {0x2, 0x2, 0xc, 0x8}, {0x3, 0x5, 0x2, 0x6}], 0x10, 0x80000000}, 0x90)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @initdev, @dev}, &(0x7f0000000440)=0xc) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x3}, 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1c, 0x11, &(0x7f00000002c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}, @call={0x85, 0x0, 0x0, 0xb1}, @exit, @alu={0x4, 0x0, 0x2, 0x6, 0x1, 0x1}, @ldst={0x1, 0x1, 0x6, 0x6, 0x5, 0x18, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x0, 0x4, 0x1, 0x80, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x5, 0x8, 0xa, 0x1, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000000)='GPL\x00', 0x5ff, 0x98, &(0x7f0000000380)=""/152, 0x41000, 0x40, '\x00', r4, 0x8, r5, 0x8, &(0x7f00000004c0)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r1, 0x7, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r2, r0], &(0x7f0000000580)=[{0x1, 0x5, 0x5, 0xa}, {0x5, 0x1, 0xe}, {0x2, 0x5, 0xf}, {0x4, 0x1, 0xd}, {0x2, 0x2, 0x2, 0x4}, {0x2, 0x2, 0xc, 0x8}, {0x3, 0x5, 0x2, 0x6}], 0x10, 0x80000000}, 0x90) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0) (async)

03:36:18 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async, rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 32)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="d59950658f8623b2301609bf7e68752600db5efa00a7f6cf8841f6add97647695634912ffc11ceb7b56823f38dd49f29bf6d4b525b652c78802145287d5ce88cd7fadc82e3152aab329c4e48b7c21df7fd7ed7e5a294ec4da3db6a557d6135cba7406ab76bde4cdf8c4b750f29ed2cb3227999c8cb07b848ea9690e36c6a1a4fc561f81709af720153ef652b472549d4c2041767b8a5f915ef70e0b073efd6dc25d8700a675500b1c503ab9eda7a35d6c79a2ab36a005b104eda096c9f5dff8b61eb0b8012cce4cddb376d110f2191b0236d437c1bc8ff32fe2dcd87e96a95350c83b113d8a68f9b40df47a3ae60c11425f1049ae3041a8fb41acd1a3d9bcaaeaed8c22d285b3165eabe72b38ce07d000aab5f9dd108f01aa930c27b2f771dc5ef0bfc8de482fbccc6fcedabb65ec42378fdec6983484bec2b22734b286405edd9962ab0f726514b18b5ab5be78afd30d43eb0013d23dbe3909d6efe4fc07440e1ef806e3c781f19dd3f42fe750fafddfc72e07a46f6e89d5bd27b92efe21bdf48105c9dea87020598facfd9f63e1167"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async, rerun: 32)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:18 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x4)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0xffffffffffffff59)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@empty}, @in=@remote, {@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@remote}}}}, 0x128}}, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYRESHEX=r3, @ANYRES8=r3], 0x2000011a)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

03:36:18 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19)

03:36:18 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0029d9499d4cfe8fe950e93a00000000000000b708000000020000000000000000000000a200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6_vti0\x00', <r4=>0x0, 0x2f, 0x8f, 0xfe, 0x7, 0x40, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x17}}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x7800, 0x6}})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000800)=""/4096, 0x1000, <r6=>0x0, &(0x7f0000000540)=""/200, 0xc8}}, 0x10)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0xffffffffffffffff, 0x9, 0x8}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0xc, 0x3, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x3}, @generic={0x0, 0x2, 0x4, 0x0, 0x7f}], &(0x7f0000000040)='GPL\x00', 0xf92, 0xe5, &(0x7f00000002c0)=""/229, 0x41100, 0x50, '\x00', r4, 0x19, r5, 0x8, &(0x7f00000004c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x1, 0x1, 0x10000}, 0x10, r6, r1, 0x5, &(0x7f0000000700)=[r7, r0], &(0x7f0000000740)=[{0x1, 0x4, 0x6, 0x5}, {0x3, 0x4, 0xb, 0x5}, {0x5, 0x5, 0xb, 0x3}, {0x0, 0x2, 0x6, 0x3}, {0x3, 0x5, 0x2, 0x2}], 0x10, 0x8}, 0x90)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

[ 2365.990989][T21116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2365.998799][T21116] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2366.006622][T21116]  </TASK>
03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x4) (async)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0xffffffffffffff59) (async, rerun: 64)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 64)
sendmsg$nl_xfrm(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@empty}, @in=@remote, {@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@remote}}}}, 0x128}}, 0x0) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYRESHEX=r3, @ANYRES8=r3], 0x2000011a)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

03:36:19 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x4) (async)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0xffffffffffffff59) (async)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@empty}, @in=@remote, {@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@remote}}}}, 0x128}}, 0x0) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYRESHEX=r3, @ANYRES8=r3], 0x2000011a) (async)
splice(r3, 0x0, r2, 0x0, 0x4ff9c, 0x0)

[ 2366.066750][T21292] FAULT_INJECTION: forcing a failure.
[ 2366.066750][T21292] name failslab, interval 1, probability 0, space 0, times 0
[ 2366.084391][T21292] CPU: 0 PID: 21292 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2366.094559][T21292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2366.104454][T21292] Call Trace:
[ 2366.107575][T21292]  <TASK>
[ 2366.110354][T21292]  dump_stack_lvl+0x151/0x1b7
03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x4, 0x2)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
socket(0x2b, 0x1, 0x6)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/timer_list\x00', 0x0, 0x0)
read$ptp(r2, &(0x7f0000000100)=""/4096, 0x1000)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
preadv(r2, &(0x7f00000027c0), 0x0, 0x9e90, 0x80000)
read$ptp(r2, &(0x7f0000000400)=""/4096, 0x1000)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000080)={0x3, 'ipvlan1\x00', {0x3}, 0xc41})
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2366.114871][T21292]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2366.120339][T21292]  dump_stack+0x15/0x17
[ 2366.124331][T21292]  should_fail+0x3c6/0x510
[ 2366.128581][T21292]  __should_failslab+0xa4/0xe0
[ 2366.133180][T21292]  ? anon_vma_fork+0x1df/0x4e0
[ 2366.137781][T21292]  should_failslab+0x9/0x20
[ 2366.142123][T21292]  slab_pre_alloc_hook+0x37/0xd0
[ 2366.146892][T21292]  ? anon_vma_fork+0x1df/0x4e0
[ 2366.151495][T21292]  kmem_cache_alloc+0x44/0x200
[ 2366.156098][T21292]  anon_vma_fork+0x1df/0x4e0
[ 2366.160529][T21292]  copy_mm+0xa3a/0x13e0
03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x4, 0x2) (async)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
socket(0x2b, 0x1, 0x6)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/timer_list\x00', 0x0, 0x0)
read$ptp(r2, &(0x7f0000000100)=""/4096, 0x1000) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
preadv(r2, &(0x7f00000027c0), 0x0, 0x9e90, 0x80000) (async)
read$ptp(r2, &(0x7f0000000400)=""/4096, 0x1000)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000080)={0x3, 'ipvlan1\x00', {0x3}, 0xc41})
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2366.164518][T21292]  ? copy_signal+0x610/0x610
[ 2366.168946][T21292]  ? __init_rwsem+0xd6/0x1c0
[ 2366.173367][T21292]  ? copy_signal+0x4e3/0x610
[ 2366.177792][T21292]  copy_process+0x1149/0x3290
[ 2366.182314][T21292]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2366.187267][T21292]  ? copy_clone_args_from_user+0x744/0x830
[ 2366.192907][T21292]  kernel_clone+0x21e/0x9e0
[ 2366.197234][T21292]  ? __delayed_free_task+0x20/0x20
[ 2366.202181][T21292]  ? create_io_thread+0x1e0/0x1e0
[ 2366.207044][T21292]  __x64_sys_clone3+0x376/0x3a0
[ 2366.211731][T21292]  ? __ia32_sys_clone+0x290/0x290
03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket(0x1e, 0x1, 0x0) (async)
r1 = socket(0x1e, 0x1, 0x0)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x4, 0x2)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
socket(0x2b, 0x1, 0x6)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/timer_list\x00', 0x0, 0x0) (async)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/timer_list\x00', 0x0, 0x0)
read$ptp(r2, &(0x7f0000000100)=""/4096, 0x1000)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
preadv(r2, &(0x7f00000027c0), 0x0, 0x9e90, 0x80000) (async)
preadv(r2, &(0x7f00000027c0), 0x0, 0x9e90, 0x80000)
read$ptp(r2, &(0x7f0000000400)=""/4096, 0x1000) (async)
read$ptp(r2, &(0x7f0000000400)=""/4096, 0x1000)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000080)={0x3, 'ipvlan1\x00', {0x3}, 0xc41})
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2366.216596][T21292]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2366.221710][T21292]  ? __traceiter_sys_enter+0x2a/0x40
[ 2366.226833][T21292]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2366.232736][T21292]  do_syscall_64+0x3d/0xb0
[ 2366.236986][T21292]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2366.242710][T21292] RIP: 0033:0x7f9d5f592da9
[ 2366.246968][T21292] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:19 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x89a1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000900)=@gettaction={0x178, 0x32, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x268}}, {0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x20}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x30, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x14, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x24040004}, 0x1)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1ff, 0x3, 0xd000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000880), 0x591, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=<r10=>r9, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES8=r10, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:19 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0029d9499d4cfe8fe950e93a00000000000000b708000000020000000000000000000000a200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
r3 = socket$unix(0x1, 0x1, 0x0) (rerun: 64)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6_vti0\x00', <r4=>0x0, 0x2f, 0x8f, 0xfe, 0x7, 0x40, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x17}}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x7800, 0x6}}) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480)=0xffffffffffffffff, 0x4) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000800)=""/4096, 0x1000, <r6=>0x0, &(0x7f0000000540)=""/200, 0xc8}}, 0x10) (async, rerun: 32)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0xffffffffffffffff, 0x9, 0x8}, 0xc) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0xc, 0x3, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x3}, @generic={0x0, 0x2, 0x4, 0x0, 0x7f}], &(0x7f0000000040)='GPL\x00', 0xf92, 0xe5, &(0x7f00000002c0)=""/229, 0x41100, 0x50, '\x00', r4, 0x19, r5, 0x8, &(0x7f00000004c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x1, 0x1, 0x10000}, 0x10, r6, r1, 0x5, &(0x7f0000000700)=[r7, r0], &(0x7f0000000740)=[{0x1, 0x4, 0x6, 0x5}, {0x3, 0x4, 0xb, 0x5}, {0x5, 0x5, 0xb, 0x3}, {0x0, 0x2, 0x6, 0x3}, {0x3, 0x5, 0x2, 0x2}], 0x10, 0x8}, 0x90)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0xfffffffe}, 0x100000}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2366.266418][T21292] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2366.274663][T21292] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2366.282464][T21292] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2366.290276][T21292] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2366.298093][T21292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2366.305897][T21292] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2366.313721][T21292]  </TASK>
03:36:19 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0xfffffffe}, 0x100000}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c0f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0029d9499d4cfe8fe950e93a00000000000000b708000000020000000000000000000000a200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6_vti0\x00', <r4=>0x0, 0x2f, 0x8f, 0xfe, 0x7, 0x40, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x17}}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x7800, 0x6}})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000800)=""/4096, 0x1000, 0x0, &(0x7f0000000540)=""/200, 0xc8}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000800)=""/4096, 0x1000, <r6=>0x0, &(0x7f0000000540)=""/200, 0xc8}}, 0x10)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0xffffffffffffffff, 0x9, 0x8}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0xc, 0x3, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x3}, @generic={0x0, 0x2, 0x4, 0x0, 0x7f}], &(0x7f0000000040)='GPL\x00', 0xf92, 0xe5, &(0x7f00000002c0)=""/229, 0x41100, 0x50, '\x00', r4, 0x19, r5, 0x8, &(0x7f00000004c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x1, 0x1, 0x10000}, 0x10, r6, r1, 0x5, &(0x7f0000000700)=[r7, r0], &(0x7f0000000740)=[{0x1, 0x4, 0x6, 0x5}, {0x3, 0x4, 0xb, 0x5}, {0x5, 0x5, 0xb, 0x3}, {0x0, 0x2, 0x6, 0x3}, {0x3, 0x5, 0x2, 0x2}], 0x10, 0x8}, 0x90)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

[ 2366.355884][T21396] FAULT_INJECTION: forcing a failure.
[ 2366.355884][T21396] name failslab, interval 1, probability 0, space 0, times 0
[ 2366.374698][T21396] CPU: 0 PID: 21396 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2366.385825][T21396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2366.395711][T21396] Call Trace:
[ 2366.398832][T21396]  <TASK>
[ 2366.401612][T21396]  dump_stack_lvl+0x151/0x1b7
03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c10, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c11, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c12, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2366.406127][T21396]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2366.411591][T21396]  ? __kasan_kmalloc+0x9/0x10
[ 2366.416103][T21396]  ? alloc_fdtable+0xaf/0x2a0
[ 2366.420618][T21396]  ? dup_fd+0x759/0xb00
[ 2366.424609][T21396]  ? copy_files+0xe6/0x200
[ 2366.428864][T21396]  ? kernel_clone+0x21e/0x9e0
[ 2366.433374][T21396]  ? __x64_sys_clone3+0x376/0x3a0
[ 2366.438235][T21396]  ? do_syscall_64+0x3d/0xb0
[ 2366.442660][T21396]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2366.448571][T21396]  dump_stack+0x15/0x17
03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c13, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x1, 0x18}, 0xc)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1e, 0x1, 0x2, 0xfff, 0x2040, r3, 0x20, '\x00', 0x0, r4, 0x0, 0x4, 0x1}, 0x48)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
recvfrom$unix(r5, &(0x7f00000003c0)=""/210, 0xd2, 0x100, &(0x7f00000004c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r2, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r5, 0x0, 0x0)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c14, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2366.452562][T21396]  should_fail+0x3c6/0x510
[ 2366.456813][T21396]  __should_failslab+0xa4/0xe0
[ 2366.461412][T21396]  should_failslab+0x9/0x20
[ 2366.465753][T21396]  slab_pre_alloc_hook+0x37/0xd0
[ 2366.470528][T21396]  __kmalloc+0x6d/0x270
[ 2366.474517][T21396]  ? kvmalloc_node+0x1f0/0x4d0
[ 2366.479117][T21396]  kvmalloc_node+0x1f0/0x4d0
[ 2366.483545][T21396]  ? vm_mmap+0xb0/0xb0
[ 2366.487451][T21396]  ? __kasan_kmalloc+0x9/0x10
[ 2366.492131][T21396]  ? kmem_cache_alloc_trace+0x115/0x210
[ 2366.497516][T21396]  ? alloc_fdtable+0xaf/0x2a0
[ 2366.502027][T21396]  alloc_fdtable+0xeb/0x2a0
[ 2366.506365][T21396]  dup_fd+0x759/0xb00
[ 2366.510188][T21396]  ? avc_has_perm+0x16f/0x260
[ 2366.514700][T21396]  copy_files+0xe6/0x200
[ 2366.518777][T21396]  ? perf_event_attrs+0x30/0x30
[ 2366.523464][T21396]  ? dup_task_struct+0xc60/0xc60
[ 2366.528238][T21396]  ? security_task_alloc+0xf9/0x130
[ 2366.533271][T21396]  copy_process+0x1080/0x3290
[ 2366.537792][T21396]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2366.542732][T21396]  ? copy_clone_args_from_user+0x744/0x830
[ 2366.548381][T21396]  kernel_clone+0x21e/0x9e0
[ 2366.552711][T21396]  ? __delayed_free_task+0x20/0x20
[ 2366.557661][T21396]  ? create_io_thread+0x1e0/0x1e0
[ 2366.562523][T21396]  __x64_sys_clone3+0x376/0x3a0
[ 2366.567208][T21396]  ? __ia32_sys_clone+0x290/0x290
[ 2366.572072][T21396]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2366.577187][T21396]  ? __traceiter_sys_enter+0x2a/0x40
[ 2366.582309][T21396]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2366.588211][T21396]  do_syscall_64+0x3d/0xb0
[ 2366.592469][T21396]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2366.598192][T21396] RIP: 0033:0x7f9d5f592da9
[ 2366.602444][T21396] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2366.621887][T21396] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2366.630133][T21396] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2366.637953][T21396] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2366.645872][T21396] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket(0x1e, 0x1, 0x0) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0xfffffffe}, 0x100000}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:19 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21)

03:36:19 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x8}, {0xfffffff7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000240))
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @pic={0x0, 0x80, 0x0, 0xff}})
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000040))
splice(r3, 0x0, r0, 0x0, 0x4ff9c, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'})
setsockopt$sock_int(r5, 0x1, 0x1d, &(0x7f0000000180)=0x8, 0x4)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c15, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2366.653672][T21396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2366.661482][T21396] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2366.669300][T21396]  </TASK>
[ 2366.703469][T21427] FAULT_INJECTION: forcing a failure.
[ 2366.703469][T21427] name failslab, interval 1, probability 0, space 0, times 0
[ 2366.716076][T21427] CPU: 1 PID: 21427 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2366.726407][T21427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2366.736298][T21427] Call Trace:
[ 2366.739433][T21427]  <TASK>
[ 2366.742204][T21427]  dump_stack_lvl+0x151/0x1b7
[ 2366.746715][T21427]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2366.752306][T21427]  ? __kasan_kmalloc+0x9/0x10
[ 2366.756821][T21427]  ? alloc_fdtable+0xaf/0x2a0
[ 2366.761331][T21427]  ? dup_fd+0x759/0xb00
[ 2366.765319][T21427]  ? copy_files+0xe6/0x200
[ 2366.769577][T21427]  ? kernel_clone+0x21e/0x9e0
[ 2366.774086][T21427]  ? __x64_sys_clone3+0x376/0x3a0
[ 2366.778947][T21427]  ? do_syscall_64+0x3d/0xb0
[ 2366.783379][T21427]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2366.789285][T21427]  dump_stack+0x15/0x17
[ 2366.793285][T21427]  should_fail+0x3c6/0x510
[ 2366.797524][T21427]  __should_failslab+0xa4/0xe0
[ 2366.802122][T21427]  should_failslab+0x9/0x20
[ 2366.806460][T21427]  slab_pre_alloc_hook+0x37/0xd0
[ 2366.811241][T21427]  __kmalloc+0x6d/0x270
[ 2366.815226][T21427]  ? kvmalloc_node+0x1f0/0x4d0
[ 2366.819832][T21427]  kvmalloc_node+0x1f0/0x4d0
[ 2366.824256][T21427]  ? vm_mmap+0xb0/0xb0
[ 2366.828243][T21427]  ? __kasan_kmalloc+0x9/0x10
[ 2366.832759][T21427]  ? kmem_cache_alloc_trace+0x115/0x210
[ 2366.838138][T21427]  ? alloc_fdtable+0xaf/0x2a0
[ 2366.842652][T21427]  alloc_fdtable+0xeb/0x2a0
[ 2366.846995][T21427]  dup_fd+0x759/0xb00
[ 2366.850808][T21427]  ? avc_has_perm+0x16f/0x260
[ 2366.855337][T21427]  copy_files+0xe6/0x200
[ 2366.859400][T21427]  ? perf_event_attrs+0x30/0x30
[ 2366.864088][T21427]  ? dup_task_struct+0xc60/0xc60
[ 2366.868866][T21427]  ? security_task_alloc+0xf9/0x130
[ 2366.873896][T21427]  copy_process+0x1080/0x3290
[ 2366.878420][T21427]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2366.883357][T21427]  ? copy_clone_args_from_user+0x744/0x830
[ 2366.888998][T21427]  kernel_clone+0x21e/0x9e0
[ 2366.893338][T21427]  ? __delayed_free_task+0x20/0x20
[ 2366.898285][T21427]  ? create_io_thread+0x1e0/0x1e0
[ 2366.903146][T21427]  __x64_sys_clone3+0x376/0x3a0
[ 2366.907846][T21427]  ? __ia32_sys_clone+0x290/0x290
[ 2366.912701][T21427]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2366.917815][T21427]  ? __traceiter_sys_enter+0x2a/0x40
[ 2366.922935][T21427]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2366.928843][T21427]  do_syscall_64+0x3d/0xb0
[ 2366.933090][T21427]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2366.938818][T21427] RIP: 0033:0x7f9d5f592da9
[ 2366.943085][T21427] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2366.962520][T21427] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2366.970758][T21427] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2366.978568][T21427] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2366.986382][T21427] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2366.994192][T21427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:19 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x1, 0x18}, 0xc)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1e, 0x1, 0x2, 0xfff, 0x2040, r3, 0x20, '\x00', 0x0, r4, 0x0, 0x4, 0x1}, 0x48)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
recvfrom$unix(r5, &(0x7f00000003c0)=""/210, 0xd2, 0x100, &(0x7f00000004c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r2, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x1, 0x18}, 0xc) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1e, 0x1, 0x2, 0xfff, 0x2040, r3, 0x20, '\x00', 0x0, r4, 0x0, 0x4, 0x1}, 0x48) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
recvfrom$unix(r5, &(0x7f00000003c0)=""/210, 0xd2, 0x100, &(0x7f00000004c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r5, 0x0) (async)
connect$unix(r2, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r5, 0x0, 0x0) (async)

03:36:19 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c16, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socket(0x11, 0x3, 0x0) (async)
r1 = socket(0x11, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x89a1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000900)=@gettaction={0x178, 0x32, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x268}}, {0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x20}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x30, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x14, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x24040004}, 0x1)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1ff, 0x3, 0xd000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000880), 0x591, 0x8000) (async)
syz_open_dev$mouse(&(0x7f0000000880), 0x591, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r5], 0x100000530) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=<r10=>r9, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, 0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES8=r10, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:19 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22)

[ 2367.002001][T21427] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2367.009831][T21427]  </TASK>
[ 2367.035595][T21564] FAULT_INJECTION: forcing a failure.
[ 2367.035595][T21564] name fail_page_alloc, interval 1, probability 0, space 0, times 0
03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c17, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:20 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x8}, {0xfffffff7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000240))
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @pic={0x0, 0x80, 0x0, 0xff}})
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000040))
splice(r3, 0x0, r0, 0x0, 0x4ff9c, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'})
setsockopt$sock_int(r5, 0x1, 0x1d, &(0x7f0000000180)=0x8, 0x4) (async)
setsockopt$sock_int(r5, 0x1, 0x1d, &(0x7f0000000180)=0x8, 0x4)

03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c18, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2367.051854][T21564] CPU: 1 PID: 21564 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2367.062024][T21564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2367.071964][T21564] Call Trace:
[ 2367.075042][T21564]  <TASK>
[ 2367.077825][T21564]  dump_stack_lvl+0x151/0x1b7
[ 2367.082334][T21564]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2367.087806][T21564]  dump_stack+0x15/0x17
[ 2367.091796][T21564]  should_fail+0x3c6/0x510
[ 2367.096058][T21564]  should_fail_alloc_page+0x5a/0x80
[ 2367.101173][T21564]  prepare_alloc_pages+0x15c/0x700
[ 2367.106119][T21564]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2367.111155][T21564]  __alloc_pages+0x18c/0x8f0
[ 2367.115577][T21564]  ? prep_new_page+0x110/0x110
[ 2367.120173][T21564]  ? __alloc_pages+0x27e/0x8f0
[ 2367.124777][T21564]  ? __kasan_check_write+0x14/0x20
[ 2367.129720][T21564]  ? _raw_spin_lock+0xa4/0x1b0
[ 2367.134320][T21564]  pte_alloc_one+0x73/0x1b0
[ 2367.138662][T21564]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2367.143698][T21564]  ? __pmd_alloc+0x48d/0x550
[ 2367.148129][T21564]  __pte_alloc+0x86/0x350
[ 2367.152288][T21564]  ? __pud_alloc+0x260/0x260
[ 2367.156715][T21564]  ? __pud_alloc+0x213/0x260
[ 2367.161140][T21564]  ? free_pgtables+0x280/0x280
[ 2367.165743][T21564]  ? do_handle_mm_fault+0x2330/0x2330
[ 2367.170952][T21564]  ? __stack_depot_save+0x34/0x470
[ 2367.175890][T21564]  ? anon_vma_clone+0x9a/0x500
[ 2367.180498][T21564]  copy_page_range+0x28a8/0x2f90
[ 2367.185264][T21564]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2367.190126][T21564]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2367.195250][T21564]  ? kernel_clone+0x21e/0x9e0
[ 2367.199758][T21564]  ? do_syscall_64+0x3d/0xb0
[ 2367.204188][T21564]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2367.210096][T21564]  ? pfn_valid+0x1e0/0x1e0
[ 2367.214340][T21564]  ? rwsem_write_trylock+0x15b/0x290
[ 2367.219460][T21564]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2367.225715][T21564]  copy_mm+0xc7e/0x13e0
[ 2367.229704][T21564]  ? copy_signal+0x610/0x610
[ 2367.234128][T21564]  ? __init_rwsem+0xd6/0x1c0
[ 2367.238554][T21564]  ? copy_signal+0x4e3/0x610
[ 2367.242981][T21564]  copy_process+0x1149/0x3290
[ 2367.247500][T21564]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2367.252444][T21564]  ? copy_clone_args_from_user+0x744/0x830
[ 2367.258087][T21564]  kernel_clone+0x21e/0x9e0
[ 2367.262435][T21564]  ? __delayed_free_task+0x20/0x20
[ 2367.267375][T21564]  ? create_io_thread+0x1e0/0x1e0
[ 2367.272233][T21564]  __x64_sys_clone3+0x376/0x3a0
[ 2367.276916][T21564]  ? __ia32_sys_clone+0x290/0x290
[ 2367.281781][T21564]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2367.286897][T21564]  ? __traceiter_sys_enter+0x2a/0x40
[ 2367.292019][T21564]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2367.297925][T21564]  do_syscall_64+0x3d/0xb0
[ 2367.302173][T21564]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2367.307906][T21564] RIP: 0033:0x7f9d5f592da9
[ 2367.312156][T21564] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2367.331600][T21564] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2367.339841][T21564] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2367.347655][T21564] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:20 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23)

03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c19, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:20 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x1, 0x18}, 0xc)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1e, 0x1, 0x2, 0xfff, 0x2040, r3, 0x20, '\x00', 0x0, r4, 0x0, 0x4, 0x1}, 0x48)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
recvfrom$unix(r5, &(0x7f00000003c0)=""/210, 0xd2, 0x100, &(0x7f00000004c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r2, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x1, 0x18}, 0xc) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1e, 0x1, 0x2, 0xfff, 0x2040, r3, 0x20, '\x00', 0x0, r4, 0x0, 0x4, 0x1}, 0x48) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
recvfrom$unix(r5, &(0x7f00000003c0)=""/210, 0xd2, 0x100, &(0x7f00000004c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r5, 0x0) (async)
connect$unix(r2, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r5, 0x0, 0x0) (async)

03:36:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x89a1, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000900)=@gettaction={0x178, 0x32, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x268}}, {0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x20}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x30, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x14, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x24040004}, 0x1) (async)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1ff, 0x3, 0xd000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000880), 0x591, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=<r10=>r9, @ANYRES16=r5], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES8=r10, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2367.355466][T21564] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2367.363277][T21564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2367.371087][T21564] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2367.378907][T21564]  </TASK>
[ 2367.420352][T21698] FAULT_INJECTION: forcing a failure.
[ 2367.420352][T21698] name failslab, interval 1, probability 0, space 0, times 0
[ 2367.433501][T21698] CPU: 0 PID: 21698 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2367.443912][T21698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2367.453809][T21698] Call Trace:
[ 2367.456933][T21698]  <TASK>
[ 2367.459709][T21698]  dump_stack_lvl+0x151/0x1b7
[ 2367.464227][T21698]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2367.469689][T21698]  dump_stack+0x15/0x17
[ 2367.474432][T21698]  should_fail+0x3c6/0x510
[ 2367.478690][T21698]  __should_failslab+0xa4/0xe0
[ 2367.483284][T21698]  ? copy_sighand+0x54/0x250
[ 2367.487707][T21698]  should_failslab+0x9/0x20
[ 2367.492049][T21698]  slab_pre_alloc_hook+0x37/0xd0
[ 2367.496823][T21698]  ? copy_sighand+0x54/0x250
[ 2367.501248][T21698]  kmem_cache_alloc+0x44/0x200
[ 2367.505855][T21698]  copy_sighand+0x54/0x250
[ 2367.510100][T21698]  copy_process+0x10d6/0x3290
[ 2367.514617][T21698]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2367.519562][T21698]  ? copy_clone_args_from_user+0x744/0x830
[ 2367.525201][T21698]  kernel_clone+0x21e/0x9e0
[ 2367.529629][T21698]  ? __delayed_free_task+0x20/0x20
[ 2367.534577][T21698]  ? create_io_thread+0x1e0/0x1e0
[ 2367.539451][T21698]  __x64_sys_clone3+0x376/0x3a0
[ 2367.544129][T21698]  ? __ia32_sys_clone+0x290/0x290
[ 2367.548989][T21698]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2367.556189][T21698]  ? __traceiter_sys_enter+0x2a/0x40
[ 2367.561373][T21698]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2367.567211][T21698]  do_syscall_64+0x3d/0xb0
[ 2367.571466][T21698]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2367.577192][T21698] RIP: 0033:0x7f9d5f592da9
[ 2367.581446][T21698] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2367.600885][T21698] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2367.609135][T21698] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
sendto$inet(0xffffffffffffffff, &(0x7f0000000900)="8acd9a4c9027cac5e3339b4454aa3388eca65cfaa43f672074a1f48d62b0d4b2edcde59f0bd65518c2bbc0aede6c372bb5301c3464324995d30d02c4baa1828c8339547e089765c00472735a3d3d960a680cc10ba6e85b15fdee7b5d3cb57f295d882f6be73c1611da608c961a2dcfbe37f437a3adf2907dfc1a82961428d0f610d8e1c7f5c0eaec9fbeb6f721d16534980c0f9137125f5f2fbf62fbe5169860cbc6e97841dcfcef8572d9c94e5b0abc49395185636694fa39c6590af81116e9ffb7a4418384edc1da0fe6ab9918038fafa8f13a939ebb82b78d3088d2d51aba457a2e4a465ff93548370436724abdf01f3c1b3b183df1efea4756f0214a56bed42fd6e8595db6078fd9f0fd344d8cae30baec42184d69fc4fec26d71bee5098c52785ca0651775d8bb1a64bea1490f330affb039539395207e8a275bd17a8e325b716bbbcaf2d4636a32ab193fb96a43817e80ea51a45505c101c5cdca5df99ac0b482ad0b33541a3d06bb518715c0fcf6ede0496f4a4d66cb108eb1700301bac3148bb913fe57611019e17914d4b6aecdd8de4a79c37795955c2e2af8a0b3c4f2a7be1ec7cfdf25ded440300cc2e10f4dcaf586a08bb4b2bd96de532e38c01fa75989235194f7a337a335c5942a86a7587e5cf219eeecd31d23886f7b6e6fb1cced539a208f26d0ad56450cbd2707d0552ba082d7b5ca2f5f15c99ecdb0c3bff264eeba979e86ee3a7e9f6396256eb65ff5a6a085b6944a5948a3e2b256ad5facf11b66a7b2f6fbca5041cd0a700cb02b5e2b1951e5b2cd361c47cbd14af84f9f8cc44ac9102663029189be92a9b66636d5ba378d90883916cfee915f8d82172d26479356fe02883f8547106102dcb400806ed6937d3a9e2975ecd65ed234addb40ee9dbec0c67912d5fe6584f2ce64bc865aceedad4b88414c658b813dacea4405b957b0d5c3bebcdaf002046957449103521c94891fae0d94a80b980f68b9823489795811996abb770871302a1c4f632194685c6964c95b61147842939b842574fdb900c8b8d8be7c95a585dea7f072b600c4b0168212c6dd14a6664333c43eecbfce4296ae114cebaaaf4f698567451acb1523e7321343db1e1084f4c55a20941ddeff61d44538c4023562fb41a7eec0aa55526fde7fded2dd7f1ea624646300028108f54a363d89836c67a05cec11534e5829d80edad861a3ae53fe86f953955b5002ee1975d81693336a2a708db5f157dc69f6b3015aacf706057a9f2f3c6d30d3ee0945e5b89e249e2f6e054f9d9b8a423153e135034a21dfd0032519d6283215b1b200a5bafc559544fb812e68c4f00b0c15db94b08298ca500e04280923a06d4fe8934cb4c8e63f2168fc5fa7628df8b3a578647b3a38787441e4ef53eeeaa856a3da84e33cea395d0932595d03bf677c786e4e34eca79e5649a3aa9820c4c8849f3c60f7170d11795742718f3473604a07595bb81b4ed8e81f892cb0ce3e2caa2b8a79c67990a24b0b9c2dd88d9637cddc44e168c1237d93c2ad1e85326acad479408bc613df9aa6268679900392da46d314a95c0718511d3b504f50f00de5f6a0c6495967d539d3b2a4e6ff0a45e106a72872be7c09559a177a2d8ed1580f8f60e28d51ac79f186022aba8d577682c9a0d68c01f059f5d927ada4dc51d6435267b6e3d68cf8b48986695bff905fcfb639eb2765a98db522c702ae54b05857091e9e1b19f7a309cd2cc204a867fa43da8a86bcc2a1af45015606d7a086003cb98a1e9b3a69afbd6b32a69175beadc845922c1bc148c86b66f9e3866f165b703d40272b1924eebbf7ad8e34adfa4d5941a44d49f5af22a520d200c4a618addb71d36214d2b09c7f03046eec5e55369a860ee4d5eaeaf1e345d69fc192d63696f076b4f36e0e66b94c4bb31fc485f71ad1669c0758daca45ddd9eab5664fc1d570e4e46184f6a657ba9292a55a2c0521cd38c40a1467885a2e991cd57b0cd93552eafc6136b0a16c40dbbf58fe3926aa6f6dd0c1503f2b88a7aa769dca8fe87f7803e71405855cb1a62603cef81ab9f02b61429f557a3b5ca3008fccf14ae062bddfbfb34e08ecf7efa354b89fac8cc24dbc1ff8b800fda8746c4bfe71d93be85d20703f5ae73fcea316a594632ac84190aacf11d56c497fc0805c8cc9a7d46f7a4647e71826de0d66f8185c4b5f21678618e4d7bdb1ef4eb9fbc587685e579d41e4f0f202ebee440e2d21a83734016170fa37dd4f1b2900c0e7e3c2cb38fd8d3e6083d812c5144eec883ffcc5423db31f6ec4e9e0059cbcf2ffe65b40995e8baa1dc7832e65fc339d105b79f9e9b01bdcca40ac8cd3df8e7733cf53739848bf4d47a29a73b519d365cab6f5631134a71197cc65226a3e453eedfa449b58f40b13aff996e53fc9c1bf2e2406915d5a2f429cad331b1dd679fd067564bf05f0a0a0e1ba9c072aa41f1f57f77ed7372bf709e6427e3f475e770f59c0d389f7ac1c2330497195220273baaf26c945e86bf59933ac723fa4ed18e650cb71f6397e2aa9479e95aede20c30639ec4c1d29779aa9657dad9095dc00c479a66d0ca3b62a862423fedf50cbbc6b7c007dff62a22217d8a1b3a3a220ef9a14f4d23e3760cafb9f857246fec884436789698178f1332f6a8c5510db308b38d00eaf0320c27b033689ee1edeb1946a813494459df2a02fe757cd32411b1d05ade50182a7b521ef4edf235d1952d292d6201da8aa22debe322d9d7565985fb9f59c59db99a8352dd69b3a6389138a80f20dbeda8263d561bfb74271af75a7ab99e39a566332db1436fe3239c165911c8fabdf90c437cde964ebdef39f84d2a83c3d728bb07c8ed1f647892ee0b39f52beb2cf1cb0a21b79f3f1a9a0c0baaa2e313cf1592e67e3f97047a2078c66934efa1fc38cb039999bebe6e40fea2ad3d395f6dd870d8c256a5928bba67d8dbba4193236199965f3e6a61cec0fdd093018b76a72572b5aff429807fcaae370d4064fb9580cf6790165bab15aee807e99149ff4431155d86b896741947bfee8a773513c59fe34984883e81e37affe1d7b9020089ce29d2b448520e95aa91085194a37561c358409362c271c2e3e862a13ca8698eb469637614f420a306289b484e7e9f261ac095cb793e2c07b300046067a774d5e58290e1de33942d5b87de312c7f703dd74167f1f9554e37b06095fecd4dbd31f67d97385159bff6f841d62eaad6f319083c0579e16ae5b69e35d25e28d4d034e1810bbc5cb639ad6d97a8269c84247de4eb35dba7096a352bfee065399b46edec98d60da8b4677ee1eb3f94a2bcb14ce14b304960bbcc757f2f4f49d1574fcbc3dc5a589242017b20e1250c3ef3f70b06ab310e432ff1a47a197fc6724c1b1af917b212258f44050390f5374c2f0ec016c88f081d0f714e23a47ffad1119be38fda45f1e6cb7e6fd886baa78e790ae080f84cf431d26e49cfcca002f3e3f198443a65ef4c5a1a9631d071a7d8b43e01a6447d966cbcb972b1ba314ed64e688f5826e845ffe1dc0df49f1a4a097af0b82ec4ac93e054af67526c38af8b0acf8867539486e5e7488308458ebe2b2f4f98bc99ab831b7332964d52c7d1ce039b90d3a2bf57564a1d8cef306e7b6e48b0bddc08be61d7582b60c865f223df3abdcae31818e61f17ed8dd24257f12e33583ff92f14b4a4f77257b7d9386a186693d908e8131d69c4335f638a694475bd834197cdfe11f8d25c9c872c8bc7ef52c20d9dec2a70a547a9111d4182b3b6144854e6fcb14cd1e3fe8504a63d3271ac9de631ef8ae5aeaf9a2cb5fc803a3c6435fd7d253a845b47993e6ca91abc3305212f5235a8411db25139f707dae066ee797168acca7c4bf870c87f38b902f0d7f96f1703cb352de1d500319f44a883e9140872a2aa718380c4560cd577d34d0a04bfe20178f5e5efe959f95abecd52006c92e1a8e7f64856a92b6c6be7cb6695be04021f0fbf773c1739bfe89b15506d29b551686e38958352d18df391d522e21e953f6de99d946b8687e7a6961ea25078940b4b09113b6d4e9dee6740243eec654ebd9168660d63ed6a988e08e2400b7f9b160d62f5884e7bd29536e9911945f165c2a2895ac8317fca342f53284b13cfa7f8d2c8d27a107dd40ffda6bc4efc0235edbc0a5a003962df70433ae0ee22f97e326138eba17b251a5c054552928c30f9d9d77ecdc75dc2ba2092b558b02a1027db8343eb700f56cc5276cd4d2d820972891abfef0b90fd735874700632fe981037a70ce8459e2ff8a5b19a16ba1fcda3e3b893913c02f09ddcc77d054d57ea84b82ef5a9c75338b926995db1b04499b1cd4798335063eddbfcdd12bf7fa49764487fb57c7b31aec9f3f0377164b8fd82dc39ad6e1a72904771a73d9a50139b4d5aec00caf144d3d8f32055222972d9e0e89fd1eef884f157e37d256c548d8421e8691484d940fa3bbc5f5fd7e5dc9b523ed564b940a6db6b0203b157dac903ce6d810361b2f49248302652326309ddb3c010b9e7e9679e4f1667eed5f0a73cfc650270ae51729019b9a8ad524681fc0167467fa1b0d4da89a4c549bb0f16cdc7c6d7e9769f24fa4ae6ab59a4aa7338ae1405f4e8331920730dd52a836176d6ef6e3a6690d30915021996a6e1b2d0e5c9ffc28dba98e0cbe5f426ecd77af01c4ac91e3defd8d6415d46f783b00b6e863cb9616f135b198d30c1007ac4a029b5015d97c3e32bc12b6c14b6e003967914af6813b5e35d5132e0683899ba5a78c1702586ab31efdfc89d1ce87b8ba454d27d4ed2e1e6b9db9dcc33b2eea8239505ba88cf951a45a2af5dc2ca488c0212928741f7298bc0f179ba245775af450f92ecbbad0efa3c9277695e93d9d33af85f423c561e98cc387b7aeec645f583dc9ee8ffc921f45538058cb6578c2dc155f6fa8dcd687e123fdd29a8c28bee5ec61d120ec93b07f02ca770bf8d566300017b90695032b1a71fee2f7a39d4a5b87a1a3080dcd86ff8b0ee3070b491798064abc4ab789467ca35e9854554779403ac4f182b38ae2e35bdfa27ea3a787f63abe9f62147eb044d9b9061effc4f33db1b9662c0fc4de022b2e5dfa78e4da746a99c3e1b1d87ce74293484e084bc12022e894b5674fcfb828d4ad791034e54d9281ba529b817e733df7da5659aeec8e28ed88bac447ca93af295c46590649eecbc46d2012103e67e327dac3ad589c8309a77da07f773a5bd6fbb6cab5bc9d96843926e26681b286dcdd9e9109c2d29e6d545ba2f3c2110dc9f116f9b43e96e675cbc8687d0b81a794690e90adcc4e0bb4677de63a15142be0d7a9a89079971cbf9195be773827cadcc97a97370e4312c03d0e8116db2e5a639671e56cc6c38ae952ddb4039c4c2d7960005985f898120bd6011c61c27e6da5a4fa22ef3a6be1600adb65eaada5e030f479eed34f587953172b0ce0bbd8b2848e5770c49a0faa613c9aa68b4e580f94325f3b5d112af1d1d980a7982ad5bd8892c4e1a87666fe3e8f8890ee32f94db4d733efe7ddac944f673e4c366a8f0bd743cc39ce84bf93769ca92ec1b57d8c2c72256c5e05404c8a1bda46ac4042fa7a99f92621ad820414449dfeebcdad1f6ef5023a5441624512ab3b7f5d19a0a08366af6d28b27d17db953938c1023dbec7a6c442289eb0c046c1744561debfebd28a452b35268c6f34dcdb8d68d2d123437c79ff2feb7de805de6d409f66ebf0e2535f53c4c441e298c460c3f2f067e1d21b356e59bc2ef144c7e2ca5622e19fadd23b65c248c4bd717b7ed", 0x1000, 0x404c0c4, &(0x7f00000002c0)={0x2, 0x4e21, @empty}, 0x10)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x9}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bcf8736c84bd"], 0x18}}, 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', &(0x7f0000001900)={0x64400, 0x1, 0x13}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000700)='initcall_start\x00', r11}, 0x10)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)

03:36:20 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140)) (async)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x8}, {0xfffffff7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}) (async)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x8}, {0xfffffff7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000240)) (async)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000240))
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @pic={0x0, 0x80, 0x0, 0xff}})
socket(0x1e, 0x1, 0x0) (async)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[], 0x2000011a)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000040)) (async)
ioctl$int_in(r4, 0x5421, &(0x7f0000000040))
splice(r3, 0x0, r0, 0x0, 0x4ff9c, 0x0) (async)
splice(r3, 0x0, r0, 0x0, 0x4ff9c, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'})
setsockopt$sock_int(r5, 0x1, 0x1d, &(0x7f0000000180)=0x8, 0x4)

03:36:20 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321001e00ff0200000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000640)={0x0, 0x5, {0x3, @struct={0x1, 0xfff}, 0x0, 0x5, 0x6, 0x3, 0x5, 0xffff, 0x420, @usage=0x4, 0x2800000, 0x80, [0x2a, 0x2570c1e, 0x1, 0xffffffff00000000, 0x10001, 0x4]}, {0x4, @struct={0x8001, 0x5}, 0x0, 0x40, 0x8, 0x5, 0x827, 0x1, 0x480, @struct={0x2, 0x800}, 0x0, 0x0, [0x2, 0x1ff, 0x4, 0xa4fc, 0x5bb8, 0x7fffffffffffffff]}, {0xffff, @usage=0xaee, 0x0, 0x2, 0x80000000, 0x3, 0x81, 0x1, 0x42c, @struct={0x5b, 0x1000}, 0x3, 0x7, [0xfffffffffffffff9, 0x4c, 0x4, 0xfffffffffffffeff, 0x401, 0xf430]}, {0x4, 0xff, 0x1}})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c90de4fb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000003c2bdef529513c925a6f1d97de4de54a6ebf4927d647eedbeba7a0008c6bf5d37257d760c7dfe0caeb8816287b453008c8b60b5ae7a02273175b78a6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0), 0x0)
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x4, 0x0, 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f00000025c0), 0x4)
setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4)
sendto$inet6(r6, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r6, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r7=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7})
bpf$PROG_LOAD(0x5, &(0x7f0000003880)={0x28, 0x20, &(0x7f0000003500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x4, 0x0, 0xd, 0x0, 0x4, 0x341de92a81be384, 0x8}, @generic={0x1f, 0x4, 0x8, 0x8, 0x5}, @call={0x85, 0x0, 0x0, 0xa1}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x7}, @alu={0x4, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc, 0x4}, @ringbuf_query, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000003600)='GPL\x00', 0x6, 0xb3, &(0x7f0000003640)=""/179, 0x100, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000003700)={0xa, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x0, &(0x7f0000003800)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000003840), 0x10, 0x6}, 0x90)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r5}, 0x0, 0x0, @unused=[0x0, 0x0, 0x0, 0x60], @devid=r7})
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1})

03:36:20 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24)

03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2367.616941][T21698] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2367.624757][T21698] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2367.632567][T21698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2367.640377][T21698] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2367.648283][T21698]  </TASK>
[ 2367.696095][T21817] netlink: 'syz-executor.2': attribute type 30 has an invalid length.
[ 2367.696314][T21821] FAULT_INJECTION: forcing a failure.
[ 2367.696314][T21821] name failslab, interval 1, probability 0, space 0, times 0
[ 2367.717731][T21821] CPU: 1 PID: 21821 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2367.727881][T21821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2367.737859][T21821] Call Trace:
[ 2367.740989][T21821]  <TASK>
[ 2367.743766][T21821]  dump_stack_lvl+0x151/0x1b7
[ 2367.748284][T21821]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2367.753756][T21821]  dump_stack+0x15/0x17
[ 2367.757737][T21821]  should_fail+0x3c6/0x510
[ 2367.762076][T21821]  __should_failslab+0xa4/0xe0
[ 2367.766685][T21821]  ? copy_sighand+0x54/0x250
[ 2367.771110][T21821]  should_failslab+0x9/0x20
[ 2367.775442][T21821]  slab_pre_alloc_hook+0x37/0xd0
[ 2367.780302][T21821]  ? copy_sighand+0x54/0x250
[ 2367.784729][T21821]  kmem_cache_alloc+0x44/0x200
[ 2367.789338][T21821]  copy_sighand+0x54/0x250
[ 2367.793582][T21821]  copy_process+0x10d6/0x3290
[ 2367.798101][T21821]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2367.803044][T21821]  ? copy_clone_args_from_user+0x744/0x830
[ 2367.808684][T21821]  kernel_clone+0x21e/0x9e0
[ 2367.813023][T21821]  ? __delayed_free_task+0x20/0x20
[ 2367.817968][T21821]  ? create_io_thread+0x1e0/0x1e0
[ 2367.822830][T21821]  __x64_sys_clone3+0x376/0x3a0
[ 2367.827516][T21821]  ? __ia32_sys_clone+0x290/0x290
[ 2367.832381][T21821]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2367.837669][T21821]  ? __traceiter_sys_enter+0x2a/0x40
[ 2367.842791][T21821]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2367.848781][T21821]  do_syscall_64+0x3d/0xb0
[ 2367.853032][T21821]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2367.858759][T21821] RIP: 0033:0x7f9d5f592da9
[ 2367.863019][T21821] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2367.882458][T21821] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2367.890785][T21821] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2367.898599][T21821] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2367.906418][T21821] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2367.914226][T21821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2367.922036][T21821] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2367.929860][T21821]  </TASK>
03:36:20 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25)

03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2367.942724][T21817] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
03:36:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 64)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async, rerun: 64)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (rerun: 64)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 32)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
sendto$inet(0xffffffffffffffff, &(0x7f0000000900)="8acd9a4c9027cac5e3339b4454aa3388eca65cfaa43f672074a1f48d62b0d4b2edcde59f0bd65518c2bbc0aede6c372bb5301c3464324995d30d02c4baa1828c8339547e089765c00472735a3d3d960a680cc10ba6e85b15fdee7b5d3cb57f295d882f6be73c1611da608c961a2dcfbe37f437a3adf2907dfc1a82961428d0f610d8e1c7f5c0eaec9fbeb6f721d16534980c0f9137125f5f2fbf62fbe5169860cbc6e97841dcfcef8572d9c94e5b0abc49395185636694fa39c6590af81116e9ffb7a4418384edc1da0fe6ab9918038fafa8f13a939ebb82b78d3088d2d51aba457a2e4a465ff93548370436724abdf01f3c1b3b183df1efea4756f0214a56bed42fd6e8595db6078fd9f0fd344d8cae30baec42184d69fc4fec26d71bee5098c52785ca0651775d8bb1a64bea1490f330affb039539395207e8a275bd17a8e325b716bbbcaf2d4636a32ab193fb96a43817e80ea51a45505c101c5cdca5df99ac0b482ad0b33541a3d06bb518715c0fcf6ede0496f4a4d66cb108eb1700301bac3148bb913fe57611019e17914d4b6aecdd8de4a79c37795955c2e2af8a0b3c4f2a7be1ec7cfdf25ded440300cc2e10f4dcaf586a08bb4b2bd96de532e38c01fa75989235194f7a337a335c5942a86a7587e5cf219eeecd31d23886f7b6e6fb1cced539a208f26d0ad56450cbd2707d0552ba082d7b5ca2f5f15c99ecdb0c3bff264eeba979e86ee3a7e9f6396256eb65ff5a6a085b6944a5948a3e2b256ad5facf11b66a7b2f6fbca5041cd0a700cb02b5e2b1951e5b2cd361c47cbd14af84f9f8cc44ac9102663029189be92a9b66636d5ba378d90883916cfee915f8d82172d26479356fe02883f8547106102dcb400806ed6937d3a9e2975ecd65ed234addb40ee9dbec0c67912d5fe6584f2ce64bc865aceedad4b88414c658b813dacea4405b957b0d5c3bebcdaf002046957449103521c94891fae0d94a80b980f68b9823489795811996abb770871302a1c4f632194685c6964c95b61147842939b842574fdb900c8b8d8be7c95a585dea7f072b600c4b0168212c6dd14a6664333c43eecbfce4296ae114cebaaaf4f698567451acb1523e7321343db1e1084f4c55a20941ddeff61d44538c4023562fb41a7eec0aa55526fde7fded2dd7f1ea624646300028108f54a363d89836c67a05cec11534e5829d80edad861a3ae53fe86f953955b5002ee1975d81693336a2a708db5f157dc69f6b3015aacf706057a9f2f3c6d30d3ee0945e5b89e249e2f6e054f9d9b8a423153e135034a21dfd0032519d6283215b1b200a5bafc559544fb812e68c4f00b0c15db94b08298ca500e04280923a06d4fe8934cb4c8e63f2168fc5fa7628df8b3a578647b3a38787441e4ef53eeeaa856a3da84e33cea395d0932595d03bf677c786e4e34eca79e5649a3aa9820c4c8849f3c60f7170d11795742718f3473604a07595bb81b4ed8e81f892cb0ce3e2caa2b8a79c67990a24b0b9c2dd88d9637cddc44e168c1237d93c2ad1e85326acad479408bc613df9aa6268679900392da46d314a95c0718511d3b504f50f00de5f6a0c6495967d539d3b2a4e6ff0a45e106a72872be7c09559a177a2d8ed1580f8f60e28d51ac79f186022aba8d577682c9a0d68c01f059f5d927ada4dc51d6435267b6e3d68cf8b48986695bff905fcfb639eb2765a98db522c702ae54b05857091e9e1b19f7a309cd2cc204a867fa43da8a86bcc2a1af45015606d7a086003cb98a1e9b3a69afbd6b32a69175beadc845922c1bc148c86b66f9e3866f165b703d40272b1924eebbf7ad8e34adfa4d5941a44d49f5af22a520d200c4a618addb71d36214d2b09c7f03046eec5e55369a860ee4d5eaeaf1e345d69fc192d63696f076b4f36e0e66b94c4bb31fc485f71ad1669c0758daca45ddd9eab5664fc1d570e4e46184f6a657ba9292a55a2c0521cd38c40a1467885a2e991cd57b0cd93552eafc6136b0a16c40dbbf58fe3926aa6f6dd0c1503f2b88a7aa769dca8fe87f7803e71405855cb1a62603cef81ab9f02b61429f557a3b5ca3008fccf14ae062bddfbfb34e08ecf7efa354b89fac8cc24dbc1ff8b800fda8746c4bfe71d93be85d20703f5ae73fcea316a594632ac84190aacf11d56c497fc0805c8cc9a7d46f7a4647e71826de0d66f8185c4b5f21678618e4d7bdb1ef4eb9fbc587685e579d41e4f0f202ebee440e2d21a83734016170fa37dd4f1b2900c0e7e3c2cb38fd8d3e6083d812c5144eec883ffcc5423db31f6ec4e9e0059cbcf2ffe65b40995e8baa1dc7832e65fc339d105b79f9e9b01bdcca40ac8cd3df8e7733cf53739848bf4d47a29a73b519d365cab6f5631134a71197cc65226a3e453eedfa449b58f40b13aff996e53fc9c1bf2e2406915d5a2f429cad331b1dd679fd067564bf05f0a0a0e1ba9c072aa41f1f57f77ed7372bf709e6427e3f475e770f59c0d389f7ac1c2330497195220273baaf26c945e86bf59933ac723fa4ed18e650cb71f6397e2aa9479e95aede20c30639ec4c1d29779aa9657dad9095dc00c479a66d0ca3b62a862423fedf50cbbc6b7c007dff62a22217d8a1b3a3a220ef9a14f4d23e3760cafb9f857246fec884436789698178f1332f6a8c5510db308b38d00eaf0320c27b033689ee1edeb1946a813494459df2a02fe757cd32411b1d05ade50182a7b521ef4edf235d1952d292d6201da8aa22debe322d9d7565985fb9f59c59db99a8352dd69b3a6389138a80f20dbeda8263d561bfb74271af75a7ab99e39a566332db1436fe3239c165911c8fabdf90c437cde964ebdef39f84d2a83c3d728bb07c8ed1f647892ee0b39f52beb2cf1cb0a21b79f3f1a9a0c0baaa2e313cf1592e67e3f97047a2078c66934efa1fc38cb039999bebe6e40fea2ad3d395f6dd870d8c256a5928bba67d8dbba4193236199965f3e6a61cec0fdd093018b76a72572b5aff429807fcaae370d4064fb9580cf6790165bab15aee807e99149ff4431155d86b896741947bfee8a773513c59fe34984883e81e37affe1d7b9020089ce29d2b448520e95aa91085194a37561c358409362c271c2e3e862a13ca8698eb469637614f420a306289b484e7e9f261ac095cb793e2c07b300046067a774d5e58290e1de33942d5b87de312c7f703dd74167f1f9554e37b06095fecd4dbd31f67d97385159bff6f841d62eaad6f319083c0579e16ae5b69e35d25e28d4d034e1810bbc5cb639ad6d97a8269c84247de4eb35dba7096a352bfee065399b46edec98d60da8b4677ee1eb3f94a2bcb14ce14b304960bbcc757f2f4f49d1574fcbc3dc5a589242017b20e1250c3ef3f70b06ab310e432ff1a47a197fc6724c1b1af917b212258f44050390f5374c2f0ec016c88f081d0f714e23a47ffad1119be38fda45f1e6cb7e6fd886baa78e790ae080f84cf431d26e49cfcca002f3e3f198443a65ef4c5a1a9631d071a7d8b43e01a6447d966cbcb972b1ba314ed64e688f5826e845ffe1dc0df49f1a4a097af0b82ec4ac93e054af67526c38af8b0acf8867539486e5e7488308458ebe2b2f4f98bc99ab831b7332964d52c7d1ce039b90d3a2bf57564a1d8cef306e7b6e48b0bddc08be61d7582b60c865f223df3abdcae31818e61f17ed8dd24257f12e33583ff92f14b4a4f77257b7d9386a186693d908e8131d69c4335f638a694475bd834197cdfe11f8d25c9c872c8bc7ef52c20d9dec2a70a547a9111d4182b3b6144854e6fcb14cd1e3fe8504a63d3271ac9de631ef8ae5aeaf9a2cb5fc803a3c6435fd7d253a845b47993e6ca91abc3305212f5235a8411db25139f707dae066ee797168acca7c4bf870c87f38b902f0d7f96f1703cb352de1d500319f44a883e9140872a2aa718380c4560cd577d34d0a04bfe20178f5e5efe959f95abecd52006c92e1a8e7f64856a92b6c6be7cb6695be04021f0fbf773c1739bfe89b15506d29b551686e38958352d18df391d522e21e953f6de99d946b8687e7a6961ea25078940b4b09113b6d4e9dee6740243eec654ebd9168660d63ed6a988e08e2400b7f9b160d62f5884e7bd29536e9911945f165c2a2895ac8317fca342f53284b13cfa7f8d2c8d27a107dd40ffda6bc4efc0235edbc0a5a003962df70433ae0ee22f97e326138eba17b251a5c054552928c30f9d9d77ecdc75dc2ba2092b558b02a1027db8343eb700f56cc5276cd4d2d820972891abfef0b90fd735874700632fe981037a70ce8459e2ff8a5b19a16ba1fcda3e3b893913c02f09ddcc77d054d57ea84b82ef5a9c75338b926995db1b04499b1cd4798335063eddbfcdd12bf7fa49764487fb57c7b31aec9f3f0377164b8fd82dc39ad6e1a72904771a73d9a50139b4d5aec00caf144d3d8f32055222972d9e0e89fd1eef884f157e37d256c548d8421e8691484d940fa3bbc5f5fd7e5dc9b523ed564b940a6db6b0203b157dac903ce6d810361b2f49248302652326309ddb3c010b9e7e9679e4f1667eed5f0a73cfc650270ae51729019b9a8ad524681fc0167467fa1b0d4da89a4c549bb0f16cdc7c6d7e9769f24fa4ae6ab59a4aa7338ae1405f4e8331920730dd52a836176d6ef6e3a6690d30915021996a6e1b2d0e5c9ffc28dba98e0cbe5f426ecd77af01c4ac91e3defd8d6415d46f783b00b6e863cb9616f135b198d30c1007ac4a029b5015d97c3e32bc12b6c14b6e003967914af6813b5e35d5132e0683899ba5a78c1702586ab31efdfc89d1ce87b8ba454d27d4ed2e1e6b9db9dcc33b2eea8239505ba88cf951a45a2af5dc2ca488c0212928741f7298bc0f179ba245775af450f92ecbbad0efa3c9277695e93d9d33af85f423c561e98cc387b7aeec645f583dc9ee8ffc921f45538058cb6578c2dc155f6fa8dcd687e123fdd29a8c28bee5ec61d120ec93b07f02ca770bf8d566300017b90695032b1a71fee2f7a39d4a5b87a1a3080dcd86ff8b0ee3070b491798064abc4ab789467ca35e9854554779403ac4f182b38ae2e35bdfa27ea3a787f63abe9f62147eb044d9b9061effc4f33db1b9662c0fc4de022b2e5dfa78e4da746a99c3e1b1d87ce74293484e084bc12022e894b5674fcfb828d4ad791034e54d9281ba529b817e733df7da5659aeec8e28ed88bac447ca93af295c46590649eecbc46d2012103e67e327dac3ad589c8309a77da07f773a5bd6fbb6cab5bc9d96843926e26681b286dcdd9e9109c2d29e6d545ba2f3c2110dc9f116f9b43e96e675cbc8687d0b81a794690e90adcc4e0bb4677de63a15142be0d7a9a89079971cbf9195be773827cadcc97a97370e4312c03d0e8116db2e5a639671e56cc6c38ae952ddb4039c4c2d7960005985f898120bd6011c61c27e6da5a4fa22ef3a6be1600adb65eaada5e030f479eed34f587953172b0ce0bbd8b2848e5770c49a0faa613c9aa68b4e580f94325f3b5d112af1d1d980a7982ad5bd8892c4e1a87666fe3e8f8890ee32f94db4d733efe7ddac944f673e4c366a8f0bd743cc39ce84bf93769ca92ec1b57d8c2c72256c5e05404c8a1bda46ac4042fa7a99f92621ad820414449dfeebcdad1f6ef5023a5441624512ab3b7f5d19a0a08366af6d28b27d17db953938c1023dbec7a6c442289eb0c046c1744561debfebd28a452b35268c6f34dcdb8d68d2d123437c79ff2feb7de805de6d409f66ebf0e2535f53c4c441e298c460c3f2f067e1d21b356e59bc2ef144c7e2ca5622e19fadd23b65c248c4bd717b7ed", 0x1000, 0x404c0c4, &(0x7f00000002c0)={0x2, 0x4e21, @empty}, 0x10) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x9}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bcf8736c84bd"], 0x18}}, 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', &(0x7f0000001900)={0x64400, 0x1, 0x13}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000700)='initcall_start\x00', r11}, 0x10) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (rerun: 32)

03:36:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:20 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
close(r0)
splice(r2, &(0x7f0000000040)=0x1, r1, &(0x7f0000000080)=0x7, 0xffffffffffffffff, 0x2)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

[ 2368.012444][T21937] FAULT_INJECTION: forcing a failure.
[ 2368.012444][T21937] name failslab, interval 1, probability 0, space 0, times 0
[ 2368.043105][T21937] CPU: 0 PID: 21937 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2368.053269][T21937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2368.063399][T21937] Call Trace:
[ 2368.066458][T21937]  <TASK>
[ 2368.069235][T21937]  dump_stack_lvl+0x151/0x1b7
[ 2368.073748][T21937]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2368.079217][T21937]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2368.084335][T21937]  ? kernel_clone+0x21e/0x9e0
[ 2368.088849][T21937]  ? do_syscall_64+0x3d/0xb0
[ 2368.093277][T21937]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2368.099180][T21937]  dump_stack+0x15/0x17
[ 2368.104125][T21937]  should_fail+0x3c6/0x510
[ 2368.108382][T21937]  __should_failslab+0xa4/0xe0
[ 2368.112977][T21937]  ? copy_mm+0x192/0x13e0
[ 2368.117144][T21937]  should_failslab+0x9/0x20
[ 2368.121484][T21937]  slab_pre_alloc_hook+0x37/0xd0
[ 2368.126256][T21937]  ? copy_mm+0x192/0x13e0
[ 2368.130430][T21937]  kmem_cache_alloc+0x44/0x200
[ 2368.135023][T21937]  copy_mm+0x192/0x13e0
[ 2368.139016][T21937]  ? _raw_spin_lock+0xa4/0x1b0
[ 2368.143620][T21937]  ? copy_signal+0x610/0x610
[ 2368.148045][T21937]  ? __kasan_check_write+0x14/0x20
[ 2368.152992][T21937]  ? __init_rwsem+0xd6/0x1c0
[ 2368.157417][T21937]  ? copy_signal+0x4e3/0x610
[ 2368.161844][T21937]  copy_process+0x1149/0x3290
[ 2368.166361][T21937]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2368.171391][T21937]  ? copy_clone_args_from_user+0x744/0x830
[ 2368.177032][T21937]  kernel_clone+0x21e/0x9e0
[ 2368.181370][T21937]  ? __delayed_free_task+0x20/0x20
[ 2368.186320][T21937]  ? create_io_thread+0x1e0/0x1e0
[ 2368.191182][T21937]  __x64_sys_clone3+0x376/0x3a0
[ 2368.195868][T21937]  ? __ia32_sys_clone+0x290/0x290
[ 2368.200731][T21937]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2368.205845][T21937]  ? __traceiter_sys_enter+0x2a/0x40
[ 2368.210968][T21937]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2368.216868][T21937]  do_syscall_64+0x3d/0xb0
[ 2368.221123][T21937]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2368.226853][T21937] RIP: 0033:0x7f9d5f592da9
[ 2368.231105][T21937] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2368.250544][T21937] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
03:36:21 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 64)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
sendto$inet(0xffffffffffffffff, &(0x7f0000000900)="8acd9a4c9027cac5e3339b4454aa3388eca65cfaa43f672074a1f48d62b0d4b2edcde59f0bd65518c2bbc0aede6c372bb5301c3464324995d30d02c4baa1828c8339547e089765c00472735a3d3d960a680cc10ba6e85b15fdee7b5d3cb57f295d882f6be73c1611da608c961a2dcfbe37f437a3adf2907dfc1a82961428d0f610d8e1c7f5c0eaec9fbeb6f721d16534980c0f9137125f5f2fbf62fbe5169860cbc6e97841dcfcef8572d9c94e5b0abc49395185636694fa39c6590af81116e9ffb7a4418384edc1da0fe6ab9918038fafa8f13a939ebb82b78d3088d2d51aba457a2e4a465ff93548370436724abdf01f3c1b3b183df1efea4756f0214a56bed42fd6e8595db6078fd9f0fd344d8cae30baec42184d69fc4fec26d71bee5098c52785ca0651775d8bb1a64bea1490f330affb039539395207e8a275bd17a8e325b716bbbcaf2d4636a32ab193fb96a43817e80ea51a45505c101c5cdca5df99ac0b482ad0b33541a3d06bb518715c0fcf6ede0496f4a4d66cb108eb1700301bac3148bb913fe57611019e17914d4b6aecdd8de4a79c37795955c2e2af8a0b3c4f2a7be1ec7cfdf25ded440300cc2e10f4dcaf586a08bb4b2bd96de532e38c01fa75989235194f7a337a335c5942a86a7587e5cf219eeecd31d23886f7b6e6fb1cced539a208f26d0ad56450cbd2707d0552ba082d7b5ca2f5f15c99ecdb0c3bff264eeba979e86ee3a7e9f6396256eb65ff5a6a085b6944a5948a3e2b256ad5facf11b66a7b2f6fbca5041cd0a700cb02b5e2b1951e5b2cd361c47cbd14af84f9f8cc44ac9102663029189be92a9b66636d5ba378d90883916cfee915f8d82172d26479356fe02883f8547106102dcb400806ed6937d3a9e2975ecd65ed234addb40ee9dbec0c67912d5fe6584f2ce64bc865aceedad4b88414c658b813dacea4405b957b0d5c3bebcdaf002046957449103521c94891fae0d94a80b980f68b9823489795811996abb770871302a1c4f632194685c6964c95b61147842939b842574fdb900c8b8d8be7c95a585dea7f072b600c4b0168212c6dd14a6664333c43eecbfce4296ae114cebaaaf4f698567451acb1523e7321343db1e1084f4c55a20941ddeff61d44538c4023562fb41a7eec0aa55526fde7fded2dd7f1ea624646300028108f54a363d89836c67a05cec11534e5829d80edad861a3ae53fe86f953955b5002ee1975d81693336a2a708db5f157dc69f6b3015aacf706057a9f2f3c6d30d3ee0945e5b89e249e2f6e054f9d9b8a423153e135034a21dfd0032519d6283215b1b200a5bafc559544fb812e68c4f00b0c15db94b08298ca500e04280923a06d4fe8934cb4c8e63f2168fc5fa7628df8b3a578647b3a38787441e4ef53eeeaa856a3da84e33cea395d0932595d03bf677c786e4e34eca79e5649a3aa9820c4c8849f3c60f7170d11795742718f3473604a07595bb81b4ed8e81f892cb0ce3e2caa2b8a79c67990a24b0b9c2dd88d9637cddc44e168c1237d93c2ad1e85326acad479408bc613df9aa6268679900392da46d314a95c0718511d3b504f50f00de5f6a0c6495967d539d3b2a4e6ff0a45e106a72872be7c09559a177a2d8ed1580f8f60e28d51ac79f186022aba8d577682c9a0d68c01f059f5d927ada4dc51d6435267b6e3d68cf8b48986695bff905fcfb639eb2765a98db522c702ae54b05857091e9e1b19f7a309cd2cc204a867fa43da8a86bcc2a1af45015606d7a086003cb98a1e9b3a69afbd6b32a69175beadc845922c1bc148c86b66f9e3866f165b703d40272b1924eebbf7ad8e34adfa4d5941a44d49f5af22a520d200c4a618addb71d36214d2b09c7f03046eec5e55369a860ee4d5eaeaf1e345d69fc192d63696f076b4f36e0e66b94c4bb31fc485f71ad1669c0758daca45ddd9eab5664fc1d570e4e46184f6a657ba9292a55a2c0521cd38c40a1467885a2e991cd57b0cd93552eafc6136b0a16c40dbbf58fe3926aa6f6dd0c1503f2b88a7aa769dca8fe87f7803e71405855cb1a62603cef81ab9f02b61429f557a3b5ca3008fccf14ae062bddfbfb34e08ecf7efa354b89fac8cc24dbc1ff8b800fda8746c4bfe71d93be85d20703f5ae73fcea316a594632ac84190aacf11d56c497fc0805c8cc9a7d46f7a4647e71826de0d66f8185c4b5f21678618e4d7bdb1ef4eb9fbc587685e579d41e4f0f202ebee440e2d21a83734016170fa37dd4f1b2900c0e7e3c2cb38fd8d3e6083d812c5144eec883ffcc5423db31f6ec4e9e0059cbcf2ffe65b40995e8baa1dc7832e65fc339d105b79f9e9b01bdcca40ac8cd3df8e7733cf53739848bf4d47a29a73b519d365cab6f5631134a71197cc65226a3e453eedfa449b58f40b13aff996e53fc9c1bf2e2406915d5a2f429cad331b1dd679fd067564bf05f0a0a0e1ba9c072aa41f1f57f77ed7372bf709e6427e3f475e770f59c0d389f7ac1c2330497195220273baaf26c945e86bf59933ac723fa4ed18e650cb71f6397e2aa9479e95aede20c30639ec4c1d29779aa9657dad9095dc00c479a66d0ca3b62a862423fedf50cbbc6b7c007dff62a22217d8a1b3a3a220ef9a14f4d23e3760cafb9f857246fec884436789698178f1332f6a8c5510db308b38d00eaf0320c27b033689ee1edeb1946a813494459df2a02fe757cd32411b1d05ade50182a7b521ef4edf235d1952d292d6201da8aa22debe322d9d7565985fb9f59c59db99a8352dd69b3a6389138a80f20dbeda8263d561bfb74271af75a7ab99e39a566332db1436fe3239c165911c8fabdf90c437cde964ebdef39f84d2a83c3d728bb07c8ed1f647892ee0b39f52beb2cf1cb0a21b79f3f1a9a0c0baaa2e313cf1592e67e3f97047a2078c66934efa1fc38cb039999bebe6e40fea2ad3d395f6dd870d8c256a5928bba67d8dbba4193236199965f3e6a61cec0fdd093018b76a72572b5aff429807fcaae370d4064fb9580cf6790165bab15aee807e99149ff4431155d86b896741947bfee8a773513c59fe34984883e81e37affe1d7b9020089ce29d2b448520e95aa91085194a37561c358409362c271c2e3e862a13ca8698eb469637614f420a306289b484e7e9f261ac095cb793e2c07b300046067a774d5e58290e1de33942d5b87de312c7f703dd74167f1f9554e37b06095fecd4dbd31f67d97385159bff6f841d62eaad6f319083c0579e16ae5b69e35d25e28d4d034e1810bbc5cb639ad6d97a8269c84247de4eb35dba7096a352bfee065399b46edec98d60da8b4677ee1eb3f94a2bcb14ce14b304960bbcc757f2f4f49d1574fcbc3dc5a589242017b20e1250c3ef3f70b06ab310e432ff1a47a197fc6724c1b1af917b212258f44050390f5374c2f0ec016c88f081d0f714e23a47ffad1119be38fda45f1e6cb7e6fd886baa78e790ae080f84cf431d26e49cfcca002f3e3f198443a65ef4c5a1a9631d071a7d8b43e01a6447d966cbcb972b1ba314ed64e688f5826e845ffe1dc0df49f1a4a097af0b82ec4ac93e054af67526c38af8b0acf8867539486e5e7488308458ebe2b2f4f98bc99ab831b7332964d52c7d1ce039b90d3a2bf57564a1d8cef306e7b6e48b0bddc08be61d7582b60c865f223df3abdcae31818e61f17ed8dd24257f12e33583ff92f14b4a4f77257b7d9386a186693d908e8131d69c4335f638a694475bd834197cdfe11f8d25c9c872c8bc7ef52c20d9dec2a70a547a9111d4182b3b6144854e6fcb14cd1e3fe8504a63d3271ac9de631ef8ae5aeaf9a2cb5fc803a3c6435fd7d253a845b47993e6ca91abc3305212f5235a8411db25139f707dae066ee797168acca7c4bf870c87f38b902f0d7f96f1703cb352de1d500319f44a883e9140872a2aa718380c4560cd577d34d0a04bfe20178f5e5efe959f95abecd52006c92e1a8e7f64856a92b6c6be7cb6695be04021f0fbf773c1739bfe89b15506d29b551686e38958352d18df391d522e21e953f6de99d946b8687e7a6961ea25078940b4b09113b6d4e9dee6740243eec654ebd9168660d63ed6a988e08e2400b7f9b160d62f5884e7bd29536e9911945f165c2a2895ac8317fca342f53284b13cfa7f8d2c8d27a107dd40ffda6bc4efc0235edbc0a5a003962df70433ae0ee22f97e326138eba17b251a5c054552928c30f9d9d77ecdc75dc2ba2092b558b02a1027db8343eb700f56cc5276cd4d2d820972891abfef0b90fd735874700632fe981037a70ce8459e2ff8a5b19a16ba1fcda3e3b893913c02f09ddcc77d054d57ea84b82ef5a9c75338b926995db1b04499b1cd4798335063eddbfcdd12bf7fa49764487fb57c7b31aec9f3f0377164b8fd82dc39ad6e1a72904771a73d9a50139b4d5aec00caf144d3d8f32055222972d9e0e89fd1eef884f157e37d256c548d8421e8691484d940fa3bbc5f5fd7e5dc9b523ed564b940a6db6b0203b157dac903ce6d810361b2f49248302652326309ddb3c010b9e7e9679e4f1667eed5f0a73cfc650270ae51729019b9a8ad524681fc0167467fa1b0d4da89a4c549bb0f16cdc7c6d7e9769f24fa4ae6ab59a4aa7338ae1405f4e8331920730dd52a836176d6ef6e3a6690d30915021996a6e1b2d0e5c9ffc28dba98e0cbe5f426ecd77af01c4ac91e3defd8d6415d46f783b00b6e863cb9616f135b198d30c1007ac4a029b5015d97c3e32bc12b6c14b6e003967914af6813b5e35d5132e0683899ba5a78c1702586ab31efdfc89d1ce87b8ba454d27d4ed2e1e6b9db9dcc33b2eea8239505ba88cf951a45a2af5dc2ca488c0212928741f7298bc0f179ba245775af450f92ecbbad0efa3c9277695e93d9d33af85f423c561e98cc387b7aeec645f583dc9ee8ffc921f45538058cb6578c2dc155f6fa8dcd687e123fdd29a8c28bee5ec61d120ec93b07f02ca770bf8d566300017b90695032b1a71fee2f7a39d4a5b87a1a3080dcd86ff8b0ee3070b491798064abc4ab789467ca35e9854554779403ac4f182b38ae2e35bdfa27ea3a787f63abe9f62147eb044d9b9061effc4f33db1b9662c0fc4de022b2e5dfa78e4da746a99c3e1b1d87ce74293484e084bc12022e894b5674fcfb828d4ad791034e54d9281ba529b817e733df7da5659aeec8e28ed88bac447ca93af295c46590649eecbc46d2012103e67e327dac3ad589c8309a77da07f773a5bd6fbb6cab5bc9d96843926e26681b286dcdd9e9109c2d29e6d545ba2f3c2110dc9f116f9b43e96e675cbc8687d0b81a794690e90adcc4e0bb4677de63a15142be0d7a9a89079971cbf9195be773827cadcc97a97370e4312c03d0e8116db2e5a639671e56cc6c38ae952ddb4039c4c2d7960005985f898120bd6011c61c27e6da5a4fa22ef3a6be1600adb65eaada5e030f479eed34f587953172b0ce0bbd8b2848e5770c49a0faa613c9aa68b4e580f94325f3b5d112af1d1d980a7982ad5bd8892c4e1a87666fe3e8f8890ee32f94db4d733efe7ddac944f673e4c366a8f0bd743cc39ce84bf93769ca92ec1b57d8c2c72256c5e05404c8a1bda46ac4042fa7a99f92621ad820414449dfeebcdad1f6ef5023a5441624512ab3b7f5d19a0a08366af6d28b27d17db953938c1023dbec7a6c442289eb0c046c1744561debfebd28a452b35268c6f34dcdb8d68d2d123437c79ff2feb7de805de6d409f66ebf0e2535f53c4c441e298c460c3f2f067e1d21b356e59bc2ef144c7e2ca5622e19fadd23b65c248c4bd717b7ed", 0x1000, 0x404c0c4, &(0x7f00000002c0)={0x2, 0x4e21, @empty}, 0x10)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x9}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bcf8736c84bd"], 0x18}}, 0x0) (async, rerun: 32)
openat2(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', &(0x7f0000001900)={0x64400, 0x1, 0x13}, 0x18) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000700)='initcall_start\x00', r11}, 0x10) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)

03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:21 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26)

03:36:21 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321001e00ff0200000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc) (async)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000640)={0x0, 0x5, {0x3, @struct={0x1, 0xfff}, 0x0, 0x5, 0x6, 0x3, 0x5, 0xffff, 0x420, @usage=0x4, 0x2800000, 0x80, [0x2a, 0x2570c1e, 0x1, 0xffffffff00000000, 0x10001, 0x4]}, {0x4, @struct={0x8001, 0x5}, 0x0, 0x40, 0x8, 0x5, 0x827, 0x1, 0x480, @struct={0x2, 0x800}, 0x0, 0x0, [0x2, 0x1ff, 0x4, 0xa4fc, 0x5bb8, 0x7fffffffffffffff]}, {0xffff, @usage=0xaee, 0x0, 0x2, 0x80000000, 0x3, 0x81, 0x1, 0x42c, @struct={0x5b, 0x1000}, 0x3, 0x7, [0xfffffffffffffff9, 0x4c, 0x4, 0xfffffffffffffeff, 0x401, 0xf430]}, {0x4, 0xff, 0x1}}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c90de4fb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000003c2bdef529513c925a6f1d97de4de54a6ebf4927d647eedbeba7a0008c6bf5d37257d760c7dfe0caeb8816287b453008c8b60b5ae7a02273175b78a6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10) (async)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0), 0x0) (async)
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x4, 0x0, 0x0) (async)
ioctl$int_in(r6, 0x5452, &(0x7f0000000300)=0x208) (async)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) (async)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f00000025c0), 0x4) (async)
setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) (async)
sendto$inet6(r6, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r6, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r6, 0x1) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r7=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000003880)={0x28, 0x20, &(0x7f0000003500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x4, 0x0, 0xd, 0x0, 0x4, 0x341de92a81be384, 0x8}, @generic={0x1f, 0x4, 0x8, 0x8, 0x5}, @call={0x85, 0x0, 0x0, 0xa1}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x7}, @alu={0x4, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc, 0x4}, @ringbuf_query, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000003600)='GPL\x00', 0x6, 0xb3, &(0x7f0000003640)=""/179, 0x100, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000003700)={0xa, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x0, &(0x7f0000003800)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000003840), 0x10, 0x6}, 0x90)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r5}, 0x0, 0x0, @unused=[0x0, 0x0, 0x0, 0x60], @devid=r7}) (async)
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1})

[ 2368.258792][T21937] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2368.266601][T21937] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2368.274411][T21937] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2368.282223][T21937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2368.290035][T21937] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2368.297856][T21937]  </TASK>
03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c1f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:21 executing program 3:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = dup(r0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000880)={0x0, <r2=>0x0}, &(0x7f0000000900)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000940)={0x0, <r3=>0x0}, &(0x7f0000000980)=0xc)
mount$9p_fd(0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x15016, &(0x7f00000009c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@access_user}, {@access_client}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@cache_none}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@access_uid={'access', 0x3d, r3}}, {@debug={'debug', 0x3d, 0x4}}]}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f0000000700), 0x4)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r4, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000840)=ANY=[@ANYBLOB="1880f09f73ce698bf07986dfe1d1eea9de6a8901001d7ee5806c44fa005d5cde934a16918a1b28dad2405356f9ffff1811", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r1}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r1, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r1, r1, r1, r1], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2368.349877][T22143] FAULT_INJECTION: forcing a failure.
[ 2368.349877][T22143] name failslab, interval 1, probability 0, space 0, times 0
[ 2368.376873][T22151] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[ 2368.381869][T22143] CPU: 1 PID: 22143 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2368.394926][T22143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2368.404820][T22143] Call Trace:
[ 2368.407942][T22143]  <TASK>
[ 2368.410720][T22143]  dump_stack_lvl+0x151/0x1b7
[ 2368.415234][T22143]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2368.420704][T22143]  dump_stack+0x15/0x17
[ 2368.424687][T22143]  should_fail+0x3c6/0x510
[ 2368.428941][T22143]  __should_failslab+0xa4/0xe0
[ 2368.433541][T22143]  ? anon_vma_clone+0x9a/0x500
[ 2368.438140][T22143]  should_failslab+0x9/0x20
[ 2368.442481][T22143]  slab_pre_alloc_hook+0x37/0xd0
[ 2368.447256][T22143]  ? anon_vma_clone+0x9a/0x500
[ 2368.451854][T22143]  kmem_cache_alloc+0x44/0x200
[ 2368.456455][T22143]  anon_vma_clone+0x9a/0x500
[ 2368.460881][T22143]  anon_vma_fork+0x91/0x4e0
[ 2368.465221][T22143]  ? anon_vma_name+0x4c/0x70
[ 2368.469648][T22143]  ? vm_area_dup+0x17a/0x230
[ 2368.474074][T22143]  copy_mm+0xa3a/0x13e0
[ 2368.478069][T22143]  ? copy_signal+0x610/0x610
[ 2368.482492][T22143]  ? __init_rwsem+0xd6/0x1c0
[ 2368.486918][T22143]  ? copy_signal+0x4e3/0x610
[ 2368.491349][T22143]  copy_process+0x1149/0x3290
[ 2368.495864][T22143]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2368.500806][T22143]  ? copy_clone_args_from_user+0x744/0x830
[ 2368.506446][T22143]  kernel_clone+0x21e/0x9e0
[ 2368.510788][T22143]  ? __delayed_free_task+0x20/0x20
[ 2368.515735][T22143]  ? create_io_thread+0x1e0/0x1e0
[ 2368.520599][T22143]  __x64_sys_clone3+0x376/0x3a0
[ 2368.525282][T22143]  ? __ia32_sys_clone+0x290/0x290
[ 2368.530149][T22143]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2368.535264][T22143]  ? __traceiter_sys_enter+0x2a/0x40
[ 2368.540385][T22143]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2368.546292][T22143]  do_syscall_64+0x3d/0xb0
[ 2368.550539][T22143]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2368.556265][T22143] RIP: 0033:0x7f9d5f592da9
[ 2368.560523][T22143] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2368.579960][T22143] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2368.588205][T22143] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c20, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:21 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321001e00ff0200000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000640)={0x0, 0x5, {0x3, @struct={0x1, 0xfff}, 0x0, 0x5, 0x6, 0x3, 0x5, 0xffff, 0x420, @usage=0x4, 0x2800000, 0x80, [0x2a, 0x2570c1e, 0x1, 0xffffffff00000000, 0x10001, 0x4]}, {0x4, @struct={0x8001, 0x5}, 0x0, 0x40, 0x8, 0x5, 0x827, 0x1, 0x480, @struct={0x2, 0x800}, 0x0, 0x0, [0x2, 0x1ff, 0x4, 0xa4fc, 0x5bb8, 0x7fffffffffffffff]}, {0xffff, @usage=0xaee, 0x0, 0x2, 0x80000000, 0x3, 0x81, 0x1, 0x42c, @struct={0x5b, 0x1000}, 0x3, 0x7, [0xfffffffffffffff9, 0x4c, 0x4, 0xfffffffffffffeff, 0x401, 0xf430]}, {0x4, 0xff, 0x1}})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c90de4fb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000003c2bdef529513c925a6f1d97de4de54a6ebf4927d647eedbeba7a0008c6bf5d37257d760c7dfe0caeb8816287b453008c8b60b5ae7a02273175b78a6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0), 0x0) (async)
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) (async, rerun: 32)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
setsockopt$inet6_tcp_int(r6, 0x6, 0x4, 0x0, 0x0) (async)
ioctl$int_in(r6, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) (async)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f00000025c0), 0x4) (async, rerun: 32)
setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) (rerun: 32)
sendto$inet6(r6, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r6, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r7=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]}) (async)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7}) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000003880)={0x28, 0x20, &(0x7f0000003500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x4, 0x0, 0xd, 0x0, 0x4, 0x341de92a81be384, 0x8}, @generic={0x1f, 0x4, 0x8, 0x8, 0x5}, @call={0x85, 0x0, 0x0, 0xa1}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x7}, @alu={0x4, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc, 0x4}, @ringbuf_query, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000003600)='GPL\x00', 0x6, 0xb3, &(0x7f0000003640)=""/179, 0x100, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000003700)={0xa, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x0, &(0x7f0000003800)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000003840), 0x10, 0x6}, 0x90) (async, rerun: 64)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r5}, 0x0, 0x0, @unused=[0x0, 0x0, 0x0, 0x60], @devid=r7}) (async)
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1})

03:36:21 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27)

03:36:21 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
close(r0)
splice(r2, &(0x7f0000000040)=0x1, r1, &(0x7f0000000080)=0x7, 0xffffffffffffffff, 0x2)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)) (async)
socket(0x1e, 0x1, 0x0) (async)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
close(r0) (async)
splice(r2, &(0x7f0000000040)=0x1, r1, &(0x7f0000000080)=0x7, 0xffffffffffffffff, 0x2) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)

[ 2368.596040][T22143] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2368.603843][T22143] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2368.611639][T22143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2368.619453][T22143] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2368.627271][T22143]  </TASK>
03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c21, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2368.660124][T22164] netlink: 'syz-executor.2': attribute type 30 has an invalid length.
[ 2368.672559][T22163] FAULT_INJECTION: forcing a failure.
[ 2368.672559][T22163] name failslab, interval 1, probability 0, space 0, times 0
[ 2368.685166][T22163] CPU: 0 PID: 22163 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2368.695306][T22163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2368.705195][T22163] Call Trace:
[ 2368.708317][T22163]  <TASK>
[ 2368.711096][T22163]  dump_stack_lvl+0x151/0x1b7
[ 2368.715608][T22163]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2368.721080][T22163]  dump_stack+0x15/0x17
[ 2368.725068][T22163]  should_fail+0x3c6/0x510
[ 2368.729333][T22163]  __should_failslab+0xa4/0xe0
[ 2368.733921][T22163]  should_failslab+0x9/0x20
[ 2368.738265][T22163]  slab_pre_alloc_hook+0x37/0xd0
[ 2368.743035][T22163]  kmem_cache_alloc_trace+0x48/0x210
[ 2368.748155][T22163]  ? mm_init+0x39a/0x970
[ 2368.752248][T22163]  mm_init+0x39a/0x970
[ 2368.756142][T22163]  copy_mm+0x1e3/0x13e0
[ 2368.760133][T22163]  ? irqentry_exit+0x30/0x40
[ 2368.764559][T22163]  ? sysvec_call_function_single+0x52/0xb0
[ 2368.770201][T22163]  ? asm_sysvec_call_function_single+0x1b/0x20
[ 2368.776192][T22163]  ? _raw_spin_lock+0xa4/0x1b0
[ 2368.780792][T22163]  ? copy_signal+0x610/0x610
[ 2368.785216][T22163]  ? __kasan_check_write+0x14/0x20
[ 2368.790163][T22163]  ? __init_rwsem+0xd6/0x1c0
[ 2368.794590][T22163]  ? copy_signal+0x4e3/0x610
[ 2368.799020][T22163]  copy_process+0x1149/0x3290
[ 2368.803534][T22163]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2368.808478][T22163]  ? copy_clone_args_from_user+0x744/0x830
[ 2368.814120][T22163]  kernel_clone+0x21e/0x9e0
[ 2368.818459][T22163]  ? __delayed_free_task+0x20/0x20
[ 2368.823405][T22163]  ? create_io_thread+0x1e0/0x1e0
[ 2368.828269][T22163]  __x64_sys_clone3+0x376/0x3a0
[ 2368.832954][T22163]  ? __ia32_sys_clone+0x290/0x290
[ 2368.837820][T22163]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2368.842947][T22163]  ? __traceiter_sys_enter+0x2a/0x40
[ 2368.848061][T22163]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2368.853969][T22163]  do_syscall_64+0x3d/0xb0
[ 2368.858214][T22163]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2368.863939][T22163] RIP: 0033:0x7f9d5f592da9
[ 2368.868194][T22163] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2368.887634][T22163] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2368.895880][T22163] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2368.903689][T22163] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c22, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:21 executing program 3:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = dup(r0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000880)={0x0, <r2=>0x0}, &(0x7f0000000900)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000940)={0x0, <r3=>0x0}, &(0x7f0000000980)=0xc)
mount$9p_fd(0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x15016, &(0x7f00000009c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@access_user}, {@access_client}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@cache_none}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@access_uid={'access', 0x3d, r3}}, {@debug={'debug', 0x3d, 0x4}}]}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
dup2(r4, r4) (async)
r5 = dup2(r4, r4)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f0000000700), 0x4)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r4, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, 0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000840)=ANY=[@ANYBLOB="1880f09f73ce698bf07986dfe1d1eea9de6a8901001d7ee5806c44fa005d5cde934a16918a1b28dad2405356f9ffff1811", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r1}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r1, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r1, r1, r1, r1], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:21 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7005b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850040004354e9589500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:21 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28)

[ 2368.911500][T22163] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2368.919313][T22163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2368.927134][T22163] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2368.934949][T22163]  </TASK>
[ 2368.940518][T22165] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
03:36:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c23, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:21 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7005b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850040004354e9589500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7005b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850040004354e9589500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0) (async)

03:36:21 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7005b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850040004354e9589500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

[ 2369.006203][T22283] FAULT_INJECTION: forcing a failure.
[ 2369.006203][T22283] name failslab, interval 1, probability 0, space 0, times 0
[ 2369.032964][T22283] CPU: 1 PID: 22283 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2369.043131][T22283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2369.053033][T22283] Call Trace:
03:36:22 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r10, 0x800)
lseek(r10, 0x200, 0x0)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90)
accept(r4, 0x0, 0x0)

[ 2369.056156][T22283]  <TASK>
[ 2369.058949][T22283]  dump_stack_lvl+0x151/0x1b7
[ 2369.063449][T22283]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2369.068916][T22283]  dump_stack+0x15/0x17
[ 2369.072900][T22283]  should_fail+0x3c6/0x510
[ 2369.077158][T22283]  __should_failslab+0xa4/0xe0
[ 2369.081754][T22283]  ? anon_vma_clone+0x9a/0x500
[ 2369.086349][T22283]  should_failslab+0x9/0x20
[ 2369.090691][T22283]  slab_pre_alloc_hook+0x37/0xd0
[ 2369.095475][T22283]  ? anon_vma_clone+0x9a/0x500
[ 2369.100064][T22283]  kmem_cache_alloc+0x44/0x200
[ 2369.104666][T22283]  anon_vma_clone+0x9a/0x500
[ 2369.109092][T22283]  anon_vma_fork+0x91/0x4e0
[ 2369.113429][T22283]  ? anon_vma_name+0x4c/0x70
[ 2369.117858][T22283]  ? vm_area_dup+0x17a/0x230
[ 2369.122283][T22283]  copy_mm+0xa3a/0x13e0
[ 2369.126278][T22283]  ? copy_signal+0x610/0x610
[ 2369.130704][T22283]  ? __init_rwsem+0xd6/0x1c0
[ 2369.135128][T22283]  ? copy_signal+0x4e3/0x610
[ 2369.139555][T22283]  copy_process+0x1149/0x3290
[ 2369.144072][T22283]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2369.149017][T22283]  ? copy_clone_args_from_user+0x744/0x830
[ 2369.154657][T22283]  kernel_clone+0x21e/0x9e0
[ 2369.158997][T22283]  ? __delayed_free_task+0x20/0x20
[ 2369.163952][T22283]  ? create_io_thread+0x1e0/0x1e0
[ 2369.168807][T22283]  __x64_sys_clone3+0x376/0x3a0
[ 2369.173492][T22283]  ? __ia32_sys_clone+0x290/0x290
[ 2369.178364][T22283]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2369.183472][T22283]  ? __traceiter_sys_enter+0x2a/0x40
[ 2369.188595][T22283]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2369.194495][T22283]  do_syscall_64+0x3d/0xb0
[ 2369.198750][T22283]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2369.204477][T22283] RIP: 0033:0x7f9d5f592da9
[ 2369.208731][T22283] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2369.228170][T22283] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2369.236416][T22283] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2369.244226][T22283] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c24, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 1:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
close(r0)
splice(r2, &(0x7f0000000040)=0x1, r1, &(0x7f0000000080)=0x7, 0xffffffffffffffff, 0x2)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)) (async)
socket(0x1e, 0x1, 0x0) (async)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
close(r0) (async)
splice(r2, &(0x7f0000000040)=0x1, r1, &(0x7f0000000080)=0x7, 0xffffffffffffffff, 0x2) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c25, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.252042][T22283] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2369.259848][T22283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2369.267665][T22283] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2369.275478][T22283]  </TASK>
03:36:22 executing program 3:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = dup(r0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000880), &(0x7f0000000900)=0xc) (async)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000880)={0x0, <r2=>0x0}, &(0x7f0000000900)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000940)={0x0, <r3=>0x0}, &(0x7f0000000980)=0xc)
mount$9p_fd(0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x15016, &(0x7f00000009c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@access_user}, {@access_client}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@cache_none}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@access_uid={'access', 0x3d, r3}}, {@debug={'debug', 0x3d, 0x4}}]}}) (async)
mount$9p_fd(0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x15016, &(0x7f00000009c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@access_user}, {@access_client}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@cache_none}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@access_uid={'access', 0x3d, r3}}, {@debug={'debug', 0x3d, 0x4}}]}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
dup2(r4, r4) (async)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f0000000700), 0x4) (async)
setsockopt$inet_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f0000000700), 0x4)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r4, @ANYRES16=r5], 0x100000530) (async)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r4, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000840)=ANY=[@ANYBLOB="1880f09f73ce698bf07986dfe1d1eea9de6a8901001d7ee5806c44fa005d5cde934a16918a1b28dad2405356f9ffff1811", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r1}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r1, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r1, r1, r1, r1], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:22 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c26, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.341825][T22421] FAULT_INJECTION: forcing a failure.
[ 2369.341825][T22421] name failslab, interval 1, probability 0, space 0, times 0
[ 2369.357743][T22421] CPU: 1 PID: 22421 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2369.367902][T22421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2369.377804][T22421] Call Trace:
[ 2369.380931][T22421]  <TASK>
[ 2369.383706][T22421]  dump_stack_lvl+0x151/0x1b7
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c27, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c28, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c29, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.388211][T22421]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2369.393690][T22421]  dump_stack+0x15/0x17
[ 2369.397671][T22421]  should_fail+0x3c6/0x510
[ 2369.401932][T22421]  __should_failslab+0xa4/0xe0
[ 2369.406522][T22421]  ? anon_vma_fork+0xf7/0x4e0
[ 2369.411035][T22421]  should_failslab+0x9/0x20
[ 2369.415377][T22421]  slab_pre_alloc_hook+0x37/0xd0
[ 2369.420149][T22421]  ? anon_vma_fork+0xf7/0x4e0
[ 2369.424665][T22421]  kmem_cache_alloc+0x44/0x200
[ 2369.429266][T22421]  anon_vma_fork+0xf7/0x4e0
[ 2369.433651][T22421]  ? anon_vma_name+0x4c/0x70
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.438157][T22421]  ? vm_area_dup+0x17a/0x230
[ 2369.442589][T22421]  copy_mm+0xa3a/0x13e0
[ 2369.446582][T22421]  ? copy_signal+0x610/0x610
[ 2369.451015][T22421]  ? __init_rwsem+0xd6/0x1c0
[ 2369.455432][T22421]  ? copy_signal+0x4e3/0x610
[ 2369.459857][T22421]  copy_process+0x1149/0x3290
[ 2369.464380][T22421]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2369.469317][T22421]  ? copy_clone_args_from_user+0x744/0x830
[ 2369.474963][T22421]  kernel_clone+0x21e/0x9e0
[ 2369.479297][T22421]  ? __delayed_free_task+0x20/0x20
[ 2369.484248][T22421]  ? create_io_thread+0x1e0/0x1e0
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c2f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.489108][T22421]  __x64_sys_clone3+0x376/0x3a0
[ 2369.493796][T22421]  ? __ia32_sys_clone+0x290/0x290
[ 2369.498744][T22421]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2369.504121][T22421]  ? __traceiter_sys_enter+0x2a/0x40
[ 2369.509241][T22421]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2369.515146][T22421]  do_syscall_64+0x3d/0xb0
[ 2369.519399][T22421]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2369.525121][T22421] RIP: 0033:0x7f9d5f592da9
[ 2369.529383][T22421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2369.548825][T22421] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2369.557062][T22421] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2369.564877][T22421] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2369.572686][T22421] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2369.580498][T22421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c30, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c31, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c32, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c33, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c34, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000040))
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:22 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c35, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.588313][T22421] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2369.596132][T22421]  </TASK>
[ 2369.632734][T22536] FAULT_INJECTION: forcing a failure.
[ 2369.632734][T22536] name failslab, interval 1, probability 0, space 0, times 0
[ 2369.647018][T22536] CPU: 1 PID: 22536 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2369.657167][T22536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2369.667062][T22536] Call Trace:
[ 2369.670180][T22536]  <TASK>
[ 2369.672960][T22536]  dump_stack_lvl+0x151/0x1b7
[ 2369.677475][T22536]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2369.682944][T22536]  dump_stack+0x15/0x17
[ 2369.686932][T22536]  should_fail+0x3c6/0x510
[ 2369.691186][T22536]  __should_failslab+0xa4/0xe0
[ 2369.695871][T22536]  ? anon_vma_fork+0x1df/0x4e0
[ 2369.700472][T22536]  should_failslab+0x9/0x20
[ 2369.704811][T22536]  slab_pre_alloc_hook+0x37/0xd0
[ 2369.709585][T22536]  ? anon_vma_fork+0x1df/0x4e0
[ 2369.714185][T22536]  kmem_cache_alloc+0x44/0x200
[ 2369.718786][T22536]  anon_vma_fork+0x1df/0x4e0
[ 2369.723213][T22536]  copy_mm+0xa3a/0x13e0
[ 2369.727226][T22536]  ? copy_signal+0x610/0x610
[ 2369.731630][T22536]  ? __init_rwsem+0xd6/0x1c0
[ 2369.736059][T22536]  ? copy_signal+0x4e3/0x610
[ 2369.740485][T22536]  copy_process+0x1149/0x3290
[ 2369.745002][T22536]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2369.749956][T22536]  ? copy_clone_args_from_user+0x744/0x830
[ 2369.755589][T22536]  kernel_clone+0x21e/0x9e0
[ 2369.759938][T22536]  ? __delayed_free_task+0x20/0x20
[ 2369.764873][T22536]  ? create_io_thread+0x1e0/0x1e0
[ 2369.769737][T22536]  __x64_sys_clone3+0x376/0x3a0
[ 2369.774424][T22536]  ? __ia32_sys_clone+0x290/0x290
[ 2369.779289][T22536]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2369.784404][T22536]  ? __traceiter_sys_enter+0x2a/0x40
[ 2369.789523][T22536]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2369.795427][T22536]  do_syscall_64+0x3d/0xb0
[ 2369.799680][T22536]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2369.805491][T22536] RIP: 0033:0x7f9d5f592da9
[ 2369.809748][T22536] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2369.829193][T22536] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
03:36:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000e40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000cc0)=@allocspi={0xf8, 0x16, 0x1, 0x70bd2b, 0x0, {{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@broadcast, 0x0, 0x0, 0x4e22, 0x7, 0xa}, {@in=@empty, 0x0, 0x33}, @in=@loopback, {0x0, 0x2, 0x3, 0x2, 0x3}, {}, {0x3, 0x0, 0x8}, 0x70bd2a, 0x34ff, 0x2, 0x4, 0x4, 0x40}}}, 0xf8}}, 0x0)
dup(r5)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x6, 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="85200000010000000942183601760000cc9070ff10000000185400000e000000000000000000000085000000c500000095000000000000001800000004000000000000000080000018140000", @ANYRES32=r2, @ANYBLOB="000025c0f2a80000"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c36, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000e40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000cc0)=@allocspi={0xf8, 0x16, 0x1, 0x70bd2b, 0x0, {{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@broadcast, 0x0, 0x0, 0x4e22, 0x7, 0xa}, {@in=@empty, 0x0, 0x33}, @in=@loopback, {0x0, 0x2, 0x3, 0x2, 0x3}, {}, {0x3, 0x0, 0x8}, 0x70bd2a, 0x34ff, 0x2, 0x4, 0x4, 0x40}}}, 0xf8}}, 0x0)
dup(r5)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x6, 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async, rerun: 64)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (rerun: 64)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="85200000010000000942183601760000cc9070ff10000000185400000e000000000000000000000085000000c500000095000000000000001800000004000000000000000080000018140000", @ANYRES32=r2, @ANYBLOB="000025c0f2a80000"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:22 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c37, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.837432][T22536] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2369.845248][T22536] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2369.853056][T22536] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2369.860876][T22536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2369.868679][T22536] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2369.876501][T22536]  </TASK>
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c38, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c39, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.939668][T22576] FAULT_INJECTION: forcing a failure.
[ 2369.939668][T22576] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2369.954947][T22576] CPU: 1 PID: 22576 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2369.965114][T22576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2369.975010][T22576] Call Trace:
[ 2369.978135][T22576]  <TASK>
[ 2369.980912][T22576]  dump_stack_lvl+0x151/0x1b7
03:36:22 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2369.985541][T22576]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2369.991012][T22576]  dump_stack+0x15/0x17
[ 2369.994999][T22576]  should_fail+0x3c6/0x510
[ 2369.999252][T22576]  should_fail_alloc_page+0x5a/0x80
[ 2370.004287][T22576]  prepare_alloc_pages+0x15c/0x700
[ 2370.009321][T22576]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2370.014356][T22576]  __alloc_pages+0x18c/0x8f0
[ 2370.018785][T22576]  ? prep_new_page+0x110/0x110
[ 2370.023384][T22576]  get_zeroed_page+0x1b/0x40
[ 2370.027802][T22576]  __pud_alloc+0x8b/0x260
[ 2370.031975][T22576]  ? stack_trace_snprint+0xf0/0xf0
[ 2370.036918][T22576]  ? do_handle_mm_fault+0x2330/0x2330
[ 2370.042131][T22576]  ? __stack_depot_save+0x34/0x470
[ 2370.047069][T22576]  ? anon_vma_clone+0x9a/0x500
[ 2370.051673][T22576]  copy_page_range+0x2bcf/0x2f90
[ 2370.056441][T22576]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2370.061389][T22576]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2370.066515][T22576]  ? copy_mm+0xa3a/0x13e0
[ 2370.070675][T22576]  ? copy_process+0x1149/0x3290
[ 2370.075369][T22576]  ? kernel_clone+0x21e/0x9e0
[ 2370.079885][T22576]  ? __x64_sys_clone3+0x376/0x3a0
[ 2370.084737][T22576]  ? do_syscall_64+0x3d/0xb0
[ 2370.089161][T22576]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2370.095078][T22576]  ? pfn_valid+0x1e0/0x1e0
[ 2370.099320][T22576]  ? rwsem_write_trylock+0x15b/0x290
[ 2370.104440][T22576]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2370.110687][T22576]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2370.116244][T22576]  ? __rb_insert_augmented+0x5de/0x610
[ 2370.121541][T22576]  copy_mm+0xc7e/0x13e0
[ 2370.125533][T22576]  ? copy_signal+0x610/0x610
[ 2370.129958][T22576]  ? __init_rwsem+0xd6/0x1c0
[ 2370.134388][T22576]  ? copy_signal+0x4e3/0x610
[ 2370.138816][T22576]  copy_process+0x1149/0x3290
[ 2370.143326][T22576]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2370.148269][T22576]  ? copy_clone_args_from_user+0x744/0x830
[ 2370.153913][T22576]  kernel_clone+0x21e/0x9e0
[ 2370.158251][T22576]  ? __delayed_free_task+0x20/0x20
[ 2370.163199][T22576]  ? create_io_thread+0x1e0/0x1e0
[ 2370.168059][T22576]  __x64_sys_clone3+0x376/0x3a0
[ 2370.172747][T22576]  ? __ia32_sys_clone+0x290/0x290
[ 2370.177613][T22576]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2370.182726][T22576]  ? __traceiter_sys_enter+0x2a/0x40
[ 2370.187848][T22576]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2370.193754][T22576]  do_syscall_64+0x3d/0xb0
[ 2370.198005][T22576]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2370.203732][T22576] RIP: 0033:0x7f9d5f592da9
[ 2370.207987][T22576] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2370.227431][T22576] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
03:36:23 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) (async, rerun: 64)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14) (rerun: 64)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90) (async)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0) (async, rerun: 64)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14) (async, rerun: 32)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 32)
ftruncate(r10, 0x800) (async)
lseek(r10, 0x200, 0x0) (async)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90) (async, rerun: 32)
accept(r4, 0x0, 0x0)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000e40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000cc0)=@allocspi={0xf8, 0x16, 0x1, 0x70bd2b, 0x0, {{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@broadcast, 0x0, 0x0, 0x4e22, 0x7, 0xa}, {@in=@empty, 0x0, 0x33}, @in=@loopback, {0x0, 0x2, 0x3, 0x2, 0x3}, {}, {0x3, 0x0, 0x8}, 0x70bd2a, 0x34ff, 0x2, 0x4, 0x4, 0x40}}}, 0xf8}}, 0x0)
dup(r5) (async, rerun: 64)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r8 = socket$inet(0x2, 0x6, 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="85200000010000000942183601760000cc9070ff10000000185400000e000000000000000000000085000000c500000095000000000000001800000004000000000000000080000018140000", @ANYRES32=r2, @ANYBLOB="000025c0f2a80000"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:23 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32)

[ 2370.235757][T22576] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2370.243568][T22576] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2370.251382][T22576] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2370.259192][T22576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2370.267002][T22576] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2370.274821][T22576]  </TASK>
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.302946][T22694] FAULT_INJECTION: forcing a failure.
[ 2370.302946][T22694] name failslab, interval 1, probability 0, space 0, times 0
[ 2370.337418][T22694] CPU: 1 PID: 22694 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.347606][T22694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2370.357508][T22694] Call Trace:
[ 2370.360626][T22694]  <TASK>
[ 2370.363410][T22694]  dump_stack_lvl+0x151/0x1b7
[ 2370.367926][T22694]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2370.373394][T22694]  dump_stack+0x15/0x17
[ 2370.377373][T22694]  should_fail+0x3c6/0x510
[ 2370.381628][T22694]  __should_failslab+0xa4/0xe0
[ 2370.386227][T22694]  ? anon_vma_fork+0xf7/0x4e0
[ 2370.390737][T22694]  should_failslab+0x9/0x20
[ 2370.395080][T22694]  slab_pre_alloc_hook+0x37/0xd0
[ 2370.399851][T22694]  ? anon_vma_fork+0xf7/0x4e0
[ 2370.404359][T22694]  kmem_cache_alloc+0x44/0x200
[ 2370.408965][T22694]  anon_vma_fork+0xf7/0x4e0
[ 2370.413299][T22694]  ? anon_vma_name+0x4c/0x70
[ 2370.417726][T22694]  ? vm_area_dup+0x17a/0x230
[ 2370.422156][T22694]  copy_mm+0xa3a/0x13e0
[ 2370.426150][T22694]  ? copy_signal+0x610/0x610
[ 2370.430572][T22694]  ? __init_rwsem+0xd6/0x1c0
[ 2370.434997][T22694]  ? copy_signal+0x4e3/0x610
[ 2370.439426][T22694]  copy_process+0x1149/0x3290
[ 2370.443944][T22694]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2370.448895][T22694]  ? copy_clone_args_from_user+0x744/0x830
[ 2370.454527][T22694]  kernel_clone+0x21e/0x9e0
[ 2370.458868][T22694]  ? __delayed_free_task+0x20/0x20
[ 2370.463816][T22694]  ? create_io_thread+0x1e0/0x1e0
[ 2370.468678][T22694]  __x64_sys_clone3+0x376/0x3a0
[ 2370.473361][T22694]  ? __ia32_sys_clone+0x290/0x290
[ 2370.478239][T22694]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2370.483343][T22694]  ? __traceiter_sys_enter+0x2a/0x40
[ 2370.488465][T22694]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2370.494366][T22694]  do_syscall_64+0x3d/0xb0
[ 2370.498620][T22694]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2370.504435][T22694] RIP: 0033:0x7f9d5f592da9
[ 2370.508691][T22694] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2370.528128][T22694] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2370.536903][T22694] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2370.544713][T22694] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:23 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
write$binfmt_script(r1, &(0x7f00000007c0)={'#! ', './file0', [{}, {0x20, 'GPL\x00'}], 0xa, "1ff5c133095cb07c85d4818bf43a146b5ef68d2a0addd994912763d5cb7193c5fde32082e7df1feaea12c92a33fe8c6ecc68ccd5d8a1e18143ed8b136fdbc4ab1f133976eae1492dc988e9cd0d76a926e752691688c25c5f375a1c6886e2647c2d3db0f619c925830acc58bf12b463f2dc75a56ae1d3b0"}, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:23 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33)

[ 2370.552525][T22694] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2370.560338][T22694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2370.568146][T22694] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2370.575966][T22694]  </TASK>
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c3f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c40, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.621161][T22814] FAULT_INJECTION: forcing a failure.
[ 2370.621161][T22814] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2370.636143][T22814] CPU: 1 PID: 22814 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2370.646298][T22814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2370.656192][T22814] Call Trace:
[ 2370.659315][T22814]  <TASK>
[ 2370.662091][T22814]  dump_stack_lvl+0x151/0x1b7
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c41, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.666609][T22814]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2370.672077][T22814]  dump_stack+0x15/0x17
[ 2370.676067][T22814]  should_fail+0x3c6/0x510
[ 2370.680320][T22814]  should_fail_alloc_page+0x5a/0x80
[ 2370.685354][T22814]  prepare_alloc_pages+0x15c/0x700
[ 2370.690306][T22814]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2370.695336][T22814]  __alloc_pages+0x18c/0x8f0
[ 2370.699762][T22814]  ? prep_new_page+0x110/0x110
[ 2370.704370][T22814]  get_zeroed_page+0x1b/0x40
[ 2370.708790][T22814]  __pud_alloc+0x8b/0x260
[ 2370.712956][T22814]  ? stack_trace_snprint+0xf0/0xf0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c42, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c43, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c44, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.717901][T22814]  ? do_handle_mm_fault+0x2330/0x2330
[ 2370.723116][T22814]  ? __stack_depot_save+0x34/0x470
[ 2370.728057][T22814]  ? anon_vma_clone+0x9a/0x500
[ 2370.732659][T22814]  copy_page_range+0x2bcf/0x2f90
[ 2370.737430][T22814]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2370.742288][T22814]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2370.747413][T22814]  ? copy_mm+0xa3a/0x13e0
[ 2370.751577][T22814]  ? copy_process+0x1149/0x3290
[ 2370.756533][T22814]  ? kernel_clone+0x21e/0x9e0
[ 2370.761040][T22814]  ? __x64_sys_clone3+0x376/0x3a0
[ 2370.765898][T22814]  ? do_syscall_64+0x3d/0xb0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c45, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c46, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c47, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c48, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.770327][T22814]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2370.776238][T22814]  ? pfn_valid+0x1e0/0x1e0
[ 2370.780480][T22814]  ? rwsem_write_trylock+0x15b/0x290
[ 2370.785606][T22814]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2370.791874][T22814]  copy_mm+0xc7e/0x13e0
[ 2370.795848][T22814]  ? copy_signal+0x610/0x610
[ 2370.800275][T22814]  ? __init_rwsem+0xd6/0x1c0
[ 2370.804703][T22814]  ? copy_signal+0x4e3/0x610
[ 2370.809125][T22814]  copy_process+0x1149/0x3290
[ 2370.813645][T22814]  ? pidfd_show_fdinfo+0x2b0/0x2b0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c49, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.818580][T22814]  ? copy_clone_args_from_user+0x744/0x830
[ 2370.824227][T22814]  kernel_clone+0x21e/0x9e0
[ 2370.828562][T22814]  ? __delayed_free_task+0x20/0x20
[ 2370.833514][T22814]  ? create_io_thread+0x1e0/0x1e0
[ 2370.838371][T22814]  __x64_sys_clone3+0x376/0x3a0
[ 2370.843072][T22814]  ? __ia32_sys_clone+0x290/0x290
[ 2370.847918][T22814]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2370.853040][T22814]  ? __traceiter_sys_enter+0x2a/0x40
[ 2370.858160][T22814]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2370.864063][T22814]  do_syscall_64+0x3d/0xb0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c4f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.868315][T22814]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2370.874040][T22814] RIP: 0033:0x7f9d5f592da9
[ 2370.878297][T22814] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2370.897741][T22814] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2370.905977][T22814] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2370.913796][T22814] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c50, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4) (async, rerun: 32)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async, rerun: 32)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48) (async, rerun: 32)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
write$binfmt_script(r1, &(0x7f00000007c0)={'#! ', './file0', [{}, {0x20, 'GPL\x00'}], 0xa, "1ff5c133095cb07c85d4818bf43a146b5ef68d2a0addd994912763d5cb7193c5fde32082e7df1feaea12c92a33fe8c6ecc68ccd5d8a1e18143ed8b136fdbc4ab1f133976eae1492dc988e9cd0d76a926e752691688c25c5f375a1c6886e2647c2d3db0f619c925830acc58bf12b463f2dc75a56ae1d3b0"}, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 64)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 64)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:23 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c51, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2370.921615][T22814] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2370.929430][T22814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2370.937228][T22814] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2370.945049][T22814]  </TASK>
03:36:24 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8}) (async)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) (async)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90) (async)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0) (async)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r10, 0x800)
lseek(r10, 0x200, 0x0) (async)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90) (async)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90) (async)
accept(r4, 0x0, 0x0)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00'}) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:24 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c52, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
dup2(r4, r4) (async)
r5 = dup2(r4, r4)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
write$binfmt_script(r1, &(0x7f00000007c0)={'#! ', './file0', [{}, {0x20, 'GPL\x00'}], 0xa, "1ff5c133095cb07c85d4818bf43a146b5ef68d2a0addd994912763d5cb7193c5fde32082e7df1feaea12c92a33fe8c6ecc68ccd5d8a1e18143ed8b136fdbc4ab1f133976eae1492dc988e9cd0d76a926e752691688c25c5f375a1c6886e2647c2d3db0f619c925830acc58bf12b463f2dc75a56ae1d3b0"}, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c53, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.161580][ T7007] tipc: Subscription rejected, illegal request
[ 2371.172070][T23064] FAULT_INJECTION: forcing a failure.
[ 2371.172070][T23064] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2371.189013][T23064] CPU: 0 PID: 23064 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2371.199171][T23064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00'}) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='rxrpc_local\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x8, 0x1, 0x4)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r0, 0x0, r1, 0x0, 0x4ff9c, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='module_load\x00', r1}, 0x10)
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='rxrpc_local\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x8, 0x1, 0x4)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async, rerun: 64)
splice(r0, 0x0, r1, 0x0, 0x4ff9c, 0x8) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='module_load\x00', r1}, 0x10)
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c54, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='rxrpc_local\x00'}, 0x10)
pipe(&(0x7f00000004c0)) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x8, 0x1, 0x4)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r0, 0x0, r1, 0x0, 0x4ff9c, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='module_load\x00', r1}, 0x10)
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e) (async)
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

[ 2371.199327][ T7015] tipc: Subscription rejected, illegal request
[ 2371.209059][T23064] Call Trace:
[ 2371.209067][T23064]  <TASK>
[ 2371.209075][T23064]  dump_stack_lvl+0x151/0x1b7
[ 2371.209101][T23064]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2371.230940][T23064]  dump_stack+0x15/0x17
[ 2371.234928][T23064]  should_fail+0x3c6/0x510
[ 2371.239182][T23064]  should_fail_alloc_page+0x5a/0x80
[ 2371.244217][T23064]  prepare_alloc_pages+0x15c/0x700
[ 2371.249168][T23064]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2371.254201][T23064]  __alloc_pages+0x18c/0x8f0
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c55, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x1}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c56, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.258632][T23064]  ? prep_new_page+0x110/0x110
[ 2371.263426][T23064]  get_zeroed_page+0x1b/0x40
[ 2371.267823][T23064]  __pud_alloc+0x8b/0x260
[ 2371.271988][T23064]  ? stack_trace_snprint+0xf0/0xf0
[ 2371.277022][T23064]  ? do_handle_mm_fault+0x2330/0x2330
[ 2371.282230][T23064]  ? __stack_depot_save+0x34/0x470
[ 2371.287178][T23064]  ? anon_vma_clone+0x9a/0x500
[ 2371.291783][T23064]  copy_page_range+0x2bcf/0x2f90
[ 2371.296562][T23064]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2371.301411][T23064]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2371.306532][T23064]  ? copy_mm+0xa3a/0x13e0
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c57, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c58, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket(0x1e, 0x1, 0x0) (async)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x1}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

[ 2371.310697][T23064]  ? copy_process+0x1149/0x3290
[ 2371.315393][T23064]  ? kernel_clone+0x21e/0x9e0
[ 2371.319899][T23064]  ? __x64_sys_clone3+0x376/0x3a0
[ 2371.324767][T23064]  ? do_syscall_64+0x3d/0xb0
[ 2371.329185][T23064]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2371.335100][T23064]  ? pfn_valid+0x1e0/0x1e0
[ 2371.339343][T23064]  ? rwsem_write_trylock+0x15b/0x290
[ 2371.344463][T23064]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2371.350717][T23064]  copy_mm+0xc7e/0x13e0
[ 2371.354713][T23064]  ? copy_signal+0x610/0x610
03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x1}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c59, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r3 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r4=>0x0})
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000140)=0x48a, 0x4)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000880)={'gre0\x00', &(0x7f0000000840)={'gretap0\x00', <r5=>0x0, 0x7, 0x700, 0x3, 0x4, {{0x6, 0x4, 0x2, 0x3d, 0x18, 0x68, 0x0, 0x3, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x44}, @loopback, {[@noop]}}}}})
getsockname$packet(r1, &(0x7f0000000b40)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000b80)=0x14)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8936, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @remote={0xac, 0x14, 0xc}}, 0x4d, r9})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000fc0)=ANY=[@ANYRES32=r7, @ANYRES32=r9, @ANYRES8], 0x51c}}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000bc0)={'team0\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c00)={'rose0\x00', <r11=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000c40)={'wg1\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
r14 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r15=>0x0})
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x3f54041d15004445, 0x0, 0x0, {0x7, 0x0, 0x0, r15, 0x3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002980)=[{{&(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000180)="0c320b5c4d3e2d6d4e73c8bb90b959f755e6ab029bd9807e668064aa5f09d5fe13d133caaea5d056fe865b27848edac454498ab554787aa5e0d4ce1047f26df1e2d0259751bde1d3a4", 0x49}, {&(0x7f0000000080)="483ce0d5b093090a4544c04fc484fe2f3ea7f5eb83b324906a", 0x19}, {&(0x7f0000000200)="921759fbfcded8a639cdfaf91781d238f2740ad48b61bb8c5679b3ec5bbbfc7f5dc7874c88eb3436922ed2b83c1d1bf56bc1aa4c70dda38a1b2e478f3130db1197fc20a883807b8f0da621df863199688cbcef795830370cd38787526c1cf11f34dec989dab335677a5ee87800233ae63df193007c512ff8de5f3527a0612a8ad00dc6ebefe7c989dcfd0a823d83d1c7936d0b12ef70a69b873f11f3cdd847dca81f3f1dd11730fa8e2e4f4106144afeda74c0b6796dfa0616ec5a05c054d55fc1188c752b702cef05745a3b40fab639009b5f18f85e3acc63e0d71e6e44392990fc12deb89c21f2", 0xe8}, {&(0x7f0000000300)="c48df88ad7e9a526864557abf4db9ba16465f254436ba0d48fc1bca0b4db9e86a61b20ab0979b9c043cbf6a47d998ef7f1ab91c03bd5f8176e4e2bf1d5a5871e5092c38367279950e7b5f5bfa7dd1f7cf291dbf2dcb23b1f472255a3f44f06af4731fcacb8ea0d5cdc956674f01ae3de8d728990b36195e5a6b54de0c44a4fa376023c7e60", 0x85}, {&(0x7f0000000100)="02c3ce32d22f97626b7dab297395d535ede622dc48a7ea1a4f53b14d7544dcfc65ddd5a67f33be026d21df0ec220b058cd901087a30a0d9b92233fd4b75295", 0x3f}, {&(0x7f00000003c0)="4f78138377b0ec111c7cd85ad9b72d890db91df9aca801d5983277ca6aa923a401ce333baa347a51a1d39838c2dc57a4b0ed12e8e6b73b2806d7d1b3938e16dac6e52d257c88d303bb66d84ab260b73f9e4e01db869d", 0x56}, {&(0x7f0000000500)="71bac4cf4b339897bbb4850e68344ceb77aa90d5e144d2a5bbf8c724434c6a2537a10fa3085e61bb1dd4a5cb1e700e739727db23b2992496cb6f3ae629c137512bb761b06b5eef174127a774971a4f0fe53ecf430959ba6e0dadbd14ddf60e44c182286c69710771da363dfd3bff32febcdc27d5a4c8edf804c40102509f8999a194344021a5cb8aacf877ef794c802fc3e47264847fe65965b425559e899ebb489b7e0f2ab1fdc81c5a2b916007af145e09951b1e72a98bb7f3716cf0b00f4c02bacaeeda337fb905977d2ed34963002202849156990a6e8bab30452d71fd2269670643d4", 0xe5}, {&(0x7f0000000440)="4c7552fada84146fe280f1f3b1602d0bc1745c74be8ee74dba414d0a68da243aa564ee358c5d90134433d2514576a3c586c129e04aa92f02247746efedd9a30d711ed99f43b190a34fc79d", 0x4b}, {&(0x7f0000000600)="fa82ae8eff2b90ac69984b80cc02a9f7f0d08aa60adb4a8fb48b949657353f2c1b8fcc1cc52d1bb23afb185ef89087d4505feca73bb4068887ce80967a3fdbb79cf8467fbd5c4ecec3b666e37578bd5abead9fe1e37ef4e17b7c7653d0548843fa6f7efcff2636ab492de7adf2ce411ae65b497f9704e210122f6ea93063b5dffedd8c66a9cf0862432e74ac61d51ee240dc5de78ad4d76d5c39c0988fffdcc0565c01ad82987e27fbb07667df81f7336fb0edbe6933b24e510ce48a185e1165dc", 0xc1}, {&(0x7f0000000700)="83ed8cfdc4e826341589e907b0a61e44eb0c60d0ab6426141a0438f2e7dd589e11963762f6c28b0f9d7b74ea7772f8c16b5d5a9b4b029b5c392347928a901f5a0490db6bb86875035b2b395d87e0b0d40a88fe9368d0", 0x56}], 0xa, &(0x7f00000008c0)=[@ip_retopts={{0x3c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xa6, [@loopback]}, @lsrr={0x83, 0x1f, 0x16, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @remote, @multicast2, @multicast1, @multicast2, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x60, 0x0, 0x7, {[@generic={0x17, 0x3, 'q'}, @rr={0x7, 0x23, 0x63, [@broadcast, @multicast1, @private=0xa010102, @local, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote]}, @end, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x14, 0xcb, 0x1, 0x8, [{@rand_addr=0x64010102, 0xee1}, {@multicast2}]}, @timestamp={0x44, 0x10, 0x65, 0x0, 0x4, [0x91c, 0x7fff, 0xa4c]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x24}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x40}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x37}, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x170}}, {{&(0x7f0000000a40)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000a80)="9964d8bbc9bb4cd918958c91b53a1971abca44f27533ec5f9f29c1a82b328f3e8dd5652b1f40e0f929d5e1b4d8b9c40aae21ac2a6c941541c0e41f5e8323ea9329c896e35e99d10695cffbf68a8f812e0ba2be23c8042a629b5b9f69f3313d14f50002c041e45020894245817a", 0x6d}], 0x1, &(0x7f0000000c80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x800}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x18}, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @loopback, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x34}, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @multicast1, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @multicast1, @private=0xa010102}}}], 0x118}}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000000dc0)="59c201b5e9536e18f3", 0x9}, {&(0x7f0000000e00)="c5cb5b297ba3830b1106e32e32d6a396bf878e3e882eab4a8940d98383afd4fb80b14bf35c4a02df0ee023485ac12e747b2fdcd194cc85f08ba2dc51d5373769f34d55daae78576938611e56b01805419d917aa028bf341023549e97963e45f621386d59461929721a73d1039e9459162cfb7573d948b32ec5f2dfc1d084b17ea14a5055464781d7f7d9596264d34b09f4247d822c45787d4dd6fd75867553ecc186caa80738bd1ec0cf8c7cc87f866d7002b5101901603455ac3fa972cd55dd7667b9b8ed0fab3108b0042528", 0xcd}, {&(0x7f0000000f00)="bff159dc9af46fe9f831eb298cc937bc895a82324d4c308eb52fad577f9399bb", 0x20}, {&(0x7f0000000f40)="cd3b321ec2fde4229a6f157c65fce8e612523e328dd4e581773aa7db1dc650c81eedfc6754d695efaf2436a95258577cf8a273f04eaccc80ff25d1d3c412825b790ebc47ddfc6ce89dcd2551f0a5ea5d4160d71602c390fdd3d962600ebdc0d8467d76b72ac416dfd954f31a558fa05837e5dfe576aee9a8b759d198046436755afe92ce11f26cdd8d24521aae39113168ba6a79c225efce419f7c48ee04b03b05c9ccb66ff621bc18353b50ce62a12aad9ef98e068b76d41f9f4756a46d678ada847cd7bb550e80e3", 0xc9}, {&(0x7f0000001040)}, {&(0x7f0000001080)="7bf584e9256a7c00d3c58590e0fe6103b5867f976b32c8e32313d39eba8ebdef070ca7a01d3a0e14db2a412b5c37f55694e859db1724f9cf5522269498ef15991444bf3de9820cae50b63f325cf9138044519629ace70ec1ad85595b3711e696b4492ac5e7f80a1c652b1e5066406042e0d023b082cb37918f213eaa4649b88d098406a983a73cf1372cce2fefa3b6edf4b703618cff5531a8f134a33025d918ea54e90082c930a74411aff88adadd1edee065902a6fb7876c2b662dcc18b5b029d2a40171ddf215b5384f52c695de16e3c635405a04650241a478d6e63c3c5a8ae97e2036eed015786c303a7cee5fdc42536dd309b15a2a0d6a5ee53e78dddbc0d1f4adeff12f26111f77bd2b2c0823e7543e3818eb5d5cc1a449360f8249b159fbce016e620b214688e71ea7afb23b7133521f1e6b110c89629f95171ebebfff9c2116f9d7f4864b1ea1ad0209f1cbaa2d4620713f2e4b57c3849510d261cd393161425ab59812e6d591957bf70240734f3d99afdf29f545f1f5560cef9ae2742d1c543f38fae4e80fb4d76518cc815a44b6256b808b5f8ca6424a94eb8c9dff46f536ef60e5d6a9e39810c1f676a237d7505155585f20576948594be2325a17815455dfd63c388791fd3af1de9b1129388fecdf6e49dab3825da0426c803c57439d4b421e9563d51b06d8e4a3fc14a00860354afa04afeecd604b900c8eb81427335249b89a02e1663cf6e9a2ae5235bf63c3bfe15e0db43572916c643e398ca2beb7fb3dda2b9d60209225133284b722c884716584c7397bc337ec0950dde80f2ce025a9e1e52c28aaf6398585499a8319f9d24fe67569af33a1b9b07d6dc12f176c8aee3f0211dc53659472d61654b9c8cc742398bb25ba734c2439e6094d1af05bd4bef3051f871d528d01462fcbcd083478380750070fa44dc67bb2e1c61a82a0a7772edc16cbd99e44a76bd0ee966fa11efd21935b023ed021a78d2aec619d374a5f74c44b75b9ae99ab24122a3a31d7201667cb59c53c4383aa6ca49530e112931b5f810781b14c44f95974f35ba5294b97503e540abe37febebce6688a09e2ff7ba149c19ec6ea256e2a6d9979b75dc10140072e4894090e9f53d825dac1d5a0b1f71445038838264a7a21ffc1e219bc60401cd0163707ce616dbc6e3643fe73417afd346ab63f254ce6933056e2369280d4ee508a0ee86e1660451a8e3108eb0176f795e06d5ecec1d365c100682f57e84a01a65a1362e7de242f1122ba372f8044de440cd91bfbd674573d9f390ec6e5ca7c68bf1c34704cc145cbede4020b6dbf536fa9bca656b8475d0f0c3af3dfd6c3869f9a61ea71a575a5014fd9ca56b6100868ed98bac723e8007a29fb4d167455bab641ccc69e348e983f478e710f1bfb50db0e9ca25c502bc6e94b554d931f7aec2749cc4638d09659bbe991948a316ef921ec1a7f2e7561f4beb9db5e3a5e9bf9b309f711cc57c841eeedcf9633fd39c7992b8286e7aab07c10b4c7a043ea8caa96a3a4cba5a787d2649d0d243751c31637d7ef1caaca760ec5ce6c8ef877f168ca94b5474cb405faba63a92cee2c82b6558c81f78b1d6996047d51f0e9490e2a2d0772d9c20cfb5f0780b8636d3214e761c7ec39751a62dc52d9a62b9cb3487e5a0744c6244cb35d6769805fb8a8caf6a513b556b9f5955bc9e5e7b651f2e32802a24b7556d325088c2779c5e21ed8d463f2fff65c47bcc95eca1b4eedef7235c3dc3abcf3ad2d351b6a84cf0b0a797541d3935ac8e4635a66487b07a9176c025f7f5c631e0e32f1e06becfdc5c2fb90b700e810eea4a084f02a8aaf92acc4c9fb5fbd3b27bba04d565cf126beae22e76f6db891bdf16af37b20c4f0ad9ac9938cd56e0630544e46acf2c75bbba36b942c48f0e8c4ff1b7a2d0ac659bb87901820f50eeeda67b1df98ceb06b099ac1b206907fdbb576219e7472c06b2d2e34b0fee9959097def58f70c552f1a1e15d542eb54099243d2efa21e99a74c3ad4ee4fe99ceba9be3d7d11295d81a6d16b07ce911476a130be0e4b349a012df8c961a81b3fb246d193ab0e9faedd2b8c7e978096f0019372a39e709f456d1ad2c207f2f7655e7d48077cdeb19014ace32ceb6429cf7369367046ad555784bb5d587e2345e0803a689292f484b4a8775696adbac1b25b21c656c41fe1b5fcbd389489a2b19ea59b66349a2d3c9f5e165a2b42db79419845f0fbc1a7651a9079a1368d9283b3356c54b8aaa3a0a91d40ca8eaa4a22977ca575b1a389202405a7a368f92ddf98f28b95a59d763be9e508a2981b1053a753c633c5b6f99742debc9a49475bcfea24b337db80f8b4309f36867f6cddb816f7d3a475b0643376696db2d8bf4f8d380e540ab1093972f0ed2c687c385bbedb5798511f19c9f7e23d1915e7e7b119f58931e18059b475c768f3f6242eca703ab8741d6af3f2d3bead71bc7f2177f7b49c32632894068c158c403c11482461cb0cb01375cc9a792459efe17b129be87631c8247c46bd455b431f37fcc2cf5eab4c1f83ce5f2142f029c7958916d7df7917b86426ef86878e041eaac5dac8d2b0f47a1722ca76def17e2d1d8d87809f1500d328c44d784fb21b4121489aaadbc95fc3b28a6f0f2b6113bec78ab4a23fe8d95d9894dfba47e00051d76c74793c60a7ecc5adf4901ee6d31fd4ef37c11c2759cf80389b1cc8a9aeb9aec8c03e2758f5f3d9d7134305033b68e32fa82a24a879fd1898e08f90a93223a47c1b83de8bb45e45c253d9d5e88ca5956a0e37acadb8fe037f1896a50e92c6b5311850c907a0d0a3fb6790d08c8a3be731241d63d93426637652005802d8cb8791c20cdc0146d01542dab2a02351b7152a5121b14d74baed8086f5e7facb2b4ae949a3a05f17627622b78b5746794bd8a9a4de0f00e22db33ecceed0101ba6363d19add7e11c8a6bf2977edbf498d6e0a2b8d23e212e4c7184018c16f39e614a08e1b150127e37437f7192cfd47d78a99f6bd08b5bf3c866557ee3b3d3e87a45754576548b1aafb46ca4b160449d38e6510f3617e1fc0e115fdb313f6d0d3d4b27bab112b47d4abb41d0003759235ff03c6b53e16cc54aac748ab3ec1253f5f79d69cac1a15defbecc2200b39650d58c9d99fb1cd1075a03d3389fc3caf12f4da07a51def063ecc3ca78afd973bb3d1ffc8ce83aedcae8bc24f42bd17fb310ab440eec245bace8ac23ea9586b1708ba446e14f34ea5541911e7c5db38d4fca335d761ffd08e5d5d9f74a8ed82503e11332aa53a93990f8e2dfd73d52b04a6f6007642508b784ff98a731a0ad8d91d81557b5115264137fb3000923845834c4e828c72a9d3ad131b24e1e8aa060d38fdc6c94ca2781eaa2b39a3cb6fe12e3a5756c5eba8bd76b8796b586c1d3ddab8df36c4d24ff6c437ec693e33c3f646337fec129e1e70c5c1330ebd6ba22bd9a1abac2a859c61387961f08ca2fc252aa44988ad7371d412077d51b73b6250fc12b80bc3fa9a3ab0ef6848e7669e0b3e828320116d66bb4bddcf7f8735776a6dac61e8571967938cff4155ee73159882d59f5d03ab43120d194cfcf67f93f1ce8a630537e3394ae58c5718ca37b4eb8d51507cfcacfcaf938ab13f4e852463022e524318522cda606e944e29def8d7afbc9223b83636b5a1a44f44a60b7b9dcfc21909424c7fe4cede875eab789b376491969e7648112a94428c28db2a946e61f59ef495a787811e5ceb2393406857b9c2e79261035294ee460d56b15840d675ecc4f1a4a6dcb6df51ec653a456d1ff83d1cb0d0a25060bf6af716e12cf20c84b43eab79358030548dd974267edadc11ee413ac83f87c445acb0580ab99f43fcb43d3f46b6283111986dd53ff378a1d7a1690c6328434be4ab353293fe6ae7decde8941472eb867c2df2cc329a2b483d415edc936844ae6837b35e56f1e9a7cd82d8661242c11067b8e094a83541b8312d033aa1e3fe4e29e1791938d67019f9e61b2a1cae790c2433c8e4c84ac1d376f6095ae8364233192cab3bd92776348a80bc5bf23ce512632c669f87642277ceda765af804923ab258a0c50803e4b3401fd605b26a97b77ead5374eeb662696a052a7656947815de7bfb60cb81c2b896cbf511379b96eba37d730bca8784447d6ced3b34f4325406d8dc5f80441d463c7a939701e6c99298ba9af7a819727659d337cb1d23082e4470b2bb5cd185e8140fb40b866bb8a56f70e65423799ace7d530b032bee749fe98a04c5415d315259b7d72ddeb21f0883d115746657f4b11b5eb9fa3332e2b147af3bb037d5c505e9e9ee896230ca7c28c92840015216134b170a86d98417d417e40998cf0b853ecae939c6343c1eae3e91296080d7e1af9c7d072c97826ac5eaf4b34f1940b52e80d8de617350c9ce325a8299afeebff90a2adebf06354ef22caf295d1f1a55f00131dfad3e314f78c609716bfcbcef7204909bd3b1ae1a2a412feda2f9121a6497bd4942c8826fd88373ca243fc458727528eeae486e503790f3c11a164524540797752f87b3d800338d3787d81b7b82d8d3180ae013115dd424e376223d88d46bf8c7cc72a4a4278a309346fbc4283eabfba1150fd9ffa6eb7cc798ac645010ba4245afa907a553f1d5ef3e0aae7d2a907667a8cf2f12df727be7f6a058647965590a322fb363373f2024612f12b2d7f32b23b6c9e9f41029d92133f9a09513c88956513c02b5286d84b9498c48ac5ddf34f59cef7788035a73c3bd5eebbec07c85111b9e8308e6f2ddc1e5ea4588f370dfb471cab8ff3106e6b9d88b98958d7be390f102c745b6ab0d43d29261d3861e046c81913c8078593f23aa416dd6e8591fbab8812bbb3e5e0914b5edbae6915ba11732790ab689042faea44cb5f8e3f23283e0ea2d81b364f793497e39bdf22e7df16d331aed8b59d452408bbccebba2aed9ca7477ca900b2898d22d84a7f2d9956f1e61ebb983a386905fc8be7dbe09a10dd9b0a6c5a3235e87911f31a9cd7ca77d79a4db5cab2cce35708228f5b9a4240d698f98c1aa9a0d73900f13cebd4c9c24285638e2a7a8f1db8033b4fbc7e7a737aa22818e64810f2d45ad936e1366d38c8240b1a19fb2714afaa7be9b0614b762d44e0f800cd46fe72915539cda1f3580444d81354f962d8df9bbaf4a72dc5e6816a2943427fb2e26ba2aa1abe1a486696975199c5d9bb5a513de189f9e6f57cba0bdb0ebbe0983a0a381221d7365604c513aecf1a53311592df5a2e867693a028b8243d9e8e386c85e920baf030dd1f28916391fad638e54b363d32abe240d2b2f9e8292b494ca3f4ffc7a2fd34b3e828a788ea20bc0f8ca92e448e93eb022d837a1d1c33df66dabcf242030f3e7f84f554701de5597e5789ed74385b064f1d6052d7ddb8f3964560d8bfeabce8dbd2eee7ca0f695cf7d8495ce98e739b6146897ccfb5f6dd73c38d7455cf3a6c388bd468321277ae048a7daaafda42955ab82368ae5059375a2af55a924e82b7c7c5f320361eef387bc65888279cc01342968aff8b1b97470ba8fbd0b6e873d9e0015310097a55d001d621f5bbfb5736bfbd8a66b2b4109e254fe325b8b757fd265f4bb1846b34531cd40ff8e3fe399f8777bead543d3e382f4f743727e9558461eabcc438275dfce9d5e53f628992be69ec2f4515cefcbbaa761e714375a49c3918ebd6c1efbebf4b87481bdd36388f306f603b634cd0015d4aeb74ccbda44dfc7545142575ac86ca511f7851d0423256ad83a82c8b5424c2a2ef7d794", 0x1000}, {&(0x7f0000002080)="565e0a201a0835638ca4e1ca5ab94e7d6688a365473002bd6850b21a758ac0cf2532ca83867e02f4689b0096c21a", 0x2e}, {&(0x7f00000020c0)="626eec48c44bd967d9c60b53cb20d0d3252711e6913161aa12327e9fdd8d508ae6efcbc40b8800fb4d759b5137199e5951bfe8db5861654c3bc27106356ee5d5ab37b38ffb266d2e630fb3cad21b47f77d18570dcaf47a2c4fa5f0f6918937343a42ca985287b519f755532a1a02cf78bcc96c0a93691110edb2f3bdf072b7af354e6178a9700ef45789f5a20a3db14f08380deeba8b8060ba3f00b4d5caa08f324c6d57dd046f955bf5a3da46c8e83f5731f0a7d901126e02a35a3532447fe253d7941c403d4f3503a403352012f417", 0xd0}, {&(0x7f00000021c0)="a27618d1a1dd92cb01535bc15a86fd8db2cf9dffa3dba15cf92e058cfff101320852f0fb88fa34fa03b43ae3a75dd49b46c474709f38c020c7b502f59625aa6fca9e5b315206b10a91032f11a7d952a4ed76cb96b7b89e30296e6b4b7f78638fc15ada0685911b0d838bed2d07f01eba48492f", 0x73}], 0x9, &(0x7f0000002300)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x18}}, {{&(0x7f0000002340)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f00000028c0)=[{&(0x7f0000002380)="c7c92e07fe5ca03f962a82f9c9d9220e0697663da3b98bda441aa179cf202c4e2b3828b57a257e03", 0x28}, {&(0x7f00000023c0)="f9207afa8e72cce135e506d6aa8d7014b348aa1575398af674634ef79ddf7e9215ca7533a82f954a4a92219d0ed1af95ea3587733f40642a2d74c38b5bf509b17422ef8e79622bae975909fb0edbae88f9cc9c6006b0b70b464c636d30bf3288f1ca254a17ec5017f21c889ec45574249875bf81210b8303a835000967c4a94046ffd548940238f89f2bf50f31198296bddd25eada6cced1a873250dea866049dd454145328570b1f96dac23da573b9982f9ea78ebd1d322deaabfc418435637ab9198445a125fd173a5394b3d", 0xcd}, {&(0x7f00000024c0)="ba423962f4c8591107781e26e34348db1460d778c4fcedf040ee908e02eaa95c0099a7677299ec863102af418cd591903dcb0639caa77df71190d386e45060633f0056e8e0631e0494c4e02c43d8f080c87d1bc65c6db6a24e812e4372ca2f24830b5cff6bdd6ad714e3e5a95227c905e815508943b8fc2e9637072d9c6ce3bca4321261452897790f0f037a0a0332377e9bd6da1256b9f0193406eeed90", 0x9e}, {&(0x7f0000002580)="a69fefeba61e9c854af98d0d5ab169c873bc886a6163b4f34f0e011bd6c74d9a7c3219c776560f8dbb6c335e661d269af2fd37dff260bd444ae93ddf8b63f314df989c068c0c6e3fac3d49227e33dcf57b27ef04ebc3d455e6fcb0bfa13d8b32af46d327016f346cba69adbbdcd0f9bf82f83c578bee0381d2167a583649f9e6a56407896bd53f94", 0x88}, {&(0x7f0000002640)="25b9a2488d2a0712b2f2114f15f35d8a481267ad9ec056f366d1989bb259da03248274e082a4ad4edf837f4d5e6fcebb9a59e1fe8d2070448e269bbea1ab226dda9c4c29ed5c2e6a060243a87bce6fbfed6dc943d409429eb57be0", 0x5b}, {&(0x7f00000026c0)="b50b513d39dcdd1f2da1d4120acd5e15e6ae087a18e68028b14c139c4c2d54682ba3ce6c238f3cfed9481f81f1692fa6e7085fbdef9c9f4fe6fbc8ce8b9028b6da6af624883c6f890aab7bf225ee6997b77b0e0cef16f3365303e897fea609a8b819fd111455bd3a2aaf8957a3fe8ac74a019f96a2cc52b4fd49fb87ee6b0955ef647568e1848b07f7dad65ffa0f6062c99bc73e738dd6e46cd3a8255c9676a6df0000b87f273f27eb968dfa1dceac41513fb36052244277a2f3e485", 0xbc}, {&(0x7f0000002780)="d5b775cd9f4a123f3704b106c6a30c40eba4179b5d202f23bc06a117399586c57c96b2ffe335f55f659835407b17dbad3139245783f94cc295c4a004f28875aa2a0ffc957efd060eda420c463373f2437c439a5bb2a078dc33080d04f2179e923e422a87f8fbe0639cef0eb9ca3f9aaf82ab9d6dfe90a69a98fe45258958064d1450392f28c3d8b1efd82ab3c5fd22c72fe477d6d9e02d6e81eb50d4136b35fe6d11c17f41446eb2ca11655aa18717da1097a5aa77839dfb5d291656a8f329498454585b50006b3f0e3d67aa5e3be2bb18560b3b3cb67b00bd21bf512c6f87cbcc952801e4650d80d41c4cc509e3a1e15fe4be8c64ab9407d7", 0xf9}, {&(0x7f0000002880)="99695c7ae98b73bde73d47a06966a7dfa8596ad6f68577170a2a7cc1850a2cb375fb", 0x22}], 0x8, &(0x7f0000002940)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @remote, @loopback}}}], 0x20}}], 0x4, 0x814)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

[ 2371.359130][T23064]  ? __init_rwsem+0xd6/0x1c0
[ 2371.363560][T23064]  ? copy_signal+0x4e3/0x610
[ 2371.367984][T23064]  copy_process+0x1149/0x3290
[ 2371.372506][T23064]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2371.377968][T23064]  ? copy_clone_args_from_user+0x744/0x830
[ 2371.383611][T23064]  kernel_clone+0x21e/0x9e0
[ 2371.387945][T23064]  ? __delayed_free_task+0x20/0x20
[ 2371.392897][T23064]  ? create_io_thread+0x1e0/0x1e0
[ 2371.397767][T23064]  __x64_sys_clone3+0x376/0x3a0
[ 2371.402443][T23064]  ? __ia32_sys_clone+0x290/0x290
[ 2371.407310][T23064]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2371.412424][T23064]  ? __traceiter_sys_enter+0x2a/0x40
[ 2371.417545][T23064]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2371.423455][T23064]  do_syscall_64+0x3d/0xb0
[ 2371.427693][T23064]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2371.433438][T23064] RIP: 0033:0x7f9d5f592da9
[ 2371.437676][T23064] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000840)={0x0, 'veth1_to_bridge\x00', {0x4}, 0xe138})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
r8 = accept$inet(r2, &(0x7f0000000700)={0x2, 0x0, @local}, &(0x7f00000007c0)=0x10)
connect$inet(r8, &(0x7f0000000800)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r7, &(0x7f0000000880)="e1096a8575c5b6a23438392b32c680d80d", 0x11, 0x814, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f010000000000000064227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:24 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.457121][T23064] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2371.465360][T23064] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2371.473173][T23064] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2371.480983][T23064] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2371.488796][T23064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2371.496607][T23064] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2371.504426][T23064]  </TASK>
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.540648][T23228] FAULT_INJECTION: forcing a failure.
[ 2371.540648][T23228] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2371.553913][T23228] CPU: 0 PID: 23228 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2371.564064][T23228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2371.573960][T23228] Call Trace:
[ 2371.577091][T23228]  <TASK>
[ 2371.579856][T23228]  dump_stack_lvl+0x151/0x1b7
[ 2371.584372][T23228]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c5f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.589842][T23228]  dump_stack+0x15/0x17
[ 2371.593831][T23228]  should_fail+0x3c6/0x510
[ 2371.598087][T23228]  should_fail_alloc_page+0x5a/0x80
[ 2371.603129][T23228]  prepare_alloc_pages+0x15c/0x700
[ 2371.608156][T23228]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2371.613192][T23228]  __alloc_pages+0x18c/0x8f0
[ 2371.617617][T23228]  ? prep_new_page+0x110/0x110
[ 2371.622211][T23228]  ? __alloc_pages+0x27e/0x8f0
[ 2371.626816][T23228]  ? __kasan_check_write+0x14/0x20
[ 2371.631759][T23228]  ? _raw_spin_lock+0xa4/0x1b0
[ 2371.636369][T23228]  pte_alloc_one+0x73/0x1b0
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c60, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c61, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c62, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c63, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2371.640699][T23228]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2371.645740][T23228]  ? __pmd_alloc+0x48d/0x550
[ 2371.650160][T23228]  __pte_alloc+0x86/0x350
[ 2371.654327][T23228]  ? __pud_alloc+0x260/0x260
[ 2371.658751][T23228]  ? __pud_alloc+0x213/0x260
[ 2371.663178][T23228]  ? free_pgtables+0x280/0x280
[ 2371.667781][T23228]  ? do_handle_mm_fault+0x2330/0x2330
[ 2371.672986][T23228]  ? __stack_depot_save+0x34/0x470
[ 2371.677932][T23228]  ? anon_vma_clone+0x9a/0x500
[ 2371.682537][T23228]  copy_page_range+0x28a8/0x2f90
[ 2371.687308][T23228]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2371.692174][T23228]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2371.697289][T23228]  ? kernel_clone+0x21e/0x9e0
[ 2371.701802][T23228]  ? do_syscall_64+0x3d/0xb0
[ 2371.706228][T23228]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2371.712135][T23228]  ? pfn_valid+0x1e0/0x1e0
[ 2371.716375][T23228]  ? rwsem_write_trylock+0x15b/0x290
[ 2371.721498][T23228]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2371.727753][T23228]  copy_mm+0xc7e/0x13e0
[ 2371.731744][T23228]  ? copy_signal+0x610/0x610
[ 2371.736166][T23228]  ? __init_rwsem+0xd6/0x1c0
[ 2371.740594][T23228]  ? copy_signal+0x4e3/0x610
[ 2371.745035][T23228]  copy_process+0x1149/0x3290
[ 2371.749542][T23228]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2371.754482][T23228]  ? copy_clone_args_from_user+0x744/0x830
[ 2371.760122][T23228]  kernel_clone+0x21e/0x9e0
[ 2371.764459][T23228]  ? __delayed_free_task+0x20/0x20
[ 2371.769408][T23228]  ? create_io_thread+0x1e0/0x1e0
[ 2371.774270][T23228]  __x64_sys_clone3+0x376/0x3a0
[ 2371.778956][T23228]  ? __ia32_sys_clone+0x290/0x290
[ 2371.783834][T23228]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2371.789109][T23228]  ? __traceiter_sys_enter+0x2a/0x40
[ 2371.794233][T23228]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2371.800134][T23228]  do_syscall_64+0x3d/0xb0
[ 2371.804386][T23228]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2371.810114][T23228] RIP: 0033:0x7f9d5f592da9
[ 2371.814367][T23228] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2371.833808][T23228] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2371.842141][T23228] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2371.849949][T23228] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2371.857764][T23228] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2371.865572][T23228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2371.873387][T23228] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2371.881204][T23228]  </TASK>
[ 2371.886398][ T7015] tipc: Subscription rejected, illegal request
03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c64, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000840)={0x0, 'veth1_to_bridge\x00', {0x4}, 0xe138}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
r8 = accept$inet(r2, &(0x7f0000000700)={0x2, 0x0, @local}, &(0x7f00000007c0)=0x10)
connect$inet(r8, &(0x7f0000000800)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r7, &(0x7f0000000880)="e1096a8575c5b6a23438392b32c680d80d", 0x11, 0x814, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f010000000000000064227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:24 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100))
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r10, 0x0)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r10, 0x0, 0x0)

03:36:24 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36)

03:36:24 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c65, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c66, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.024185][T23355] FAULT_INJECTION: forcing a failure.
[ 2372.024185][T23355] name failslab, interval 1, probability 0, space 0, times 0
[ 2372.037267][T23355] CPU: 0 PID: 23355 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2372.047423][T23355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2372.057325][T23355] Call Trace:
[ 2372.060439][T23355]  <TASK>
[ 2372.063249][T23355]  dump_stack_lvl+0x151/0x1b7
[ 2372.067730][T23355]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c67, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.073205][T23355]  dump_stack+0x15/0x17
[ 2372.077192][T23355]  should_fail+0x3c6/0x510
[ 2372.081446][T23355]  __should_failslab+0xa4/0xe0
[ 2372.086056][T23355]  ? anon_vma_clone+0x9a/0x500
[ 2372.090645][T23355]  should_failslab+0x9/0x20
[ 2372.094992][T23355]  slab_pre_alloc_hook+0x37/0xd0
[ 2372.099761][T23355]  ? anon_vma_clone+0x9a/0x500
[ 2372.104358][T23355]  kmem_cache_alloc+0x44/0x200
[ 2372.108961][T23355]  anon_vma_clone+0x9a/0x500
[ 2372.113388][T23355]  anon_vma_fork+0x91/0x4e0
[ 2372.117725][T23355]  ? anon_vma_name+0x4c/0x70
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c68, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c69, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.122151][T23355]  ? vm_area_dup+0x17a/0x230
[ 2372.126579][T23355]  copy_mm+0xa3a/0x13e0
[ 2372.130577][T23355]  ? copy_signal+0x610/0x610
[ 2372.134998][T23355]  ? __init_rwsem+0xd6/0x1c0
[ 2372.139426][T23355]  ? copy_signal+0x4e3/0x610
[ 2372.143850][T23355]  copy_process+0x1149/0x3290
[ 2372.148369][T23355]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2372.153314][T23355]  ? copy_clone_args_from_user+0x744/0x830
[ 2372.158954][T23355]  kernel_clone+0x21e/0x9e0
[ 2372.163290][T23355]  ? __delayed_free_task+0x20/0x20
[ 2372.168274][T23355]  ? create_io_thread+0x1e0/0x1e0
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.173102][T23355]  __x64_sys_clone3+0x376/0x3a0
[ 2372.177871][T23355]  ? __ia32_sys_clone+0x290/0x290
[ 2372.182742][T23355]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2372.187855][T23355]  ? __traceiter_sys_enter+0x2a/0x40
[ 2372.192975][T23355]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2372.198877][T23355]  do_syscall_64+0x3d/0xb0
[ 2372.203128][T23355]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2372.208856][T23355] RIP: 0033:0x7f9d5f592da9
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c6f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.213111][T23355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2372.232554][T23355] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2372.240800][T23355] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2372.248612][T23355] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2372.256422][T23355] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2372.264234][T23355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c70, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000840)={0x0, 'veth1_to_bridge\x00', {0x4}, 0xe138}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
r8 = accept$inet(r2, &(0x7f0000000700)={0x2, 0x0, @local}, &(0x7f00000007c0)=0x10)
connect$inet(r8, &(0x7f0000000800)={0x2, 0x4e21, @empty}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000880)="e1096a8575c5b6a23438392b32c680d80d", 0x11, 0x814, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f010000000000000064227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:25 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r3 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r4=>0x0})
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000140)=0x48a, 0x4) (async)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000880)={'gre0\x00', &(0x7f0000000840)={'gretap0\x00', <r5=>0x0, 0x7, 0x700, 0x3, 0x4, {{0x6, 0x4, 0x2, 0x3d, 0x18, 0x68, 0x0, 0x3, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x44}, @loopback, {[@noop]}}}}}) (async, rerun: 64)
getsockname$packet(r1, &(0x7f0000000b40)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000b80)=0x14) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 32)
r8 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8936, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @remote={0xac, 0x14, 0xc}}, 0x4d, r9}) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000fc0)=ANY=[@ANYRES32=r7, @ANYRES32=r9, @ANYRES8], 0x51c}}, 0x800) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000bc0)={'team0\x00', <r10=>0x0}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c00)={'rose0\x00', <r11=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000c40)={'wg1\x00', <r12=>0x0}) (async)
r13 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r14 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r15=>0x0})
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x3f54041d15004445, 0x0, 0x0, {0x7, 0x0, 0x0, r15, 0x3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) (async)
sendmmsg$inet(r2, &(0x7f0000002980)=[{{&(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000180)="0c320b5c4d3e2d6d4e73c8bb90b959f755e6ab029bd9807e668064aa5f09d5fe13d133caaea5d056fe865b27848edac454498ab554787aa5e0d4ce1047f26df1e2d0259751bde1d3a4", 0x49}, {&(0x7f0000000080)="483ce0d5b093090a4544c04fc484fe2f3ea7f5eb83b324906a", 0x19}, {&(0x7f0000000200)="921759fbfcded8a639cdfaf91781d238f2740ad48b61bb8c5679b3ec5bbbfc7f5dc7874c88eb3436922ed2b83c1d1bf56bc1aa4c70dda38a1b2e478f3130db1197fc20a883807b8f0da621df863199688cbcef795830370cd38787526c1cf11f34dec989dab335677a5ee87800233ae63df193007c512ff8de5f3527a0612a8ad00dc6ebefe7c989dcfd0a823d83d1c7936d0b12ef70a69b873f11f3cdd847dca81f3f1dd11730fa8e2e4f4106144afeda74c0b6796dfa0616ec5a05c054d55fc1188c752b702cef05745a3b40fab639009b5f18f85e3acc63e0d71e6e44392990fc12deb89c21f2", 0xe8}, {&(0x7f0000000300)="c48df88ad7e9a526864557abf4db9ba16465f254436ba0d48fc1bca0b4db9e86a61b20ab0979b9c043cbf6a47d998ef7f1ab91c03bd5f8176e4e2bf1d5a5871e5092c38367279950e7b5f5bfa7dd1f7cf291dbf2dcb23b1f472255a3f44f06af4731fcacb8ea0d5cdc956674f01ae3de8d728990b36195e5a6b54de0c44a4fa376023c7e60", 0x85}, {&(0x7f0000000100)="02c3ce32d22f97626b7dab297395d535ede622dc48a7ea1a4f53b14d7544dcfc65ddd5a67f33be026d21df0ec220b058cd901087a30a0d9b92233fd4b75295", 0x3f}, {&(0x7f00000003c0)="4f78138377b0ec111c7cd85ad9b72d890db91df9aca801d5983277ca6aa923a401ce333baa347a51a1d39838c2dc57a4b0ed12e8e6b73b2806d7d1b3938e16dac6e52d257c88d303bb66d84ab260b73f9e4e01db869d", 0x56}, {&(0x7f0000000500)="71bac4cf4b339897bbb4850e68344ceb77aa90d5e144d2a5bbf8c724434c6a2537a10fa3085e61bb1dd4a5cb1e700e739727db23b2992496cb6f3ae629c137512bb761b06b5eef174127a774971a4f0fe53ecf430959ba6e0dadbd14ddf60e44c182286c69710771da363dfd3bff32febcdc27d5a4c8edf804c40102509f8999a194344021a5cb8aacf877ef794c802fc3e47264847fe65965b425559e899ebb489b7e0f2ab1fdc81c5a2b916007af145e09951b1e72a98bb7f3716cf0b00f4c02bacaeeda337fb905977d2ed34963002202849156990a6e8bab30452d71fd2269670643d4", 0xe5}, {&(0x7f0000000440)="4c7552fada84146fe280f1f3b1602d0bc1745c74be8ee74dba414d0a68da243aa564ee358c5d90134433d2514576a3c586c129e04aa92f02247746efedd9a30d711ed99f43b190a34fc79d", 0x4b}, {&(0x7f0000000600)="fa82ae8eff2b90ac69984b80cc02a9f7f0d08aa60adb4a8fb48b949657353f2c1b8fcc1cc52d1bb23afb185ef89087d4505feca73bb4068887ce80967a3fdbb79cf8467fbd5c4ecec3b666e37578bd5abead9fe1e37ef4e17b7c7653d0548843fa6f7efcff2636ab492de7adf2ce411ae65b497f9704e210122f6ea93063b5dffedd8c66a9cf0862432e74ac61d51ee240dc5de78ad4d76d5c39c0988fffdcc0565c01ad82987e27fbb07667df81f7336fb0edbe6933b24e510ce48a185e1165dc", 0xc1}, {&(0x7f0000000700)="83ed8cfdc4e826341589e907b0a61e44eb0c60d0ab6426141a0438f2e7dd589e11963762f6c28b0f9d7b74ea7772f8c16b5d5a9b4b029b5c392347928a901f5a0490db6bb86875035b2b395d87e0b0d40a88fe9368d0", 0x56}], 0xa, &(0x7f00000008c0)=[@ip_retopts={{0x3c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xa6, [@loopback]}, @lsrr={0x83, 0x1f, 0x16, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @remote, @multicast2, @multicast1, @multicast2, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x60, 0x0, 0x7, {[@generic={0x17, 0x3, 'q'}, @rr={0x7, 0x23, 0x63, [@broadcast, @multicast1, @private=0xa010102, @local, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote]}, @end, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x14, 0xcb, 0x1, 0x8, [{@rand_addr=0x64010102, 0xee1}, {@multicast2}]}, @timestamp={0x44, 0x10, 0x65, 0x0, 0x4, [0x91c, 0x7fff, 0xa4c]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x24}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x40}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x37}, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x170}}, {{&(0x7f0000000a40)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000a80)="9964d8bbc9bb4cd918958c91b53a1971abca44f27533ec5f9f29c1a82b328f3e8dd5652b1f40e0f929d5e1b4d8b9c40aae21ac2a6c941541c0e41f5e8323ea9329c896e35e99d10695cffbf68a8f812e0ba2be23c8042a629b5b9f69f3313d14f50002c041e45020894245817a", 0x6d}], 0x1, &(0x7f0000000c80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x800}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x18}, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @loopback, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x34}, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @multicast1, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @multicast1, @private=0xa010102}}}], 0x118}}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000000dc0)="59c201b5e9536e18f3", 0x9}, {&(0x7f0000000e00)="c5cb5b297ba3830b1106e32e32d6a396bf878e3e882eab4a8940d98383afd4fb80b14bf35c4a02df0ee023485ac12e747b2fdcd194cc85f08ba2dc51d5373769f34d55daae78576938611e56b01805419d917aa028bf341023549e97963e45f621386d59461929721a73d1039e9459162cfb7573d948b32ec5f2dfc1d084b17ea14a5055464781d7f7d9596264d34b09f4247d822c45787d4dd6fd75867553ecc186caa80738bd1ec0cf8c7cc87f866d7002b5101901603455ac3fa972cd55dd7667b9b8ed0fab3108b0042528", 0xcd}, {&(0x7f0000000f00)="bff159dc9af46fe9f831eb298cc937bc895a82324d4c308eb52fad577f9399bb", 0x20}, {&(0x7f0000000f40)="cd3b321ec2fde4229a6f157c65fce8e612523e328dd4e581773aa7db1dc650c81eedfc6754d695efaf2436a95258577cf8a273f04eaccc80ff25d1d3c412825b790ebc47ddfc6ce89dcd2551f0a5ea5d4160d71602c390fdd3d962600ebdc0d8467d76b72ac416dfd954f31a558fa05837e5dfe576aee9a8b759d198046436755afe92ce11f26cdd8d24521aae39113168ba6a79c225efce419f7c48ee04b03b05c9ccb66ff621bc18353b50ce62a12aad9ef98e068b76d41f9f4756a46d678ada847cd7bb550e80e3", 0xc9}, {&(0x7f0000001040)}, {&(0x7f0000001080)="7bf584e9256a7c00d3c58590e0fe6103b5867f976b32c8e32313d39eba8ebdef070ca7a01d3a0e14db2a412b5c37f55694e859db1724f9cf5522269498ef15991444bf3de9820cae50b63f325cf9138044519629ace70ec1ad85595b3711e696b4492ac5e7f80a1c652b1e5066406042e0d023b082cb37918f213eaa4649b88d098406a983a73cf1372cce2fefa3b6edf4b703618cff5531a8f134a33025d918ea54e90082c930a74411aff88adadd1edee065902a6fb7876c2b662dcc18b5b029d2a40171ddf215b5384f52c695de16e3c635405a04650241a478d6e63c3c5a8ae97e2036eed015786c303a7cee5fdc42536dd309b15a2a0d6a5ee53e78dddbc0d1f4adeff12f26111f77bd2b2c0823e7543e3818eb5d5cc1a449360f8249b159fbce016e620b214688e71ea7afb23b7133521f1e6b110c89629f95171ebebfff9c2116f9d7f4864b1ea1ad0209f1cbaa2d4620713f2e4b57c3849510d261cd393161425ab59812e6d591957bf70240734f3d99afdf29f545f1f5560cef9ae2742d1c543f38fae4e80fb4d76518cc815a44b6256b808b5f8ca6424a94eb8c9dff46f536ef60e5d6a9e39810c1f676a237d7505155585f20576948594be2325a17815455dfd63c388791fd3af1de9b1129388fecdf6e49dab3825da0426c803c57439d4b421e9563d51b06d8e4a3fc14a00860354afa04afeecd604b900c8eb81427335249b89a02e1663cf6e9a2ae5235bf63c3bfe15e0db43572916c643e398ca2beb7fb3dda2b9d60209225133284b722c884716584c7397bc337ec0950dde80f2ce025a9e1e52c28aaf6398585499a8319f9d24fe67569af33a1b9b07d6dc12f176c8aee3f0211dc53659472d61654b9c8cc742398bb25ba734c2439e6094d1af05bd4bef3051f871d528d01462fcbcd083478380750070fa44dc67bb2e1c61a82a0a7772edc16cbd99e44a76bd0ee966fa11efd21935b023ed021a78d2aec619d374a5f74c44b75b9ae99ab24122a3a31d7201667cb59c53c4383aa6ca49530e112931b5f810781b14c44f95974f35ba5294b97503e540abe37febebce6688a09e2ff7ba149c19ec6ea256e2a6d9979b75dc10140072e4894090e9f53d825dac1d5a0b1f71445038838264a7a21ffc1e219bc60401cd0163707ce616dbc6e3643fe73417afd346ab63f254ce6933056e2369280d4ee508a0ee86e1660451a8e3108eb0176f795e06d5ecec1d365c100682f57e84a01a65a1362e7de242f1122ba372f8044de440cd91bfbd674573d9f390ec6e5ca7c68bf1c34704cc145cbede4020b6dbf536fa9bca656b8475d0f0c3af3dfd6c3869f9a61ea71a575a5014fd9ca56b6100868ed98bac723e8007a29fb4d167455bab641ccc69e348e983f478e710f1bfb50db0e9ca25c502bc6e94b554d931f7aec2749cc4638d09659bbe991948a316ef921ec1a7f2e7561f4beb9db5e3a5e9bf9b309f711cc57c841eeedcf9633fd39c7992b8286e7aab07c10b4c7a043ea8caa96a3a4cba5a787d2649d0d243751c31637d7ef1caaca760ec5ce6c8ef877f168ca94b5474cb405faba63a92cee2c82b6558c81f78b1d6996047d51f0e9490e2a2d0772d9c20cfb5f0780b8636d3214e761c7ec39751a62dc52d9a62b9cb3487e5a0744c6244cb35d6769805fb8a8caf6a513b556b9f5955bc9e5e7b651f2e32802a24b7556d325088c2779c5e21ed8d463f2fff65c47bcc95eca1b4eedef7235c3dc3abcf3ad2d351b6a84cf0b0a797541d3935ac8e4635a66487b07a9176c025f7f5c631e0e32f1e06becfdc5c2fb90b700e810eea4a084f02a8aaf92acc4c9fb5fbd3b27bba04d565cf126beae22e76f6db891bdf16af37b20c4f0ad9ac9938cd56e0630544e46acf2c75bbba36b942c48f0e8c4ff1b7a2d0ac659bb87901820f50eeeda67b1df98ceb06b099ac1b206907fdbb576219e7472c06b2d2e34b0fee9959097def58f70c552f1a1e15d542eb54099243d2efa21e99a74c3ad4ee4fe99ceba9be3d7d11295d81a6d16b07ce911476a130be0e4b349a012df8c961a81b3fb246d193ab0e9faedd2b8c7e978096f0019372a39e709f456d1ad2c207f2f7655e7d48077cdeb19014ace32ceb6429cf7369367046ad555784bb5d587e2345e0803a689292f484b4a8775696adbac1b25b21c656c41fe1b5fcbd389489a2b19ea59b66349a2d3c9f5e165a2b42db79419845f0fbc1a7651a9079a1368d9283b3356c54b8aaa3a0a91d40ca8eaa4a22977ca575b1a389202405a7a368f92ddf98f28b95a59d763be9e508a2981b1053a753c633c5b6f99742debc9a49475bcfea24b337db80f8b4309f36867f6cddb816f7d3a475b0643376696db2d8bf4f8d380e540ab1093972f0ed2c687c385bbedb5798511f19c9f7e23d1915e7e7b119f58931e18059b475c768f3f6242eca703ab8741d6af3f2d3bead71bc7f2177f7b49c32632894068c158c403c11482461cb0cb01375cc9a792459efe17b129be87631c8247c46bd455b431f37fcc2cf5eab4c1f83ce5f2142f029c7958916d7df7917b86426ef86878e041eaac5dac8d2b0f47a1722ca76def17e2d1d8d87809f1500d328c44d784fb21b4121489aaadbc95fc3b28a6f0f2b6113bec78ab4a23fe8d95d9894dfba47e00051d76c74793c60a7ecc5adf4901ee6d31fd4ef37c11c2759cf80389b1cc8a9aeb9aec8c03e2758f5f3d9d7134305033b68e32fa82a24a879fd1898e08f90a93223a47c1b83de8bb45e45c253d9d5e88ca5956a0e37acadb8fe037f1896a50e92c6b5311850c907a0d0a3fb6790d08c8a3be731241d63d93426637652005802d8cb8791c20cdc0146d01542dab2a02351b7152a5121b14d74baed8086f5e7facb2b4ae949a3a05f17627622b78b5746794bd8a9a4de0f00e22db33ecceed0101ba6363d19add7e11c8a6bf2977edbf498d6e0a2b8d23e212e4c7184018c16f39e614a08e1b150127e37437f7192cfd47d78a99f6bd08b5bf3c866557ee3b3d3e87a45754576548b1aafb46ca4b160449d38e6510f3617e1fc0e115fdb313f6d0d3d4b27bab112b47d4abb41d0003759235ff03c6b53e16cc54aac748ab3ec1253f5f79d69cac1a15defbecc2200b39650d58c9d99fb1cd1075a03d3389fc3caf12f4da07a51def063ecc3ca78afd973bb3d1ffc8ce83aedcae8bc24f42bd17fb310ab440eec245bace8ac23ea9586b1708ba446e14f34ea5541911e7c5db38d4fca335d761ffd08e5d5d9f74a8ed82503e11332aa53a93990f8e2dfd73d52b04a6f6007642508b784ff98a731a0ad8d91d81557b5115264137fb3000923845834c4e828c72a9d3ad131b24e1e8aa060d38fdc6c94ca2781eaa2b39a3cb6fe12e3a5756c5eba8bd76b8796b586c1d3ddab8df36c4d24ff6c437ec693e33c3f646337fec129e1e70c5c1330ebd6ba22bd9a1abac2a859c61387961f08ca2fc252aa44988ad7371d412077d51b73b6250fc12b80bc3fa9a3ab0ef6848e7669e0b3e828320116d66bb4bddcf7f8735776a6dac61e8571967938cff4155ee73159882d59f5d03ab43120d194cfcf67f93f1ce8a630537e3394ae58c5718ca37b4eb8d51507cfcacfcaf938ab13f4e852463022e524318522cda606e944e29def8d7afbc9223b83636b5a1a44f44a60b7b9dcfc21909424c7fe4cede875eab789b376491969e7648112a94428c28db2a946e61f59ef495a787811e5ceb2393406857b9c2e79261035294ee460d56b15840d675ecc4f1a4a6dcb6df51ec653a456d1ff83d1cb0d0a25060bf6af716e12cf20c84b43eab79358030548dd974267edadc11ee413ac83f87c445acb0580ab99f43fcb43d3f46b6283111986dd53ff378a1d7a1690c6328434be4ab353293fe6ae7decde8941472eb867c2df2cc329a2b483d415edc936844ae6837b35e56f1e9a7cd82d8661242c11067b8e094a83541b8312d033aa1e3fe4e29e1791938d67019f9e61b2a1cae790c2433c8e4c84ac1d376f6095ae8364233192cab3bd92776348a80bc5bf23ce512632c669f87642277ceda765af804923ab258a0c50803e4b3401fd605b26a97b77ead5374eeb662696a052a7656947815de7bfb60cb81c2b896cbf511379b96eba37d730bca8784447d6ced3b34f4325406d8dc5f80441d463c7a939701e6c99298ba9af7a819727659d337cb1d23082e4470b2bb5cd185e8140fb40b866bb8a56f70e65423799ace7d530b032bee749fe98a04c5415d315259b7d72ddeb21f0883d115746657f4b11b5eb9fa3332e2b147af3bb037d5c505e9e9ee896230ca7c28c92840015216134b170a86d98417d417e40998cf0b853ecae939c6343c1eae3e91296080d7e1af9c7d072c97826ac5eaf4b34f1940b52e80d8de617350c9ce325a8299afeebff90a2adebf06354ef22caf295d1f1a55f00131dfad3e314f78c609716bfcbcef7204909bd3b1ae1a2a412feda2f9121a6497bd4942c8826fd88373ca243fc458727528eeae486e503790f3c11a164524540797752f87b3d800338d3787d81b7b82d8d3180ae013115dd424e376223d88d46bf8c7cc72a4a4278a309346fbc4283eabfba1150fd9ffa6eb7cc798ac645010ba4245afa907a553f1d5ef3e0aae7d2a907667a8cf2f12df727be7f6a058647965590a322fb363373f2024612f12b2d7f32b23b6c9e9f41029d92133f9a09513c88956513c02b5286d84b9498c48ac5ddf34f59cef7788035a73c3bd5eebbec07c85111b9e8308e6f2ddc1e5ea4588f370dfb471cab8ff3106e6b9d88b98958d7be390f102c745b6ab0d43d29261d3861e046c81913c8078593f23aa416dd6e8591fbab8812bbb3e5e0914b5edbae6915ba11732790ab689042faea44cb5f8e3f23283e0ea2d81b364f793497e39bdf22e7df16d331aed8b59d452408bbccebba2aed9ca7477ca900b2898d22d84a7f2d9956f1e61ebb983a386905fc8be7dbe09a10dd9b0a6c5a3235e87911f31a9cd7ca77d79a4db5cab2cce35708228f5b9a4240d698f98c1aa9a0d73900f13cebd4c9c24285638e2a7a8f1db8033b4fbc7e7a737aa22818e64810f2d45ad936e1366d38c8240b1a19fb2714afaa7be9b0614b762d44e0f800cd46fe72915539cda1f3580444d81354f962d8df9bbaf4a72dc5e6816a2943427fb2e26ba2aa1abe1a486696975199c5d9bb5a513de189f9e6f57cba0bdb0ebbe0983a0a381221d7365604c513aecf1a53311592df5a2e867693a028b8243d9e8e386c85e920baf030dd1f28916391fad638e54b363d32abe240d2b2f9e8292b494ca3f4ffc7a2fd34b3e828a788ea20bc0f8ca92e448e93eb022d837a1d1c33df66dabcf242030f3e7f84f554701de5597e5789ed74385b064f1d6052d7ddb8f3964560d8bfeabce8dbd2eee7ca0f695cf7d8495ce98e739b6146897ccfb5f6dd73c38d7455cf3a6c388bd468321277ae048a7daaafda42955ab82368ae5059375a2af55a924e82b7c7c5f320361eef387bc65888279cc01342968aff8b1b97470ba8fbd0b6e873d9e0015310097a55d001d621f5bbfb5736bfbd8a66b2b4109e254fe325b8b757fd265f4bb1846b34531cd40ff8e3fe399f8777bead543d3e382f4f743727e9558461eabcc438275dfce9d5e53f628992be69ec2f4515cefcbbaa761e714375a49c3918ebd6c1efbebf4b87481bdd36388f306f603b634cd0015d4aeb74ccbda44dfc7545142575ac86ca511f7851d0423256ad83a82c8b5424c2a2ef7d794", 0x1000}, {&(0x7f0000002080)="565e0a201a0835638ca4e1ca5ab94e7d6688a365473002bd6850b21a758ac0cf2532ca83867e02f4689b0096c21a", 0x2e}, {&(0x7f00000020c0)="626eec48c44bd967d9c60b53cb20d0d3252711e6913161aa12327e9fdd8d508ae6efcbc40b8800fb4d759b5137199e5951bfe8db5861654c3bc27106356ee5d5ab37b38ffb266d2e630fb3cad21b47f77d18570dcaf47a2c4fa5f0f6918937343a42ca985287b519f755532a1a02cf78bcc96c0a93691110edb2f3bdf072b7af354e6178a9700ef45789f5a20a3db14f08380deeba8b8060ba3f00b4d5caa08f324c6d57dd046f955bf5a3da46c8e83f5731f0a7d901126e02a35a3532447fe253d7941c403d4f3503a403352012f417", 0xd0}, {&(0x7f00000021c0)="a27618d1a1dd92cb01535bc15a86fd8db2cf9dffa3dba15cf92e058cfff101320852f0fb88fa34fa03b43ae3a75dd49b46c474709f38c020c7b502f59625aa6fca9e5b315206b10a91032f11a7d952a4ed76cb96b7b89e30296e6b4b7f78638fc15ada0685911b0d838bed2d07f01eba48492f", 0x73}], 0x9, &(0x7f0000002300)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x18}}, {{&(0x7f0000002340)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f00000028c0)=[{&(0x7f0000002380)="c7c92e07fe5ca03f962a82f9c9d9220e0697663da3b98bda441aa179cf202c4e2b3828b57a257e03", 0x28}, {&(0x7f00000023c0)="f9207afa8e72cce135e506d6aa8d7014b348aa1575398af674634ef79ddf7e9215ca7533a82f954a4a92219d0ed1af95ea3587733f40642a2d74c38b5bf509b17422ef8e79622bae975909fb0edbae88f9cc9c6006b0b70b464c636d30bf3288f1ca254a17ec5017f21c889ec45574249875bf81210b8303a835000967c4a94046ffd548940238f89f2bf50f31198296bddd25eada6cced1a873250dea866049dd454145328570b1f96dac23da573b9982f9ea78ebd1d322deaabfc418435637ab9198445a125fd173a5394b3d", 0xcd}, {&(0x7f00000024c0)="ba423962f4c8591107781e26e34348db1460d778c4fcedf040ee908e02eaa95c0099a7677299ec863102af418cd591903dcb0639caa77df71190d386e45060633f0056e8e0631e0494c4e02c43d8f080c87d1bc65c6db6a24e812e4372ca2f24830b5cff6bdd6ad714e3e5a95227c905e815508943b8fc2e9637072d9c6ce3bca4321261452897790f0f037a0a0332377e9bd6da1256b9f0193406eeed90", 0x9e}, {&(0x7f0000002580)="a69fefeba61e9c854af98d0d5ab169c873bc886a6163b4f34f0e011bd6c74d9a7c3219c776560f8dbb6c335e661d269af2fd37dff260bd444ae93ddf8b63f314df989c068c0c6e3fac3d49227e33dcf57b27ef04ebc3d455e6fcb0bfa13d8b32af46d327016f346cba69adbbdcd0f9bf82f83c578bee0381d2167a583649f9e6a56407896bd53f94", 0x88}, {&(0x7f0000002640)="25b9a2488d2a0712b2f2114f15f35d8a481267ad9ec056f366d1989bb259da03248274e082a4ad4edf837f4d5e6fcebb9a59e1fe8d2070448e269bbea1ab226dda9c4c29ed5c2e6a060243a87bce6fbfed6dc943d409429eb57be0", 0x5b}, {&(0x7f00000026c0)="b50b513d39dcdd1f2da1d4120acd5e15e6ae087a18e68028b14c139c4c2d54682ba3ce6c238f3cfed9481f81f1692fa6e7085fbdef9c9f4fe6fbc8ce8b9028b6da6af624883c6f890aab7bf225ee6997b77b0e0cef16f3365303e897fea609a8b819fd111455bd3a2aaf8957a3fe8ac74a019f96a2cc52b4fd49fb87ee6b0955ef647568e1848b07f7dad65ffa0f6062c99bc73e738dd6e46cd3a8255c9676a6df0000b87f273f27eb968dfa1dceac41513fb36052244277a2f3e485", 0xbc}, {&(0x7f0000002780)="d5b775cd9f4a123f3704b106c6a30c40eba4179b5d202f23bc06a117399586c57c96b2ffe335f55f659835407b17dbad3139245783f94cc295c4a004f28875aa2a0ffc957efd060eda420c463373f2437c439a5bb2a078dc33080d04f2179e923e422a87f8fbe0639cef0eb9ca3f9aaf82ab9d6dfe90a69a98fe45258958064d1450392f28c3d8b1efd82ab3c5fd22c72fe477d6d9e02d6e81eb50d4136b35fe6d11c17f41446eb2ca11655aa18717da1097a5aa77839dfb5d291656a8f329498454585b50006b3f0e3d67aa5e3be2bb18560b3b3cb67b00bd21bf512c6f87cbcc952801e4650d80d41c4cc509e3a1e15fe4be8c64ab9407d7", 0xf9}, {&(0x7f0000002880)="99695c7ae98b73bde73d47a06966a7dfa8596ad6f68577170a2a7cc1850a2cb375fb", 0x22}], 0x8, &(0x7f0000002940)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @remote, @loopback}}}], 0x20}}], 0x4, 0x814)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:25 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket(0x11, 0x3, 0x0) (async)
r3 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r4=>0x0})
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000140)=0x48a, 0x4)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) (async)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000880)={'gre0\x00', &(0x7f0000000840)={'gretap0\x00', 0x0, 0x7, 0x700, 0x3, 0x4, {{0x6, 0x4, 0x2, 0x3d, 0x18, 0x68, 0x0, 0x3, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x44}, @loopback, {[@noop]}}}}}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000880)={'gre0\x00', &(0x7f0000000840)={'gretap0\x00', <r5=>0x0, 0x7, 0x700, 0x3, 0x4, {{0x6, 0x4, 0x2, 0x3d, 0x18, 0x68, 0x0, 0x3, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x44}, @loopback, {[@noop]}}}}})
getsockname$packet(r1, &(0x7f0000000b40)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000b80)=0x14)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8936, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @remote={0xac, 0x14, 0xc}}, 0x4d, r9})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000fc0)=ANY=[@ANYRES32=r7, @ANYRES32=r9, @ANYRES8], 0x51c}}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000bc0)={'team0\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c00)={'rose0\x00', <r11=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000c40)={'wg1\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
r14 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r15=>0x0})
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x3f54041d15004445, 0x0, 0x0, {0x7, 0x0, 0x0, r15, 0x3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) (async)
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x3f54041d15004445, 0x0, 0x0, {0x7, 0x0, 0x0, r15, 0x3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002980)=[{{&(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000180)="0c320b5c4d3e2d6d4e73c8bb90b959f755e6ab029bd9807e668064aa5f09d5fe13d133caaea5d056fe865b27848edac454498ab554787aa5e0d4ce1047f26df1e2d0259751bde1d3a4", 0x49}, {&(0x7f0000000080)="483ce0d5b093090a4544c04fc484fe2f3ea7f5eb83b324906a", 0x19}, {&(0x7f0000000200)="921759fbfcded8a639cdfaf91781d238f2740ad48b61bb8c5679b3ec5bbbfc7f5dc7874c88eb3436922ed2b83c1d1bf56bc1aa4c70dda38a1b2e478f3130db1197fc20a883807b8f0da621df863199688cbcef795830370cd38787526c1cf11f34dec989dab335677a5ee87800233ae63df193007c512ff8de5f3527a0612a8ad00dc6ebefe7c989dcfd0a823d83d1c7936d0b12ef70a69b873f11f3cdd847dca81f3f1dd11730fa8e2e4f4106144afeda74c0b6796dfa0616ec5a05c054d55fc1188c752b702cef05745a3b40fab639009b5f18f85e3acc63e0d71e6e44392990fc12deb89c21f2", 0xe8}, {&(0x7f0000000300)="c48df88ad7e9a526864557abf4db9ba16465f254436ba0d48fc1bca0b4db9e86a61b20ab0979b9c043cbf6a47d998ef7f1ab91c03bd5f8176e4e2bf1d5a5871e5092c38367279950e7b5f5bfa7dd1f7cf291dbf2dcb23b1f472255a3f44f06af4731fcacb8ea0d5cdc956674f01ae3de8d728990b36195e5a6b54de0c44a4fa376023c7e60", 0x85}, {&(0x7f0000000100)="02c3ce32d22f97626b7dab297395d535ede622dc48a7ea1a4f53b14d7544dcfc65ddd5a67f33be026d21df0ec220b058cd901087a30a0d9b92233fd4b75295", 0x3f}, {&(0x7f00000003c0)="4f78138377b0ec111c7cd85ad9b72d890db91df9aca801d5983277ca6aa923a401ce333baa347a51a1d39838c2dc57a4b0ed12e8e6b73b2806d7d1b3938e16dac6e52d257c88d303bb66d84ab260b73f9e4e01db869d", 0x56}, {&(0x7f0000000500)="71bac4cf4b339897bbb4850e68344ceb77aa90d5e144d2a5bbf8c724434c6a2537a10fa3085e61bb1dd4a5cb1e700e739727db23b2992496cb6f3ae629c137512bb761b06b5eef174127a774971a4f0fe53ecf430959ba6e0dadbd14ddf60e44c182286c69710771da363dfd3bff32febcdc27d5a4c8edf804c40102509f8999a194344021a5cb8aacf877ef794c802fc3e47264847fe65965b425559e899ebb489b7e0f2ab1fdc81c5a2b916007af145e09951b1e72a98bb7f3716cf0b00f4c02bacaeeda337fb905977d2ed34963002202849156990a6e8bab30452d71fd2269670643d4", 0xe5}, {&(0x7f0000000440)="4c7552fada84146fe280f1f3b1602d0bc1745c74be8ee74dba414d0a68da243aa564ee358c5d90134433d2514576a3c586c129e04aa92f02247746efedd9a30d711ed99f43b190a34fc79d", 0x4b}, {&(0x7f0000000600)="fa82ae8eff2b90ac69984b80cc02a9f7f0d08aa60adb4a8fb48b949657353f2c1b8fcc1cc52d1bb23afb185ef89087d4505feca73bb4068887ce80967a3fdbb79cf8467fbd5c4ecec3b666e37578bd5abead9fe1e37ef4e17b7c7653d0548843fa6f7efcff2636ab492de7adf2ce411ae65b497f9704e210122f6ea93063b5dffedd8c66a9cf0862432e74ac61d51ee240dc5de78ad4d76d5c39c0988fffdcc0565c01ad82987e27fbb07667df81f7336fb0edbe6933b24e510ce48a185e1165dc", 0xc1}, {&(0x7f0000000700)="83ed8cfdc4e826341589e907b0a61e44eb0c60d0ab6426141a0438f2e7dd589e11963762f6c28b0f9d7b74ea7772f8c16b5d5a9b4b029b5c392347928a901f5a0490db6bb86875035b2b395d87e0b0d40a88fe9368d0", 0x56}], 0xa, &(0x7f00000008c0)=[@ip_retopts={{0x3c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xa6, [@loopback]}, @lsrr={0x83, 0x1f, 0x16, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @remote, @multicast2, @multicast1, @multicast2, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x60, 0x0, 0x7, {[@generic={0x17, 0x3, 'q'}, @rr={0x7, 0x23, 0x63, [@broadcast, @multicast1, @private=0xa010102, @local, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote]}, @end, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x14, 0xcb, 0x1, 0x8, [{@rand_addr=0x64010102, 0xee1}, {@multicast2}]}, @timestamp={0x44, 0x10, 0x65, 0x0, 0x4, [0x91c, 0x7fff, 0xa4c]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x24}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x40}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x37}, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x170}}, {{&(0x7f0000000a40)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000a80)="9964d8bbc9bb4cd918958c91b53a1971abca44f27533ec5f9f29c1a82b328f3e8dd5652b1f40e0f929d5e1b4d8b9c40aae21ac2a6c941541c0e41f5e8323ea9329c896e35e99d10695cffbf68a8f812e0ba2be23c8042a629b5b9f69f3313d14f50002c041e45020894245817a", 0x6d}], 0x1, &(0x7f0000000c80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x800}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x18}, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @loopback, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x34}, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @multicast1, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @multicast1, @private=0xa010102}}}], 0x118}}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000000dc0)="59c201b5e9536e18f3", 0x9}, {&(0x7f0000000e00)="c5cb5b297ba3830b1106e32e32d6a396bf878e3e882eab4a8940d98383afd4fb80b14bf35c4a02df0ee023485ac12e747b2fdcd194cc85f08ba2dc51d5373769f34d55daae78576938611e56b01805419d917aa028bf341023549e97963e45f621386d59461929721a73d1039e9459162cfb7573d948b32ec5f2dfc1d084b17ea14a5055464781d7f7d9596264d34b09f4247d822c45787d4dd6fd75867553ecc186caa80738bd1ec0cf8c7cc87f866d7002b5101901603455ac3fa972cd55dd7667b9b8ed0fab3108b0042528", 0xcd}, {&(0x7f0000000f00)="bff159dc9af46fe9f831eb298cc937bc895a82324d4c308eb52fad577f9399bb", 0x20}, {&(0x7f0000000f40)="cd3b321ec2fde4229a6f157c65fce8e612523e328dd4e581773aa7db1dc650c81eedfc6754d695efaf2436a95258577cf8a273f04eaccc80ff25d1d3c412825b790ebc47ddfc6ce89dcd2551f0a5ea5d4160d71602c390fdd3d962600ebdc0d8467d76b72ac416dfd954f31a558fa05837e5dfe576aee9a8b759d198046436755afe92ce11f26cdd8d24521aae39113168ba6a79c225efce419f7c48ee04b03b05c9ccb66ff621bc18353b50ce62a12aad9ef98e068b76d41f9f4756a46d678ada847cd7bb550e80e3", 0xc9}, {&(0x7f0000001040)}, {&(0x7f0000001080)="7bf584e9256a7c00d3c58590e0fe6103b5867f976b32c8e32313d39eba8ebdef070ca7a01d3a0e14db2a412b5c37f55694e859db1724f9cf5522269498ef15991444bf3de9820cae50b63f325cf9138044519629ace70ec1ad85595b3711e696b4492ac5e7f80a1c652b1e5066406042e0d023b082cb37918f213eaa4649b88d098406a983a73cf1372cce2fefa3b6edf4b703618cff5531a8f134a33025d918ea54e90082c930a74411aff88adadd1edee065902a6fb7876c2b662dcc18b5b029d2a40171ddf215b5384f52c695de16e3c635405a04650241a478d6e63c3c5a8ae97e2036eed015786c303a7cee5fdc42536dd309b15a2a0d6a5ee53e78dddbc0d1f4adeff12f26111f77bd2b2c0823e7543e3818eb5d5cc1a449360f8249b159fbce016e620b214688e71ea7afb23b7133521f1e6b110c89629f95171ebebfff9c2116f9d7f4864b1ea1ad0209f1cbaa2d4620713f2e4b57c3849510d261cd393161425ab59812e6d591957bf70240734f3d99afdf29f545f1f5560cef9ae2742d1c543f38fae4e80fb4d76518cc815a44b6256b808b5f8ca6424a94eb8c9dff46f536ef60e5d6a9e39810c1f676a237d7505155585f20576948594be2325a17815455dfd63c388791fd3af1de9b1129388fecdf6e49dab3825da0426c803c57439d4b421e9563d51b06d8e4a3fc14a00860354afa04afeecd604b900c8eb81427335249b89a02e1663cf6e9a2ae5235bf63c3bfe15e0db43572916c643e398ca2beb7fb3dda2b9d60209225133284b722c884716584c7397bc337ec0950dde80f2ce025a9e1e52c28aaf6398585499a8319f9d24fe67569af33a1b9b07d6dc12f176c8aee3f0211dc53659472d61654b9c8cc742398bb25ba734c2439e6094d1af05bd4bef3051f871d528d01462fcbcd083478380750070fa44dc67bb2e1c61a82a0a7772edc16cbd99e44a76bd0ee966fa11efd21935b023ed021a78d2aec619d374a5f74c44b75b9ae99ab24122a3a31d7201667cb59c53c4383aa6ca49530e112931b5f810781b14c44f95974f35ba5294b97503e540abe37febebce6688a09e2ff7ba149c19ec6ea256e2a6d9979b75dc10140072e4894090e9f53d825dac1d5a0b1f71445038838264a7a21ffc1e219bc60401cd0163707ce616dbc6e3643fe73417afd346ab63f254ce6933056e2369280d4ee508a0ee86e1660451a8e3108eb0176f795e06d5ecec1d365c100682f57e84a01a65a1362e7de242f1122ba372f8044de440cd91bfbd674573d9f390ec6e5ca7c68bf1c34704cc145cbede4020b6dbf536fa9bca656b8475d0f0c3af3dfd6c3869f9a61ea71a575a5014fd9ca56b6100868ed98bac723e8007a29fb4d167455bab641ccc69e348e983f478e710f1bfb50db0e9ca25c502bc6e94b554d931f7aec2749cc4638d09659bbe991948a316ef921ec1a7f2e7561f4beb9db5e3a5e9bf9b309f711cc57c841eeedcf9633fd39c7992b8286e7aab07c10b4c7a043ea8caa96a3a4cba5a787d2649d0d243751c31637d7ef1caaca760ec5ce6c8ef877f168ca94b5474cb405faba63a92cee2c82b6558c81f78b1d6996047d51f0e9490e2a2d0772d9c20cfb5f0780b8636d3214e761c7ec39751a62dc52d9a62b9cb3487e5a0744c6244cb35d6769805fb8a8caf6a513b556b9f5955bc9e5e7b651f2e32802a24b7556d325088c2779c5e21ed8d463f2fff65c47bcc95eca1b4eedef7235c3dc3abcf3ad2d351b6a84cf0b0a797541d3935ac8e4635a66487b07a9176c025f7f5c631e0e32f1e06becfdc5c2fb90b700e810eea4a084f02a8aaf92acc4c9fb5fbd3b27bba04d565cf126beae22e76f6db891bdf16af37b20c4f0ad9ac9938cd56e0630544e46acf2c75bbba36b942c48f0e8c4ff1b7a2d0ac659bb87901820f50eeeda67b1df98ceb06b099ac1b206907fdbb576219e7472c06b2d2e34b0fee9959097def58f70c552f1a1e15d542eb54099243d2efa21e99a74c3ad4ee4fe99ceba9be3d7d11295d81a6d16b07ce911476a130be0e4b349a012df8c961a81b3fb246d193ab0e9faedd2b8c7e978096f0019372a39e709f456d1ad2c207f2f7655e7d48077cdeb19014ace32ceb6429cf7369367046ad555784bb5d587e2345e0803a689292f484b4a8775696adbac1b25b21c656c41fe1b5fcbd389489a2b19ea59b66349a2d3c9f5e165a2b42db79419845f0fbc1a7651a9079a1368d9283b3356c54b8aaa3a0a91d40ca8eaa4a22977ca575b1a389202405a7a368f92ddf98f28b95a59d763be9e508a2981b1053a753c633c5b6f99742debc9a49475bcfea24b337db80f8b4309f36867f6cddb816f7d3a475b0643376696db2d8bf4f8d380e540ab1093972f0ed2c687c385bbedb5798511f19c9f7e23d1915e7e7b119f58931e18059b475c768f3f6242eca703ab8741d6af3f2d3bead71bc7f2177f7b49c32632894068c158c403c11482461cb0cb01375cc9a792459efe17b129be87631c8247c46bd455b431f37fcc2cf5eab4c1f83ce5f2142f029c7958916d7df7917b86426ef86878e041eaac5dac8d2b0f47a1722ca76def17e2d1d8d87809f1500d328c44d784fb21b4121489aaadbc95fc3b28a6f0f2b6113bec78ab4a23fe8d95d9894dfba47e00051d76c74793c60a7ecc5adf4901ee6d31fd4ef37c11c2759cf80389b1cc8a9aeb9aec8c03e2758f5f3d9d7134305033b68e32fa82a24a879fd1898e08f90a93223a47c1b83de8bb45e45c253d9d5e88ca5956a0e37acadb8fe037f1896a50e92c6b5311850c907a0d0a3fb6790d08c8a3be731241d63d93426637652005802d8cb8791c20cdc0146d01542dab2a02351b7152a5121b14d74baed8086f5e7facb2b4ae949a3a05f17627622b78b5746794bd8a9a4de0f00e22db33ecceed0101ba6363d19add7e11c8a6bf2977edbf498d6e0a2b8d23e212e4c7184018c16f39e614a08e1b150127e37437f7192cfd47d78a99f6bd08b5bf3c866557ee3b3d3e87a45754576548b1aafb46ca4b160449d38e6510f3617e1fc0e115fdb313f6d0d3d4b27bab112b47d4abb41d0003759235ff03c6b53e16cc54aac748ab3ec1253f5f79d69cac1a15defbecc2200b39650d58c9d99fb1cd1075a03d3389fc3caf12f4da07a51def063ecc3ca78afd973bb3d1ffc8ce83aedcae8bc24f42bd17fb310ab440eec245bace8ac23ea9586b1708ba446e14f34ea5541911e7c5db38d4fca335d761ffd08e5d5d9f74a8ed82503e11332aa53a93990f8e2dfd73d52b04a6f6007642508b784ff98a731a0ad8d91d81557b5115264137fb3000923845834c4e828c72a9d3ad131b24e1e8aa060d38fdc6c94ca2781eaa2b39a3cb6fe12e3a5756c5eba8bd76b8796b586c1d3ddab8df36c4d24ff6c437ec693e33c3f646337fec129e1e70c5c1330ebd6ba22bd9a1abac2a859c61387961f08ca2fc252aa44988ad7371d412077d51b73b6250fc12b80bc3fa9a3ab0ef6848e7669e0b3e828320116d66bb4bddcf7f8735776a6dac61e8571967938cff4155ee73159882d59f5d03ab43120d194cfcf67f93f1ce8a630537e3394ae58c5718ca37b4eb8d51507cfcacfcaf938ab13f4e852463022e524318522cda606e944e29def8d7afbc9223b83636b5a1a44f44a60b7b9dcfc21909424c7fe4cede875eab789b376491969e7648112a94428c28db2a946e61f59ef495a787811e5ceb2393406857b9c2e79261035294ee460d56b15840d675ecc4f1a4a6dcb6df51ec653a456d1ff83d1cb0d0a25060bf6af716e12cf20c84b43eab79358030548dd974267edadc11ee413ac83f87c445acb0580ab99f43fcb43d3f46b6283111986dd53ff378a1d7a1690c6328434be4ab353293fe6ae7decde8941472eb867c2df2cc329a2b483d415edc936844ae6837b35e56f1e9a7cd82d8661242c11067b8e094a83541b8312d033aa1e3fe4e29e1791938d67019f9e61b2a1cae790c2433c8e4c84ac1d376f6095ae8364233192cab3bd92776348a80bc5bf23ce512632c669f87642277ceda765af804923ab258a0c50803e4b3401fd605b26a97b77ead5374eeb662696a052a7656947815de7bfb60cb81c2b896cbf511379b96eba37d730bca8784447d6ced3b34f4325406d8dc5f80441d463c7a939701e6c99298ba9af7a819727659d337cb1d23082e4470b2bb5cd185e8140fb40b866bb8a56f70e65423799ace7d530b032bee749fe98a04c5415d315259b7d72ddeb21f0883d115746657f4b11b5eb9fa3332e2b147af3bb037d5c505e9e9ee896230ca7c28c92840015216134b170a86d98417d417e40998cf0b853ecae939c6343c1eae3e91296080d7e1af9c7d072c97826ac5eaf4b34f1940b52e80d8de617350c9ce325a8299afeebff90a2adebf06354ef22caf295d1f1a55f00131dfad3e314f78c609716bfcbcef7204909bd3b1ae1a2a412feda2f9121a6497bd4942c8826fd88373ca243fc458727528eeae486e503790f3c11a164524540797752f87b3d800338d3787d81b7b82d8d3180ae013115dd424e376223d88d46bf8c7cc72a4a4278a309346fbc4283eabfba1150fd9ffa6eb7cc798ac645010ba4245afa907a553f1d5ef3e0aae7d2a907667a8cf2f12df727be7f6a058647965590a322fb363373f2024612f12b2d7f32b23b6c9e9f41029d92133f9a09513c88956513c02b5286d84b9498c48ac5ddf34f59cef7788035a73c3bd5eebbec07c85111b9e8308e6f2ddc1e5ea4588f370dfb471cab8ff3106e6b9d88b98958d7be390f102c745b6ab0d43d29261d3861e046c81913c8078593f23aa416dd6e8591fbab8812bbb3e5e0914b5edbae6915ba11732790ab689042faea44cb5f8e3f23283e0ea2d81b364f793497e39bdf22e7df16d331aed8b59d452408bbccebba2aed9ca7477ca900b2898d22d84a7f2d9956f1e61ebb983a386905fc8be7dbe09a10dd9b0a6c5a3235e87911f31a9cd7ca77d79a4db5cab2cce35708228f5b9a4240d698f98c1aa9a0d73900f13cebd4c9c24285638e2a7a8f1db8033b4fbc7e7a737aa22818e64810f2d45ad936e1366d38c8240b1a19fb2714afaa7be9b0614b762d44e0f800cd46fe72915539cda1f3580444d81354f962d8df9bbaf4a72dc5e6816a2943427fb2e26ba2aa1abe1a486696975199c5d9bb5a513de189f9e6f57cba0bdb0ebbe0983a0a381221d7365604c513aecf1a53311592df5a2e867693a028b8243d9e8e386c85e920baf030dd1f28916391fad638e54b363d32abe240d2b2f9e8292b494ca3f4ffc7a2fd34b3e828a788ea20bc0f8ca92e448e93eb022d837a1d1c33df66dabcf242030f3e7f84f554701de5597e5789ed74385b064f1d6052d7ddb8f3964560d8bfeabce8dbd2eee7ca0f695cf7d8495ce98e739b6146897ccfb5f6dd73c38d7455cf3a6c388bd468321277ae048a7daaafda42955ab82368ae5059375a2af55a924e82b7c7c5f320361eef387bc65888279cc01342968aff8b1b97470ba8fbd0b6e873d9e0015310097a55d001d621f5bbfb5736bfbd8a66b2b4109e254fe325b8b757fd265f4bb1846b34531cd40ff8e3fe399f8777bead543d3e382f4f743727e9558461eabcc438275dfce9d5e53f628992be69ec2f4515cefcbbaa761e714375a49c3918ebd6c1efbebf4b87481bdd36388f306f603b634cd0015d4aeb74ccbda44dfc7545142575ac86ca511f7851d0423256ad83a82c8b5424c2a2ef7d794", 0x1000}, {&(0x7f0000002080)="565e0a201a0835638ca4e1ca5ab94e7d6688a365473002bd6850b21a758ac0cf2532ca83867e02f4689b0096c21a", 0x2e}, {&(0x7f00000020c0)="626eec48c44bd967d9c60b53cb20d0d3252711e6913161aa12327e9fdd8d508ae6efcbc40b8800fb4d759b5137199e5951bfe8db5861654c3bc27106356ee5d5ab37b38ffb266d2e630fb3cad21b47f77d18570dcaf47a2c4fa5f0f6918937343a42ca985287b519f755532a1a02cf78bcc96c0a93691110edb2f3bdf072b7af354e6178a9700ef45789f5a20a3db14f08380deeba8b8060ba3f00b4d5caa08f324c6d57dd046f955bf5a3da46c8e83f5731f0a7d901126e02a35a3532447fe253d7941c403d4f3503a403352012f417", 0xd0}, {&(0x7f00000021c0)="a27618d1a1dd92cb01535bc15a86fd8db2cf9dffa3dba15cf92e058cfff101320852f0fb88fa34fa03b43ae3a75dd49b46c474709f38c020c7b502f59625aa6fca9e5b315206b10a91032f11a7d952a4ed76cb96b7b89e30296e6b4b7f78638fc15ada0685911b0d838bed2d07f01eba48492f", 0x73}], 0x9, &(0x7f0000002300)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x18}}, {{&(0x7f0000002340)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f00000028c0)=[{&(0x7f0000002380)="c7c92e07fe5ca03f962a82f9c9d9220e0697663da3b98bda441aa179cf202c4e2b3828b57a257e03", 0x28}, {&(0x7f00000023c0)="f9207afa8e72cce135e506d6aa8d7014b348aa1575398af674634ef79ddf7e9215ca7533a82f954a4a92219d0ed1af95ea3587733f40642a2d74c38b5bf509b17422ef8e79622bae975909fb0edbae88f9cc9c6006b0b70b464c636d30bf3288f1ca254a17ec5017f21c889ec45574249875bf81210b8303a835000967c4a94046ffd548940238f89f2bf50f31198296bddd25eada6cced1a873250dea866049dd454145328570b1f96dac23da573b9982f9ea78ebd1d322deaabfc418435637ab9198445a125fd173a5394b3d", 0xcd}, {&(0x7f00000024c0)="ba423962f4c8591107781e26e34348db1460d778c4fcedf040ee908e02eaa95c0099a7677299ec863102af418cd591903dcb0639caa77df71190d386e45060633f0056e8e0631e0494c4e02c43d8f080c87d1bc65c6db6a24e812e4372ca2f24830b5cff6bdd6ad714e3e5a95227c905e815508943b8fc2e9637072d9c6ce3bca4321261452897790f0f037a0a0332377e9bd6da1256b9f0193406eeed90", 0x9e}, {&(0x7f0000002580)="a69fefeba61e9c854af98d0d5ab169c873bc886a6163b4f34f0e011bd6c74d9a7c3219c776560f8dbb6c335e661d269af2fd37dff260bd444ae93ddf8b63f314df989c068c0c6e3fac3d49227e33dcf57b27ef04ebc3d455e6fcb0bfa13d8b32af46d327016f346cba69adbbdcd0f9bf82f83c578bee0381d2167a583649f9e6a56407896bd53f94", 0x88}, {&(0x7f0000002640)="25b9a2488d2a0712b2f2114f15f35d8a481267ad9ec056f366d1989bb259da03248274e082a4ad4edf837f4d5e6fcebb9a59e1fe8d2070448e269bbea1ab226dda9c4c29ed5c2e6a060243a87bce6fbfed6dc943d409429eb57be0", 0x5b}, {&(0x7f00000026c0)="b50b513d39dcdd1f2da1d4120acd5e15e6ae087a18e68028b14c139c4c2d54682ba3ce6c238f3cfed9481f81f1692fa6e7085fbdef9c9f4fe6fbc8ce8b9028b6da6af624883c6f890aab7bf225ee6997b77b0e0cef16f3365303e897fea609a8b819fd111455bd3a2aaf8957a3fe8ac74a019f96a2cc52b4fd49fb87ee6b0955ef647568e1848b07f7dad65ffa0f6062c99bc73e738dd6e46cd3a8255c9676a6df0000b87f273f27eb968dfa1dceac41513fb36052244277a2f3e485", 0xbc}, {&(0x7f0000002780)="d5b775cd9f4a123f3704b106c6a30c40eba4179b5d202f23bc06a117399586c57c96b2ffe335f55f659835407b17dbad3139245783f94cc295c4a004f28875aa2a0ffc957efd060eda420c463373f2437c439a5bb2a078dc33080d04f2179e923e422a87f8fbe0639cef0eb9ca3f9aaf82ab9d6dfe90a69a98fe45258958064d1450392f28c3d8b1efd82ab3c5fd22c72fe477d6d9e02d6e81eb50d4136b35fe6d11c17f41446eb2ca11655aa18717da1097a5aa77839dfb5d291656a8f329498454585b50006b3f0e3d67aa5e3be2bb18560b3b3cb67b00bd21bf512c6f87cbcc952801e4650d80d41c4cc509e3a1e15fe4be8c64ab9407d7", 0xf9}, {&(0x7f0000002880)="99695c7ae98b73bde73d47a06966a7dfa8596ad6f68577170a2a7cc1850a2cb375fb", 0x22}], 0x8, &(0x7f0000002940)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @remote, @loopback}}}], 0x20}}], 0x4, 0x814) (async)
sendmmsg$inet(r2, &(0x7f0000002980)=[{{&(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000180)="0c320b5c4d3e2d6d4e73c8bb90b959f755e6ab029bd9807e668064aa5f09d5fe13d133caaea5d056fe865b27848edac454498ab554787aa5e0d4ce1047f26df1e2d0259751bde1d3a4", 0x49}, {&(0x7f0000000080)="483ce0d5b093090a4544c04fc484fe2f3ea7f5eb83b324906a", 0x19}, {&(0x7f0000000200)="921759fbfcded8a639cdfaf91781d238f2740ad48b61bb8c5679b3ec5bbbfc7f5dc7874c88eb3436922ed2b83c1d1bf56bc1aa4c70dda38a1b2e478f3130db1197fc20a883807b8f0da621df863199688cbcef795830370cd38787526c1cf11f34dec989dab335677a5ee87800233ae63df193007c512ff8de5f3527a0612a8ad00dc6ebefe7c989dcfd0a823d83d1c7936d0b12ef70a69b873f11f3cdd847dca81f3f1dd11730fa8e2e4f4106144afeda74c0b6796dfa0616ec5a05c054d55fc1188c752b702cef05745a3b40fab639009b5f18f85e3acc63e0d71e6e44392990fc12deb89c21f2", 0xe8}, {&(0x7f0000000300)="c48df88ad7e9a526864557abf4db9ba16465f254436ba0d48fc1bca0b4db9e86a61b20ab0979b9c043cbf6a47d998ef7f1ab91c03bd5f8176e4e2bf1d5a5871e5092c38367279950e7b5f5bfa7dd1f7cf291dbf2dcb23b1f472255a3f44f06af4731fcacb8ea0d5cdc956674f01ae3de8d728990b36195e5a6b54de0c44a4fa376023c7e60", 0x85}, {&(0x7f0000000100)="02c3ce32d22f97626b7dab297395d535ede622dc48a7ea1a4f53b14d7544dcfc65ddd5a67f33be026d21df0ec220b058cd901087a30a0d9b92233fd4b75295", 0x3f}, {&(0x7f00000003c0)="4f78138377b0ec111c7cd85ad9b72d890db91df9aca801d5983277ca6aa923a401ce333baa347a51a1d39838c2dc57a4b0ed12e8e6b73b2806d7d1b3938e16dac6e52d257c88d303bb66d84ab260b73f9e4e01db869d", 0x56}, {&(0x7f0000000500)="71bac4cf4b339897bbb4850e68344ceb77aa90d5e144d2a5bbf8c724434c6a2537a10fa3085e61bb1dd4a5cb1e700e739727db23b2992496cb6f3ae629c137512bb761b06b5eef174127a774971a4f0fe53ecf430959ba6e0dadbd14ddf60e44c182286c69710771da363dfd3bff32febcdc27d5a4c8edf804c40102509f8999a194344021a5cb8aacf877ef794c802fc3e47264847fe65965b425559e899ebb489b7e0f2ab1fdc81c5a2b916007af145e09951b1e72a98bb7f3716cf0b00f4c02bacaeeda337fb905977d2ed34963002202849156990a6e8bab30452d71fd2269670643d4", 0xe5}, {&(0x7f0000000440)="4c7552fada84146fe280f1f3b1602d0bc1745c74be8ee74dba414d0a68da243aa564ee358c5d90134433d2514576a3c586c129e04aa92f02247746efedd9a30d711ed99f43b190a34fc79d", 0x4b}, {&(0x7f0000000600)="fa82ae8eff2b90ac69984b80cc02a9f7f0d08aa60adb4a8fb48b949657353f2c1b8fcc1cc52d1bb23afb185ef89087d4505feca73bb4068887ce80967a3fdbb79cf8467fbd5c4ecec3b666e37578bd5abead9fe1e37ef4e17b7c7653d0548843fa6f7efcff2636ab492de7adf2ce411ae65b497f9704e210122f6ea93063b5dffedd8c66a9cf0862432e74ac61d51ee240dc5de78ad4d76d5c39c0988fffdcc0565c01ad82987e27fbb07667df81f7336fb0edbe6933b24e510ce48a185e1165dc", 0xc1}, {&(0x7f0000000700)="83ed8cfdc4e826341589e907b0a61e44eb0c60d0ab6426141a0438f2e7dd589e11963762f6c28b0f9d7b74ea7772f8c16b5d5a9b4b029b5c392347928a901f5a0490db6bb86875035b2b395d87e0b0d40a88fe9368d0", 0x56}], 0xa, &(0x7f00000008c0)=[@ip_retopts={{0x3c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xa6, [@loopback]}, @lsrr={0x83, 0x1f, 0x16, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @remote, @multicast2, @multicast1, @multicast2, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x60, 0x0, 0x7, {[@generic={0x17, 0x3, 'q'}, @rr={0x7, 0x23, 0x63, [@broadcast, @multicast1, @private=0xa010102, @local, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote]}, @end, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x14, 0xcb, 0x1, 0x8, [{@rand_addr=0x64010102, 0xee1}, {@multicast2}]}, @timestamp={0x44, 0x10, 0x65, 0x0, 0x4, [0x91c, 0x7fff, 0xa4c]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x24}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x40}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x37}, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x170}}, {{&(0x7f0000000a40)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000a80)="9964d8bbc9bb4cd918958c91b53a1971abca44f27533ec5f9f29c1a82b328f3e8dd5652b1f40e0f929d5e1b4d8b9c40aae21ac2a6c941541c0e41f5e8323ea9329c896e35e99d10695cffbf68a8f812e0ba2be23c8042a629b5b9f69f3313d14f50002c041e45020894245817a", 0x6d}], 0x1, &(0x7f0000000c80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x800}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x18}, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @loopback, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x34}, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @multicast1, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @multicast1, @private=0xa010102}}}], 0x118}}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000000dc0)="59c201b5e9536e18f3", 0x9}, {&(0x7f0000000e00)="c5cb5b297ba3830b1106e32e32d6a396bf878e3e882eab4a8940d98383afd4fb80b14bf35c4a02df0ee023485ac12e747b2fdcd194cc85f08ba2dc51d5373769f34d55daae78576938611e56b01805419d917aa028bf341023549e97963e45f621386d59461929721a73d1039e9459162cfb7573d948b32ec5f2dfc1d084b17ea14a5055464781d7f7d9596264d34b09f4247d822c45787d4dd6fd75867553ecc186caa80738bd1ec0cf8c7cc87f866d7002b5101901603455ac3fa972cd55dd7667b9b8ed0fab3108b0042528", 0xcd}, {&(0x7f0000000f00)="bff159dc9af46fe9f831eb298cc937bc895a82324d4c308eb52fad577f9399bb", 0x20}, {&(0x7f0000000f40)="cd3b321ec2fde4229a6f157c65fce8e612523e328dd4e581773aa7db1dc650c81eedfc6754d695efaf2436a95258577cf8a273f04eaccc80ff25d1d3c412825b790ebc47ddfc6ce89dcd2551f0a5ea5d4160d71602c390fdd3d962600ebdc0d8467d76b72ac416dfd954f31a558fa05837e5dfe576aee9a8b759d198046436755afe92ce11f26cdd8d24521aae39113168ba6a79c225efce419f7c48ee04b03b05c9ccb66ff621bc18353b50ce62a12aad9ef98e068b76d41f9f4756a46d678ada847cd7bb550e80e3", 0xc9}, {&(0x7f0000001040)}, {&(0x7f0000001080)="7bf584e9256a7c00d3c58590e0fe6103b5867f976b32c8e32313d39eba8ebdef070ca7a01d3a0e14db2a412b5c37f55694e859db1724f9cf5522269498ef15991444bf3de9820cae50b63f325cf9138044519629ace70ec1ad85595b3711e696b4492ac5e7f80a1c652b1e5066406042e0d023b082cb37918f213eaa4649b88d098406a983a73cf1372cce2fefa3b6edf4b703618cff5531a8f134a33025d918ea54e90082c930a74411aff88adadd1edee065902a6fb7876c2b662dcc18b5b029d2a40171ddf215b5384f52c695de16e3c635405a04650241a478d6e63c3c5a8ae97e2036eed015786c303a7cee5fdc42536dd309b15a2a0d6a5ee53e78dddbc0d1f4adeff12f26111f77bd2b2c0823e7543e3818eb5d5cc1a449360f8249b159fbce016e620b214688e71ea7afb23b7133521f1e6b110c89629f95171ebebfff9c2116f9d7f4864b1ea1ad0209f1cbaa2d4620713f2e4b57c3849510d261cd393161425ab59812e6d591957bf70240734f3d99afdf29f545f1f5560cef9ae2742d1c543f38fae4e80fb4d76518cc815a44b6256b808b5f8ca6424a94eb8c9dff46f536ef60e5d6a9e39810c1f676a237d7505155585f20576948594be2325a17815455dfd63c388791fd3af1de9b1129388fecdf6e49dab3825da0426c803c57439d4b421e9563d51b06d8e4a3fc14a00860354afa04afeecd604b900c8eb81427335249b89a02e1663cf6e9a2ae5235bf63c3bfe15e0db43572916c643e398ca2beb7fb3dda2b9d60209225133284b722c884716584c7397bc337ec0950dde80f2ce025a9e1e52c28aaf6398585499a8319f9d24fe67569af33a1b9b07d6dc12f176c8aee3f0211dc53659472d61654b9c8cc742398bb25ba734c2439e6094d1af05bd4bef3051f871d528d01462fcbcd083478380750070fa44dc67bb2e1c61a82a0a7772edc16cbd99e44a76bd0ee966fa11efd21935b023ed021a78d2aec619d374a5f74c44b75b9ae99ab24122a3a31d7201667cb59c53c4383aa6ca49530e112931b5f810781b14c44f95974f35ba5294b97503e540abe37febebce6688a09e2ff7ba149c19ec6ea256e2a6d9979b75dc10140072e4894090e9f53d825dac1d5a0b1f71445038838264a7a21ffc1e219bc60401cd0163707ce616dbc6e3643fe73417afd346ab63f254ce6933056e2369280d4ee508a0ee86e1660451a8e3108eb0176f795e06d5ecec1d365c100682f57e84a01a65a1362e7de242f1122ba372f8044de440cd91bfbd674573d9f390ec6e5ca7c68bf1c34704cc145cbede4020b6dbf536fa9bca656b8475d0f0c3af3dfd6c3869f9a61ea71a575a5014fd9ca56b6100868ed98bac723e8007a29fb4d167455bab641ccc69e348e983f478e710f1bfb50db0e9ca25c502bc6e94b554d931f7aec2749cc4638d09659bbe991948a316ef921ec1a7f2e7561f4beb9db5e3a5e9bf9b309f711cc57c841eeedcf9633fd39c7992b8286e7aab07c10b4c7a043ea8caa96a3a4cba5a787d2649d0d243751c31637d7ef1caaca760ec5ce6c8ef877f168ca94b5474cb405faba63a92cee2c82b6558c81f78b1d6996047d51f0e9490e2a2d0772d9c20cfb5f0780b8636d3214e761c7ec39751a62dc52d9a62b9cb3487e5a0744c6244cb35d6769805fb8a8caf6a513b556b9f5955bc9e5e7b651f2e32802a24b7556d325088c2779c5e21ed8d463f2fff65c47bcc95eca1b4eedef7235c3dc3abcf3ad2d351b6a84cf0b0a797541d3935ac8e4635a66487b07a9176c025f7f5c631e0e32f1e06becfdc5c2fb90b700e810eea4a084f02a8aaf92acc4c9fb5fbd3b27bba04d565cf126beae22e76f6db891bdf16af37b20c4f0ad9ac9938cd56e0630544e46acf2c75bbba36b942c48f0e8c4ff1b7a2d0ac659bb87901820f50eeeda67b1df98ceb06b099ac1b206907fdbb576219e7472c06b2d2e34b0fee9959097def58f70c552f1a1e15d542eb54099243d2efa21e99a74c3ad4ee4fe99ceba9be3d7d11295d81a6d16b07ce911476a130be0e4b349a012df8c961a81b3fb246d193ab0e9faedd2b8c7e978096f0019372a39e709f456d1ad2c207f2f7655e7d48077cdeb19014ace32ceb6429cf7369367046ad555784bb5d587e2345e0803a689292f484b4a8775696adbac1b25b21c656c41fe1b5fcbd389489a2b19ea59b66349a2d3c9f5e165a2b42db79419845f0fbc1a7651a9079a1368d9283b3356c54b8aaa3a0a91d40ca8eaa4a22977ca575b1a389202405a7a368f92ddf98f28b95a59d763be9e508a2981b1053a753c633c5b6f99742debc9a49475bcfea24b337db80f8b4309f36867f6cddb816f7d3a475b0643376696db2d8bf4f8d380e540ab1093972f0ed2c687c385bbedb5798511f19c9f7e23d1915e7e7b119f58931e18059b475c768f3f6242eca703ab8741d6af3f2d3bead71bc7f2177f7b49c32632894068c158c403c11482461cb0cb01375cc9a792459efe17b129be87631c8247c46bd455b431f37fcc2cf5eab4c1f83ce5f2142f029c7958916d7df7917b86426ef86878e041eaac5dac8d2b0f47a1722ca76def17e2d1d8d87809f1500d328c44d784fb21b4121489aaadbc95fc3b28a6f0f2b6113bec78ab4a23fe8d95d9894dfba47e00051d76c74793c60a7ecc5adf4901ee6d31fd4ef37c11c2759cf80389b1cc8a9aeb9aec8c03e2758f5f3d9d7134305033b68e32fa82a24a879fd1898e08f90a93223a47c1b83de8bb45e45c253d9d5e88ca5956a0e37acadb8fe037f1896a50e92c6b5311850c907a0d0a3fb6790d08c8a3be731241d63d93426637652005802d8cb8791c20cdc0146d01542dab2a02351b7152a5121b14d74baed8086f5e7facb2b4ae949a3a05f17627622b78b5746794bd8a9a4de0f00e22db33ecceed0101ba6363d19add7e11c8a6bf2977edbf498d6e0a2b8d23e212e4c7184018c16f39e614a08e1b150127e37437f7192cfd47d78a99f6bd08b5bf3c866557ee3b3d3e87a45754576548b1aafb46ca4b160449d38e6510f3617e1fc0e115fdb313f6d0d3d4b27bab112b47d4abb41d0003759235ff03c6b53e16cc54aac748ab3ec1253f5f79d69cac1a15defbecc2200b39650d58c9d99fb1cd1075a03d3389fc3caf12f4da07a51def063ecc3ca78afd973bb3d1ffc8ce83aedcae8bc24f42bd17fb310ab440eec245bace8ac23ea9586b1708ba446e14f34ea5541911e7c5db38d4fca335d761ffd08e5d5d9f74a8ed82503e11332aa53a93990f8e2dfd73d52b04a6f6007642508b784ff98a731a0ad8d91d81557b5115264137fb3000923845834c4e828c72a9d3ad131b24e1e8aa060d38fdc6c94ca2781eaa2b39a3cb6fe12e3a5756c5eba8bd76b8796b586c1d3ddab8df36c4d24ff6c437ec693e33c3f646337fec129e1e70c5c1330ebd6ba22bd9a1abac2a859c61387961f08ca2fc252aa44988ad7371d412077d51b73b6250fc12b80bc3fa9a3ab0ef6848e7669e0b3e828320116d66bb4bddcf7f8735776a6dac61e8571967938cff4155ee73159882d59f5d03ab43120d194cfcf67f93f1ce8a630537e3394ae58c5718ca37b4eb8d51507cfcacfcaf938ab13f4e852463022e524318522cda606e944e29def8d7afbc9223b83636b5a1a44f44a60b7b9dcfc21909424c7fe4cede875eab789b376491969e7648112a94428c28db2a946e61f59ef495a787811e5ceb2393406857b9c2e79261035294ee460d56b15840d675ecc4f1a4a6dcb6df51ec653a456d1ff83d1cb0d0a25060bf6af716e12cf20c84b43eab79358030548dd974267edadc11ee413ac83f87c445acb0580ab99f43fcb43d3f46b6283111986dd53ff378a1d7a1690c6328434be4ab353293fe6ae7decde8941472eb867c2df2cc329a2b483d415edc936844ae6837b35e56f1e9a7cd82d8661242c11067b8e094a83541b8312d033aa1e3fe4e29e1791938d67019f9e61b2a1cae790c2433c8e4c84ac1d376f6095ae8364233192cab3bd92776348a80bc5bf23ce512632c669f87642277ceda765af804923ab258a0c50803e4b3401fd605b26a97b77ead5374eeb662696a052a7656947815de7bfb60cb81c2b896cbf511379b96eba37d730bca8784447d6ced3b34f4325406d8dc5f80441d463c7a939701e6c99298ba9af7a819727659d337cb1d23082e4470b2bb5cd185e8140fb40b866bb8a56f70e65423799ace7d530b032bee749fe98a04c5415d315259b7d72ddeb21f0883d115746657f4b11b5eb9fa3332e2b147af3bb037d5c505e9e9ee896230ca7c28c92840015216134b170a86d98417d417e40998cf0b853ecae939c6343c1eae3e91296080d7e1af9c7d072c97826ac5eaf4b34f1940b52e80d8de617350c9ce325a8299afeebff90a2adebf06354ef22caf295d1f1a55f00131dfad3e314f78c609716bfcbcef7204909bd3b1ae1a2a412feda2f9121a6497bd4942c8826fd88373ca243fc458727528eeae486e503790f3c11a164524540797752f87b3d800338d3787d81b7b82d8d3180ae013115dd424e376223d88d46bf8c7cc72a4a4278a309346fbc4283eabfba1150fd9ffa6eb7cc798ac645010ba4245afa907a553f1d5ef3e0aae7d2a907667a8cf2f12df727be7f6a058647965590a322fb363373f2024612f12b2d7f32b23b6c9e9f41029d92133f9a09513c88956513c02b5286d84b9498c48ac5ddf34f59cef7788035a73c3bd5eebbec07c85111b9e8308e6f2ddc1e5ea4588f370dfb471cab8ff3106e6b9d88b98958d7be390f102c745b6ab0d43d29261d3861e046c81913c8078593f23aa416dd6e8591fbab8812bbb3e5e0914b5edbae6915ba11732790ab689042faea44cb5f8e3f23283e0ea2d81b364f793497e39bdf22e7df16d331aed8b59d452408bbccebba2aed9ca7477ca900b2898d22d84a7f2d9956f1e61ebb983a386905fc8be7dbe09a10dd9b0a6c5a3235e87911f31a9cd7ca77d79a4db5cab2cce35708228f5b9a4240d698f98c1aa9a0d73900f13cebd4c9c24285638e2a7a8f1db8033b4fbc7e7a737aa22818e64810f2d45ad936e1366d38c8240b1a19fb2714afaa7be9b0614b762d44e0f800cd46fe72915539cda1f3580444d81354f962d8df9bbaf4a72dc5e6816a2943427fb2e26ba2aa1abe1a486696975199c5d9bb5a513de189f9e6f57cba0bdb0ebbe0983a0a381221d7365604c513aecf1a53311592df5a2e867693a028b8243d9e8e386c85e920baf030dd1f28916391fad638e54b363d32abe240d2b2f9e8292b494ca3f4ffc7a2fd34b3e828a788ea20bc0f8ca92e448e93eb022d837a1d1c33df66dabcf242030f3e7f84f554701de5597e5789ed74385b064f1d6052d7ddb8f3964560d8bfeabce8dbd2eee7ca0f695cf7d8495ce98e739b6146897ccfb5f6dd73c38d7455cf3a6c388bd468321277ae048a7daaafda42955ab82368ae5059375a2af55a924e82b7c7c5f320361eef387bc65888279cc01342968aff8b1b97470ba8fbd0b6e873d9e0015310097a55d001d621f5bbfb5736bfbd8a66b2b4109e254fe325b8b757fd265f4bb1846b34531cd40ff8e3fe399f8777bead543d3e382f4f743727e9558461eabcc438275dfce9d5e53f628992be69ec2f4515cefcbbaa761e714375a49c3918ebd6c1efbebf4b87481bdd36388f306f603b634cd0015d4aeb74ccbda44dfc7545142575ac86ca511f7851d0423256ad83a82c8b5424c2a2ef7d794", 0x1000}, {&(0x7f0000002080)="565e0a201a0835638ca4e1ca5ab94e7d6688a365473002bd6850b21a758ac0cf2532ca83867e02f4689b0096c21a", 0x2e}, {&(0x7f00000020c0)="626eec48c44bd967d9c60b53cb20d0d3252711e6913161aa12327e9fdd8d508ae6efcbc40b8800fb4d759b5137199e5951bfe8db5861654c3bc27106356ee5d5ab37b38ffb266d2e630fb3cad21b47f77d18570dcaf47a2c4fa5f0f6918937343a42ca985287b519f755532a1a02cf78bcc96c0a93691110edb2f3bdf072b7af354e6178a9700ef45789f5a20a3db14f08380deeba8b8060ba3f00b4d5caa08f324c6d57dd046f955bf5a3da46c8e83f5731f0a7d901126e02a35a3532447fe253d7941c403d4f3503a403352012f417", 0xd0}, {&(0x7f00000021c0)="a27618d1a1dd92cb01535bc15a86fd8db2cf9dffa3dba15cf92e058cfff101320852f0fb88fa34fa03b43ae3a75dd49b46c474709f38c020c7b502f59625aa6fca9e5b315206b10a91032f11a7d952a4ed76cb96b7b89e30296e6b4b7f78638fc15ada0685911b0d838bed2d07f01eba48492f", 0x73}], 0x9, &(0x7f0000002300)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x18}}, {{&(0x7f0000002340)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f00000028c0)=[{&(0x7f0000002380)="c7c92e07fe5ca03f962a82f9c9d9220e0697663da3b98bda441aa179cf202c4e2b3828b57a257e03", 0x28}, {&(0x7f00000023c0)="f9207afa8e72cce135e506d6aa8d7014b348aa1575398af674634ef79ddf7e9215ca7533a82f954a4a92219d0ed1af95ea3587733f40642a2d74c38b5bf509b17422ef8e79622bae975909fb0edbae88f9cc9c6006b0b70b464c636d30bf3288f1ca254a17ec5017f21c889ec45574249875bf81210b8303a835000967c4a94046ffd548940238f89f2bf50f31198296bddd25eada6cced1a873250dea866049dd454145328570b1f96dac23da573b9982f9ea78ebd1d322deaabfc418435637ab9198445a125fd173a5394b3d", 0xcd}, {&(0x7f00000024c0)="ba423962f4c8591107781e26e34348db1460d778c4fcedf040ee908e02eaa95c0099a7677299ec863102af418cd591903dcb0639caa77df71190d386e45060633f0056e8e0631e0494c4e02c43d8f080c87d1bc65c6db6a24e812e4372ca2f24830b5cff6bdd6ad714e3e5a95227c905e815508943b8fc2e9637072d9c6ce3bca4321261452897790f0f037a0a0332377e9bd6da1256b9f0193406eeed90", 0x9e}, {&(0x7f0000002580)="a69fefeba61e9c854af98d0d5ab169c873bc886a6163b4f34f0e011bd6c74d9a7c3219c776560f8dbb6c335e661d269af2fd37dff260bd444ae93ddf8b63f314df989c068c0c6e3fac3d49227e33dcf57b27ef04ebc3d455e6fcb0bfa13d8b32af46d327016f346cba69adbbdcd0f9bf82f83c578bee0381d2167a583649f9e6a56407896bd53f94", 0x88}, {&(0x7f0000002640)="25b9a2488d2a0712b2f2114f15f35d8a481267ad9ec056f366d1989bb259da03248274e082a4ad4edf837f4d5e6fcebb9a59e1fe8d2070448e269bbea1ab226dda9c4c29ed5c2e6a060243a87bce6fbfed6dc943d409429eb57be0", 0x5b}, {&(0x7f00000026c0)="b50b513d39dcdd1f2da1d4120acd5e15e6ae087a18e68028b14c139c4c2d54682ba3ce6c238f3cfed9481f81f1692fa6e7085fbdef9c9f4fe6fbc8ce8b9028b6da6af624883c6f890aab7bf225ee6997b77b0e0cef16f3365303e897fea609a8b819fd111455bd3a2aaf8957a3fe8ac74a019f96a2cc52b4fd49fb87ee6b0955ef647568e1848b07f7dad65ffa0f6062c99bc73e738dd6e46cd3a8255c9676a6df0000b87f273f27eb968dfa1dceac41513fb36052244277a2f3e485", 0xbc}, {&(0x7f0000002780)="d5b775cd9f4a123f3704b106c6a30c40eba4179b5d202f23bc06a117399586c57c96b2ffe335f55f659835407b17dbad3139245783f94cc295c4a004f28875aa2a0ffc957efd060eda420c463373f2437c439a5bb2a078dc33080d04f2179e923e422a87f8fbe0639cef0eb9ca3f9aaf82ab9d6dfe90a69a98fe45258958064d1450392f28c3d8b1efd82ab3c5fd22c72fe477d6d9e02d6e81eb50d4136b35fe6d11c17f41446eb2ca11655aa18717da1097a5aa77839dfb5d291656a8f329498454585b50006b3f0e3d67aa5e3be2bb18560b3b3cb67b00bd21bf512c6f87cbcc952801e4650d80d41c4cc509e3a1e15fe4be8c64ab9407d7", 0xf9}, {&(0x7f0000002880)="99695c7ae98b73bde73d47a06966a7dfa8596ad6f68577170a2a7cc1850a2cb375fb", 0x22}], 0x8, &(0x7f0000002940)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @remote, @loopback}}}], 0x20}}], 0x4, 0x814)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)

03:36:25 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c71, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.272052][T23355] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2372.279864][T23355]  </TASK>
03:36:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="6ef67c9e114469d09354d4d259a785c929a7cb800675053fff002fc7361ed9ac3b744e6e534e0c7b85a3c4bd0566cdcba61986d17b696ce74e001f924bea9637c78c0ce6f70dc7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff73, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000100000300b0ffffb0cc9b7b03377009edf00ae179be64227b2cd1b5831b011cafd5c2382246c792bb5e03038795bc000000"], 0x18}}, 0x0)

[ 2372.343865][T23603] FAULT_INJECTION: forcing a failure.
[ 2372.343865][T23603] name failslab, interval 1, probability 0, space 0, times 0
[ 2372.360965][T23603] CPU: 1 PID: 23603 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2372.371129][T23603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2372.381024][T23603] Call Trace:
[ 2372.384147][T23603]  <TASK>
[ 2372.386924][T23603]  dump_stack_lvl+0x151/0x1b7
[ 2372.391440][T23603]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2372.396907][T23603]  dump_stack+0x15/0x17
[ 2372.400891][T23603]  should_fail+0x3c6/0x510
[ 2372.405145][T23603]  __should_failslab+0xa4/0xe0
[ 2372.409745][T23603]  ? vm_area_dup+0x26/0x230
[ 2372.414085][T23603]  should_failslab+0x9/0x20
[ 2372.418423][T23603]  slab_pre_alloc_hook+0x37/0xd0
[ 2372.423198][T23603]  ? vm_area_dup+0x26/0x230
[ 2372.427536][T23603]  kmem_cache_alloc+0x44/0x200
[ 2372.432137][T23603]  vm_area_dup+0x26/0x230
[ 2372.436303][T23603]  copy_mm+0x9a1/0x13e0
[ 2372.440299][T23603]  ? copy_signal+0x610/0x610
[ 2372.444724][T23603]  ? __init_rwsem+0xd6/0x1c0
[ 2372.449150][T23603]  ? copy_signal+0x4e3/0x610
[ 2372.453574][T23603]  copy_process+0x1149/0x3290
[ 2372.458093][T23603]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2372.463037][T23603]  ? copy_clone_args_from_user+0x744/0x830
[ 2372.468678][T23603]  kernel_clone+0x21e/0x9e0
[ 2372.473015][T23603]  ? __delayed_free_task+0x20/0x20
[ 2372.477965][T23603]  ? create_io_thread+0x1e0/0x1e0
[ 2372.482827][T23603]  __x64_sys_clone3+0x376/0x3a0
[ 2372.487511][T23603]  ? __ia32_sys_clone+0x290/0x290
[ 2372.492376][T23603]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2372.497496][T23603]  ? __traceiter_sys_enter+0x2a/0x40
[ 2372.502613][T23603]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2372.508515][T23603]  do_syscall_64+0x3d/0xb0
[ 2372.512768][T23603]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2372.518499][T23603] RIP: 0033:0x7f9d5f592da9
[ 2372.522750][T23603] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2372.542277][T23603] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2372.550523][T23603] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2372.558334][T23603] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2372.566146][T23603] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2372.573957][T23603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2372.581768][T23603] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2372.589589][T23603]  </TASK>
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c72, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c73, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c74, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.604960][ T7007] tipc: Subscription rejected, illegal request
[ 2372.629633][T23612] FAULT_INJECTION: forcing a failure.
[ 2372.629633][T23612] name failslab, interval 1, probability 0, space 0, times 0
[ 2372.643162][T23612] CPU: 0 PID: 23612 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2372.653320][T23612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2372.663211][T23612] Call Trace:
[ 2372.666338][T23612]  <TASK>
[ 2372.669117][T23612]  dump_stack_lvl+0x151/0x1b7
[ 2372.673629][T23612]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2372.679097][T23612]  ? avc_denied+0x1b0/0x1b0
[ 2372.683439][T23612]  dump_stack+0x15/0x17
[ 2372.687430][T23612]  should_fail+0x3c6/0x510
[ 2372.691685][T23612]  __should_failslab+0xa4/0xe0
[ 2372.696280][T23612]  ? vm_area_dup+0x26/0x230
[ 2372.700618][T23612]  should_failslab+0x9/0x20
[ 2372.704958][T23612]  slab_pre_alloc_hook+0x37/0xd0
[ 2372.709733][T23612]  ? vm_area_dup+0x26/0x230
[ 2372.714072][T23612]  kmem_cache_alloc+0x44/0x200
[ 2372.718679][T23612]  vm_area_dup+0x26/0x230
[ 2372.722839][T23612]  copy_mm+0x9a1/0x13e0
[ 2372.726836][T23612]  ? copy_signal+0x610/0x610
[ 2372.731260][T23612]  ? __init_rwsem+0xd6/0x1c0
[ 2372.735687][T23612]  ? copy_signal+0x4e3/0x610
[ 2372.740110][T23612]  copy_process+0x1149/0x3290
[ 2372.744632][T23612]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2372.749573][T23612]  ? copy_clone_args_from_user+0x744/0x830
03:36:25 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100)) (async, rerun: 64)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14) (async, rerun: 64)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 32)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 32)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90) (async, rerun: 32)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10) (async)
r9 = socket$unix(0x1, 0x1, 0x0) (async)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r10, 0x0) (async, rerun: 64)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async, rerun: 64)
accept(r10, 0x0, 0x0)

[ 2372.755223][T23612]  kernel_clone+0x21e/0x9e0
[ 2372.759553][T23612]  ? __delayed_free_task+0x20/0x20
[ 2372.764502][T23612]  ? create_io_thread+0x1e0/0x1e0
[ 2372.769369][T23612]  __x64_sys_clone3+0x376/0x3a0
[ 2372.774052][T23612]  ? __ia32_sys_clone+0x290/0x290
[ 2372.778919][T23612]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2372.784034][T23612]  ? __traceiter_sys_enter+0x2a/0x40
[ 2372.789148][T23612]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2372.795050][T23612]  do_syscall_64+0x3d/0xb0
[ 2372.799311][T23612]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c75, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c76, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c77, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c78, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.805035][T23612] RIP: 0033:0x7f9d5f592da9
[ 2372.809291][T23612] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2372.828737][T23612] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2372.836974][T23612] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2372.844792][T23612] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c79, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:25 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100))
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48) (async)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10) (async)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r10, 0x0) (async)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r10, 0x0, 0x0)

03:36:25 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39)

03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.852597][T23612] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2372.860411][T23612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2372.868219][T23612] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2372.876040][T23612]  </TASK>
03:36:25 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2372.907329][T23640] FAULT_INJECTION: forcing a failure.
[ 2372.907329][T23640] name failslab, interval 1, probability 0, space 0, times 0
[ 2372.923624][T23640] CPU: 1 PID: 23640 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2372.933785][T23640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2372.943681][T23640] Call Trace:
[ 2372.946804][T23640]  <TASK>
[ 2372.949579][T23640]  dump_stack_lvl+0x151/0x1b7
[ 2372.954095][T23640]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2372.959564][T23640]  ? avc_denied+0x1b0/0x1b0
[ 2372.963903][T23640]  dump_stack+0x15/0x17
[ 2372.967892][T23640]  should_fail+0x3c6/0x510
[ 2372.972148][T23640]  __should_failslab+0xa4/0xe0
[ 2372.976746][T23640]  ? vm_area_dup+0x26/0x230
[ 2372.981087][T23640]  should_failslab+0x9/0x20
[ 2372.985426][T23640]  slab_pre_alloc_hook+0x37/0xd0
[ 2372.990200][T23640]  ? vm_area_dup+0x26/0x230
[ 2372.994539][T23640]  kmem_cache_alloc+0x44/0x200
[ 2372.999140][T23640]  vm_area_dup+0x26/0x230
[ 2373.003304][T23640]  copy_mm+0x9a1/0x13e0
[ 2373.007300][T23640]  ? copy_signal+0x610/0x610
[ 2373.011812][T23640]  ? __init_rwsem+0xd6/0x1c0
[ 2373.016234][T23640]  ? copy_signal+0x4e3/0x610
[ 2373.020750][T23640]  copy_process+0x1149/0x3290
[ 2373.025271][T23640]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2373.030213][T23640]  ? copy_clone_args_from_user+0x744/0x830
[ 2373.035853][T23640]  kernel_clone+0x21e/0x9e0
[ 2373.040193][T23640]  ? __delayed_free_task+0x20/0x20
[ 2373.045140][T23640]  ? create_io_thread+0x1e0/0x1e0
[ 2373.050007][T23640]  __x64_sys_clone3+0x376/0x3a0
[ 2373.054690][T23640]  ? __ia32_sys_clone+0x290/0x290
[ 2373.059554][T23640]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2373.064668][T23640]  ? __traceiter_sys_enter+0x2a/0x40
[ 2373.069787][T23640]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2373.075706][T23640]  do_syscall_64+0x3d/0xb0
[ 2373.079947][T23640]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2373.085672][T23640] RIP: 0033:0x7f9d5f592da9
[ 2373.089926][T23640] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2373.110234][T23640] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2373.118479][T23640] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2373.126284][T23640] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2373.134097][T23640] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2373.141913][T23640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2373.149893][T23640] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
03:36:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 64)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 64)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="6ef67c9e114469d09354d4d259a785c929a7cb800675053fff002fc7361ed9ac3b744e6e534e0c7b85a3c4bd0566cdcba61986d17b696ce74e001f924bea9637c78c0ce6f70dc7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff73, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000100000300b0ffffb0cc9b7b03377009edf00ae179be64227b2cd1b5831b011cafd5c2382246c792bb5e03038795bc000000"], 0x18}}, 0x0)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40)

[ 2373.157714][T23640]  </TASK>
03:36:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
dup(r1) (async)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="6ef67c9e114469d09354d4d259a785c929a7cb800675053fff002fc7361ed9ac3b744e6e534e0c7b85a3c4bd0566cdcba61986d17b696ce74e001f924bea9637c78c0ce6f70dc7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff73, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000100000300b0ffffb0cc9b7b03377009edf00ae179be64227b2cd1b5831b011cafd5c2382246c792bb5e03038795bc000000"], 0x18}}, 0x0)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2373.203843][T23839] FAULT_INJECTION: forcing a failure.
[ 2373.203843][T23839] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2373.217201][T23839] CPU: 1 PID: 23839 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2373.227349][T23839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2373.237244][T23839] Call Trace:
[ 2373.240369][T23839]  <TASK>
[ 2373.243148][T23839]  dump_stack_lvl+0x151/0x1b7
[ 2373.247665][T23839]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c7f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c80, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c81, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2373.253132][T23839]  dump_stack+0x15/0x17
[ 2373.257120][T23839]  should_fail+0x3c6/0x510
[ 2373.261375][T23839]  should_fail_alloc_page+0x5a/0x80
[ 2373.266408][T23839]  prepare_alloc_pages+0x15c/0x700
[ 2373.271360][T23839]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2373.276478][T23839]  __alloc_pages+0x18c/0x8f0
[ 2373.280909][T23839]  ? prep_new_page+0x110/0x110
[ 2373.285508][T23839]  ? __alloc_pages+0x27e/0x8f0
[ 2373.290104][T23839]  ? __kasan_check_write+0x14/0x20
[ 2373.295049][T23839]  ? _raw_spin_lock+0xa4/0x1b0
[ 2373.299650][T23839]  __pmd_alloc+0xb1/0x550
03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c82, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c83, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c84, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2373.303817][T23839]  ? __pud_alloc+0x260/0x260
[ 2373.308240][T23839]  ? __pud_alloc+0x213/0x260
[ 2373.312671][T23839]  ? do_handle_mm_fault+0x2330/0x2330
[ 2373.317876][T23839]  ? __stack_depot_save+0x34/0x470
[ 2373.322821][T23839]  ? anon_vma_clone+0x9a/0x500
[ 2373.327425][T23839]  copy_page_range+0x2b3d/0x2f90
[ 2373.332196][T23839]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2373.337057][T23839]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2373.342178][T23839]  ? copy_mm+0xa3a/0x13e0
[ 2373.346343][T23839]  ? copy_process+0x1149/0x3290
03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c85, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:26 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c86, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2373.351032][T23839]  ? kernel_clone+0x21e/0x9e0
[ 2373.355543][T23839]  ? do_syscall_64+0x3d/0xb0
[ 2373.359972][T23839]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2373.365902][T23839]  ? pfn_valid+0x1e0/0x1e0
[ 2373.370127][T23839]  ? rwsem_write_trylock+0x15b/0x290
[ 2373.375246][T23839]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2373.381496][T23839]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2373.387052][T23839]  ? __rb_insert_augmented+0x5de/0x610
[ 2373.392344][T23839]  copy_mm+0xc7e/0x13e0
[ 2373.396335][T23839]  ? copy_signal+0x610/0x610
[ 2373.400760][T23839]  ? __init_rwsem+0xd6/0x1c0
[ 2373.405187][T23839]  ? copy_signal+0x4e3/0x610
[ 2373.409613][T23839]  copy_process+0x1149/0x3290
[ 2373.414129][T23839]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2373.419083][T23839]  ? copy_clone_args_from_user+0x744/0x830
[ 2373.424722][T23839]  kernel_clone+0x21e/0x9e0
[ 2373.429054][T23839]  ? __delayed_free_task+0x20/0x20
[ 2373.433999][T23839]  ? create_io_thread+0x1e0/0x1e0
[ 2373.438861][T23839]  __x64_sys_clone3+0x376/0x3a0
[ 2373.443547][T23839]  ? __ia32_sys_clone+0x290/0x290
[ 2373.448411][T23839]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2373.453532][T23839]  ? __traceiter_sys_enter+0x2a/0x40
[ 2373.458650][T23839]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2373.464554][T23839]  do_syscall_64+0x3d/0xb0
[ 2373.468806][T23839]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2373.474532][T23839] RIP: 0033:0x7f9d5f592da9
[ 2373.478787][T23839] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2373.498227][T23839] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2373.506475][T23839] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2373.514288][T23839] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2373.522096][T23839] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2373.529907][T23839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2373.537717][T23839] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2373.545537][T23839]  </TASK>
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x0, 0x5, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000000500)={0x4f8, 0x80000000, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c87, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 41)

03:36:28 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000700)=""/29, 0x1d, <r10=>0x0, &(0x7f00000007c0)=""/84, 0x54}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r12}, 0x4)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r13}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x15, 0x16, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @alu={0x4, 0x0, 0x7, 0x2, 0x0, 0x1, 0xffffffffffffffff}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}]}, &(0x7f0000000840)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x23, '\x00', r8, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x2, 0x47ad, 0x8}, 0x10, 0x0, r13, 0x2, &(0x7f0000000a00)=[r2], &(0x7f0000000a40)=[{0x3, 0x4, 0x2}, {0x5, 0x2, 0x2}], 0x10, 0x2}, 0x90)

03:36:28 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = syz_open_procfs(0x0, &(0x7f00000039c0)='net/tcp6\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0x2020)
read$FUSE(r4, &(0x7f0000003a00)={0x2020}, 0x2020)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'bond0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000680)={0x11, 0x1, r6, 0x1, 0x29, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x14)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0xb3, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x94, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000003c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x5, 0x1, 0x2, 0x125}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000480)=[{0x0, 0x4, 0xc, 0x3}, {0x3, 0x4, 0x4, 0xc}]}, 0x90)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)={@ifindex=r8, 0xffffffffffffffff, 0x2d, 0x2009, r10, @link_id=0xffffffffffffffff}, 0x20)
r11 = bpf$ITER_CREATE(0x21, &(0x7f00000005c0), 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@ifindex=<r12=>r8, 0xf, 0x1, 0x3, &(0x7f0000000600)=[0x0], 0x1, 0x0, &(0x7f0000000640)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r13=>0x0}, 0x40)
setsockopt$sock_int(r11, 0x1, 0x13, &(0x7f0000002040)=0x8001, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=0x1, r10, 0x29, 0x10, r11, @prog_fd=r10, r13}, 0x20)
r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000780)=r9, 0x4)
r15 = fsmount(r4, 0x1, 0x23c35d02c7122048)
connect$unix(r15, &(0x7f0000002080)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, r11, 0xd2a, '\x00', 0x0, r14, 0x2, 0x3, 0x5}, 0x48)
r16 = bpf$ITER_CREATE(0x21, &(0x7f0000000840)={r11}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xa, 0xf, &(0x7f0000000880)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x3}, [@printk={@llu}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r16}}]}, &(0x7f0000000900)='GPL\x00', 0x2, 0x5d, &(0x7f0000000940)=""/93, 0x0, 0x64, '\x00', r12, 0x7, r14, 0x8, &(0x7f00000009c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x5, 0xc, 0xb85, 0x1}, 0x10, r9, r11, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0x6, 0xa}, {0x2, 0x5, 0x5, 0x5}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x3, 0xe, 0x1}, {0x0, 0x1, 0x3, 0x3}, {0x5, 0x4, 0x5, 0xa}], 0x10, 0x8}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x17, 0x1e, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x6}, @exit, @map_val={0x18, 0xb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @generic={0x3, 0x3, 0x5, 0x8, 0xfffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000000)='syzkaller\x00', 0x40, 0x0, 0x0, 0x41000, 0x40, '\x00', r6, 0x1f, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x0, 0x7, 0x81, 0x200}, 0x10, r9, 0xffffffffffffffff, 0x2, &(0x7f0000000400)=[r0, 0xffffffffffffffff], &(0x7f0000000440)=[{0x0, 0x3, 0x10, 0x3}, {0x1, 0x4, 0x10, 0x3}], 0x10, 0x4}, 0x90)
accept(r3, 0x0, 0x0)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c88, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x0, 0x5, 0x0) (async, rerun: 64)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000000500)={0x4f8, 0x80000000, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) (async)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2375.357749][T23989] FAULT_INJECTION: forcing a failure.
[ 2375.357749][T23989] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.370670][T23989] CPU: 1 PID: 23989 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2375.380829][T23989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2375.390724][T23989] Call Trace:
[ 2375.393846][T23989]  <TASK>
[ 2375.396621][T23989]  dump_stack_lvl+0x151/0x1b7
[ 2375.401137][T23989]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2375.406783][T23989]  dump_stack+0x15/0x17
[ 2375.410770][T23989]  should_fail+0x3c6/0x510
[ 2375.415032][T23989]  __should_failslab+0xa4/0xe0
[ 2375.419622][T23989]  ? anon_vma_clone+0x9a/0x500
[ 2375.424223][T23989]  should_failslab+0x9/0x20
[ 2375.428565][T23989]  slab_pre_alloc_hook+0x37/0xd0
[ 2375.433339][T23989]  ? anon_vma_clone+0x9a/0x500
[ 2375.437934][T23989]  kmem_cache_alloc+0x44/0x200
[ 2375.442535][T23989]  anon_vma_clone+0x9a/0x500
[ 2375.446965][T23989]  anon_vma_fork+0x91/0x4e0
[ 2375.451307][T23989]  ? anon_vma_name+0x4c/0x70
[ 2375.455727][T23989]  ? vm_area_dup+0x17a/0x230
[ 2375.460155][T23989]  copy_mm+0xa3a/0x13e0
[ 2375.464151][T23989]  ? copy_signal+0x610/0x610
[ 2375.468573][T23989]  ? __init_rwsem+0xd6/0x1c0
[ 2375.472997][T23989]  ? copy_signal+0x4e3/0x610
[ 2375.477427][T23989]  copy_process+0x1149/0x3290
[ 2375.481948][T23989]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2375.486890][T23989]  ? copy_clone_args_from_user+0x744/0x830
[ 2375.492529][T23989]  kernel_clone+0x21e/0x9e0
[ 2375.496869][T23989]  ? __delayed_free_task+0x20/0x20
[ 2375.501816][T23989]  ? create_io_thread+0x1e0/0x1e0
[ 2375.506681][T23989]  __x64_sys_clone3+0x376/0x3a0
[ 2375.511364][T23989]  ? __ia32_sys_clone+0x290/0x290
[ 2375.516232][T23989]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2375.521347][T23989]  ? __traceiter_sys_enter+0x2a/0x40
[ 2375.526468][T23989]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2375.532367][T23989]  do_syscall_64+0x3d/0xb0
[ 2375.536619][T23989]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2375.542349][T23989] RIP: 0033:0x7f9d5f592da9
[ 2375.546599][T23989] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2375.566044][T23989] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2375.574289][T23989] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2375.582101][T23989] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2375.589911][T23989] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2375.597722][T23989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket(0x0, 0x5, 0x0) (async)
r1 = socket(0x0, 0x5, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000000500)={0x4f8, 0x80000000, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) (async)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000000500)={0x4f8, 0x80000000, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c89, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, &(0x7f0000000080)=0x83, r0, &(0x7f0000000100)=0x4, 0x31febe61, 0x0)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x60180, 0x0)
write(r3, &(0x7f0000000180)="832d2e5bc7e83af55ba432f18856995a1cc8b1de02657e25272bc001961dcb7fc5addc303042f98906aad08ab48118412c9b66bee8b7f266592e834f78dd1760c2496b7e501f9494d02fe7e4e95e26340964d30ac776c857bcc197e58eda8e0aad7900e2ab59b6c3236b7f9b190c06efac27d47dfdb28891122c166285cf307ac97038bfc14ac1e7987e9b8b7a4b494a965c5f8e7ba5fceba3fcf319d858ac65b87e74a50363df842c901a1d2ddcfecd2cfd9b263ef24872ee0b98c3f9a9963220a1d22d5a99b46b108ab7a747c3949dfcf6dc9073f177bee212bb587b0fb16c0f36432e", 0xe4)

03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, &(0x7f0000000080)=0x83, r0, &(0x7f0000000100)=0x4, 0x31febe61, 0x0) (async, rerun: 64)
r2 = socket(0x1e, 0x1, 0x0) (rerun: 64)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x60180, 0x0)
write(r3, &(0x7f0000000180)="832d2e5bc7e83af55ba432f18856995a1cc8b1de02657e25272bc001961dcb7fc5addc303042f98906aad08ab48118412c9b66bee8b7f266592e834f78dd1760c2496b7e501f9494d02fe7e4e95e26340964d30ac776c857bcc197e58eda8e0aad7900e2ab59b6c3236b7f9b190c06efac27d47dfdb28891122c166285cf307ac97038bfc14ac1e7987e9b8b7a4b494a965c5f8e7ba5fceba3fcf319d858ac65b87e74a50363df842c901a1d2ddcfecd2cfd9b263ef24872ee0b98c3f9a9963220a1d22d5a99b46b108ab7a747c3949dfcf6dc9073f177bee212bb587b0fb16c0f36432e", 0xe4)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, &(0x7f0000000080)=0x83, r0, &(0x7f0000000100)=0x4, 0x31febe61, 0x0)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x60180, 0x0)
write(r3, &(0x7f0000000180)="832d2e5bc7e83af55ba432f18856995a1cc8b1de02657e25272bc001961dcb7fc5addc303042f98906aad08ab48118412c9b66bee8b7f266592e834f78dd1760c2496b7e501f9494d02fe7e4e95e26340964d30ac776c857bcc197e58eda8e0aad7900e2ab59b6c3236b7f9b190c06efac27d47dfdb28891122c166285cf307ac97038bfc14ac1e7987e9b8b7a4b494a965c5f8e7ba5fceba3fcf319d858ac65b87e74a50363df842c901a1d2ddcfecd2cfd9b263ef24872ee0b98c3f9a9963220a1d22d5a99b46b108ab7a747c3949dfcf6dc9073f177bee212bb587b0fb16c0f36432e", 0xe4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f00000004c0)) (async)
splice(r0, &(0x7f0000000080)=0x83, r0, &(0x7f0000000100)=0x4, 0x31febe61, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x60180, 0x0) (async)
write(r3, &(0x7f0000000180)="832d2e5bc7e83af55ba432f18856995a1cc8b1de02657e25272bc001961dcb7fc5addc303042f98906aad08ab48118412c9b66bee8b7f266592e834f78dd1760c2496b7e501f9494d02fe7e4e95e26340964d30ac776c857bcc197e58eda8e0aad7900e2ab59b6c3236b7f9b190c06efac27d47dfdb28891122c166285cf307ac97038bfc14ac1e7987e9b8b7a4b494a965c5f8e7ba5fceba3fcf319d858ac65b87e74a50363df842c901a1d2ddcfecd2cfd9b263ef24872ee0b98c3f9a9963220a1d22d5a99b46b108ab7a747c3949dfcf6dc9073f177bee212bb587b0fb16c0f36432e", 0xe4) (async)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async, rerun: 32)
r2 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 32)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async, rerun: 32)
listen(r3, 0x0) (rerun: 32)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async, rerun: 32)
r4 = syz_open_procfs(0x0, &(0x7f00000039c0)='net/tcp6\x00') (rerun: 32)
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0x2020)
read$FUSE(r4, &(0x7f0000003a00)={0x2020}, 0x2020) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'bond0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000680)={0x11, 0x1, r6, 0x1, 0x29, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x14) (async)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0xb3, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x94, 0x8, 0x8, &(0x7f0000000180)}}, 0x10) (async)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000003c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x5, 0x1, 0x2, 0x125}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000480)=[{0x0, 0x4, 0xc, 0x3}, {0x3, 0x4, 0x4, 0xc}]}, 0x90)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)={@ifindex=r8, 0xffffffffffffffff, 0x2d, 0x2009, r10, @link_id=0xffffffffffffffff}, 0x20) (async)
r11 = bpf$ITER_CREATE(0x21, &(0x7f00000005c0), 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@ifindex=<r12=>r8, 0xf, 0x1, 0x3, &(0x7f0000000600)=[0x0], 0x1, 0x0, &(0x7f0000000640)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r13=>0x0}, 0x40)
setsockopt$sock_int(r11, 0x1, 0x13, &(0x7f0000002040)=0x8001, 0x4) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=0x1, r10, 0x29, 0x10, r11, @prog_fd=r10, r13}, 0x20) (async)
r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000780)=r9, 0x4) (async, rerun: 64)
r15 = fsmount(r4, 0x1, 0x23c35d02c7122048) (rerun: 64)
connect$unix(r15, &(0x7f0000002080)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, r11, 0xd2a, '\x00', 0x0, r14, 0x2, 0x3, 0x5}, 0x48) (async)
r16 = bpf$ITER_CREATE(0x21, &(0x7f0000000840)={r11}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xa, 0xf, &(0x7f0000000880)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x3}, [@printk={@llu}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r16}}]}, &(0x7f0000000900)='GPL\x00', 0x2, 0x5d, &(0x7f0000000940)=""/93, 0x0, 0x64, '\x00', r12, 0x7, r14, 0x8, &(0x7f00000009c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x5, 0xc, 0xb85, 0x1}, 0x10, r9, r11, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0x6, 0xa}, {0x2, 0x5, 0x5, 0x5}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x3, 0xe, 0x1}, {0x0, 0x1, 0x3, 0x3}, {0x5, 0x4, 0x5, 0xa}], 0x10, 0x8}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x17, 0x1e, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x6}, @exit, @map_val={0x18, 0xb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @generic={0x3, 0x3, 0x5, 0x8, 0xfffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000000)='syzkaller\x00', 0x40, 0x0, 0x0, 0x41000, 0x40, '\x00', r6, 0x1f, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x0, 0x7, 0x81, 0x200}, 0x10, r9, 0xffffffffffffffff, 0x2, &(0x7f0000000400)=[r0, 0xffffffffffffffff], &(0x7f0000000440)=[{0x0, 0x3, 0x10, 0x3}, {0x1, 0x4, 0x10, 0x3}], 0x10, 0x4}, 0x90) (async)
accept(r3, 0x0, 0x0)

03:36:28 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 42)

[ 2375.605544][T23989] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2375.613351][T23989]  </TASK>
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2375.650717][T24029] FAULT_INJECTION: forcing a failure.
[ 2375.650717][T24029] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.663339][T24029] CPU: 1 PID: 24029 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2375.673487][T24029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2375.683384][T24029] Call Trace:
[ 2375.686507][T24029]  <TASK>
[ 2375.689284][T24029]  dump_stack_lvl+0x151/0x1b7
[ 2375.693435][ T7007] tipc: Subscription rejected, illegal request
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f0000000040)) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket(0x1e, 0x1, 0x0) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2375.693793][T24029]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2375.705257][T24029]  dump_stack+0x15/0x17
[ 2375.709247][T24029]  should_fail+0x3c6/0x510
[ 2375.713110][ T7015] tipc: Subscription rejected, illegal request
[ 2375.713499][T24029]  __should_failslab+0xa4/0xe0
[ 2375.724086][T24029]  ? vm_area_dup+0x26/0x230
[ 2375.728428][T24029]  should_failslab+0x9/0x20
[ 2375.732765][T24029]  slab_pre_alloc_hook+0x37/0xd0
[ 2375.737542][T24029]  ? vm_area_dup+0x26/0x230
[ 2375.741881][T24029]  kmem_cache_alloc+0x44/0x200
[ 2375.746482][T24029]  vm_area_dup+0x26/0x230
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
splice(r2, &(0x7f0000000040)=0xffff, r0, &(0x7f0000000080)=0x2, 0x100000001, 0x0)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2375.750648][T24029]  copy_mm+0x9a1/0x13e0
[ 2375.754644][T24029]  ? copy_signal+0x610/0x610
[ 2375.759067][T24029]  ? __init_rwsem+0xd6/0x1c0
[ 2375.763490][T24029]  ? copy_signal+0x4e3/0x610
[ 2375.767920][T24029]  copy_process+0x1149/0x3290
[ 2375.772449][T24029]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2375.777379][T24029]  ? copy_clone_args_from_user+0x744/0x830
[ 2375.783021][T24029]  kernel_clone+0x21e/0x9e0
[ 2375.787360][T24029]  ? __delayed_free_task+0x20/0x20
[ 2375.792309][T24029]  ? create_io_thread+0x1e0/0x1e0
[ 2375.797170][T24029]  __x64_sys_clone3+0x376/0x3a0
[ 2375.801853][T24029]  ? __ia32_sys_clone+0x290/0x290
[ 2375.806754][T24029]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2375.811834][T24029]  ? __traceiter_sys_enter+0x2a/0x40
[ 2375.816958][T24029]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2375.822857][T24029]  do_syscall_64+0x3d/0xb0
[ 2375.827110][T24029]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2375.832849][T24029] RIP: 0033:0x7f9d5f592da9
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
splice(r2, &(0x7f0000000040)=0xffff, r0, &(0x7f0000000080)=0x2, 0x100000001, 0x0)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

[ 2375.837097][T24029] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2375.856534][T24029] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2375.864779][T24029] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2375.872588][T24029] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2375.880403][T24029] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2375.888211][T24029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:28 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async, rerun: 32)
r2 = socket$unix(0x1, 0x1, 0x0) (rerun: 32)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = syz_open_procfs(0x0, &(0x7f00000039c0)='net/tcp6\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0x2020)
read$FUSE(r4, &(0x7f0000003a00)={0x2020}, 0x2020) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'bond0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000680)={0x11, 0x1, r6, 0x1, 0x29, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x14) (async)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0xb3, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x94, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000003c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x5, 0x1, 0x2, 0x125}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000480)=[{0x0, 0x4, 0xc, 0x3}, {0x3, 0x4, 0x4, 0xc}]}, 0x90)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)={@ifindex=r8, 0xffffffffffffffff, 0x2d, 0x2009, r10, @link_id=0xffffffffffffffff}, 0x20)
r11 = bpf$ITER_CREATE(0x21, &(0x7f00000005c0), 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@ifindex=<r12=>r8, 0xf, 0x1, 0x3, &(0x7f0000000600)=[0x0], 0x1, 0x0, &(0x7f0000000640)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r13=>0x0}, 0x40)
setsockopt$sock_int(r11, 0x1, 0x13, &(0x7f0000002040)=0x8001, 0x4) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=0x1, r10, 0x29, 0x10, r11, @prog_fd=r10, r13}, 0x20) (async)
r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000780)=r9, 0x4) (async)
r15 = fsmount(r4, 0x1, 0x23c35d02c7122048)
connect$unix(r15, &(0x7f0000002080)=@abs={0x1, 0x0, 0x4e20}, 0x6e) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, r11, 0xd2a, '\x00', 0x0, r14, 0x2, 0x3, 0x5}, 0x48) (async)
r16 = bpf$ITER_CREATE(0x21, &(0x7f0000000840)={r11}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xa, 0xf, &(0x7f0000000880)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x3}, [@printk={@llu}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r16}}]}, &(0x7f0000000900)='GPL\x00', 0x2, 0x5d, &(0x7f0000000940)=""/93, 0x0, 0x64, '\x00', r12, 0x7, r14, 0x8, &(0x7f00000009c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x5, 0xc, 0xb85, 0x1}, 0x10, r9, r11, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0x6, 0xa}, {0x2, 0x5, 0x5, 0x5}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x3, 0xe, 0x1}, {0x0, 0x1, 0x3, 0x3}, {0x5, 0x4, 0x5, 0xa}], 0x10, 0x8}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x17, 0x1e, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x6}, @exit, @map_val={0x18, 0xb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @generic={0x3, 0x3, 0x5, 0x8, 0xfffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000000)='syzkaller\x00', 0x40, 0x0, 0x0, 0x41000, 0x40, '\x00', r6, 0x1f, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x0, 0x7, 0x81, 0x200}, 0x10, r9, 0xffffffffffffffff, 0x2, &(0x7f0000000400)=[r0, 0xffffffffffffffff], &(0x7f0000000440)=[{0x0, 0x3, 0x10, 0x3}, {0x1, 0x4, 0x10, 0x3}], 0x10, 0x4}, 0x90) (async, rerun: 64)
accept(r3, 0x0, 0x0) (rerun: 64)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:28 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 43)

[ 2375.896024][T24029] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2375.903846][T24029]  </TASK>
03:36:28 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
splice(r2, &(0x7f0000000040)=0xffff, r0, &(0x7f0000000080)=0x2, 0x100000001, 0x0) (async)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

03:36:28 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = accept$unix(r3, &(0x7f0000000000), &(0x7f00000002c0)=0x6e)
accept$unix(r4, 0x0, &(0x7f0000000300))
accept(r3, 0x0, 0x0)

03:36:28 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2375.945139][T24132] FAULT_INJECTION: forcing a failure.
[ 2375.945139][T24132] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.958922][T24132] CPU: 1 PID: 24132 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2375.969869][T24132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2375.980017][T24132] Call Trace:
[ 2375.983132][T24132]  <TASK>
[ 2375.985911][T24132]  dump_stack_lvl+0x151/0x1b7
[ 2375.990432][T24132]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2375.995898][T24132]  dump_stack+0x15/0x17
[ 2375.999886][T24132]  should_fail+0x3c6/0x510
[ 2376.004151][T24132]  __should_failslab+0xa4/0xe0
[ 2376.008738][T24132]  ? vm_area_dup+0x26/0x230
[ 2376.013080][T24132]  should_failslab+0x9/0x20
[ 2376.017416][T24132]  slab_pre_alloc_hook+0x37/0xd0
[ 2376.022190][T24132]  ? vm_area_dup+0x26/0x230
[ 2376.026529][T24132]  kmem_cache_alloc+0x44/0x200
[ 2376.031142][T24132]  vm_area_dup+0x26/0x230
[ 2376.035299][T24132]  copy_mm+0x9a1/0x13e0
[ 2376.039293][T24132]  ? copy_signal+0x610/0x610
[ 2376.043717][T24132]  ? __init_rwsem+0xd6/0x1c0
[ 2376.048141][T24132]  ? copy_signal+0x4e3/0x610
[ 2376.052568][T24132]  copy_process+0x1149/0x3290
[ 2376.057086][T24132]  ? __kasan_check_write+0x14/0x20
[ 2376.062027][T24132]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2376.066974][T24132]  ? copy_clone_args_from_user+0x744/0x830
[ 2376.072630][T24132]  kernel_clone+0x21e/0x9e0
[ 2376.076955][T24132]  ? __delayed_free_task+0x20/0x20
[ 2376.081903][T24132]  ? create_io_thread+0x1e0/0x1e0
[ 2376.086767][T24132]  __x64_sys_clone3+0x376/0x3a0
[ 2376.091452][T24132]  ? __ia32_sys_clone+0x290/0x290
[ 2376.096312][T24132]  ? __kasan_check_read+0x11/0x20
[ 2376.101170][T24132]  ? preempt_schedule_notrace+0x11b/0x140
[ 2376.106729][T24132]  ? preempt_schedule_notrace_thunk+0x16/0x18
[ 2376.112629][T24132]  ? __bpf_ringbuf_reserve+0x22e/0x3b0
[ 2376.117925][T24132]  ? syscall_enter_from_user_mode+0x15e/0x1b0
[ 2376.123823][T24132]  do_syscall_64+0x3d/0xb0
[ 2376.128078][T24132]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2376.133804][T24132] RIP: 0033:0x7f9d5f592da9
[ 2376.138059][T24132] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2376.157500][T24132] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2376.165745][T24132] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2376.173557][T24132] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2376.181366][T24132] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:29 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
dup(r1) (async)
r2 = dup(r1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000700)=""/29, 0x1d, 0x0, &(0x7f00000007c0)=""/84, 0x54}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000700)=""/29, 0x1d, <r10=>0x0, &(0x7f00000007c0)=""/84, 0x54}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r12}, 0x4)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r13}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x15, 0x16, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @alu={0x4, 0x0, 0x7, 0x2, 0x0, 0x1, 0xffffffffffffffff}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}]}, &(0x7f0000000840)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x23, '\x00', r8, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x2, 0x47ad, 0x8}, 0x10, 0x0, r13, 0x2, &(0x7f0000000a00)=[r2], &(0x7f0000000a40)=[{0x3, 0x4, 0x2}, {0x5, 0x2, 0x2}], 0x10, 0x2}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x15, 0x16, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @alu={0x4, 0x0, 0x7, 0x2, 0x0, 0x1, 0xffffffffffffffff}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}]}, &(0x7f0000000840)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x23, '\x00', r8, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x2, 0x47ad, 0x8}, 0x10, 0x0, r13, 0x2, &(0x7f0000000a00)=[r2], &(0x7f0000000a40)=[{0x3, 0x4, 0x2}, {0x5, 0x2, 0x2}], 0x10, 0x2}, 0x90)

03:36:29 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 44)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c8f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.189179][T24132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2376.196990][T24132] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2376.204808][T24132]  </TASK>
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c90, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.246930][T24207] FAULT_INJECTION: forcing a failure.
[ 2376.246930][T24207] name failslab, interval 1, probability 0, space 0, times 0
[ 2376.263254][T24207] CPU: 0 PID: 24207 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2376.273411][T24207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2376.283305][T24207] Call Trace:
[ 2376.286437][T24207]  <TASK>
[ 2376.289207][T24207]  dump_stack_lvl+0x151/0x1b7
03:36:29 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 64)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async, rerun: 32)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000700)=""/29, 0x1d, <r10=>0x0, &(0x7f00000007c0)=""/84, 0x54}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async, rerun: 32)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) (rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r12}, 0x4) (async)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r13}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x15, 0x16, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @alu={0x4, 0x0, 0x7, 0x2, 0x0, 0x1, 0xffffffffffffffff}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}]}, &(0x7f0000000840)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x23, '\x00', r8, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x2, 0x47ad, 0x8}, 0x10, 0x0, r13, 0x2, &(0x7f0000000a00)=[r2], &(0x7f0000000a40)=[{0x3, 0x4, 0x2}, {0x5, 0x2, 0x2}], 0x10, 0x2}, 0x90)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c91, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c92, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.293744][T24207]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2376.299192][T24207]  dump_stack+0x15/0x17
[ 2376.303179][T24207]  should_fail+0x3c6/0x510
[ 2376.307437][T24207]  __should_failslab+0xa4/0xe0
[ 2376.312040][T24207]  ? anon_vma_fork+0x1df/0x4e0
[ 2376.316632][T24207]  should_failslab+0x9/0x20
[ 2376.320979][T24207]  slab_pre_alloc_hook+0x37/0xd0
[ 2376.325748][T24207]  ? anon_vma_fork+0x1df/0x4e0
[ 2376.330347][T24207]  kmem_cache_alloc+0x44/0x200
[ 2376.334948][T24207]  anon_vma_fork+0x1df/0x4e0
[ 2376.339382][T24207]  copy_mm+0xa3a/0x13e0
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c93, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c94, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c95, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.343375][T24207]  ? copy_signal+0x610/0x610
[ 2376.347795][T24207]  ? __init_rwsem+0xd6/0x1c0
[ 2376.352218][T24207]  ? copy_signal+0x4e3/0x610
[ 2376.356646][T24207]  copy_process+0x1149/0x3290
[ 2376.361166][T24207]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2376.366108][T24207]  ? copy_clone_args_from_user+0x744/0x830
[ 2376.371751][T24207]  kernel_clone+0x21e/0x9e0
[ 2376.376090][T24207]  ? __delayed_free_task+0x20/0x20
[ 2376.381125][T24207]  ? create_io_thread+0x1e0/0x1e0
[ 2376.385985][T24207]  __x64_sys_clone3+0x376/0x3a0
[ 2376.390681][T24207]  ? __ia32_sys_clone+0x290/0x290
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c96, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c97, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c98, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.395535][T24207]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2376.400652][T24207]  ? __traceiter_sys_enter+0x2a/0x40
[ 2376.405771][T24207]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2376.411679][T24207]  do_syscall_64+0x3d/0xb0
[ 2376.415929][T24207]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2376.421656][T24207] RIP: 0033:0x7f9d5f592da9
[ 2376.425907][T24207] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c99, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100))
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r10, 0x0)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r10, 0x0, 0x0)

03:36:29 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 45)

03:36:29 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000009c0)={'tunl0\x00', &(0x7f0000000c00)=ANY=[@ANYBLOB="73797a746e6c3100000000000000000062330a121e21467c8ee4cddc10f64546a6b4360667657ac10c3f35003efc9100cea5ca90104c71011a064e803abd6bffd79f4fe97d4d68671bbba963390365cbc16b1a5860d1a446002d12a540f607ee844d4a177797d419a585eb3f74a4ecf3fd", @ANYRES32=<r8=>0x0, @ANYBLOB="001000010000087f0000000949c5006400650000082990787f000001ffffffff94040000443cb2417f000001000003ea0a010100000000efac1414aa000000016401010000002aa97f00000100000001e000000200008001ac1e010100000003070f9affffffff7f000001ac1414bb00"]})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x3, &(0x7f0000000700)=@raw=[@map_idx_val={0x18, 0x1, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x594}, @call={0x85, 0x0, 0x0, 0x5e}], &(0x7f00000007c0)='syzkaller\x00', 0xab, 0xa0, &(0x7f0000000800)=""/160, 0x41100, 0x10, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)=[r2, r6, r2], &(0x7f0000000a80)=[{0x3, 0x3, 0x8, 0x3}, {0x4, 0x5, 0xd, 0x6}, {0x1, 0x5, 0x4, 0x8}, {0x3, 0x4, 0x1, 0x8}, {0x2, 0x5, 0x10}, {0x2, 0x4, 0x10, 0x3}, {0x4, 0x4, 0xb, 0x7}, {0x2, 0x2, 0xf, 0x8}], 0x10, 0x8}, 0x90)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="94b6ebf5b3e5c83ee7fb5d64ec0915e83da4f696e052bf7d8104a8cb533a4f72497491a614469be66f1802774a289e175844860d0deb1c08d65563b16602dc89d8d7dc968549326fd53a77f6ca0a6efbe2ab31758824965fb4312ab8288878b05d4acf1e07a867b33530ba3075cad257b5f08206f6ca712939da89eb80c6261d7fcc2a7b5b4690d4ee81d3edae2924c9e1e820e231161bedb7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000bc0)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.445353][T24207] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2376.453596][T24207] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2376.461404][T24207] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2376.469218][T24207] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2376.477028][T24207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2376.484839][T24207] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2376.492659][T24207]  </TASK>
03:36:29 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100))
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r10, 0x0)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r10, 0x0, 0x0)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000100))
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000300)={@remote, <r2=>0x0}, &(0x7f0000000340)=0x14)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x48)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80dba7b216637bff006be2aa8b735dc89216d46a63a77e2206c651668c5b19593320ab481dcb93360c4f624b5e818d505fd270ed7a7a7461e29805a32545053e03d76687e80db4e07e0d84211d62344918e88a7abc64abf6b66c83a7d", 0x6c, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
write$binfmt_elf64(r4, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES8=r5, @ANYRES16], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r6=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7fc0000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000100000000000000f8ffffff17120000", @ANYRES32, @ANYRESOCT=r4], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x405, 0x9, 0x5}, 0x10, r6, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x1, 0xc, 0x9}], 0x10, 0x3ff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x1c, 0x1c, &(0x7f0000002000)=ANY=[@ANYBLOB="18000000010100000000000003a7000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000b7080000000000007b8af8ff00000000b70800003f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000851000000500000018120000", @ANYRES32, @ANYBLOB="00000000000000b8b703000000000000850000000c000000b700000000000d77c8bf55f400ac3abd73ee5865df6304663fb85e9afd3d2010dc5ec3dc2e164bbb83d115d6acce360434063b8f71f729051d95bb60780e2aeb7270fbec931409c2a6b7752a26000e1b10d33b2de6b683b1bdbc00cbd628fd1ac552fd7fca2a5d1bedb78bf0379bb345b3042967e47bf105d503ddf9809efd0987a49de0e7cb7a9667b565db7d5b"], &(0x7f0000000b80)='syzkaller\x00', 0x7fffffff, 0xd9, &(0x7f0000000bc0)=""/217, 0x41100, 0x4, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000cc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d00)={0x1, 0xc, 0x80000001}, 0x10, r6, 0xffffffffffffffff, 0x2, &(0x7f0000000d40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000d80)=[{0x0, 0xffffffff, 0xb, 0x9}, {0x1, 0x5, 0xf, 0x3}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0x15, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xa}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0x20a4, 0x9, 0x2}, 0x10, r6, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000008c0)=[{0x0, 0x3, 0xc, 0xc}, {0x1, 0x1, 0x5, 0xb}, {0x4, 0x5, 0x3, 0xb}, {0x0, 0x2, 0xb, 0xe}], 0x10, 0x5}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xf, 0x6, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @jmp={0x5, 0x1, 0x1, 0x6, 0xf, 0xfffffffffffffff8, 0x10}]}, &(0x7f0000000c40)='syzkaller\x00', 0xfffffff8, 0xb1, &(0x7f0000000c80)=""/177, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000d80)={0x3, 0x6, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000dc0)=[0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xd, 0xc, &(0x7f0000000940)=@raw=[@btf_id={0x18, 0xc, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7fff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @alu={0x4, 0x1, 0x4, 0x0, 0xa, 0xee9fc4ae48504fa, 0x4}, @jmp={0x5, 0x0, 0x9, 0x8, 0x6, 0x40}], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x56, &(0x7f0000000a80)=""/86, 0x40f00, 0x45, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x4, 0x0, &(0x7f0000000ec0)=[{0x2, 0x5, 0xf, 0x4}, {0x1, 0x4, 0xd, 0x3}, {0x3, 0x2, 0x10, 0x2}, {0x0, 0x5, 0xb, 0xc}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x9, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x90, &(0x7f0000000240)=""/144, 0x40f00, 0x40, '\x00', r2, 0x9, r1, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xc, 0xaa2, 0x8}, 0x10, r6, r1, 0x8, &(0x7f0000000400)=[r1, r1, r1, r1], &(0x7f0000000440)=[{0x4, 0x5, 0x2, 0xa}, {0x0, 0x2, 0x9, 0x5}, {0x4, 0x4, 0x7, 0x2}, {0x5, 0x4, 0x6}, {0x1, 0x4, 0x8, 0xa}, {0x5, 0x5, 0x1, 0x3}, {0x0, 0x2, 0x8, 0x9}, {0x4, 0x4, 0x1, 0x4}], 0x10, 0x32}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r10, 0x0)
connect$unix(r9, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r10, 0x0, 0x0)

03:36:29 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r10, 0x800)
lseek(r10, 0x200, 0x0)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90)
accept(r4, 0x0, 0x0)

[ 2376.533659][T24412] FAULT_INJECTION: forcing a failure.
[ 2376.533659][T24412] name failslab, interval 1, probability 0, space 0, times 0
[ 2376.547574][T24412] CPU: 1 PID: 24412 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2376.557731][T24412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2376.567629][T24412] Call Trace:
[ 2376.570960][T24412]  <TASK>
[ 2376.573739][T24412]  dump_stack_lvl+0x151/0x1b7
[ 2376.578255][T24412]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7c9f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.583729][T24412]  dump_stack+0x15/0x17
[ 2376.587713][T24412]  should_fail+0x3c6/0x510
[ 2376.591965][T24412]  __should_failslab+0xa4/0xe0
[ 2376.596571][T24412]  ? anon_vma_fork+0x1df/0x4e0
[ 2376.601165][T24412]  should_failslab+0x9/0x20
[ 2376.605529][T24412]  slab_pre_alloc_hook+0x37/0xd0
[ 2376.610281][T24412]  ? anon_vma_fork+0x1df/0x4e0
[ 2376.614875][T24412]  kmem_cache_alloc+0x44/0x200
[ 2376.619499][T24412]  anon_vma_fork+0x1df/0x4e0
[ 2376.623906][T24412]  copy_mm+0xa3a/0x13e0
[ 2376.628075][T24412]  ? copy_signal+0x610/0x610
03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:29 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2376.632510][T24412]  ? __init_rwsem+0xd6/0x1c0
[ 2376.636923][T24412]  ? copy_signal+0x4e3/0x610
[ 2376.641784][T24412]  copy_process+0x1149/0x3290
[ 2376.646305][T24412]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2376.651246][T24412]  ? copy_clone_args_from_user+0x744/0x830
[ 2376.656885][T24412]  kernel_clone+0x21e/0x9e0
[ 2376.661223][T24412]  ? __delayed_free_task+0x20/0x20
[ 2376.666175][T24412]  ? create_io_thread+0x1e0/0x1e0
[ 2376.671035][T24412]  __x64_sys_clone3+0x376/0x3a0
[ 2376.675721][T24412]  ? __ia32_sys_clone+0x290/0x290
[ 2376.680583][T24412]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2376.685700][T24412]  ? __traceiter_sys_enter+0x2a/0x40
[ 2376.690817][T24412]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2376.696721][T24412]  do_syscall_64+0x3d/0xb0
[ 2376.700972][T24412]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2376.706701][T24412] RIP: 0033:0x7f9d5f592da9
[ 2376.710956][T24412] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2376.730397][T24412] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2376.738639][T24412] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2376.746459][T24412] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2376.754265][T24412] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2376.762080][T24412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2376.769883][T24412] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2376.777714][T24412]  </TASK>
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 46)

03:36:30 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = accept$unix(r3, &(0x7f0000000000), &(0x7f00000002c0)=0x6e)
accept$unix(r4, 0x0, &(0x7f0000000300)) (async)
accept(r3, 0x0, 0x0)

03:36:30 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000009c0)={'tunl0\x00', &(0x7f0000000c00)=ANY=[@ANYBLOB="73797a746e6c3100000000000000000062330a121e21467c8ee4cddc10f64546a6b4360667657ac10c3f35003efc9100cea5ca90104c71011a064e803abd6bffd79f4fe97d4d68671bbba963390365cbc16b1a5860d1a446002d12a540f607ee844d4a177797d419a585eb3f74a4ecf3fd", @ANYRES32=<r8=>0x0, @ANYBLOB="001000010000087f0000000949c5006400650000082990787f000001ffffffff94040000443cb2417f000001000003ea0a010100000000efac1414aa000000016401010000002aa97f00000100000001e000000200008001ac1e010100000003070f9affffffff7f000001ac1414bb00"]})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x3, &(0x7f0000000700)=@raw=[@map_idx_val={0x18, 0x1, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x594}, @call={0x85, 0x0, 0x0, 0x5e}], &(0x7f00000007c0)='syzkaller\x00', 0xab, 0xa0, &(0x7f0000000800)=""/160, 0x41100, 0x10, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)=[r2, r6, r2], &(0x7f0000000a80)=[{0x3, 0x3, 0x8, 0x3}, {0x4, 0x5, 0xd, 0x6}, {0x1, 0x5, 0x4, 0x8}, {0x3, 0x4, 0x1, 0x8}, {0x2, 0x5, 0x10}, {0x2, 0x4, 0x10, 0x3}, {0x4, 0x4, 0xb, 0x7}, {0x2, 0x2, 0xf, 0x8}], 0x10, 0x8}, 0x90) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="94b6ebf5b3e5c83ee7fb5d64ec0915e83da4f696e052bf7d8104a8cb533a4f72497491a614469be66f1802774a289e175844860d0deb1c08d65563b16602dc89d8d7dc968549326fd53a77f6ca0a6efbe2ab31758824965fb4312ab8288878b05d4acf1e07a867b33530ba3075cad257b5f08206f6ca712939da89eb80c6261d7fcc2a7b5b4690d4ee81d3edae2924c9e1e820e231161bedb7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000bc0)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.061447][T24544] FAULT_INJECTION: forcing a failure.
[ 2377.061447][T24544] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2377.088552][T24544] CPU: 0 PID: 24544 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2377.098721][T24544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2377.108611][T24544] Call Trace:
[ 2377.111732][T24544]  <TASK>
[ 2377.114511][T24544]  dump_stack_lvl+0x151/0x1b7
[ 2377.119036][T24544]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2377.124501][T24544]  dump_stack+0x15/0x17
[ 2377.128484][T24544]  should_fail+0x3c6/0x510
[ 2377.132738][T24544]  should_fail_alloc_page+0x5a/0x80
[ 2377.137770][T24544]  prepare_alloc_pages+0x15c/0x700
[ 2377.142719][T24544]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2377.147754][T24544]  __alloc_pages+0x18c/0x8f0
[ 2377.152178][T24544]  ? prep_new_page+0x110/0x110
[ 2377.156782][T24544]  get_zeroed_page+0x1b/0x40
[ 2377.161204][T24544]  __pud_alloc+0x8b/0x260
[ 2377.165370][T24544]  ? stack_trace_snprint+0xf0/0xf0
[ 2377.170317][T24544]  ? do_handle_mm_fault+0x2330/0x2330
[ 2377.175524][T24544]  ? __stack_depot_save+0x34/0x470
[ 2377.180472][T24544]  ? anon_vma_clone+0x9a/0x500
[ 2377.185073][T24544]  copy_page_range+0x2bcf/0x2f90
[ 2377.189844][T24544]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2377.194705][T24544]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2377.199826][T24544]  ? copy_mm+0xa3a/0x13e0
[ 2377.203992][T24544]  ? copy_process+0x1149/0x3290
[ 2377.208678][T24544]  ? kernel_clone+0x21e/0x9e0
[ 2377.213194][T24544]  ? __x64_sys_clone3+0x376/0x3a0
[ 2377.218052][T24544]  ? do_syscall_64+0x3d/0xb0
[ 2377.222480][T24544]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2377.228391][T24544]  ? pfn_valid+0x1e0/0x1e0
[ 2377.232636][T24544]  ? rwsem_write_trylock+0x15b/0x290
[ 2377.237755][T24544]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2377.244006][T24544]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2377.249562][T24544]  ? __rb_insert_augmented+0x5de/0x610
[ 2377.254856][T24544]  copy_mm+0xc7e/0x13e0
[ 2377.258851][T24544]  ? copy_signal+0x610/0x610
[ 2377.263271][T24544]  ? __init_rwsem+0xd6/0x1c0
[ 2377.267698][T24544]  ? copy_signal+0x4e3/0x610
[ 2377.272130][T24544]  copy_process+0x1149/0x3290
[ 2377.276654][T24544]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2377.281588][T24544]  ? copy_clone_args_from_user+0x744/0x830
[ 2377.287228][T24544]  kernel_clone+0x21e/0x9e0
[ 2377.291569][T24544]  ? __delayed_free_task+0x20/0x20
[ 2377.296514][T24544]  ? create_io_thread+0x1e0/0x1e0
[ 2377.301379][T24544]  __x64_sys_clone3+0x376/0x3a0
[ 2377.306061][T24544]  ? __ia32_sys_clone+0x290/0x290
[ 2377.310933][T24544]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2377.316044][T24544]  ? __traceiter_sys_enter+0x2a/0x40
[ 2377.321165][T24544]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2377.327065][T24544]  do_syscall_64+0x3d/0xb0
[ 2377.331320][T24544]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2377.337046][T24544] RIP: 0033:0x7f9d5f592da9
[ 2377.341302][T24544] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000009c0)={'tunl0\x00', &(0x7f0000000c00)=ANY=[@ANYBLOB="73797a746e6c3100000000000000000062330a121e21467c8ee4cddc10f64546a6b4360667657ac10c3f35003efc9100cea5ca90104c71011a064e803abd6bffd79f4fe97d4d68671bbba963390365cbc16b1a5860d1a446002d12a540f607ee844d4a177797d419a585eb3f74a4ecf3fd", @ANYRES32=<r8=>0x0, @ANYBLOB="001000010000087f0000000949c5006400650000082990787f000001ffffffff94040000443cb2417f000001000003ea0a010100000000efac1414aa000000016401010000002aa97f00000100000001e000000200008001ac1e010100000003070f9affffffff7f000001ac1414bb00"]})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x3, &(0x7f0000000700)=@raw=[@map_idx_val={0x18, 0x1, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x594}, @call={0x85, 0x0, 0x0, 0x5e}], &(0x7f00000007c0)='syzkaller\x00', 0xab, 0xa0, &(0x7f0000000800)=""/160, 0x41100, 0x10, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)=[r2, r6, r2], &(0x7f0000000a80)=[{0x3, 0x3, 0x8, 0x3}, {0x4, 0x5, 0xd, 0x6}, {0x1, 0x5, 0x4, 0x8}, {0x3, 0x4, 0x1, 0x8}, {0x2, 0x5, 0x10}, {0x2, 0x4, 0x10, 0x3}, {0x4, 0x4, 0xb, 0x7}, {0x2, 0x2, 0xf, 0x8}], 0x10, 0x8}, 0x90)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="94b6ebf5b3e5c83ee7fb5d64ec0915e83da4f696e052bf7d8104a8cb533a4f72497491a614469be66f1802774a289e175844860d0deb1c08d65563b16602dc89d8d7dc968549326fd53a77f6ca0a6efbe2ab31758824965fb4312ab8288878b05d4acf1e07a867b33530ba3075cad257b5f08206f6ca712939da89eb80c6261d7fcc2a7b5b4690d4ee81d3edae2924c9e1e820e231161bedb7"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000bc0)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:30 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 47)

[ 2377.360741][T24544] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2377.368986][T24544] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2377.376798][T24544] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2377.384610][T24544] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2377.392420][T24544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2377.400231][T24544] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2377.408054][T24544]  </TASK>
03:36:30 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
r4 = accept$unix(r3, &(0x7f0000000000), &(0x7f00000002c0)=0x6e)
accept$unix(r4, 0x0, &(0x7f0000000300)) (async)
accept(r3, 0x0, 0x0)

03:36:30 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r10, 0x800)
lseek(r10, 0x200, 0x0)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90)
accept(r4, 0x0, 0x0)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ca9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.449560][T24657] FAULT_INJECTION: forcing a failure.
[ 2377.449560][T24657] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2377.467552][T24657] CPU: 0 PID: 24657 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2377.477712][T24657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2377.487607][T24657] Call Trace:
[ 2377.490733][T24657]  <TASK>
[ 2377.493509][T24657]  dump_stack_lvl+0x151/0x1b7
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7caa, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cab, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.498024][T24657]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2377.503498][T24657]  dump_stack+0x15/0x17
[ 2377.507482][T24657]  should_fail+0x3c6/0x510
[ 2377.511738][T24657]  should_fail_alloc_page+0x5a/0x80
[ 2377.516950][T24657]  prepare_alloc_pages+0x15c/0x700
[ 2377.521895][T24657]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2377.526930][T24657]  __alloc_pages+0x18c/0x8f0
[ 2377.531359][T24657]  ? prep_new_page+0x110/0x110
[ 2377.535950][T24657]  ? __alloc_pages+0x27e/0x8f0
[ 2377.540554][T24657]  ? __kasan_check_write+0x14/0x20
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cac, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cad, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.545500][T24657]  ? _raw_spin_lock+0xa4/0x1b0
[ 2377.550099][T24657]  __pmd_alloc+0xb1/0x550
[ 2377.554267][T24657]  ? __pud_alloc+0x260/0x260
[ 2377.558690][T24657]  ? __pud_alloc+0x213/0x260
[ 2377.563124][T24657]  ? do_handle_mm_fault+0x2330/0x2330
[ 2377.568325][T24657]  ? __stack_depot_save+0x34/0x470
[ 2377.573273][T24657]  ? anon_vma_clone+0x9a/0x500
[ 2377.577876][T24657]  copy_page_range+0x2b3d/0x2f90
[ 2377.582646][T24657]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2377.587507][T24657]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2377.592632][T24657]  ? copy_mm+0xa3a/0x13e0
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cae, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7caf, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.596792][T24657]  ? copy_process+0x1149/0x3290
[ 2377.601479][T24657]  ? kernel_clone+0x21e/0x9e0
[ 2377.605997][T24657]  ? do_syscall_64+0x3d/0xb0
[ 2377.610503][T24657]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2377.616416][T24657]  ? pfn_valid+0x1e0/0x1e0
[ 2377.620668][T24657]  ? rwsem_write_trylock+0x15b/0x290
[ 2377.625783][T24657]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2377.632027][T24657]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2377.637590][T24657]  ? __rb_insert_augmented+0x5de/0x610
[ 2377.642886][T24657]  copy_mm+0xc7e/0x13e0
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.646878][T24657]  ? copy_signal+0x610/0x610
[ 2377.651301][T24657]  ? __init_rwsem+0xd6/0x1c0
[ 2377.655725][T24657]  ? copy_signal+0x4e3/0x610
[ 2377.660154][T24657]  copy_process+0x1149/0x3290
[ 2377.664674][T24657]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2377.669618][T24657]  ? copy_clone_args_from_user+0x744/0x830
[ 2377.675259][T24657]  kernel_clone+0x21e/0x9e0
[ 2377.679599][T24657]  ? __delayed_free_task+0x20/0x20
[ 2377.684545][T24657]  ? create_io_thread+0x1e0/0x1e0
[ 2377.689406][T24657]  __x64_sys_clone3+0x376/0x3a0
[ 2377.694088][T24657]  ? __ia32_sys_clone+0x290/0x290
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.698957][T24657]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2377.704070][T24657]  ? __traceiter_sys_enter+0x2a/0x40
[ 2377.709192][T24657]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2377.715101][T24657]  do_syscall_64+0x3d/0xb0
[ 2377.719347][T24657]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2377.725072][T24657] RIP: 0033:0x7f9d5f592da9
[ 2377.729328][T24657] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000700)=[{&(0x7f0000003ac0)=""/4096, 0x1000}, {&(0x7f00000007c0)=""/239, 0xef}, {&(0x7f0000000900)=""/231, 0xe7}], 0x3, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:30 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 48)

03:36:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2377.748856][T24657] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2377.757104][T24657] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2377.764914][T24657] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2377.772727][T24657] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2377.780537][T24657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2377.788347][T24657] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2377.796168][T24657]  </TASK>
[ 2377.829579][T24804] FAULT_INJECTION: forcing a failure.
[ 2377.829579][T24804] name failslab, interval 1, probability 0, space 0, times 0
[ 2377.843263][T24804] CPU: 0 PID: 24804 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2377.853415][T24804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2377.863320][T24804] Call Trace:
[ 2377.866431][T24804]  <TASK>
[ 2377.869210][T24804]  dump_stack_lvl+0x151/0x1b7
[ 2377.873724][T24804]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2377.879192][T24804]  ? avc_denied+0x1b0/0x1b0
[ 2377.883621][T24804]  dump_stack+0x15/0x17
[ 2377.887697][T24804]  should_fail+0x3c6/0x510
[ 2377.891956][T24804]  __should_failslab+0xa4/0xe0
[ 2377.896549][T24804]  ? vm_area_dup+0x26/0x230
[ 2377.900888][T24804]  should_failslab+0x9/0x20
[ 2377.905227][T24804]  slab_pre_alloc_hook+0x37/0xd0
[ 2377.910002][T24804]  ? vm_area_dup+0x26/0x230
[ 2377.914347][T24804]  kmem_cache_alloc+0x44/0x200
[ 2377.918947][T24804]  vm_area_dup+0x26/0x230
[ 2377.923111][T24804]  copy_mm+0x9a1/0x13e0
[ 2377.927108][T24804]  ? copy_signal+0x610/0x610
[ 2377.931525][T24804]  ? __init_rwsem+0xd6/0x1c0
[ 2377.935952][T24804]  ? copy_signal+0x4e3/0x610
[ 2377.940380][T24804]  copy_process+0x1149/0x3290
[ 2377.944898][T24804]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2377.949842][T24804]  ? copy_clone_args_from_user+0x744/0x830
[ 2377.955502][T24804]  kernel_clone+0x21e/0x9e0
[ 2377.959831][T24804]  ? __delayed_free_task+0x20/0x20
[ 2377.964772][T24804]  ? create_io_thread+0x1e0/0x1e0
[ 2377.969634][T24804]  __x64_sys_clone3+0x376/0x3a0
[ 2377.974318][T24804]  ? __ia32_sys_clone+0x290/0x290
[ 2377.979181][T24804]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2377.984305][T24804]  ? __traceiter_sys_enter+0x2a/0x40
[ 2377.989424][T24804]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2377.995321][T24804]  do_syscall_64+0x3d/0xb0
[ 2377.999572][T24804]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2378.005300][T24804] RIP: 0033:0x7f9d5f592da9
[ 2378.009570][T24804] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cb9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 49)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cba, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 32)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000700)=[{&(0x7f0000003ac0)=""/4096, 0x1000}, {&(0x7f00000007c0)=""/239, 0xef}, {&(0x7f0000000900)=""/231, 0xe7}], 0x3, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 32)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2378.028996][T24804] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2378.037243][T24804] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2378.045053][T24804] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2378.052864][T24804] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2378.060674][T24804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2378.068485][T24804] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2378.076317][T24804]  </TASK>
03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cbb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cbc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2378.108667][T24911] FAULT_INJECTION: forcing a failure.
[ 2378.108667][T24911] name failslab, interval 1, probability 0, space 0, times 0
[ 2378.121792][T24911] CPU: 0 PID: 24911 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2378.131947][T24911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2378.141837][T24911] Call Trace:
[ 2378.144966][T24911]  <TASK>
[ 2378.147741][T24911]  dump_stack_lvl+0x151/0x1b7
[ 2378.152257][T24911]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cbd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cbe, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cbf, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2378.157723][T24911]  ? avc_denied+0x1b0/0x1b0
[ 2378.162070][T24911]  dump_stack+0x15/0x17
[ 2378.166055][T24911]  should_fail+0x3c6/0x510
[ 2378.170312][T24911]  __should_failslab+0xa4/0xe0
[ 2378.174913][T24911]  ? vm_area_dup+0x26/0x230
[ 2378.179249][T24911]  should_failslab+0x9/0x20
[ 2378.183598][T24911]  slab_pre_alloc_hook+0x37/0xd0
[ 2378.188363][T24911]  ? vm_area_dup+0x26/0x230
[ 2378.192699][T24911]  kmem_cache_alloc+0x44/0x200
[ 2378.197303][T24911]  vm_area_dup+0x26/0x230
[ 2378.201468][T24911]  copy_mm+0x9a1/0x13e0
03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2378.205464][T24911]  ? copy_signal+0x610/0x610
[ 2378.209890][T24911]  ? __init_rwsem+0xd6/0x1c0
[ 2378.214313][T24911]  ? copy_signal+0x4e3/0x610
[ 2378.218740][T24911]  copy_process+0x1149/0x3290
[ 2378.223260][T24911]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2378.228201][T24911]  ? copy_clone_args_from_user+0x744/0x830
[ 2378.233840][T24911]  kernel_clone+0x21e/0x9e0
[ 2378.238178][T24911]  ? __delayed_free_task+0x20/0x20
[ 2378.243125][T24911]  ? create_io_thread+0x1e0/0x1e0
[ 2378.247985][T24911]  __x64_sys_clone3+0x376/0x3a0
[ 2378.252677][T24911]  ? __ia32_sys_clone+0x290/0x290
03:36:31 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_write\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

[ 2378.257535][T24911]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2378.262656][T24911]  ? __traceiter_sys_enter+0x2a/0x40
[ 2378.267785][T24911]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2378.273674][T24911]  do_syscall_64+0x3d/0xb0
[ 2378.277931][T24911]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2378.283656][T24911] RIP: 0033:0x7f9d5f592da9
[ 2378.287909][T24911] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:31 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r5, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x21, &(0x7f00000019c0)=ANY=[@ANYBLOB="8520000004000000b7080000000000007b8af8ff00000000b7080000000400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000031827506080000001856000006000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018170000", @ANYRES32=r0, @ANYBLOB="000000000000001812a7afab6ac876b059af4fb19688a4482524f4321913f361045dadee9a528d6b95b501c5e79591f3660a95177aca6a65", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000000268090004000000"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41000, 0x14, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000040)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x9, 0x0, 0x7fffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000500)=[r0, r2], &(0x7f0000000540)=[{0x9, 0x4, 0xa, 0x2}, {0x1, 0x3, 0x1, 0xa}, {0x0, 0x1, 0xf, 0x1}, {0x4, 0x2, 0xe, 0xa}, {0x0, 0x4, 0x7, 0xa}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x1}, 0x90)
connect$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
shutdown(r3, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x40081, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xf, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRES16], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(r8, &(0x7f0000000800)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r10, 0x800)
lseek(r10, 0x200, 0x0)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
sendfile(r10, r11, 0x0, 0xf800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x1, <r12=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="18002b4c421453aec3e8b72004bc7a00f2d05120af2f7ce3a01d1f3bdc33f3f500"/42], &(0x7f0000000080)='GPL\x00', 0x1f, 0xaf, &(0x7f00000005c0)=""/175, 0x41100, 0x8, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xc, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x4000a, 0x7, 0xedb}, 0x10, r12}, 0x90)
r13 = signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x20, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb1}, @map_fd={0x18, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='GPL\x00', 0x7, 0xa2, &(0x7f0000000740)=""/162, 0x0, 0x0, '\x00', r9, 0x6, r10, 0x8, &(0x7f0000000880)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x1, 0x7, 0x1f, 0x5b6}, 0x10, r12, r8, 0x0, &(0x7f0000000900)=[r13, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x0, 0x10, 0x85}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x20, 0x5, &(0x7f0000000680)=@raw=[@btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0x1, 0x2, 0xa5594de3a1e9ad4a, 0xfffffffffffffffc, 0xffffffffffffffff}], &(0x7f00000006c0)='GPL\x00', 0x6, 0xb8, &(0x7f0000000700)=""/184, 0x0, 0x63, '\x00', r6, 0x1b, r7, 0x8, &(0x7f0000001800)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000001840)={0x0, 0xb, 0x1, 0x7}, 0x10, r12, r7, 0x2, &(0x7f0000001880)=[r7], &(0x7f00000018c0)=[{0x4, 0x2, 0xb, 0x3}, {0x5, 0x2, 0x1, 0x8}], 0x10, 0x400}, 0x90)
accept(r4, 0x0, 0x0)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000700)=[{&(0x7f0000003ac0)=""/4096, 0x1000}, {&(0x7f00000007c0)=""/239, 0xef}, {&(0x7f0000000900)=""/231, 0xe7}], 0x3, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:31 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 50)

[ 2378.307357][T24911] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2378.315600][T24911] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2378.323411][T24911] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2378.331218][T24911] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2378.339029][T24911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2378.346846][T24911] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2378.354664][T24911]  </TASK>
03:36:31 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_write\x00', r2}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0)

[ 2378.380138][T25039] FAULT_INJECTION: forcing a failure.
[ 2378.380138][T25039] name failslab, interval 1, probability 0, space 0, times 0
[ 2378.393229][T25039] CPU: 1 PID: 25039 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2378.403394][T25039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2378.413277][T25039] Call Trace:
[ 2378.416400][T25039]  <TASK>
[ 2378.419180][T25039]  dump_stack_lvl+0x151/0x1b7
[ 2378.423691][T25039]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2378.429163][T25039]  dump_stack+0x15/0x17
[ 2378.433150][T25039]  should_fail+0x3c6/0x510
[ 2378.437406][T25039]  __should_failslab+0xa4/0xe0
[ 2378.442005][T25039]  ? anon_vma_clone+0x9a/0x500
[ 2378.446607][T25039]  should_failslab+0x9/0x20
[ 2378.450945][T25039]  slab_pre_alloc_hook+0x37/0xd0
[ 2378.455718][T25039]  ? anon_vma_clone+0x9a/0x500
[ 2378.460317][T25039]  kmem_cache_alloc+0x44/0x200
[ 2378.464918][T25039]  anon_vma_clone+0x9a/0x500
[ 2378.469357][T25039]  anon_vma_fork+0x91/0x4e0
[ 2378.473687][T25039]  ? anon_vma_name+0x4c/0x70
[ 2378.478115][T25039]  ? vm_area_dup+0x17a/0x230
[ 2378.482541][T25039]  copy_mm+0xa3a/0x13e0
[ 2378.486536][T25039]  ? copy_signal+0x610/0x610
[ 2378.490957][T25039]  ? __init_rwsem+0xd6/0x1c0
[ 2378.495379][T25039]  ? copy_signal+0x4e3/0x610
[ 2378.499808][T25039]  copy_process+0x1149/0x3290
[ 2378.504328][T25039]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2378.509270][T25039]  ? copy_clone_args_from_user+0x744/0x830
[ 2378.514911][T25039]  kernel_clone+0x21e/0x9e0
[ 2378.519261][T25039]  ? __delayed_free_task+0x20/0x20
[ 2378.524200][T25039]  ? create_io_thread+0x1e0/0x1e0
[ 2378.529070][T25039]  __x64_sys_clone3+0x376/0x3a0
[ 2378.533747][T25039]  ? __ia32_sys_clone+0x290/0x290
[ 2378.538610][T25039]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2378.543726][T25039]  ? __traceiter_sys_enter+0x2a/0x40
[ 2378.548860][T25039]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2378.554750][T25039]  do_syscall_64+0x3d/0xb0
[ 2378.559005][T25039]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2378.564729][T25039] RIP: 0033:0x7f9d5f592da9
[ 2378.568985][T25039] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2378.588424][T25039] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2378.596671][T25039] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2378.604482][T25039] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2378.612296][T25039] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2378.620104][T25039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_write\x00', r2}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0) (async)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0)

03:36:31 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 51)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001ac0)={r5, 0x0, 0xed, 0xa4, &(0x7f00000007c0)="67644073dbd99c313722a1e48467188ad62a6d595b0c8590f45774d7a9e2376b3b30157a38e7cdf7a22568053b6b76813bfe66943a82f7ddadfc3259acf764beb894f943c736474ea5bccd306f033b1808e58a0412b71d0965bdae611d3f74c6ba077be03aa6e06e73d20475cf31389fa5eeb4d9e499ae801cfe6e10471bfb86a374ad4318a387eb46ef8d67aa526dd3358ab9ffdc0d840167c747330da5e005ebe7b616c991dd4b888656574c6b9d855be98837987ca7458882753037f83c17bc2ee3f0a9435bb3d10a9af411e4b97b2c3a7c082759585c86daac2ff1a5516f5f2550a6e691abbe234ca2aa4e", &(0x7f0000000900)=""/164, 0x6, 0x0, 0xc6, 0x1000, &(0x7f00000009c0)="2fcbba28117f354ca332d60758aaa81250bbaf9da5508914c672b5af57eb73adb5d7bc0ee15929540b87343f7bebba7ca4d232a7088e95d7eb47acc6fb4276cec8540612711a23a91b77d2dfb954b803fb8579506ca91e41d94f5fa93fdfaea560501d07f6ce875b809f16f376201b8d726c1624b13ea6174ba3508d14e96c6b7b3fa1ba0ee4ca14e3d11b77d870444ee0aad527f789f8784556c17c56abccd9b8a57665573901085e553c80837006475e8b52480d5a2b25ac2f6742fca69d805e1f7534807b", &(0x7f0000000ac0)="a53d1b9e538633a6ad5321b0867516636451286fc4ed6e459a95712ad9abd4da1fb4f0ead098a8dfcdc120154b3da2b0039de117b1a24a1d560e0affc532c328064f332329bd60b6e0d2a1be1a8cde5c65dc03bcd0909d0cf46a7adaaa95aee7dd001bfb7012fa496675aee48dfef86910bc1ab7205b5d8f891181aa1fe35c863b37c49e05c8de4eec01ba865384bde308781cb6275e7386868589e379800ca83d8fd285187be0dc83f1018b5ee61131aa0c704f83a6ab82c9e1edcd947611527cb8cac5fcb6630ea1a7a6f6795a4b4fe137b0b15b6722fcdddd2ed3efeeb630d94f05448cf21a7f7573a6d55a751a1043e040933a8d0fac1c3ab4654ccef2dfb4aa477da3860cf33123eb04b2b4b5f1755a170038020650a51c6469cb81fcb9d7129441124bd9b43428fd1b7c477e0a64d8b4cdf8549a10a615f42dbb2c428e97b9b4aaa88fedd2a4ad65576a63b81e118e86cca0d002e8385503d9b656a39b8b49cdacff2b446e168e5e8cbf6310db2259084254c86e812412a49f8ade6d578e60630148cb1980db2bbccf85d5880db3d88f4491ccf8a909151339bba027efba0fd1c65e39ae2f35242bd96c8d477e5dede7bef9c531b79991d35bb5b2f29966ea875b09ff4a7eb471ea7c636b6159ff43b30d3bca7eb814b319c1192376c322c1f005695f63a7752d4ad7f230c70690828fe4f232536a9c7c6a745cb6f5b927375761aec8007cc340ebf20c641a952f41bf30e90f024b95eb31cfcfc697870dec33884486e2b126cd13ed6143c7527b53693f0dec037f2a9a7f371d84a5d446e45b24d340b32562ef234e58e0d872f5dab65a4728ed0c47d82de16db6ea5e5c2c2cda52d477b03c5906894eccba08ecb3b8919a6e70df0487b83837933d2f901244d9dbfda73c424428efdd2d8f71f56f7815a392e9708ee62b810148fe8e5ce7fbb802f182d87caad32ec69afd8dcbbdcba157fc45a39ab0ffd56e1b75247e78e957d0f30f972c47766059ad1b025680a1a7b6668fd38f351b0960bff29c90c3e1b9d519196bbacf396c45d7067e3c3f771863dde5e92dff11c358ffd805956308a760d20fd65c9e08c85a6ee79fc69786da07594ac95eb10e7f681eb7964dfa06bbe64d1da3f23be1ab2a1b1579bfbd9d8ff06682c08e55a003db1874a1a28097f632286b78f2d16fdaac3895e9b4867796b2e3edcf5f1755701d4abf8d1d3d575ae0541b1e3032dddf9523a85fb9742c65dc59251ccda0c3d10b4a85921a81f5cbdc7422a50701a33580b69ea20744df3d2e750e4e513771e41c20bb272aa91920a491658d1df43d95e5ba67101ce2b39c8805dabb2e7f848985693588d6986acbcc9c6a5c31f83cbe397ff7977e87bb3e203f7434aad1e7003fc604aa62b981e973d0e66bfe4c05a1dfe8cca57420087386cdc32280cd09f50c6dc7c08d0d06d651120c1b0e58d87d519f7d36f27c21016d928aa86730f9bd7b4d074e8a4df290da51d8ff3a482d71ebc977b6d901074185640532570cfdfbcea0df383aafc207ee530ef8eed82d9333a31e042431658a28859307f55d46cb90a2f2bc210ce8265eb260b0104b0961d437dfefcedc6d4069e39fb00a6201aca62daab54cecfd71ebbf0a4be9e18e2415d29d01e684c103b7e0f34d3f8739c1ba258ae4866369b27de19b703e7585cac4f493b101e1036149919eac664ad6ab4ccf18c33c49bc0670ffb517143408d2553f72213c8f2a05393d7b6fe4ea31745277ae87a9c260973bc77cb679d3c0c52dcf37fa19dbce247c5c40755129cd07e9dd76288c70d80a6408a63fcd53fccf8f0afa927e58af5dd297b5a7cc0d2e4799c6c4fcafdcd4f2f47d2ab7f0de90536b974f5dce2bf4a8f66925683556518d30dd66087abbbbdd5b9fcfbf01917842d2d51e1b77b2c825e4d33d3cf7ff9c85920ba8b3682cd9c55d375cf0a5fd26a13a7842b853a7e6ef7fa87cbe611ecb72808bce2de9d498538d868791eceb0d2bc7bba66973ea7bedd86e7f98a08ae46a3c89733f817e7af42b2359e61fae61e5f9500f3f6bfef91c966bb1fb8893e5a3158482b0ee593ce4b565b0cedf432a6bcef42fd13869ae995f951c82b8d805131ddbd18da3315a06795ce283718820b12af019b6cb89008e0d4916ceedebb7dce5e9f662a333fc73b6e2e95d6a8fbfb3c151ed930b400c610f3fc3d4be51dc8139c492d12be8247cfa3df4e6a009cb67c6905d42846a1af43268b1d488d8dfd01a7041b2174f156779ddd424b43af73076fd82da29822e41ab1ec14f8d0b8785b09996ab297d891938f1ef4c94d07ded2510419b30892d4657e7e0c3209fbba1ee42c6cc054637c04158a8b6078f8fb73cf842a82ff0161eb893b9de9eeae7dccca6f4e11935f26a41e6676e71cd1e170d5b8e9871e608a27abf2a4f44657af188eb0c304b532457cef61bc14791f5badaf473508c5c9aa5c75516ba30e1efd09878aa7bbe35db9a5869e0066346fd1ae6bbdcb811643412e76da9220aaa49dad7b4d4a01a353c7d70a8ba544373b57cd1789bf844a7954505548e4fa8403a0b82da142adcc8467c61c556d809c72431c1abe6ce6055ed5eb975add9d1d17d1ede75170705e50156bcae1e2ba8499d0c9f526a5b8de67492c4b953264e8141e10eed260f4a018d934a515e8fa38ada168faa2c1504d8db5cb1ed98bb59c21717b4ea0cf077057c21c4819fd1a2b1f327383da094f7faef2e2a67c0dd0d591dbf94a200bc63eacd72bd8853ba70172cbab2eac26c93e15bd63d7f225e6d0d53b023b50ef7c44aac65dad6afd04d6a06b469caa360d83143a4004bb57ddf13037546a8225c2525af272c4ee703a63e0db78c3fe21d663a22b308d802809048b03aa459fb5d368b5860354153c8d16b90422ae6f43f9e1351d2e822a442e82816ca0053288951818c4babb5236e92d3ac0800b1ac4c948b61a5117e480eb00edb410d93388900bb5c67ba9cf81e61f183a80ef72be39005730ea0d27c0c165f2683f695b50e8f89592a74ad17bdb60d340332fb80314f56639cd20d261de07f0b13da227c58fe2954d599a6d439c4252adea7122c915b91f9ae89765627a981810d977aefb7e40d62680cff8b7417048a93bc177c2a3f922c78917fd8e1c5f79ddc544996ebe91cfb93c82ccbb72eebfb79c065513f80f291044dbb99cf6f090cf4f63096a9a70ff285fca802bc0c6eca406e8850524d3c4368bbe52d85ed8d1bd95e8120fb5358a4639a6f46734eae5fbe9533f26c443e2ed21f5f91972e4c5d182e37173f93c36b20c904e3ebd4dee3f1bf73a4b5e5eb2654a0c270534f82a34581ab2d6a816f25ba0ef184ac55ae29c1fce94b4aed34cd44d464bf03c8aacc5a5ce3974518cc83e4b75a27c080cbdcf8fc918efab524cf5e7f03fcbffdf119b7dd47255df995d3c46229e62fe405b1cdbfc0f1ddaeec870e4b477fa50a41430853bf1932765de8b65da8a1fe71468e206001d57c9d599f26225f25daf659e69880e326c72bcc2576caef0e7b6ba00d2c87815e9bc4c578ad8161e8247a4602b063cd56c844fd135586ec8c3c816230453196c58ea3963e1cecbd860f15292e5fe26f45b43d1bae00f00ea09e9c1a48cdc321edb4ddaf2fe2e2bdceb481a15f8274a42ab6b6f1a409a9ce2fde023401c7e2d198ef71d6686c6b7f81c3fed854299ae2d0c9da951353a387c517925c3a308463c893a5a4232e92107215f406e8ce1bf84781d546950286272c906f58edf741512236596a9f6c075b9d10e99696dc4c251be07b42707b14a2718f92a9fa1a698994b9e85b3be442aa38963ebf46be60f749f1980b5341aa4365e0978ee952007ea3aa37e96b8888dab5b75e97c984b616106406f78413d3391cdce72b5c19930014761e8e69f884f00ceffa77b4e84f04d95cc5189a1253559aac4aa424aac2905eb15a3eab9dccdc1436bd0270c7bf214ea99b06fe4a1b78319e14a0bdeb765e9984466994407fc8ef669639f79c175a0cd6d0d843f70fad74fd9f7c1b20e7c5e3aba847f5f1c5439e9fe70e29f8f8797a3ffe635c65156d3b8e32c918c2b2eb341d061efdcf39d00cb2a5ae3599b1a55f1ceb4a08bd9dd884c1c453c47d020d648cc00419b46217bf5bddcc701b2e5891b6fac58a6870ea4772eecc88554ff0da01cca296103d85f6c01236ee7bc596f416290d1549d6c6568d44678043a8ac413726655027a569472e8b63e8463598c4bc76bbce23e3b09a35833a90c5164510c689d6560316d0f91acd01e23960b95d0e0cf153cb226a1ff1f4ac4473a940e188484c26e559d2fba5ee8ead7769dcc2d40e43f409466ddb857c4b23d0c9949eec023a2c21aa415227f7fa383ece9d26c4516ce05e2f8e435b07a4667f1d75f6d19b4986c459f7d2ef43a22d7eed3e8e28a8bc9d7bde527f1f0117535b8fbd071ed53d8048229b7c51b86028fa31f79f7138b41eeeddd96fa9cded7cf9ba9e593ccc1a2ceb7a6c8c056223d639212cc41b7d640ec28391f5c18fde9453edc747028c6231f6e7f2ae464b42f523381fbab596e0f53998029c891c4c6673df8e2a99ba4c3ba75a49dc4a942c369b3bf02d177ebb68d74fd2fab687785b2a9858cf1d261527d57e81c083cb1917dcea32258b08f9516aa688608cc4c71b4cc3f573466a47d696755a005eb13b6ba46bf33179949c8ed129bfb39233d8e0aef60c86f9be7acb7de3fb253a1d46cfd9e6d9f9a4e3874e005ac71d3a525414cc3fe3144453ba64644f3c7e3ed2bb8cb583f7d1bbe9365cd919f4a31d93684cef0e4cefe967545a6958f3883c2172df127cdd66a224d4889bc1543991f1754c9f59ca7ce6daccf49eb7cd4005e2c4899354c7752a150f123c99ef692c827d43beff05d86c627356d3052131ddcfb9d68ccc67064666e8c847642380e00f6305a70e6c3dc0d394af2e0aa5b5413752e518183faa16e3c20ad980df0aa09e59aa38a9a07cee1c9770caee0f2ed783f7948a83290ec9e3b17e97c0c6f3af50546f67cdc533f22e9e0a8eef9d4872c2b343e0e3b70b9c537f91ac5dcce845c5327e1351ad2b58dfe5c3333b70ed3ef61c1f1647bbc8fdb58d9eae2d7d30a875ad0ce61ff79f827a398a65d154e1ea3b358e75859cf12036a78686ce6e2e72ea162f36f5657f1a07101cb5ac159992ab41dfb5ccd021fe2c5b5da0d7347805874542a8a71aca69dd50f532dc137b318c2ab31a3c808fcd52bb2b242dfa2847a94844a6084a9811739bd36c336bdeadceaffc31fc8d2d812900ee3525844032f522146549d386dc84e631ebe2e1753841375e369faedd7575f2838c08794e832eb44b9fb7717c763110ad84450ce46dc37492cb656dbbfa532a5af35ce4d1bdb5184b8151ca2b9b2c14a865896f0c3ef14677a787877bcad223d7a3918b2665bf2926236e0d50c5e98e27ecf639177c72fcceba037fc5a91348bc1306352774b65246b76e16d8ef13dc631c30ee01fcc18c89f7184483a87ccca431ed31e0a6b25781516af9e35b680c3dfce1cfccdfad56bb9a2927de14b695e245755fa7cd6a8befd6c253cadf79f8d9409bfc6e964c571e2982a0bfaef02b5150f9f94dce85a0f6f2fe50c5e388b71f7a60ab39fa0236fec79dda058248d074ed60d78872151a9f0a7eec7794d5836a4728aec162a4d4359043b076aab00c81f23f1c7267ae8dd6b8001b94b8426a913a5a487e3147b7479f672c9b9186444c4674ae3867eb073391d13dda1e6daafe60148dc2a0778ca417e9581192", 0x2, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2378.627916][T25039] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2378.635821][T25039]  </TASK>
03:36:31 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b5080000000000007b8af8ff00000000bfffffffb703000008000000b704000000000000850000008200000095000000000000000000000000a90668f7e0a2b53383e019a2863f4e00000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

[ 2378.689905][T25154] FAULT_INJECTION: forcing a failure.
[ 2378.689905][T25154] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2378.708651][T25154] CPU: 1 PID: 25154 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2378.718886][T25154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2378.728780][T25154] Call Trace:
[ 2378.731904][T25154]  <TASK>
[ 2378.734685][T25154]  dump_stack_lvl+0x151/0x1b7
[ 2378.739197][T25154]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2378.744664][T25154]  dump_stack+0x15/0x17
[ 2378.748657][T25154]  should_fail+0x3c6/0x510
[ 2378.752910][T25154]  should_fail_alloc_page+0x5a/0x80
[ 2378.757942][T25154]  prepare_alloc_pages+0x15c/0x700
[ 2378.762889][T25154]  ? __alloc_pages+0x8f0/0x8f0
[ 2378.767579][T25154]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2378.772958][T25154]  ? sched_clock+0x9/0x10
[ 2378.777128][T25154]  __alloc_pages+0x18c/0x8f0
[ 2378.781556][T25154]  ? prep_new_page+0x110/0x110
[ 2378.786163][T25154]  ? 0xffffffffa0002dbc
[ 2378.790144][T25154]  ? is_bpf_text_address+0x172/0x190
[ 2378.795351][T25154]  pte_alloc_one+0x73/0x1b0
[ 2378.799690][T25154]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2378.804723][T25154]  ? arch_stack_walk+0xf3/0x140
[ 2378.809414][T25154]  __pte_alloc+0x86/0x350
[ 2378.813578][T25154]  ? free_pgtables+0x280/0x280
[ 2378.818175][T25154]  ? _raw_spin_lock+0xa4/0x1b0
[ 2378.822777][T25154]  ? __kasan_check_write+0x14/0x20
[ 2378.827908][T25154]  copy_page_range+0x28a8/0x2f90
[ 2378.832693][T25154]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2378.837550][T25154]  ? pfn_valid+0x1e0/0x1e0
[ 2378.841795][T25154]  ? vma_gap_callbacks_rotate+0x1b7/0x210
[ 2378.847351][T25154]  ? __rb_insert_augmented+0x5de/0x610
[ 2378.852652][T25154]  copy_mm+0xc7e/0x13e0
[ 2378.856641][T25154]  ? copy_signal+0x610/0x610
[ 2378.861063][T25154]  ? __init_rwsem+0xd6/0x1c0
[ 2378.865489][T25154]  ? copy_signal+0x4e3/0x610
[ 2378.869917][T25154]  copy_process+0x1149/0x3290
[ 2378.874435][T25154]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2378.879395][T25154]  ? copy_clone_args_from_user+0x744/0x830
[ 2378.885022][T25154]  kernel_clone+0x21e/0x9e0
[ 2378.889356][T25154]  ? __delayed_free_task+0x20/0x20
[ 2378.894304][T25154]  ? create_io_thread+0x1e0/0x1e0
[ 2378.899166][T25154]  __x64_sys_clone3+0x376/0x3a0
[ 2378.903851][T25154]  ? __ia32_sys_clone+0x290/0x290
[ 2378.908715][T25154]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2378.913832][T25154]  ? __traceiter_sys_enter+0x2a/0x40
[ 2378.918954][T25154]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2378.924854][T25154]  do_syscall_64+0x3d/0xb0
[ 2378.929107][T25154]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2378.934922][T25154] RIP: 0033:0x7f9d5f592da9
[ 2378.939179][T25154] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2378.958627][T25154] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2378.966868][T25154] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2378.974682][T25154] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2378.982492][T25154] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:31 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b5080000000000007b8af8ff00000000bfffffffb703000008000000b704000000000000850000008200000095000000000000000000000000a90668f7e0a2b53383e019a2863f4e00000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b5080000000000007b8af8ff00000000bfffffffb703000008000000b704000000000000850000008200000095000000000000000000000000a90668f7e0a2b53383e019a2863f4e00000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0) (async)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:31 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 52)

03:36:31 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2378.990296][T25154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2378.998112][T25154] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2379.005932][T25154]  </TASK>
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cc9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.059006][T25172] FAULT_INJECTION: forcing a failure.
[ 2379.059006][T25172] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2379.073330][T25172] CPU: 1 PID: 25172 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2379.083498][T25172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2379.093382][T25172] Call Trace:
[ 2379.096515][T25172]  <TASK>
[ 2379.099284][T25172]  dump_stack_lvl+0x151/0x1b7
[ 2379.103797][T25172]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cca, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ccb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ccc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.109269][T25172]  dump_stack+0x15/0x17
[ 2379.113255][T25172]  should_fail+0x3c6/0x510
[ 2379.117512][T25172]  should_fail_alloc_page+0x5a/0x80
[ 2379.122543][T25172]  prepare_alloc_pages+0x15c/0x700
[ 2379.127491][T25172]  ? __alloc_pages+0x8f0/0x8f0
[ 2379.132091][T25172]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2379.137126][T25172]  __alloc_pages+0x18c/0x8f0
[ 2379.141562][T25172]  ? prep_new_page+0x110/0x110
[ 2379.146153][T25172]  ? 0xffffffffa0002dbc
[ 2379.150142][T25172]  ? is_bpf_text_address+0x172/0x190
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ccd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cce, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ccf, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.155273][T25172]  pte_alloc_one+0x73/0x1b0
[ 2379.159726][T25172]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2379.164754][T25172]  ? arch_stack_walk+0xf3/0x140
[ 2379.169443][T25172]  __pte_alloc+0x86/0x350
[ 2379.173614][T25172]  ? free_pgtables+0x280/0x280
[ 2379.178205][T25172]  ? _raw_spin_lock+0xa4/0x1b0
[ 2379.182811][T25172]  ? __kasan_check_write+0x14/0x20
[ 2379.187755][T25172]  copy_page_range+0x28a8/0x2f90
[ 2379.192543][T25172]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2379.197400][T25172]  ? pfn_valid+0x1e0/0x1e0
[ 2379.201643][T25172]  ? vma_gap_callbacks_rotate+0x1b7/0x210
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.207201][T25172]  ? __rb_insert_augmented+0x5de/0x610
[ 2379.212502][T25172]  copy_mm+0xc7e/0x13e0
[ 2379.216494][T25172]  ? copy_signal+0x610/0x610
[ 2379.220908][T25172]  ? __init_rwsem+0xd6/0x1c0
[ 2379.225339][T25172]  ? copy_signal+0x4e3/0x610
[ 2379.229854][T25172]  copy_process+0x1149/0x3290
[ 2379.234369][T25172]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2379.239312][T25172]  ? copy_clone_args_from_user+0x744/0x830
[ 2379.244957][T25172]  kernel_clone+0x21e/0x9e0
[ 2379.249291][T25172]  ? __delayed_free_task+0x20/0x20
[ 2379.254241][T25172]  ? create_io_thread+0x1e0/0x1e0
[ 2379.259103][T25172]  __x64_sys_clone3+0x376/0x3a0
[ 2379.263787][T25172]  ? __ia32_sys_clone+0x290/0x290
[ 2379.268655][T25172]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2379.273767][T25172]  ? __traceiter_sys_enter+0x2a/0x40
[ 2379.278896][T25172]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2379.284802][T25172]  do_syscall_64+0x3d/0xb0
[ 2379.289044][T25172]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2379.294772][T25172] RIP: 0033:0x7f9d5f592da9
[ 2379.299023][T25172] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2379.318468][T25172] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2379.326712][T25172] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2379.334521][T25172] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2379.342333][T25172] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2379.350146][T25172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 53)

03:36:32 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.357952][T25172] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2379.365772][T25172]  </TASK>
03:36:32 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:32 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
dup(r1) (async)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
dup2(r3, r3) (async)
r4 = dup2(r3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001ac0)={r5, 0x0, 0xed, 0xa4, &(0x7f00000007c0)="67644073dbd99c313722a1e48467188ad62a6d595b0c8590f45774d7a9e2376b3b30157a38e7cdf7a22568053b6b76813bfe66943a82f7ddadfc3259acf764beb894f943c736474ea5bccd306f033b1808e58a0412b71d0965bdae611d3f74c6ba077be03aa6e06e73d20475cf31389fa5eeb4d9e499ae801cfe6e10471bfb86a374ad4318a387eb46ef8d67aa526dd3358ab9ffdc0d840167c747330da5e005ebe7b616c991dd4b888656574c6b9d855be98837987ca7458882753037f83c17bc2ee3f0a9435bb3d10a9af411e4b97b2c3a7c082759585c86daac2ff1a5516f5f2550a6e691abbe234ca2aa4e", &(0x7f0000000900)=""/164, 0x6, 0x0, 0xc6, 0x1000, &(0x7f00000009c0)="2fcbba28117f354ca332d60758aaa81250bbaf9da5508914c672b5af57eb73adb5d7bc0ee15929540b87343f7bebba7ca4d232a7088e95d7eb47acc6fb4276cec8540612711a23a91b77d2dfb954b803fb8579506ca91e41d94f5fa93fdfaea560501d07f6ce875b809f16f376201b8d726c1624b13ea6174ba3508d14e96c6b7b3fa1ba0ee4ca14e3d11b77d870444ee0aad527f789f8784556c17c56abccd9b8a57665573901085e553c80837006475e8b52480d5a2b25ac2f6742fca69d805e1f7534807b", &(0x7f0000000ac0)="a53d1b9e538633a6ad5321b0867516636451286fc4ed6e459a95712ad9abd4da1fb4f0ead098a8dfcdc120154b3da2b0039de117b1a24a1d560e0affc532c328064f332329bd60b6e0d2a1be1a8cde5c65dc03bcd0909d0cf46a7adaaa95aee7dd001bfb7012fa496675aee48dfef86910bc1ab7205b5d8f891181aa1fe35c863b37c49e05c8de4eec01ba865384bde308781cb6275e7386868589e379800ca83d8fd285187be0dc83f1018b5ee61131aa0c704f83a6ab82c9e1edcd947611527cb8cac5fcb6630ea1a7a6f6795a4b4fe137b0b15b6722fcdddd2ed3efeeb630d94f05448cf21a7f7573a6d55a751a1043e040933a8d0fac1c3ab4654ccef2dfb4aa477da3860cf33123eb04b2b4b5f1755a170038020650a51c6469cb81fcb9d7129441124bd9b43428fd1b7c477e0a64d8b4cdf8549a10a615f42dbb2c428e97b9b4aaa88fedd2a4ad65576a63b81e118e86cca0d002e8385503d9b656a39b8b49cdacff2b446e168e5e8cbf6310db2259084254c86e812412a49f8ade6d578e60630148cb1980db2bbccf85d5880db3d88f4491ccf8a909151339bba027efba0fd1c65e39ae2f35242bd96c8d477e5dede7bef9c531b79991d35bb5b2f29966ea875b09ff4a7eb471ea7c636b6159ff43b30d3bca7eb814b319c1192376c322c1f005695f63a7752d4ad7f230c70690828fe4f232536a9c7c6a745cb6f5b927375761aec8007cc340ebf20c641a952f41bf30e90f024b95eb31cfcfc697870dec33884486e2b126cd13ed6143c7527b53693f0dec037f2a9a7f371d84a5d446e45b24d340b32562ef234e58e0d872f5dab65a4728ed0c47d82de16db6ea5e5c2c2cda52d477b03c5906894eccba08ecb3b8919a6e70df0487b83837933d2f901244d9dbfda73c424428efdd2d8f71f56f7815a392e9708ee62b810148fe8e5ce7fbb802f182d87caad32ec69afd8dcbbdcba157fc45a39ab0ffd56e1b75247e78e957d0f30f972c47766059ad1b025680a1a7b6668fd38f351b0960bff29c90c3e1b9d519196bbacf396c45d7067e3c3f771863dde5e92dff11c358ffd805956308a760d20fd65c9e08c85a6ee79fc69786da07594ac95eb10e7f681eb7964dfa06bbe64d1da3f23be1ab2a1b1579bfbd9d8ff06682c08e55a003db1874a1a28097f632286b78f2d16fdaac3895e9b4867796b2e3edcf5f1755701d4abf8d1d3d575ae0541b1e3032dddf9523a85fb9742c65dc59251ccda0c3d10b4a85921a81f5cbdc7422a50701a33580b69ea20744df3d2e750e4e513771e41c20bb272aa91920a491658d1df43d95e5ba67101ce2b39c8805dabb2e7f848985693588d6986acbcc9c6a5c31f83cbe397ff7977e87bb3e203f7434aad1e7003fc604aa62b981e973d0e66bfe4c05a1dfe8cca57420087386cdc32280cd09f50c6dc7c08d0d06d651120c1b0e58d87d519f7d36f27c21016d928aa86730f9bd7b4d074e8a4df290da51d8ff3a482d71ebc977b6d901074185640532570cfdfbcea0df383aafc207ee530ef8eed82d9333a31e042431658a28859307f55d46cb90a2f2bc210ce8265eb260b0104b0961d437dfefcedc6d4069e39fb00a6201aca62daab54cecfd71ebbf0a4be9e18e2415d29d01e684c103b7e0f34d3f8739c1ba258ae4866369b27de19b703e7585cac4f493b101e1036149919eac664ad6ab4ccf18c33c49bc0670ffb517143408d2553f72213c8f2a05393d7b6fe4ea31745277ae87a9c260973bc77cb679d3c0c52dcf37fa19dbce247c5c40755129cd07e9dd76288c70d80a6408a63fcd53fccf8f0afa927e58af5dd297b5a7cc0d2e4799c6c4fcafdcd4f2f47d2ab7f0de90536b974f5dce2bf4a8f66925683556518d30dd66087abbbbdd5b9fcfbf01917842d2d51e1b77b2c825e4d33d3cf7ff9c85920ba8b3682cd9c55d375cf0a5fd26a13a7842b853a7e6ef7fa87cbe611ecb72808bce2de9d498538d868791eceb0d2bc7bba66973ea7bedd86e7f98a08ae46a3c89733f817e7af42b2359e61fae61e5f9500f3f6bfef91c966bb1fb8893e5a3158482b0ee593ce4b565b0cedf432a6bcef42fd13869ae995f951c82b8d805131ddbd18da3315a06795ce283718820b12af019b6cb89008e0d4916ceedebb7dce5e9f662a333fc73b6e2e95d6a8fbfb3c151ed930b400c610f3fc3d4be51dc8139c492d12be8247cfa3df4e6a009cb67c6905d42846a1af43268b1d488d8dfd01a7041b2174f156779ddd424b43af73076fd82da29822e41ab1ec14f8d0b8785b09996ab297d891938f1ef4c94d07ded2510419b30892d4657e7e0c3209fbba1ee42c6cc054637c04158a8b6078f8fb73cf842a82ff0161eb893b9de9eeae7dccca6f4e11935f26a41e6676e71cd1e170d5b8e9871e608a27abf2a4f44657af188eb0c304b532457cef61bc14791f5badaf473508c5c9aa5c75516ba30e1efd09878aa7bbe35db9a5869e0066346fd1ae6bbdcb811643412e76da9220aaa49dad7b4d4a01a353c7d70a8ba544373b57cd1789bf844a7954505548e4fa8403a0b82da142adcc8467c61c556d809c72431c1abe6ce6055ed5eb975add9d1d17d1ede75170705e50156bcae1e2ba8499d0c9f526a5b8de67492c4b953264e8141e10eed260f4a018d934a515e8fa38ada168faa2c1504d8db5cb1ed98bb59c21717b4ea0cf077057c21c4819fd1a2b1f327383da094f7faef2e2a67c0dd0d591dbf94a200bc63eacd72bd8853ba70172cbab2eac26c93e15bd63d7f225e6d0d53b023b50ef7c44aac65dad6afd04d6a06b469caa360d83143a4004bb57ddf13037546a8225c2525af272c4ee703a63e0db78c3fe21d663a22b308d802809048b03aa459fb5d368b5860354153c8d16b90422ae6f43f9e1351d2e822a442e82816ca0053288951818c4babb5236e92d3ac0800b1ac4c948b61a5117e480eb00edb410d93388900bb5c67ba9cf81e61f183a80ef72be39005730ea0d27c0c165f2683f695b50e8f89592a74ad17bdb60d340332fb80314f56639cd20d261de07f0b13da227c58fe2954d599a6d439c4252adea7122c915b91f9ae89765627a981810d977aefb7e40d62680cff8b7417048a93bc177c2a3f922c78917fd8e1c5f79ddc544996ebe91cfb93c82ccbb72eebfb79c065513f80f291044dbb99cf6f090cf4f63096a9a70ff285fca802bc0c6eca406e8850524d3c4368bbe52d85ed8d1bd95e8120fb5358a4639a6f46734eae5fbe9533f26c443e2ed21f5f91972e4c5d182e37173f93c36b20c904e3ebd4dee3f1bf73a4b5e5eb2654a0c270534f82a34581ab2d6a816f25ba0ef184ac55ae29c1fce94b4aed34cd44d464bf03c8aacc5a5ce3974518cc83e4b75a27c080cbdcf8fc918efab524cf5e7f03fcbffdf119b7dd47255df995d3c46229e62fe405b1cdbfc0f1ddaeec870e4b477fa50a41430853bf1932765de8b65da8a1fe71468e206001d57c9d599f26225f25daf659e69880e326c72bcc2576caef0e7b6ba00d2c87815e9bc4c578ad8161e8247a4602b063cd56c844fd135586ec8c3c816230453196c58ea3963e1cecbd860f15292e5fe26f45b43d1bae00f00ea09e9c1a48cdc321edb4ddaf2fe2e2bdceb481a15f8274a42ab6b6f1a409a9ce2fde023401c7e2d198ef71d6686c6b7f81c3fed854299ae2d0c9da951353a387c517925c3a308463c893a5a4232e92107215f406e8ce1bf84781d546950286272c906f58edf741512236596a9f6c075b9d10e99696dc4c251be07b42707b14a2718f92a9fa1a698994b9e85b3be442aa38963ebf46be60f749f1980b5341aa4365e0978ee952007ea3aa37e96b8888dab5b75e97c984b616106406f78413d3391cdce72b5c19930014761e8e69f884f00ceffa77b4e84f04d95cc5189a1253559aac4aa424aac2905eb15a3eab9dccdc1436bd0270c7bf214ea99b06fe4a1b78319e14a0bdeb765e9984466994407fc8ef669639f79c175a0cd6d0d843f70fad74fd9f7c1b20e7c5e3aba847f5f1c5439e9fe70e29f8f8797a3ffe635c65156d3b8e32c918c2b2eb341d061efdcf39d00cb2a5ae3599b1a55f1ceb4a08bd9dd884c1c453c47d020d648cc00419b46217bf5bddcc701b2e5891b6fac58a6870ea4772eecc88554ff0da01cca296103d85f6c01236ee7bc596f416290d1549d6c6568d44678043a8ac413726655027a569472e8b63e8463598c4bc76bbce23e3b09a35833a90c5164510c689d6560316d0f91acd01e23960b95d0e0cf153cb226a1ff1f4ac4473a940e188484c26e559d2fba5ee8ead7769dcc2d40e43f409466ddb857c4b23d0c9949eec023a2c21aa415227f7fa383ece9d26c4516ce05e2f8e435b07a4667f1d75f6d19b4986c459f7d2ef43a22d7eed3e8e28a8bc9d7bde527f1f0117535b8fbd071ed53d8048229b7c51b86028fa31f79f7138b41eeeddd96fa9cded7cf9ba9e593ccc1a2ceb7a6c8c056223d639212cc41b7d640ec28391f5c18fde9453edc747028c6231f6e7f2ae464b42f523381fbab596e0f53998029c891c4c6673df8e2a99ba4c3ba75a49dc4a942c369b3bf02d177ebb68d74fd2fab687785b2a9858cf1d261527d57e81c083cb1917dcea32258b08f9516aa688608cc4c71b4cc3f573466a47d696755a005eb13b6ba46bf33179949c8ed129bfb39233d8e0aef60c86f9be7acb7de3fb253a1d46cfd9e6d9f9a4e3874e005ac71d3a525414cc3fe3144453ba64644f3c7e3ed2bb8cb583f7d1bbe9365cd919f4a31d93684cef0e4cefe967545a6958f3883c2172df127cdd66a224d4889bc1543991f1754c9f59ca7ce6daccf49eb7cd4005e2c4899354c7752a150f123c99ef692c827d43beff05d86c627356d3052131ddcfb9d68ccc67064666e8c847642380e00f6305a70e6c3dc0d394af2e0aa5b5413752e518183faa16e3c20ad980df0aa09e59aa38a9a07cee1c9770caee0f2ed783f7948a83290ec9e3b17e97c0c6f3af50546f67cdc533f22e9e0a8eef9d4872c2b343e0e3b70b9c537f91ac5dcce845c5327e1351ad2b58dfe5c3333b70ed3ef61c1f1647bbc8fdb58d9eae2d7d30a875ad0ce61ff79f827a398a65d154e1ea3b358e75859cf12036a78686ce6e2e72ea162f36f5657f1a07101cb5ac159992ab41dfb5ccd021fe2c5b5da0d7347805874542a8a71aca69dd50f532dc137b318c2ab31a3c808fcd52bb2b242dfa2847a94844a6084a9811739bd36c336bdeadceaffc31fc8d2d812900ee3525844032f522146549d386dc84e631ebe2e1753841375e369faedd7575f2838c08794e832eb44b9fb7717c763110ad84450ce46dc37492cb656dbbfa532a5af35ce4d1bdb5184b8151ca2b9b2c14a865896f0c3ef14677a787877bcad223d7a3918b2665bf2926236e0d50c5e98e27ecf639177c72fcceba037fc5a91348bc1306352774b65246b76e16d8ef13dc631c30ee01fcc18c89f7184483a87ccca431ed31e0a6b25781516af9e35b680c3dfce1cfccdfad56bb9a2927de14b695e245755fa7cd6a8befd6c253cadf79f8d9409bfc6e964c571e2982a0bfaef02b5150f9f94dce85a0f6f2fe50c5e388b71f7a60ab39fa0236fec79dda058248d074ed60d78872151a9f0a7eec7794d5836a4728aec162a4d4359043b076aab00c81f23f1c7267ae8dd6b8001b94b8426a913a5a487e3147b7479f672c9b9186444c4674ae3867eb073391d13dda1e6daafe60148dc2a0778ca417e9581192", 0x2, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cd9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.405204][T25295] FAULT_INJECTION: forcing a failure.
[ 2379.405204][T25295] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2379.418914][T25295] CPU: 0 PID: 25295 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2379.429071][T25295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2379.438968][T25295] Call Trace:
[ 2379.442089][T25295]  <TASK>
[ 2379.444867][T25295]  dump_stack_lvl+0x151/0x1b7
[ 2379.449386][T25295]  ? io_uring_drop_tctx_refs+0x190/0x190
03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cda, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cdb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cdc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2379.454860][T25295]  dump_stack+0x15/0x17
[ 2379.458844][T25295]  should_fail+0x3c6/0x510
[ 2379.463096][T25295]  should_fail_alloc_page+0x5a/0x80
[ 2379.468127][T25295]  prepare_alloc_pages+0x15c/0x700
[ 2379.473075][T25295]  ? __alloc_pages+0x8f0/0x8f0
[ 2379.477675][T25295]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2379.482710][T25295]  __alloc_pages+0x18c/0x8f0
[ 2379.487136][T25295]  ? prep_new_page+0x110/0x110
[ 2379.491739][T25295]  ? 0xffffffffa0002dbc
[ 2379.495729][T25295]  ? is_bpf_text_address+0x172/0x190
[ 2379.500848][T25295]  pte_alloc_one+0x73/0x1b0
[ 2379.505189][T25295]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2379.510222][T25295]  ? arch_stack_walk+0xf3/0x140
[ 2379.514909][T25295]  __pte_alloc+0x86/0x350
[ 2379.519076][T25295]  ? free_pgtables+0x280/0x280
[ 2379.523669][T25295]  ? _raw_spin_lock+0xa4/0x1b0
[ 2379.528273][T25295]  ? __kasan_check_write+0x14/0x20
[ 2379.533224][T25295]  copy_page_range+0x28a8/0x2f90
[ 2379.537993][T25295]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2379.542858][T25295]  ? pfn_valid+0x1e0/0x1e0
[ 2379.547111][T25295]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2379.552662][T25295]  ? __rb_insert_augmented+0x5de/0x610
[ 2379.557962][T25295]  copy_mm+0xc7e/0x13e0
[ 2379.561952][T25295]  ? copy_signal+0x610/0x610
[ 2379.566372][T25295]  ? __init_rwsem+0xd6/0x1c0
[ 2379.570801][T25295]  ? copy_signal+0x4e3/0x610
[ 2379.575225][T25295]  copy_process+0x1149/0x3290
[ 2379.579748][T25295]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2379.584692][T25295]  ? copy_clone_args_from_user+0x744/0x830
[ 2379.590334][T25295]  kernel_clone+0x21e/0x9e0
[ 2379.594689][T25295]  ? __delayed_free_task+0x20/0x20
[ 2379.599623][T25295]  ? create_io_thread+0x1e0/0x1e0
[ 2379.604486][T25295]  __x64_sys_clone3+0x376/0x3a0
[ 2379.609176][T25295]  ? __ia32_sys_clone+0x290/0x290
[ 2379.614029][T25295]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2379.619148][T25295]  ? __traceiter_sys_enter+0x2a/0x40
[ 2379.624263][T25295]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2379.630170][T25295]  do_syscall_64+0x3d/0xb0
[ 2379.634419][T25295]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2379.640147][T25295] RIP: 0033:0x7f9d5f592da9
[ 2379.644401][T25295] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2379.663844][T25295] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2379.672088][T25295] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2379.679899][T25295] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2379.687711][T25295] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2379.695525][T25295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2379.703331][T25295] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2379.711151][T25295]  </TASK>
03:36:32 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b5080000000000007b8af8ff00000000bfffffffb703000008000000b704000000000000850000008200000095000000000000000000000000a90668f7e0a2b53383e019a2863f4e00000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cdd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async, rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 32)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001ac0)={r5, 0x0, 0xed, 0xa4, &(0x7f00000007c0)="67644073dbd99c313722a1e48467188ad62a6d595b0c8590f45774d7a9e2376b3b30157a38e7cdf7a22568053b6b76813bfe66943a82f7ddadfc3259acf764beb894f943c736474ea5bccd306f033b1808e58a0412b71d0965bdae611d3f74c6ba077be03aa6e06e73d20475cf31389fa5eeb4d9e499ae801cfe6e10471bfb86a374ad4318a387eb46ef8d67aa526dd3358ab9ffdc0d840167c747330da5e005ebe7b616c991dd4b888656574c6b9d855be98837987ca7458882753037f83c17bc2ee3f0a9435bb3d10a9af411e4b97b2c3a7c082759585c86daac2ff1a5516f5f2550a6e691abbe234ca2aa4e", &(0x7f0000000900)=""/164, 0x6, 0x0, 0xc6, 0x1000, &(0x7f00000009c0)="2fcbba28117f354ca332d60758aaa81250bbaf9da5508914c672b5af57eb73adb5d7bc0ee15929540b87343f7bebba7ca4d232a7088e95d7eb47acc6fb4276cec8540612711a23a91b77d2dfb954b803fb8579506ca91e41d94f5fa93fdfaea560501d07f6ce875b809f16f376201b8d726c1624b13ea6174ba3508d14e96c6b7b3fa1ba0ee4ca14e3d11b77d870444ee0aad527f789f8784556c17c56abccd9b8a57665573901085e553c80837006475e8b52480d5a2b25ac2f6742fca69d805e1f7534807b", &(0x7f0000000ac0)="a53d1b9e538633a6ad5321b0867516636451286fc4ed6e459a95712ad9abd4da1fb4f0ead098a8dfcdc120154b3da2b0039de117b1a24a1d560e0affc532c328064f332329bd60b6e0d2a1be1a8cde5c65dc03bcd0909d0cf46a7adaaa95aee7dd001bfb7012fa496675aee48dfef86910bc1ab7205b5d8f891181aa1fe35c863b37c49e05c8de4eec01ba865384bde308781cb6275e7386868589e379800ca83d8fd285187be0dc83f1018b5ee61131aa0c704f83a6ab82c9e1edcd947611527cb8cac5fcb6630ea1a7a6f6795a4b4fe137b0b15b6722fcdddd2ed3efeeb630d94f05448cf21a7f7573a6d55a751a1043e040933a8d0fac1c3ab4654ccef2dfb4aa477da3860cf33123eb04b2b4b5f1755a170038020650a51c6469cb81fcb9d7129441124bd9b43428fd1b7c477e0a64d8b4cdf8549a10a615f42dbb2c428e97b9b4aaa88fedd2a4ad65576a63b81e118e86cca0d002e8385503d9b656a39b8b49cdacff2b446e168e5e8cbf6310db2259084254c86e812412a49f8ade6d578e60630148cb1980db2bbccf85d5880db3d88f4491ccf8a909151339bba027efba0fd1c65e39ae2f35242bd96c8d477e5dede7bef9c531b79991d35bb5b2f29966ea875b09ff4a7eb471ea7c636b6159ff43b30d3bca7eb814b319c1192376c322c1f005695f63a7752d4ad7f230c70690828fe4f232536a9c7c6a745cb6f5b927375761aec8007cc340ebf20c641a952f41bf30e90f024b95eb31cfcfc697870dec33884486e2b126cd13ed6143c7527b53693f0dec037f2a9a7f371d84a5d446e45b24d340b32562ef234e58e0d872f5dab65a4728ed0c47d82de16db6ea5e5c2c2cda52d477b03c5906894eccba08ecb3b8919a6e70df0487b83837933d2f901244d9dbfda73c424428efdd2d8f71f56f7815a392e9708ee62b810148fe8e5ce7fbb802f182d87caad32ec69afd8dcbbdcba157fc45a39ab0ffd56e1b75247e78e957d0f30f972c47766059ad1b025680a1a7b6668fd38f351b0960bff29c90c3e1b9d519196bbacf396c45d7067e3c3f771863dde5e92dff11c358ffd805956308a760d20fd65c9e08c85a6ee79fc69786da07594ac95eb10e7f681eb7964dfa06bbe64d1da3f23be1ab2a1b1579bfbd9d8ff06682c08e55a003db1874a1a28097f632286b78f2d16fdaac3895e9b4867796b2e3edcf5f1755701d4abf8d1d3d575ae0541b1e3032dddf9523a85fb9742c65dc59251ccda0c3d10b4a85921a81f5cbdc7422a50701a33580b69ea20744df3d2e750e4e513771e41c20bb272aa91920a491658d1df43d95e5ba67101ce2b39c8805dabb2e7f848985693588d6986acbcc9c6a5c31f83cbe397ff7977e87bb3e203f7434aad1e7003fc604aa62b981e973d0e66bfe4c05a1dfe8cca57420087386cdc32280cd09f50c6dc7c08d0d06d651120c1b0e58d87d519f7d36f27c21016d928aa86730f9bd7b4d074e8a4df290da51d8ff3a482d71ebc977b6d901074185640532570cfdfbcea0df383aafc207ee530ef8eed82d9333a31e042431658a28859307f55d46cb90a2f2bc210ce8265eb260b0104b0961d437dfefcedc6d4069e39fb00a6201aca62daab54cecfd71ebbf0a4be9e18e2415d29d01e684c103b7e0f34d3f8739c1ba258ae4866369b27de19b703e7585cac4f493b101e1036149919eac664ad6ab4ccf18c33c49bc0670ffb517143408d2553f72213c8f2a05393d7b6fe4ea31745277ae87a9c260973bc77cb679d3c0c52dcf37fa19dbce247c5c40755129cd07e9dd76288c70d80a6408a63fcd53fccf8f0afa927e58af5dd297b5a7cc0d2e4799c6c4fcafdcd4f2f47d2ab7f0de90536b974f5dce2bf4a8f66925683556518d30dd66087abbbbdd5b9fcfbf01917842d2d51e1b77b2c825e4d33d3cf7ff9c85920ba8b3682cd9c55d375cf0a5fd26a13a7842b853a7e6ef7fa87cbe611ecb72808bce2de9d498538d868791eceb0d2bc7bba66973ea7bedd86e7f98a08ae46a3c89733f817e7af42b2359e61fae61e5f9500f3f6bfef91c966bb1fb8893e5a3158482b0ee593ce4b565b0cedf432a6bcef42fd13869ae995f951c82b8d805131ddbd18da3315a06795ce283718820b12af019b6cb89008e0d4916ceedebb7dce5e9f662a333fc73b6e2e95d6a8fbfb3c151ed930b400c610f3fc3d4be51dc8139c492d12be8247cfa3df4e6a009cb67c6905d42846a1af43268b1d488d8dfd01a7041b2174f156779ddd424b43af73076fd82da29822e41ab1ec14f8d0b8785b09996ab297d891938f1ef4c94d07ded2510419b30892d4657e7e0c3209fbba1ee42c6cc054637c04158a8b6078f8fb73cf842a82ff0161eb893b9de9eeae7dccca6f4e11935f26a41e6676e71cd1e170d5b8e9871e608a27abf2a4f44657af188eb0c304b532457cef61bc14791f5badaf473508c5c9aa5c75516ba30e1efd09878aa7bbe35db9a5869e0066346fd1ae6bbdcb811643412e76da9220aaa49dad7b4d4a01a353c7d70a8ba544373b57cd1789bf844a7954505548e4fa8403a0b82da142adcc8467c61c556d809c72431c1abe6ce6055ed5eb975add9d1d17d1ede75170705e50156bcae1e2ba8499d0c9f526a5b8de67492c4b953264e8141e10eed260f4a018d934a515e8fa38ada168faa2c1504d8db5cb1ed98bb59c21717b4ea0cf077057c21c4819fd1a2b1f327383da094f7faef2e2a67c0dd0d591dbf94a200bc63eacd72bd8853ba70172cbab2eac26c93e15bd63d7f225e6d0d53b023b50ef7c44aac65dad6afd04d6a06b469caa360d83143a4004bb57ddf13037546a8225c2525af272c4ee703a63e0db78c3fe21d663a22b308d802809048b03aa459fb5d368b5860354153c8d16b90422ae6f43f9e1351d2e822a442e82816ca0053288951818c4babb5236e92d3ac0800b1ac4c948b61a5117e480eb00edb410d93388900bb5c67ba9cf81e61f183a80ef72be39005730ea0d27c0c165f2683f695b50e8f89592a74ad17bdb60d340332fb80314f56639cd20d261de07f0b13da227c58fe2954d599a6d439c4252adea7122c915b91f9ae89765627a981810d977aefb7e40d62680cff8b7417048a93bc177c2a3f922c78917fd8e1c5f79ddc544996ebe91cfb93c82ccbb72eebfb79c065513f80f291044dbb99cf6f090cf4f63096a9a70ff285fca802bc0c6eca406e8850524d3c4368bbe52d85ed8d1bd95e8120fb5358a4639a6f46734eae5fbe9533f26c443e2ed21f5f91972e4c5d182e37173f93c36b20c904e3ebd4dee3f1bf73a4b5e5eb2654a0c270534f82a34581ab2d6a816f25ba0ef184ac55ae29c1fce94b4aed34cd44d464bf03c8aacc5a5ce3974518cc83e4b75a27c080cbdcf8fc918efab524cf5e7f03fcbffdf119b7dd47255df995d3c46229e62fe405b1cdbfc0f1ddaeec870e4b477fa50a41430853bf1932765de8b65da8a1fe71468e206001d57c9d599f26225f25daf659e69880e326c72bcc2576caef0e7b6ba00d2c87815e9bc4c578ad8161e8247a4602b063cd56c844fd135586ec8c3c816230453196c58ea3963e1cecbd860f15292e5fe26f45b43d1bae00f00ea09e9c1a48cdc321edb4ddaf2fe2e2bdceb481a15f8274a42ab6b6f1a409a9ce2fde023401c7e2d198ef71d6686c6b7f81c3fed854299ae2d0c9da951353a387c517925c3a308463c893a5a4232e92107215f406e8ce1bf84781d546950286272c906f58edf741512236596a9f6c075b9d10e99696dc4c251be07b42707b14a2718f92a9fa1a698994b9e85b3be442aa38963ebf46be60f749f1980b5341aa4365e0978ee952007ea3aa37e96b8888dab5b75e97c984b616106406f78413d3391cdce72b5c19930014761e8e69f884f00ceffa77b4e84f04d95cc5189a1253559aac4aa424aac2905eb15a3eab9dccdc1436bd0270c7bf214ea99b06fe4a1b78319e14a0bdeb765e9984466994407fc8ef669639f79c175a0cd6d0d843f70fad74fd9f7c1b20e7c5e3aba847f5f1c5439e9fe70e29f8f8797a3ffe635c65156d3b8e32c918c2b2eb341d061efdcf39d00cb2a5ae3599b1a55f1ceb4a08bd9dd884c1c453c47d020d648cc00419b46217bf5bddcc701b2e5891b6fac58a6870ea4772eecc88554ff0da01cca296103d85f6c01236ee7bc596f416290d1549d6c6568d44678043a8ac413726655027a569472e8b63e8463598c4bc76bbce23e3b09a35833a90c5164510c689d6560316d0f91acd01e23960b95d0e0cf153cb226a1ff1f4ac4473a940e188484c26e559d2fba5ee8ead7769dcc2d40e43f409466ddb857c4b23d0c9949eec023a2c21aa415227f7fa383ece9d26c4516ce05e2f8e435b07a4667f1d75f6d19b4986c459f7d2ef43a22d7eed3e8e28a8bc9d7bde527f1f0117535b8fbd071ed53d8048229b7c51b86028fa31f79f7138b41eeeddd96fa9cded7cf9ba9e593ccc1a2ceb7a6c8c056223d639212cc41b7d640ec28391f5c18fde9453edc747028c6231f6e7f2ae464b42f523381fbab596e0f53998029c891c4c6673df8e2a99ba4c3ba75a49dc4a942c369b3bf02d177ebb68d74fd2fab687785b2a9858cf1d261527d57e81c083cb1917dcea32258b08f9516aa688608cc4c71b4cc3f573466a47d696755a005eb13b6ba46bf33179949c8ed129bfb39233d8e0aef60c86f9be7acb7de3fb253a1d46cfd9e6d9f9a4e3874e005ac71d3a525414cc3fe3144453ba64644f3c7e3ed2bb8cb583f7d1bbe9365cd919f4a31d93684cef0e4cefe967545a6958f3883c2172df127cdd66a224d4889bc1543991f1754c9f59ca7ce6daccf49eb7cd4005e2c4899354c7752a150f123c99ef692c827d43beff05d86c627356d3052131ddcfb9d68ccc67064666e8c847642380e00f6305a70e6c3dc0d394af2e0aa5b5413752e518183faa16e3c20ad980df0aa09e59aa38a9a07cee1c9770caee0f2ed783f7948a83290ec9e3b17e97c0c6f3af50546f67cdc533f22e9e0a8eef9d4872c2b343e0e3b70b9c537f91ac5dcce845c5327e1351ad2b58dfe5c3333b70ed3ef61c1f1647bbc8fdb58d9eae2d7d30a875ad0ce61ff79f827a398a65d154e1ea3b358e75859cf12036a78686ce6e2e72ea162f36f5657f1a07101cb5ac159992ab41dfb5ccd021fe2c5b5da0d7347805874542a8a71aca69dd50f532dc137b318c2ab31a3c808fcd52bb2b242dfa2847a94844a6084a9811739bd36c336bdeadceaffc31fc8d2d812900ee3525844032f522146549d386dc84e631ebe2e1753841375e369faedd7575f2838c08794e832eb44b9fb7717c763110ad84450ce46dc37492cb656dbbfa532a5af35ce4d1bdb5184b8151ca2b9b2c14a865896f0c3ef14677a787877bcad223d7a3918b2665bf2926236e0d50c5e98e27ecf639177c72fcceba037fc5a91348bc1306352774b65246b76e16d8ef13dc631c30ee01fcc18c89f7184483a87ccca431ed31e0a6b25781516af9e35b680c3dfce1cfccdfad56bb9a2927de14b695e245755fa7cd6a8befd6c253cadf79f8d9409bfc6e964c571e2982a0bfaef02b5150f9f94dce85a0f6f2fe50c5e388b71f7a60ab39fa0236fec79dda058248d074ed60d78872151a9f0a7eec7794d5836a4728aec162a4d4359043b076aab00c81f23f1c7267ae8dd6b8001b94b8426a913a5a487e3147b7479f672c9b9186444c4674ae3867eb073391d13dda1e6daafe60148dc2a0778ca417e9581192", 0x2, 0x0, 0x8000}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:32 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:32 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 54)

03:36:32 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cde, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:32 executing program 2:
r0 = getpgrp(0x0)
ptrace$setregs(0xf, r0, 0x5, &(0x7f0000000000)="053c24a2c902f0e194a1de3dbe40a46f47905e6752b512aeb7935054763660d7acc965a8560dba10aeca369bccaf0cd0d2f786888ab8fdf691c825f8f5e2ef284a97274109706c4a11802856758a6a4cd31ce8394d091d693712814ed2")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x800, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

03:36:32 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:32 executing program 2:
r0 = getpgrp(0x0)
ptrace$setregs(0xf, r0, 0x5, &(0x7f0000000000)="053c24a2c902f0e194a1de3dbe40a46f47905e6752b512aeb7935054763660d7acc965a8560dba10aeca369bccaf0cd0d2f786888ab8fdf691c825f8f5e2ef284a97274109706c4a11802856758a6a4cd31ce8394d091d693712814ed2") (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x800, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0) (async)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0)

03:36:32 executing program 2:
r0 = getpgrp(0x0)
ptrace$setregs(0xf, r0, 0x5, &(0x7f0000000000)="053c24a2c902f0e194a1de3dbe40a46f47905e6752b512aeb7935054763660d7acc965a8560dba10aeca369bccaf0cd0d2f786888ab8fdf691c825f8f5e2ef284a97274109706c4a11802856758a6a4cd31ce8394d091d693712814ed2") (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x800, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

03:36:32 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

[ 2379.890809][T25489] FAULT_INJECTION: forcing a failure.
[ 2379.890809][T25489] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2379.905009][T25489] CPU: 0 PID: 25489 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2379.915167][T25489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2379.925062][T25489] Call Trace:
[ 2379.928185][T25489]  <TASK>
[ 2379.930963][T25489]  dump_stack_lvl+0x151/0x1b7
[ 2379.935482][T25489]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2379.940946][T25489]  ? kmem_cache_alloc+0x134/0x200
[ 2379.945806][T25489]  dump_stack+0x15/0x17
[ 2379.949797][T25489]  should_fail+0x3c6/0x510
[ 2379.954058][T25489]  should_fail_alloc_page+0x5a/0x80
[ 2379.959081][T25489]  prepare_alloc_pages+0x15c/0x700
[ 2379.964037][T25489]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2379.969070][T25489]  __alloc_pages+0x18c/0x8f0
[ 2379.973488][T25489]  ? prep_new_page+0x110/0x110
[ 2379.978086][T25489]  ? __alloc_pages+0x27e/0x8f0
[ 2379.982689][T25489]  ? __kasan_check_write+0x14/0x20
[ 2379.987640][T25489]  ? _raw_spin_lock+0xa4/0x1b0
[ 2379.992235][T25489]  __pmd_alloc+0xb1/0x550
[ 2379.996410][T25489]  ? __pud_alloc+0x260/0x260
[ 2380.000877][T25489]  ? __pud_alloc+0x213/0x260
[ 2380.005373][T25489]  ? do_handle_mm_fault+0x2330/0x2330
[ 2380.010571][T25489]  ? __stack_depot_save+0x34/0x470
[ 2380.015523][T25489]  ? anon_vma_clone+0x9a/0x500
[ 2380.020121][T25489]  copy_page_range+0x2b3d/0x2f90
[ 2380.024892][T25489]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2380.029756][T25489]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2380.034884][T25489]  ? copy_mm+0xa3a/0x13e0
[ 2380.039038][T25489]  ? copy_process+0x1149/0x3290
[ 2380.043725][T25489]  ? kernel_clone+0x21e/0x9e0
[ 2380.048240][T25489]  ? do_syscall_64+0x3d/0xb0
[ 2380.052664][T25489]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2380.058574][T25489]  ? pfn_valid+0x1e0/0x1e0
[ 2380.062819][T25489]  ? rwsem_write_trylock+0x15b/0x290
[ 2380.067940][T25489]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2380.074191][T25489]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2380.079743][T25489]  ? __rb_insert_augmented+0x5de/0x610
[ 2380.085045][T25489]  copy_mm+0xc7e/0x13e0
[ 2380.089039][T25489]  ? copy_signal+0x610/0x610
[ 2380.093472][T25489]  ? __init_rwsem+0xd6/0x1c0
[ 2380.097884][T25489]  ? copy_signal+0x4e3/0x610
[ 2380.102309][T25489]  copy_process+0x1149/0x3290
[ 2380.106827][T25489]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2380.111770][T25489]  ? copy_clone_args_from_user+0x744/0x830
[ 2380.117412][T25489]  kernel_clone+0x21e/0x9e0
[ 2380.121751][T25489]  ? __delayed_free_task+0x20/0x20
[ 2380.126700][T25489]  ? create_io_thread+0x1e0/0x1e0
[ 2380.131561][T25489]  __x64_sys_clone3+0x376/0x3a0
[ 2380.136247][T25489]  ? __ia32_sys_clone+0x290/0x290
[ 2380.141113][T25489]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2380.146227][T25489]  ? __traceiter_sys_enter+0x2a/0x40
[ 2380.151350][T25489]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2380.157249][T25489]  do_syscall_64+0x3d/0xb0
[ 2380.161502][T25489]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2380.167231][T25489] RIP: 0033:0x7f9d5f592da9
[ 2380.171485][T25489] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:33 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000453e010000202070250000bef97ac91d0000002020207b1af8ff0000800000ffff000000000248e77991ffffb702000001000000b789a136918b517f6c17a706becca5e403000000000000850000002d00000095000000c68eb8c400000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
dup(r11)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYRES16=r11], 0x18}}, 0x0)

03:36:33 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cdf, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 55)

[ 2380.190925][T25489] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2380.199171][T25489] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2380.206982][T25489] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2380.214795][T25489] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2380.222613][T25489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2380.230415][T25489] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2380.238233][T25489]  </TASK>
03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:33 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2380.277668][T25566] FAULT_INJECTION: forcing a failure.
[ 2380.277668][T25566] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2380.291423][T25566] CPU: 0 PID: 25566 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2380.301586][T25566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2380.311478][T25566] Call Trace:
[ 2380.314599][T25566]  <TASK>
[ 2380.317379][T25566]  dump_stack_lvl+0x151/0x1b7
[ 2380.321889][T25566]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2380.327359][T25566]  dump_stack+0x15/0x17
[ 2380.331351][T25566]  should_fail+0x3c6/0x510
[ 2380.335605][T25566]  should_fail_alloc_page+0x5a/0x80
[ 2380.340636][T25566]  prepare_alloc_pages+0x15c/0x700
[ 2380.345589][T25566]  ? __alloc_pages+0x8f0/0x8f0
[ 2380.350186][T25566]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2380.355217][T25566]  ? sched_clock+0x9/0x10
[ 2380.359474][T25566]  __alloc_pages+0x18c/0x8f0
[ 2380.363901][T25566]  ? prep_new_page+0x110/0x110
[ 2380.368501][T25566]  ? 0xffffffffa0002dbc
[ 2380.372488][T25566]  ? is_bpf_text_address+0x172/0x190
[ 2380.377611][T25566]  pte_alloc_one+0x73/0x1b0
[ 2380.381948][T25566]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2380.386982][T25566]  ? arch_stack_walk+0xf3/0x140
[ 2380.391675][T25566]  __pte_alloc+0x86/0x350
[ 2380.395835][T25566]  ? free_pgtables+0x280/0x280
[ 2380.400441][T25566]  ? _raw_spin_lock+0xa4/0x1b0
[ 2380.405035][T25566]  ? __kasan_check_write+0x14/0x20
[ 2380.409988][T25566]  copy_page_range+0x28a8/0x2f90
[ 2380.414758][T25566]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2380.419626][T25566]  ? pfn_valid+0x1e0/0x1e0
[ 2380.423871][T25566]  ? vma_interval_tree_augment_rotate+0x1a3/0x1d0
[ 2380.430128][T25566]  copy_mm+0xc7e/0x13e0
[ 2380.434115][T25566]  ? copy_signal+0x610/0x610
[ 2380.438539][T25566]  ? __init_rwsem+0xd6/0x1c0
[ 2380.442965][T25566]  ? copy_signal+0x4e3/0x610
[ 2380.447391][T25566]  copy_process+0x1149/0x3290
[ 2380.451910][T25566]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2380.456854][T25566]  ? copy_clone_args_from_user+0x744/0x830
[ 2380.462494][T25566]  kernel_clone+0x21e/0x9e0
[ 2380.466834][T25566]  ? __delayed_free_task+0x20/0x20
[ 2380.472476][T25566]  ? create_io_thread+0x1e0/0x1e0
[ 2380.477343][T25566]  __x64_sys_clone3+0x376/0x3a0
[ 2380.482022][T25566]  ? __ia32_sys_clone+0x290/0x290
[ 2380.486888][T25566]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2380.492006][T25566]  ? __traceiter_sys_enter+0x2a/0x40
[ 2380.497128][T25566]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2380.503028][T25566]  do_syscall_64+0x3d/0xb0
[ 2380.507280][T25566]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2380.513010][T25566] RIP: 0033:0x7f9d5f592da9
[ 2380.517261][T25566] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2380.536703][T25566] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2380.544948][T25566] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2380.552762][T25566] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2380.560571][T25566] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2380.568380][T25566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:33 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x1, 'rose0\x00', {}, 0x54b5})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$unix(0x1, 0x5, 0x0)
accept(r4, 0x0, 0x0)

03:36:33 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 56)

03:36:33 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2380.576193][T25566] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2380.584013][T25566]  </TASK>
03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:33 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x1, 'rose0\x00', {}, 0x54b5})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$unix(0x1, 0x5, 0x0)
accept(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x1, 'rose0\x00', {}, 0x54b5}) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
socket$unix(0x1, 0x5, 0x0) (async)
accept(r4, 0x0, 0x0) (async)

[ 2380.643261][T25593] FAULT_INJECTION: forcing a failure.
[ 2380.643261][T25593] name failslab, interval 1, probability 0, space 0, times 0
[ 2380.669393][T25593] CPU: 0 PID: 25593 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2380.679559][T25593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2380.689450][T25593] Call Trace:
[ 2380.692660][T25593]  <TASK>
[ 2380.695437][T25593]  dump_stack_lvl+0x151/0x1b7
[ 2380.699951][T25593]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2380.705419][T25593]  dump_stack+0x15/0x17
[ 2380.709412][T25593]  should_fail+0x3c6/0x510
[ 2380.713676][T25593]  __should_failslab+0xa4/0xe0
[ 2380.718264][T25593]  ? vm_area_dup+0x26/0x230
[ 2380.722603][T25593]  should_failslab+0x9/0x20
[ 2380.726942][T25593]  slab_pre_alloc_hook+0x37/0xd0
[ 2380.731717][T25593]  ? vm_area_dup+0x26/0x230
[ 2380.736057][T25593]  kmem_cache_alloc+0x44/0x200
[ 2380.740669][T25593]  vm_area_dup+0x26/0x230
[ 2380.744823][T25593]  copy_mm+0x9a1/0x13e0
[ 2380.748819][T25593]  ? copy_signal+0x610/0x610
[ 2380.753242][T25593]  ? __init_rwsem+0xd6/0x1c0
[ 2380.757669][T25593]  ? copy_signal+0x4e3/0x610
[ 2380.762096][T25593]  copy_process+0x1149/0x3290
[ 2380.766619][T25593]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2380.771566][T25593]  ? copy_clone_args_from_user+0x744/0x830
[ 2380.777201][T25593]  kernel_clone+0x21e/0x9e0
[ 2380.781540][T25593]  ? __delayed_free_task+0x20/0x20
[ 2380.786493][T25593]  ? create_io_thread+0x1e0/0x1e0
[ 2380.791348][T25593]  __x64_sys_clone3+0x376/0x3a0
[ 2380.796039][T25593]  ? __ia32_sys_clone+0x290/0x290
[ 2380.800896][T25593]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2380.806100][T25593]  ? __traceiter_sys_enter+0x2a/0x40
[ 2380.811223][T25593]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2380.817123][T25593]  do_syscall_64+0x3d/0xb0
[ 2380.821378][T25593]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2380.827104][T25593] RIP: 0033:0x7f9d5f592da9
[ 2380.831361][T25593] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2380.850799][T25593] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2380.859043][T25593] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2380.866855][T25593] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2380.874665][T25593] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2380.882478][T25593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:33 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000453e010000202070250000bef97ac91d0000002020207b1af8ff0000800000ffff000000000248e77991ffffb702000001000000b789a136918b517f6c17a706becca5e403000000000000850000002d00000095000000c68eb8c400000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000453e010000202070250000bef97ac91d0000002020207b1af8ff0000800000ffff000000000248e77991ffffb702000001000000b789a136918b517f6c17a706becca5e403000000000000850000002d00000095000000c68eb8c400000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
dup(r11)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYRES16=r11], 0x18}}, 0x0) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYRES16=r11], 0x18}}, 0x0)

03:36:33 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:33 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 57)

03:36:33 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x1, 'rose0\x00', {}, 0x54b5}) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$unix(0x1, 0x5, 0x0) (async)
accept(r4, 0x0, 0x0)

03:36:33 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2380.890289][T25593] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2380.898108][T25593]  </TASK>
[ 2380.932171][T25722] FAULT_INJECTION: forcing a failure.
[ 2380.932171][T25722] name failslab, interval 1, probability 0, space 0, times 0
[ 2380.945119][T25722] CPU: 1 PID: 25722 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2380.955269][T25722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2380.965167][T25722] Call Trace:
[ 2380.968284][T25722]  <TASK>
[ 2380.971064][T25722]  dump_stack_lvl+0x151/0x1b7
[ 2380.975577][T25722]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2380.981045][T25722]  dump_stack+0x15/0x17
[ 2380.985037][T25722]  should_fail+0x3c6/0x510
[ 2380.989287][T25722]  __should_failslab+0xa4/0xe0
[ 2380.993887][T25722]  ? vm_area_dup+0x26/0x230
[ 2380.998229][T25722]  should_failslab+0x9/0x20
[ 2381.002566][T25722]  slab_pre_alloc_hook+0x37/0xd0
[ 2381.007342][T25722]  ? vm_area_dup+0x26/0x230
[ 2381.011681][T25722]  kmem_cache_alloc+0x44/0x200
[ 2381.016282][T25722]  vm_area_dup+0x26/0x230
[ 2381.020446][T25722]  copy_mm+0x9a1/0x13e0
[ 2381.024445][T25722]  ? copy_signal+0x610/0x610
[ 2381.028864][T25722]  ? __init_rwsem+0xd6/0x1c0
[ 2381.033293][T25722]  ? copy_signal+0x4e3/0x610
[ 2381.037719][T25722]  copy_process+0x1149/0x3290
[ 2381.042238][T25722]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2381.047182][T25722]  ? copy_clone_args_from_user+0x744/0x830
[ 2381.052822][T25722]  kernel_clone+0x21e/0x9e0
[ 2381.057163][T25722]  ? __delayed_free_task+0x20/0x20
[ 2381.062108][T25722]  ? create_io_thread+0x1e0/0x1e0
[ 2381.066971][T25722]  __x64_sys_clone3+0x376/0x3a0
[ 2381.071654][T25722]  ? __ia32_sys_clone+0x290/0x290
[ 2381.076521][T25722]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2381.081635][T25722]  ? __traceiter_sys_enter+0x2a/0x40
[ 2381.086757][T25722]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2381.092658][T25722]  do_syscall_64+0x3d/0xb0
[ 2381.096911][T25722]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2381.102640][T25722] RIP: 0033:0x7f9d5f592da9
[ 2381.106895][T25722] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2381.126334][T25722] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2381.134578][T25722] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 58)

03:36:34 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000000))
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000453e010000202070250000bef97ac91d0000002020207b1af8ff0000800000ffff000000000248e77991ffffb702000001000000b789a136918b517f6c17a706becca5e403000000000000850000002d00000095000000c68eb8c400000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async, rerun: 64)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (rerun: 64)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
dup(r11) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYRES16=r11], 0x18}}, 0x0)

[ 2381.142390][T25722] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2381.150203][T25722] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2381.158015][T25722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2381.165826][T25722] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2381.173641][T25722]  </TASK>
03:36:34 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000000))
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000000)) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0) (async)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000002c0)={0x8})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2381.227856][T25836] FAULT_INJECTION: forcing a failure.
[ 2381.227856][T25836] name failslab, interval 1, probability 0, space 0, times 0
[ 2381.248519][T25836] CPU: 0 PID: 25836 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2381.258701][T25836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2381.268585][T25836] Call Trace:
[ 2381.271704][T25836]  <TASK>
[ 2381.274482][T25836]  dump_stack_lvl+0x151/0x1b7
[ 2381.279008][T25836]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2381.284470][T25836]  dump_stack+0x15/0x17
[ 2381.288461][T25836]  should_fail+0x3c6/0x510
[ 2381.292712][T25836]  __should_failslab+0xa4/0xe0
[ 2381.297308][T25836]  ? vm_area_dup+0x26/0x230
[ 2381.301647][T25836]  should_failslab+0x9/0x20
[ 2381.305987][T25836]  slab_pre_alloc_hook+0x37/0xd0
[ 2381.310763][T25836]  ? vm_area_dup+0x26/0x230
[ 2381.315102][T25836]  kmem_cache_alloc+0x44/0x200
[ 2381.319789][T25836]  vm_area_dup+0x26/0x230
[ 2381.323966][T25836]  copy_mm+0x9a1/0x13e0
[ 2381.327958][T25836]  ? copy_signal+0x610/0x610
[ 2381.332374][T25836]  ? __init_rwsem+0xd6/0x1c0
[ 2381.336803][T25836]  ? copy_signal+0x4e3/0x610
[ 2381.341229][T25836]  copy_process+0x1149/0x3290
[ 2381.345746][T25836]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2381.350690][T25836]  ? copy_clone_args_from_user+0x744/0x830
[ 2381.356331][T25836]  kernel_clone+0x21e/0x9e0
[ 2381.360667][T25836]  ? __delayed_free_task+0x20/0x20
[ 2381.365615][T25836]  ? create_io_thread+0x1e0/0x1e0
[ 2381.370477][T25836]  __x64_sys_clone3+0x376/0x3a0
[ 2381.375162][T25836]  ? __ia32_sys_clone+0x290/0x290
[ 2381.380029][T25836]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2381.385143][T25836]  ? __traceiter_sys_enter+0x2a/0x40
[ 2381.390265][T25836]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2381.396167][T25836]  do_syscall_64+0x3d/0xb0
[ 2381.400421][T25836]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2381.406146][T25836] RIP: 0033:0x7f9d5f592da9
[ 2381.410403][T25836] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2381.429843][T25836] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2381.438173][T25836] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2381.445984][T25836] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2381.453798][T25836] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2381.461608][T25836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2381.469421][T25836] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 59)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0) (async)
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000000))
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0)

[ 2381.477236][T25836]  </TASK>
03:36:34 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x2}, 0x48)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x2f, 0x5, &(0x7f0000000700)=@raw=[@jmp={0x5, 0x0, 0xc, 0xb, 0x3, 0x1, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0x6, 0xb, 0x7, 0x4, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x2, 0x2, 0x3, 0x10, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x20}, @jmp={0x5, 0x0, 0x7, 0xb, 0x0, 0xc, 0xfffffffffffffff0}], &(0x7f00000007c0)='GPL\x00', 0x7ff, 0x8b, &(0x7f0000000800)=""/139, 0x41100, 0x20, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000c00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2], &(0x7f0000000c40)=[{0x4, 0x2, 0x0, 0xc}, {0x0, 0x2, 0x8, 0x7}, {0x2, 0x1, 0x5, 0x1}], 0x10, 0x4}, 0x90)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = dup(r3)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = dup2(r5, r5)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r6, 0x5, 0x2}, 0x48)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r9, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r10=>0x0})
sendto$inet(r9, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r9, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r9, &(0x7f0000000740)=ANY=[@ANYRESHEX=r6, @ANYRES16=0x0, @ANYRES8=r11, @ANYRES16=r6], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r6, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r12=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r8, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r10, 0x2c, r7, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r12, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r13 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r4, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r12, r13, 0x6, &(0x7f0000000540)=[r4, r4, r4, r4], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="02a0cbb40000000000000000000100000300b0ffffb0cc3e447b1b33f6bea7fe2b65caa0be64227b2cd1b5831b011cafd5c2389b46bd92bb5e03038795bca1eb2b0abfa924a4c5ab479d7382336a3338e91cffc563161af8043bfa97a77dad3f9ad2411e4f1fe9c5ef1cdaaa5d532d0e9dfce86345c4ecce4ed3e7fd1494b1791a0d5c"], 0x18}}, 0x0)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r2, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket(0x200000100000011, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="01000000010015001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendto$packet(r4, &(0x7f0000000500)="baf038d394f2ae2046c970c133b9", 0x36, 0x0, &(0x7f0000000440)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @random="eb44b6891853"}, 0x14)
sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@ipv6_deladdrlabel={0x6c, 0x49, 0x300, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x8, 0x0, r7, 0x7}, [@IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @private2}, @IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x44}, 0x10000000)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r9, 0x0)
connect$unix(r8, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r9, 0x0, 0x0)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ce9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2381.541567][T25971] FAULT_INJECTION: forcing a failure.
[ 2381.541567][T25971] name failslab, interval 1, probability 0, space 0, times 0
[ 2381.565029][T25971] CPU: 1 PID: 25971 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2381.575193][T25971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2381.585097][T25971] Call Trace:
[ 2381.588201][T25971]  <TASK>
[ 2381.590992][T25971]  dump_stack_lvl+0x151/0x1b7
[ 2381.595491][T25971]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2381.600971][T25971]  dump_stack+0x15/0x17
[ 2381.604948][T25971]  should_fail+0x3c6/0x510
[ 2381.609203][T25971]  __should_failslab+0xa4/0xe0
[ 2381.613800][T25971]  ? vm_area_dup+0x26/0x230
[ 2381.618138][T25971]  should_failslab+0x9/0x20
[ 2381.622479][T25971]  slab_pre_alloc_hook+0x37/0xd0
[ 2381.627257][T25971]  ? vm_area_dup+0x26/0x230
[ 2381.631592][T25971]  kmem_cache_alloc+0x44/0x200
[ 2381.636195][T25971]  vm_area_dup+0x26/0x230
[ 2381.640361][T25971]  copy_mm+0x9a1/0x13e0
[ 2381.644362][T25971]  ? copy_signal+0x610/0x610
[ 2381.648779][T25971]  ? __init_rwsem+0xd6/0x1c0
[ 2381.653206][T25971]  ? copy_signal+0x4e3/0x610
[ 2381.657631][T25971]  copy_process+0x1149/0x3290
[ 2381.662150][T25971]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2381.667098][T25971]  ? copy_clone_args_from_user+0x744/0x830
[ 2381.672734][T25971]  kernel_clone+0x21e/0x9e0
[ 2381.677074][T25971]  ? __delayed_free_task+0x20/0x20
[ 2381.682024][T25971]  ? create_io_thread+0x1e0/0x1e0
[ 2381.686977][T25971]  __x64_sys_clone3+0x376/0x3a0
[ 2381.691656][T25971]  ? __ia32_sys_clone+0x290/0x290
[ 2381.696519][T25971]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2381.701635][T25971]  ? __traceiter_sys_enter+0x2a/0x40
[ 2381.706758][T25971]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2381.712660][T25971]  do_syscall_64+0x3d/0xb0
[ 2381.716913][T25971]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2381.722726][T25971] RIP: 0033:0x7f9d5f592da9
[ 2381.726980][T25971] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2381.746421][T25971] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2381.754668][T25971] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2381.762476][T25971] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2381.770300][T25971] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2381.778101][T25971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cea, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r2, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r1, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ceb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r1, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r2, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket(0x200000100000011, 0x3, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) (async)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="01000000010015001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendto$packet(r4, &(0x7f0000000500)="baf038d394f2ae2046c970c133b9", 0x36, 0x0, &(0x7f0000000440)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @random="eb44b6891853"}, 0x14) (async)
sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@ipv6_deladdrlabel={0x6c, 0x49, 0x300, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x8, 0x0, r7, 0x7}, [@IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @private2}, @IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x44}, 0x10000000) (async)
r8 = socket$unix(0x1, 0x1, 0x0) (async)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r9, 0x0) (async)
connect$unix(r8, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r9, 0x0, 0x0)

03:36:34 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 60)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cec, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1700000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r1, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2381.785918][T25971] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2381.793739][T25971]  </TASK>
[ 2381.812639][T25979] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
03:36:34 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x3, 0x0, 0x0, 0x8000, 0xe0, 0x1, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7ced, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cee, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2381.861966][T26001] FAULT_INJECTION: forcing a failure.
[ 2381.861966][T26001] name failslab, interval 1, probability 0, space 0, times 0
[ 2381.879194][T26001] CPU: 1 PID: 26001 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2381.889355][T26001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2381.899261][T26001] Call Trace:
[ 2381.902377][T26001]  <TASK>
[ 2381.905152][T26001]  dump_stack_lvl+0x151/0x1b7
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cef, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2381.909669][T26001]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2381.915139][T26001]  dump_stack+0x15/0x17
[ 2381.919128][T26001]  should_fail+0x3c6/0x510
[ 2381.923380][T26001]  __should_failslab+0xa4/0xe0
[ 2381.927983][T26001]  ? vm_area_dup+0x26/0x230
[ 2381.932317][T26001]  should_failslab+0x9/0x20
[ 2381.936660][T26001]  slab_pre_alloc_hook+0x37/0xd0
[ 2381.941434][T26001]  ? vm_area_dup+0x26/0x230
[ 2381.945771][T26001]  kmem_cache_alloc+0x44/0x200
[ 2381.950374][T26001]  vm_area_dup+0x26/0x230
[ 2381.954543][T26001]  copy_mm+0x9a1/0x13e0
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2381.958535][T26001]  ? copy_signal+0x610/0x610
[ 2381.962959][T26001]  ? __init_rwsem+0xd6/0x1c0
[ 2381.967386][T26001]  ? copy_signal+0x4e3/0x610
[ 2381.971811][T26001]  copy_process+0x1149/0x3290
[ 2381.976340][T26001]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2381.981274][T26001]  ? copy_clone_args_from_user+0x744/0x830
[ 2381.986915][T26001]  kernel_clone+0x21e/0x9e0
[ 2381.991262][T26001]  ? __delayed_free_task+0x20/0x20
[ 2381.996199][T26001]  ? create_io_thread+0x1e0/0x1e0
[ 2382.001066][T26001]  __x64_sys_clone3+0x376/0x3a0
[ 2382.005747][T26001]  ? __ia32_sys_clone+0x290/0x290
[ 2382.010611][T26001]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2382.015730][T26001]  ? __traceiter_sys_enter+0x2a/0x40
[ 2382.020849][T26001]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2382.026754][T26001]  do_syscall_64+0x3d/0xb0
[ 2382.031009][T26001]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2382.036730][T26001] RIP: 0033:0x7f9d5f592da9
[ 2382.040982][T26001] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:34 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cf9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cfa, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cfb, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:35 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x2}, 0x48) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0) (async)
fcntl$setlease(r2, 0x400, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x2f, 0x5, &(0x7f0000000700)=@raw=[@jmp={0x5, 0x0, 0xc, 0xb, 0x3, 0x1, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0x6, 0xb, 0x7, 0x4, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x2, 0x2, 0x3, 0x10, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x20}, @jmp={0x5, 0x0, 0x7, 0xb, 0x0, 0xc, 0xfffffffffffffff0}], &(0x7f00000007c0)='GPL\x00', 0x7ff, 0x8b, &(0x7f0000000800)=""/139, 0x41100, 0x20, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000c00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2], &(0x7f0000000c40)=[{0x4, 0x2, 0x0, 0xc}, {0x0, 0x2, 0x8, 0x7}, {0x2, 0x1, 0x5, 0x1}], 0x10, 0x4}, 0x90) (async)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = dup(r3) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = dup2(r5, r5)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r6, 0x5, 0x2}, 0x48)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r9, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r10=>0x0}) (async)
sendto$inet(r9, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 64)
recvmsg(r9, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 64)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r9, &(0x7f0000000740)=ANY=[@ANYRESHEX=r6, @ANYRES16=0x0, @ANYRES8=r11, @ANYRES16=r6], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r6, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r12=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r8, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r10, 0x2c, r7, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r12, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r13 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r4, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r12, r13, 0x6, &(0x7f0000000540)=[r4, r4, r4, r4], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="02a0cbb40000000000000000000100000300b0ffffb0cc3e447b1b33f6bea7fe2b65caa0be64227b2cd1b5831b011cafd5c2389b46bd92bb5e03038795bca1eb2b0abfa924a4c5ab479d7382336a3338e91cffc563161af8043bfa97a77dad3f9ad2411e4f1fe9c5ef1cdaaa5d532d0e9dfce86345c4ecce4ed3e7fd1494b1791a0d5c"], 0x18}}, 0x0)

03:36:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 61)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2382.060431][T26001] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2382.068672][T26001] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2382.076484][T26001] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2382.084295][T26001] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2382.092629][T26001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2382.100438][T26001] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2382.108263][T26001]  </TASK>
03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cfc, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cfd, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x2}, 0x48) (async, rerun: 64)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0) (async, rerun: 32)
fcntl$setlease(r2, 0x400, 0x0) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x2f, 0x5, &(0x7f0000000700)=@raw=[@jmp={0x5, 0x0, 0xc, 0xb, 0x3, 0x1, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0x6, 0xb, 0x7, 0x4, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x2, 0x2, 0x3, 0x10, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x20}, @jmp={0x5, 0x0, 0x7, 0xb, 0x0, 0xc, 0xfffffffffffffff0}], &(0x7f00000007c0)='GPL\x00', 0x7ff, 0x8b, &(0x7f0000000800)=""/139, 0x41100, 0x20, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000c00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2], &(0x7f0000000c40)=[{0x4, 0x2, 0x0, 0xc}, {0x0, 0x2, 0x8, 0x7}, {0x2, 0x1, 0x5, 0x1}], 0x10, 0x4}, 0x90)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = dup(r3)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = dup2(r5, r5)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (rerun: 64)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r6, 0x5, 0x2}, 0x48) (async, rerun: 64)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 64)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r9, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r10=>0x0}) (async)
sendto$inet(r9, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r9, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r9, &(0x7f0000000740)=ANY=[@ANYRESHEX=r6, @ANYRES16=0x0, @ANYRES8=r11, @ANYRES16=r6], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r6, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r12=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r8, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r10, 0x2c, r7, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r12, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async, rerun: 64)
r13 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r4, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r12, r13, 0x6, &(0x7f0000000540)=[r4, r4, r4, r4], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="02a0cbb40000000000000000000100000300b0ffffb0cc3e447b1b33f6bea7fe2b65caa0be64227b2cd1b5831b011cafd5c2389b46bd92bb5e03038795bca1eb2b0abfa924a4c5ab479d7382336a3338e91cffc563161af8043bfa97a77dad3f9ad2411e4f1fe9c5ef1cdaaa5d532d0e9dfce86345c4ecce4ed3e7fd1494b1791a0d5c"], 0x18}}, 0x0)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cfe, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2382.161911][T26213] FAULT_INJECTION: forcing a failure.
[ 2382.161911][T26213] name failslab, interval 1, probability 0, space 0, times 0
[ 2382.179735][T26213] CPU: 1 PID: 26213 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2382.189895][T26213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2382.199794][T26213] Call Trace:
[ 2382.202925][T26213]  <TASK>
[ 2382.205694][T26213]  dump_stack_lvl+0x151/0x1b7
03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7cff, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d00, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d01, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2382.210210][T26213]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2382.215677][T26213]  dump_stack+0x15/0x17
[ 2382.219666][T26213]  should_fail+0x3c6/0x510
[ 2382.223927][T26213]  __should_failslab+0xa4/0xe0
[ 2382.228517][T26213]  ? vm_area_dup+0x26/0x230
[ 2382.232858][T26213]  should_failslab+0x9/0x20
[ 2382.237198][T26213]  slab_pre_alloc_hook+0x37/0xd0
[ 2382.241973][T26213]  ? vm_area_dup+0x26/0x230
[ 2382.246316][T26213]  kmem_cache_alloc+0x44/0x200
[ 2382.250915][T26213]  vm_area_dup+0x26/0x230
[ 2382.255089][T26213]  copy_mm+0x9a1/0x13e0
[ 2382.259090][T26213]  ? copy_signal+0x610/0x610
[ 2382.263500][T26213]  ? __init_rwsem+0xd6/0x1c0
[ 2382.268010][T26213]  ? copy_signal+0x4e3/0x610
[ 2382.272441][T26213]  copy_process+0x1149/0x3290
[ 2382.276958][T26213]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2382.281895][T26213]  ? copy_clone_args_from_user+0x744/0x830
[ 2382.287542][T26213]  kernel_clone+0x21e/0x9e0
[ 2382.291879][T26213]  ? __delayed_free_task+0x20/0x20
[ 2382.296830][T26213]  ? create_io_thread+0x1e0/0x1e0
[ 2382.301693][T26213]  __x64_sys_clone3+0x376/0x3a0
[ 2382.306367][T26213]  ? __ia32_sys_clone+0x290/0x290
[ 2382.311235][T26213]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2382.316349][T26213]  ? __traceiter_sys_enter+0x2a/0x40
[ 2382.321470][T26213]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2382.327377][T26213]  do_syscall_64+0x3d/0xb0
[ 2382.331626][T26213]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2382.337353][T26213] RIP: 0033:0x7f9d5f592da9
[ 2382.341607][T26213] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2382.361047][T26213] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2382.369294][T26213] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2382.377105][T26213] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2382.384916][T26213] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2382.392727][T26213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2382.400540][T26213] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2382.408358][T26213]  </TASK>
03:36:35 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket(0x200000000000011, 0x2, 0x0) (async)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r2, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket(0x200000100000011, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="01000000010015001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendto$packet(r4, &(0x7f0000000500)="baf038d394f2ae2046c970c133b9", 0x36, 0x0, &(0x7f0000000440)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @random="eb44b6891853"}, 0x14) (async)
sendto$packet(r4, &(0x7f0000000500)="baf038d394f2ae2046c970c133b9", 0x36, 0x0, &(0x7f0000000440)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @random="eb44b6891853"}, 0x14)
sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@ipv6_deladdrlabel={0x6c, 0x49, 0x300, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x8, 0x0, r7, 0x7}, [@IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @private2}, @IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x44}, 0x10000000) (async)
sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@ipv6_deladdrlabel={0x6c, 0x49, 0x300, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x8, 0x0, r7, 0x7}, [@IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @private2}, @IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x44}, 0x10000000)
socket$unix(0x1, 0x1, 0x0) (async)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r9, 0x0)
connect$unix(r8, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r9, 0x0, 0x0)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d02, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{0x1}, &(0x7f0000000f00), &(0x7f0000000f40)=r0}, 0x20)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000002000)=""/4113, 0x1011}], 0x1, &(0x7f0000000dc0)=""/6, 0x6}, 0x40010041)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)
r12 = socket$xdp(0x2c, 0x3, 0x0)
sendmmsg$inet(r12, &(0x7f0000000d40)=[{{&(0x7f0000000700)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000a80)=[{&(0x7f00000007c0)="09193da6f3f49d59b99d47eec476b3977669aa6d170e57eddf69c2429a83a445ca083b5fda559fe1c16bee19056acca6c902660d936aabc60f02cfdd3bb579e5570e859ac841d0dc637005ee2a491925ca1ffde04a3968ac9d1f064138a669b2c2bbef69b6ad29126842903ffca1534051db812659e27b61a1af5dcd7ccb89a221330da72c33a626e44ccff6f15c15f03682934f3f4bca1f19b153387f9ef603d012e898a573b779cb2eca9b1edbf2d4", 0xb0}, {&(0x7f0000000900)="24874943951d6c8149fa4b1f4496df689260f0f0f7cdb5cfb5731fe3c23524f7580068331f1a776d54d246bd653abe0e23b505e847e0c82d643622937bce17db4ae2951fd504cc5ce37771e146ee4c16216d3fbf03aca8502f0651dc86609b9a8b18d7c5a0c82b44e460b6b1687793b0fc7f63970bb4c659", 0x78}, {&(0x7f0000000980)="68cfb1b3142bfeabbbc95d784c840b2c3994b054a4ad37a11dcd74a619dc5a350f50bb6e1c84a6566505c6c5652856940e8aede8abbea1c0fc12fcb9f8beedee0981c0d89f17e14625a96402a76b65ca53969778c70417fbcda66b60ae82714177d04095b541125f6b8f42e312320d0b54192c30193bcdec8a64f15acfa2746863e61fa594453f35bc3a53768c1ec82c79efbdf1b93c115698177d1a8016fb74652da0eb7aeddd86d3211b374f057216d77168e0ab6d92eb63fcfddd6122bd06462f4d29a451ddb4fcd194838676fd28b028b957b503e74e53034afcb288334a27ec3cc4cb5a4bb5", 0xe8}, {&(0x7f0000000880)="65f9b3e825e1be77b00af80cd1fcc624e5adb1ec93877401ddeec5f7a580b4455956643cbd38abaa706824f3d80f95", 0x2f}], 0x4, &(0x7f0000000ac0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x36f}}], 0x18}}, {{&(0x7f0000000b00)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000c80)=[{&(0x7f0000000b40)="107944b01ea20db42a9f0a2c85f49756c2cdf8ad", 0x14}, {&(0x7f0000000b80)="fc92429134d389fc377a6d8127e715531bacd531701d98fd865a6ec2c1dda93a3ee937eb27cfdec62f7d82e23ccfff47d13d7c27301e392a11647535992884f89b0849de1a25a20e0e4af36847257ce4b688c01c6ccaca3f17131f8cb739c6dbe7fde184178760ae93a62084adb76eea2e406188060df3fc30eab85d0b7cad5015e0c0b40a164236c24ac5952ec8005f1ea452effd3e9c327c3c4c2be3716fcc46add4538fbdcca5572c4a3cad84fcff1b6dd2cce816e26e080a6040f017", 0xbe}, {&(0x7f0000000c40)="80f8a9f9c2331001a4cbe0ec617d72bd8d86d03906c386bb4bb912ad136269920e68208d5a73a7b62cba68b75c761bb4743f3dcc46b403842d", 0x39}], 0x3, &(0x7f0000000cc0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_ttl={{0x14, 0x0, 0x2, 0x48}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x37}, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x80}}], 0x2, 0x4)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 62)

[ 2382.696944][T26367] FAULT_INJECTION: forcing a failure.
[ 2382.696944][T26367] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2382.710288][T26367] CPU: 1 PID: 26367 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2382.720433][T26367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2382.730327][T26367] Call Trace:
[ 2382.733452][T26367]  <TASK>
[ 2382.736239][T26367]  dump_stack_lvl+0x151/0x1b7
[ 2382.740741][T26367]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2382.746210][T26367]  dump_stack+0x15/0x17
[ 2382.750295][T26367]  should_fail+0x3c6/0x510
[ 2382.754543][T26367]  should_fail_alloc_page+0x5a/0x80
[ 2382.759575][T26367]  prepare_alloc_pages+0x15c/0x700
[ 2382.764522][T26367]  ? __alloc_pages+0x8f0/0x8f0
[ 2382.769132][T26367]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2382.774156][T26367]  ? sched_clock+0x9/0x10
[ 2382.778328][T26367]  __alloc_pages+0x18c/0x8f0
[ 2382.782757][T26367]  ? prep_new_page+0x110/0x110
[ 2382.787351][T26367]  ? 0xffffffffa0002dbc
[ 2382.791340][T26367]  ? is_bpf_text_address+0x172/0x190
[ 2382.796464][T26367]  pte_alloc_one+0x73/0x1b0
[ 2382.800802][T26367]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2382.805836][T26367]  ? arch_stack_walk+0xf3/0x140
[ 2382.810523][T26367]  __pte_alloc+0x86/0x350
[ 2382.814689][T26367]  ? free_pgtables+0x280/0x280
[ 2382.819289][T26367]  ? _raw_spin_lock+0xa4/0x1b0
[ 2382.823888][T26367]  ? __kasan_check_write+0x14/0x20
[ 2382.828840][T26367]  copy_page_range+0x28a8/0x2f90
[ 2382.833609][T26367]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2382.838479][T26367]  ? pfn_valid+0x1e0/0x1e0
[ 2382.842724][T26367]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2382.848281][T26367]  ? __rb_insert_augmented+0x5de/0x610
[ 2382.853574][T26367]  copy_mm+0xc7e/0x13e0
[ 2382.857569][T26367]  ? copy_signal+0x610/0x610
[ 2382.861992][T26367]  ? __init_rwsem+0xd6/0x1c0
[ 2382.866417][T26367]  ? copy_signal+0x4e3/0x610
[ 2382.870846][T26367]  copy_process+0x1149/0x3290
[ 2382.875362][T26367]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2382.880310][T26367]  ? copy_clone_args_from_user+0x744/0x830
[ 2382.885948][T26367]  kernel_clone+0x21e/0x9e0
[ 2382.890287][T26367]  ? __delayed_free_task+0x20/0x20
[ 2382.895686][T26367]  ? create_io_thread+0x1e0/0x1e0
[ 2382.900529][T26367]  __x64_sys_clone3+0x376/0x3a0
[ 2382.905216][T26367]  ? __ia32_sys_clone+0x290/0x290
[ 2382.910083][T26367]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2382.915198][T26367]  ? __traceiter_sys_enter+0x2a/0x40
[ 2382.920402][T26367]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2382.926305][T26367]  do_syscall_64+0x3d/0xb0
[ 2382.930557][T26367]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2382.936285][T26367] RIP: 0033:0x7f9d5f592da9
[ 2382.940555][T26367] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2382.959989][T26367] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2382.968232][T26367] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2382.976037][T26367] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2382.983852][T26367] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d03, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:35 executing program 1:
r0 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 63)

03:36:35 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d04, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2382.991663][T26367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2382.999471][T26367] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2383.007296][T26367]  </TASK>
[ 2383.023334][T26372] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d05, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.054129][T26386] FAULT_INJECTION: forcing a failure.
[ 2383.054129][T26386] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2383.077327][T26386] CPU: 0 PID: 26386 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2383.087486][T26386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2383.097380][T26386] Call Trace:
[ 2383.100503][T26386]  <TASK>
[ 2383.103281][T26386]  dump_stack_lvl+0x151/0x1b7
[ 2383.107794][T26386]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2383.113263][T26386]  dump_stack+0x15/0x17
[ 2383.117426][T26386]  should_fail+0x3c6/0x510
[ 2383.121683][T26386]  should_fail_alloc_page+0x5a/0x80
[ 2383.126716][T26386]  prepare_alloc_pages+0x15c/0x700
[ 2383.131662][T26386]  ? __alloc_pages+0x8f0/0x8f0
[ 2383.136264][T26386]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2383.141299][T26386]  __alloc_pages+0x18c/0x8f0
[ 2383.145724][T26386]  ? prep_new_page+0x110/0x110
[ 2383.150324][T26386]  ? 0xffffffffa0002dbc
[ 2383.154314][T26386]  ? is_bpf_text_address+0x172/0x190
[ 2383.159438][T26386]  pte_alloc_one+0x73/0x1b0
[ 2383.163774][T26386]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2383.168809][T26386]  ? arch_stack_walk+0xf3/0x140
[ 2383.173582][T26386]  __pte_alloc+0x86/0x350
[ 2383.177757][T26386]  ? free_pgtables+0x280/0x280
[ 2383.182347][T26386]  ? _raw_spin_lock+0xa4/0x1b0
[ 2383.186948][T26386]  ? __kasan_check_write+0x14/0x20
[ 2383.191896][T26386]  copy_page_range+0x28a8/0x2f90
[ 2383.196670][T26386]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2383.201537][T26386]  ? pfn_valid+0x1e0/0x1e0
[ 2383.205785][T26386]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2383.211339][T26386]  ? __rb_insert_augmented+0x5de/0x610
[ 2383.216635][T26386]  copy_mm+0xc7e/0x13e0
[ 2383.220630][T26386]  ? copy_signal+0x610/0x610
[ 2383.225054][T26386]  ? __init_rwsem+0xd6/0x1c0
[ 2383.229493][T26386]  ? copy_signal+0x4e3/0x610
[ 2383.233904][T26386]  copy_process+0x1149/0x3290
[ 2383.238422][T26386]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2383.243364][T26386]  ? copy_clone_args_from_user+0x744/0x830
[ 2383.249011][T26386]  kernel_clone+0x21e/0x9e0
[ 2383.253345][T26386]  ? __delayed_free_task+0x20/0x20
[ 2383.258294][T26386]  ? create_io_thread+0x1e0/0x1e0
[ 2383.263156][T26386]  __x64_sys_clone3+0x376/0x3a0
[ 2383.267843][T26386]  ? __ia32_sys_clone+0x290/0x290
[ 2383.272708][T26386]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2383.277823][T26386]  ? __traceiter_sys_enter+0x2a/0x40
[ 2383.282941][T26386]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2383.288843][T26386]  do_syscall_64+0x3d/0xb0
[ 2383.293098][T26386]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2383.298823][T26386] RIP: 0033:0x7f9d5f592da9
[ 2383.303083][T26386] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2383.322518][T26386] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2383.330769][T26386] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2383.338586][T26386] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2383.346386][T26386] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 64)

03:36:36 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{0x1}, &(0x7f0000000f00), &(0x7f0000000f40)=r0}, 0x20)
r2 = dup(r1) (async, rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 32)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 64)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 64)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 64)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000002000)=""/4113, 0x1011}], 0x1, &(0x7f0000000dc0)=""/6, 0x6}, 0x40010041) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 32)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async, rerun: 64)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
r12 = socket$xdp(0x2c, 0x3, 0x0)
sendmmsg$inet(r12, &(0x7f0000000d40)=[{{&(0x7f0000000700)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000a80)=[{&(0x7f00000007c0)="09193da6f3f49d59b99d47eec476b3977669aa6d170e57eddf69c2429a83a445ca083b5fda559fe1c16bee19056acca6c902660d936aabc60f02cfdd3bb579e5570e859ac841d0dc637005ee2a491925ca1ffde04a3968ac9d1f064138a669b2c2bbef69b6ad29126842903ffca1534051db812659e27b61a1af5dcd7ccb89a221330da72c33a626e44ccff6f15c15f03682934f3f4bca1f19b153387f9ef603d012e898a573b779cb2eca9b1edbf2d4", 0xb0}, {&(0x7f0000000900)="24874943951d6c8149fa4b1f4496df689260f0f0f7cdb5cfb5731fe3c23524f7580068331f1a776d54d246bd653abe0e23b505e847e0c82d643622937bce17db4ae2951fd504cc5ce37771e146ee4c16216d3fbf03aca8502f0651dc86609b9a8b18d7c5a0c82b44e460b6b1687793b0fc7f63970bb4c659", 0x78}, {&(0x7f0000000980)="68cfb1b3142bfeabbbc95d784c840b2c3994b054a4ad37a11dcd74a619dc5a350f50bb6e1c84a6566505c6c5652856940e8aede8abbea1c0fc12fcb9f8beedee0981c0d89f17e14625a96402a76b65ca53969778c70417fbcda66b60ae82714177d04095b541125f6b8f42e312320d0b54192c30193bcdec8a64f15acfa2746863e61fa594453f35bc3a53768c1ec82c79efbdf1b93c115698177d1a8016fb74652da0eb7aeddd86d3211b374f057216d77168e0ab6d92eb63fcfddd6122bd06462f4d29a451ddb4fcd194838676fd28b028b957b503e74e53034afcb288334a27ec3cc4cb5a4bb5", 0xe8}, {&(0x7f0000000880)="65f9b3e825e1be77b00af80cd1fcc624e5adb1ec93877401ddeec5f7a580b4455956643cbd38abaa706824f3d80f95", 0x2f}], 0x4, &(0x7f0000000ac0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x36f}}], 0x18}}, {{&(0x7f0000000b00)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000c80)=[{&(0x7f0000000b40)="107944b01ea20db42a9f0a2c85f49756c2cdf8ad", 0x14}, {&(0x7f0000000b80)="fc92429134d389fc377a6d8127e715531bacd531701d98fd865a6ec2c1dda93a3ee937eb27cfdec62f7d82e23ccfff47d13d7c27301e392a11647535992884f89b0849de1a25a20e0e4af36847257ce4b688c01c6ccaca3f17131f8cb739c6dbe7fde184178760ae93a62084adb76eea2e406188060df3fc30eab85d0b7cad5015e0c0b40a164236c24ac5952ec8005f1ea452effd3e9c327c3c4c2be3716fcc46add4538fbdcca5572c4a3cad84fcff1b6dd2cce816e26e080a6040f017", 0xbe}, {&(0x7f0000000c40)="80f8a9f9c2331001a4cbe0ec617d72bd8d86d03906c386bb4bb912ad136269920e68208d5a73a7b62cba68b75c761bb4743f3dcc46b403842d", 0x39}], 0x3, &(0x7f0000000cc0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_ttl={{0x14, 0x0, 0x2, 0x48}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x37}, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x80}}], 0x2, 0x4)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d06, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.354200][T26386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2383.362009][T26386] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2383.369830][T26386]  </TASK>
03:36:36 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r5 = memfd_create(&(0x7f0000002280)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x01k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3F\x958\xf7\xa1c\x81k\'^&\xd9\x82]\x18]\xb2\xbe\xdc\xcd\xe4j\xad;\xd1q$\xb2\xe4\xec\xa9\x15\xbfy\xb7\xe1\xedq\xed\x13F\x85T\xe39\xa4R^#\xc0K\xcd\xe5\xf2\x9a@^\n(\xd5\n5\xcb\xe7~V\xc9\x8b@r\x1c1\xc7.,E\x82L\xf6\xd5\xfe\x9a\x84\xc3\xea\xa4*\xa2\xa3\x12\xce\xb9{X\va\\\xa2\xc6\x88\x9c\xc7%\x0e\x16(\v\xc3\xeam:\xc3@\xa6S|\xe9\xf1$\x11+Y\x1f\xecQ\x86\a\xf3', 0x0)
r6 = dup(r5)
write$cgroup_pid(r6, &(0x7f0000000000), 0x12)
pread64(r6, &(0x7f0000000200)=""/4096, 0x1000, 0x0)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', r8}, 0x48)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r10, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r12, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)=ANY=[@ANYBLOB="3c0000001800010006000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r12, @ANYBLOB="140100202000"], 0x3c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000040)={'gretap0\x00', 0x0, 0x10, 0x700, 0x4, 0x2, {{0x6, 0x4, 0x1, 0x16, 0xfd03, 0x64, 0x0, 0x6, 0x4, 0x0, @remote, @multicast2, {[@noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000300)={'syztnl2\x00', <r13=>0x0, 0x20, 0x8000, 0x9, 0x1, {{0x14, 0x4, 0x1, 0x1, 0x50, 0x67, 0x0, 0x6, 0x29, 0x0, @broadcast, @multicast2, {[@lsrr={0x83, 0x13, 0x9, [@empty, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @rr={0x7, 0x27, 0x96, [@dev={0xac, 0x14, 0x14, 0x19}, @rand_addr=0x64010101, @remote, @local, @multicast2, @remote, @dev={0xac, 0x14, 0x14, 0x3e}, @dev={0xac, 0x14, 0x14, 0x29}, @empty]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@mpls_getnetconf={0x64, 0x52, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NETCONFA_IFINDEX={0x8, 0x1, r4}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x40000007}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x5000000}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffff00}, @NETCONFA_IFINDEX={0x8, 0x1, r8}, @NETCONFA_IFINDEX={0x8, 0x1, r12}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x800}, @NETCONFA_IFINDEX={0x8, 0x1, r13}]}, 0x64}, 0x1, 0x0, 0x0, 0x11}, 0xc1)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r2, 0x0, 0x0)

03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2383.413274][T26494] FAULT_INJECTION: forcing a failure.
[ 2383.413274][T26494] name failslab, interval 1, probability 0, space 0, times 0
[ 2383.433854][T26501] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2383.436191][T26494] CPU: 1 PID: 26494 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2383.453142][T26494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d07, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d08, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d09, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.463014][T26494] Call Trace:
[ 2383.466145][T26494]  <TASK>
[ 2383.468915][T26494]  dump_stack_lvl+0x151/0x1b7
[ 2383.473430][T26494]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2383.478901][T26494]  dump_stack+0x15/0x17
[ 2383.482892][T26494]  should_fail+0x3c6/0x510
[ 2383.487143][T26494]  __should_failslab+0xa4/0xe0
[ 2383.491742][T26494]  ? vm_area_dup+0x26/0x230
[ 2383.496083][T26494]  should_failslab+0x9/0x20
[ 2383.500420][T26494]  slab_pre_alloc_hook+0x37/0xd0
[ 2383.505191][T26494]  ? vm_area_dup+0x26/0x230
03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.509535][T26494]  kmem_cache_alloc+0x44/0x200
[ 2383.514142][T26494]  vm_area_dup+0x26/0x230
[ 2383.518303][T26494]  copy_mm+0x9a1/0x13e0
[ 2383.522298][T26494]  ? copy_signal+0x610/0x610
[ 2383.526718][T26494]  ? __init_rwsem+0xd6/0x1c0
[ 2383.531145][T26494]  ? copy_signal+0x4e3/0x610
[ 2383.535571][T26494]  copy_process+0x1149/0x3290
[ 2383.540093][T26494]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2383.545034][T26494]  ? copy_clone_args_from_user+0x744/0x830
[ 2383.550676][T26494]  kernel_clone+0x21e/0x9e0
[ 2383.555012][T26494]  ? __delayed_free_task+0x20/0x20
03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d0f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d10, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d11, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.559959][T26494]  ? create_io_thread+0x1e0/0x1e0
[ 2383.564822][T26494]  __x64_sys_clone3+0x376/0x3a0
[ 2383.569510][T26494]  ? __ia32_sys_clone+0x290/0x290
[ 2383.574465][T26494]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2383.579581][T26494]  ? __traceiter_sys_enter+0x2a/0x40
[ 2383.584699][T26494]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2383.590694][T26494]  do_syscall_64+0x3d/0xb0
[ 2383.594960][T26494]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2383.600674][T26494] RIP: 0033:0x7f9d5f592da9
[ 2383.604926][T26494] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2383.624371][T26494] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2383.632618][T26494] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2383.640572][T26494] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2383.648385][T26494] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2383.656197][T26494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d12, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d13, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d14, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{0x1}, &(0x7f0000000f00), &(0x7f0000000f40)=r0}, 0x20)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000002000)=""/4113, 0x1011}], 0x1, &(0x7f0000000dc0)=""/6, 0x6}, 0x40010041)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async, rerun: 64)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)
r12 = socket$xdp(0x2c, 0x3, 0x0)
sendmmsg$inet(r12, &(0x7f0000000d40)=[{{&(0x7f0000000700)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000a80)=[{&(0x7f00000007c0)="09193da6f3f49d59b99d47eec476b3977669aa6d170e57eddf69c2429a83a445ca083b5fda559fe1c16bee19056acca6c902660d936aabc60f02cfdd3bb579e5570e859ac841d0dc637005ee2a491925ca1ffde04a3968ac9d1f064138a669b2c2bbef69b6ad29126842903ffca1534051db812659e27b61a1af5dcd7ccb89a221330da72c33a626e44ccff6f15c15f03682934f3f4bca1f19b153387f9ef603d012e898a573b779cb2eca9b1edbf2d4", 0xb0}, {&(0x7f0000000900)="24874943951d6c8149fa4b1f4496df689260f0f0f7cdb5cfb5731fe3c23524f7580068331f1a776d54d246bd653abe0e23b505e847e0c82d643622937bce17db4ae2951fd504cc5ce37771e146ee4c16216d3fbf03aca8502f0651dc86609b9a8b18d7c5a0c82b44e460b6b1687793b0fc7f63970bb4c659", 0x78}, {&(0x7f0000000980)="68cfb1b3142bfeabbbc95d784c840b2c3994b054a4ad37a11dcd74a619dc5a350f50bb6e1c84a6566505c6c5652856940e8aede8abbea1c0fc12fcb9f8beedee0981c0d89f17e14625a96402a76b65ca53969778c70417fbcda66b60ae82714177d04095b541125f6b8f42e312320d0b54192c30193bcdec8a64f15acfa2746863e61fa594453f35bc3a53768c1ec82c79efbdf1b93c115698177d1a8016fb74652da0eb7aeddd86d3211b374f057216d77168e0ab6d92eb63fcfddd6122bd06462f4d29a451ddb4fcd194838676fd28b028b957b503e74e53034afcb288334a27ec3cc4cb5a4bb5", 0xe8}, {&(0x7f0000000880)="65f9b3e825e1be77b00af80cd1fcc624e5adb1ec93877401ddeec5f7a580b4455956643cbd38abaa706824f3d80f95", 0x2f}], 0x4, &(0x7f0000000ac0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x36f}}], 0x18}}, {{&(0x7f0000000b00)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000c80)=[{&(0x7f0000000b40)="107944b01ea20db42a9f0a2c85f49756c2cdf8ad", 0x14}, {&(0x7f0000000b80)="fc92429134d389fc377a6d8127e715531bacd531701d98fd865a6ec2c1dda93a3ee937eb27cfdec62f7d82e23ccfff47d13d7c27301e392a11647535992884f89b0849de1a25a20e0e4af36847257ce4b688c01c6ccaca3f17131f8cb739c6dbe7fde184178760ae93a62084adb76eea2e406188060df3fc30eab85d0b7cad5015e0c0b40a164236c24ac5952ec8005f1ea452effd3e9c327c3c4c2be3716fcc46add4538fbdcca5572c4a3cad84fcff1b6dd2cce816e26e080a6040f017", 0xbe}, {&(0x7f0000000c40)="80f8a9f9c2331001a4cbe0ec617d72bd8d86d03906c386bb4bb912ad136269920e68208d5a73a7b62cba68b75c761bb4743f3dcc46b403842d", 0x39}], 0x3, &(0x7f0000000cc0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_ttl={{0x14, 0x0, 0x2, 0x48}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x37}, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x80}}], 0x2, 0x4)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d15, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 65)

03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d16, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, &(0x7f0000000700)="0f06c4c179fd89008000002ef20fc2469f000f01c366baf80cb851b3ef8def66bafc0cb000eec4c125f2420066b8f0008ed00fc75f1166f30f1b2266baa100ed", 0x40}], 0x1, 0x20, &(0x7f0000000800)=[@dstype3={0x7, 0x4}, @cr4={0x1, 0x200000}], 0x2)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
recvfrom$unix(r4, &(0x7f0000000840)=""/63, 0x3f, 0x20, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2383.664009][T26494] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2383.671827][T26494]  </TASK>
03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d17, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.736130][T26746] FAULT_INJECTION: forcing a failure.
[ 2383.736130][T26746] name failslab, interval 1, probability 0, space 0, times 0
[ 2383.753046][T26746] CPU: 0 PID: 26746 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2383.763196][T26746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2383.773090][T26746] Call Trace:
[ 2383.776220][T26746]  <TASK>
[ 2383.778993][T26746]  dump_stack_lvl+0x151/0x1b7
[ 2383.783504][T26746]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2383.788973][T26746]  dump_stack+0x15/0x17
[ 2383.792968][T26746]  should_fail+0x3c6/0x510
[ 2383.797567][T26746]  __should_failslab+0xa4/0xe0
[ 2383.802172][T26746]  ? vm_area_dup+0x26/0x230
[ 2383.806503][T26746]  should_failslab+0x9/0x20
[ 2383.810845][T26746]  slab_pre_alloc_hook+0x37/0xd0
[ 2383.815617][T26746]  ? vm_area_dup+0x26/0x230
[ 2383.819957][T26746]  kmem_cache_alloc+0x44/0x200
[ 2383.824559][T26746]  vm_area_dup+0x26/0x230
[ 2383.828723][T26746]  copy_mm+0x9a1/0x13e0
[ 2383.832721][T26746]  ? copy_signal+0x610/0x610
[ 2383.837487][T26746]  ? __init_rwsem+0xd6/0x1c0
[ 2383.842008][T26746]  ? copy_signal+0x4e3/0x610
[ 2383.846428][T26746]  copy_process+0x1149/0x3290
[ 2383.850947][T26746]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2383.855890][T26746]  ? copy_clone_args_from_user+0x744/0x830
[ 2383.861530][T26746]  kernel_clone+0x21e/0x9e0
[ 2383.865870][T26746]  ? __delayed_free_task+0x20/0x20
[ 2383.870824][T26746]  ? create_io_thread+0x1e0/0x1e0
[ 2383.875682][T26746]  __x64_sys_clone3+0x376/0x3a0
[ 2383.880366][T26746]  ? __ia32_sys_clone+0x290/0x290
[ 2383.885230][T26746]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2383.890347][T26746]  ? __traceiter_sys_enter+0x2a/0x40
[ 2383.895466][T26746]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2383.901375][T26746]  do_syscall_64+0x3d/0xb0
[ 2383.905634][T26746]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2383.911351][T26746] RIP: 0033:0x7f9d5f592da9
[ 2383.915606][T26746] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d18, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 66)

03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d19, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2383.935047][T26746] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2383.943289][T26746] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2383.951100][T26746] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2383.958913][T26746] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2383.966722][T26746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2383.974534][T26746] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2383.982352][T26746]  </TASK>
03:36:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.028868][T26762] FAULT_INJECTION: forcing a failure.
[ 2384.028868][T26762] name failslab, interval 1, probability 0, space 0, times 0
[ 2384.041722][T26762] CPU: 1 PID: 26762 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2384.051872][T26762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2384.061767][T26762] Call Trace:
[ 2384.064887][T26762]  <TASK>
[ 2384.067666][T26762]  dump_stack_lvl+0x151/0x1b7
[ 2384.072179][T26762]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2384.077649][T26762]  dump_stack+0x15/0x17
[ 2384.081637][T26762]  should_fail+0x3c6/0x510
[ 2384.085893][T26762]  __should_failslab+0xa4/0xe0
[ 2384.090491][T26762]  ? anon_vma_fork+0xf7/0x4e0
[ 2384.095004][T26762]  should_failslab+0x9/0x20
[ 2384.099347][T26762]  slab_pre_alloc_hook+0x37/0xd0
[ 2384.104117][T26762]  ? anon_vma_fork+0xf7/0x4e0
[ 2384.108631][T26762]  kmem_cache_alloc+0x44/0x200
[ 2384.113232][T26762]  anon_vma_fork+0xf7/0x4e0
[ 2384.117572][T26762]  ? anon_vma_name+0x43/0x70
[ 2384.121999][T26762]  ? vm_area_dup+0x17a/0x230
[ 2384.126425][T26762]  copy_mm+0xa3a/0x13e0
[ 2384.130424][T26762]  ? copy_signal+0x610/0x610
[ 2384.134850][T26762]  ? __init_rwsem+0xd6/0x1c0
[ 2384.139277][T26762]  ? copy_signal+0x4e3/0x610
[ 2384.143696][T26762]  copy_process+0x1149/0x3290
[ 2384.148216][T26762]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2384.153158][T26762]  ? copy_clone_args_from_user+0x744/0x830
[ 2384.158800][T26762]  kernel_clone+0x21e/0x9e0
[ 2384.163142][T26762]  ? __delayed_free_task+0x20/0x20
[ 2384.168090][T26762]  ? create_io_thread+0x1e0/0x1e0
[ 2384.172953][T26762]  __x64_sys_clone3+0x376/0x3a0
[ 2384.177633][T26762]  ? __ia32_sys_clone+0x290/0x290
[ 2384.182500][T26762]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2384.187620][T26762]  ? __traceiter_sys_enter+0x2a/0x40
[ 2384.192735][T26762]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2384.198639][T26762]  do_syscall_64+0x3d/0xb0
[ 2384.202890][T26762]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2384.208621][T26762] RIP: 0033:0x7f9d5f592da9
[ 2384.212871][T26762] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2384.232311][T26762] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2384.240559][T26762] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2384.248368][T26762] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2384.256183][T26762] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2384.263992][T26762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2384.271804][T26762] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}}, 0x0) (async)
r5 = memfd_create(&(0x7f0000002280)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x01k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3F\x958\xf7\xa1c\x81k\'^&\xd9\x82]\x18]\xb2\xbe\xdc\xcd\xe4j\xad;\xd1q$\xb2\xe4\xec\xa9\x15\xbfy\xb7\xe1\xedq\xed\x13F\x85T\xe39\xa4R^#\xc0K\xcd\xe5\xf2\x9a@^\n(\xd5\n5\xcb\xe7~V\xc9\x8b@r\x1c1\xc7.,E\x82L\xf6\xd5\xfe\x9a\x84\xc3\xea\xa4*\xa2\xa3\x12\xce\xb9{X\va\\\xa2\xc6\x88\x9c\xc7%\x0e\x16(\v\xc3\xeam:\xc3@\xa6S|\xe9\xf1$\x11+Y\x1f\xecQ\x86\a\xf3', 0x0)
r6 = dup(r5)
write$cgroup_pid(r6, &(0x7f0000000000), 0x12) (async)
pread64(r6, &(0x7f0000000200)=""/4096, 0x1000, 0x0)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0) (async)
getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', r8}, 0x48) (async)
r9 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r10 = socket(0x10, 0x803, 0x0) (rerun: 64)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) (async)
getsockname$packet(r10, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r12, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)=ANY=[@ANYBLOB="3c0000001800010006000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r12, @ANYBLOB="140100202000"], 0x3c}}, 0x0) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000040)={'gretap0\x00', 0x0, 0x10, 0x700, 0x4, 0x2, {{0x6, 0x4, 0x1, 0x16, 0xfd03, 0x64, 0x0, 0x6, 0x4, 0x0, @remote, @multicast2, {[@noop]}}}}}) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000300)={'syztnl2\x00', <r13=>0x0, 0x20, 0x8000, 0x9, 0x1, {{0x14, 0x4, 0x1, 0x1, 0x50, 0x67, 0x0, 0x6, 0x29, 0x0, @broadcast, @multicast2, {[@lsrr={0x83, 0x13, 0x9, [@empty, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @rr={0x7, 0x27, 0x96, [@dev={0xac, 0x14, 0x14, 0x19}, @rand_addr=0x64010101, @remote, @local, @multicast2, @remote, @dev={0xac, 0x14, 0x14, 0x3e}, @dev={0xac, 0x14, 0x14, 0x29}, @empty]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@mpls_getnetconf={0x64, 0x52, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NETCONFA_IFINDEX={0x8, 0x1, r4}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x40000007}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x5000000}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffff00}, @NETCONFA_IFINDEX={0x8, 0x1, r8}, @NETCONFA_IFINDEX={0x8, 0x1, r12}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x800}, @NETCONFA_IFINDEX={0x8, 0x1, r13}]}, 0x64}, 0x1, 0x0, 0x0, 0x11}, 0xc1)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r2, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async, rerun: 32)
accept(r2, 0x0, 0x0) (rerun: 32)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2384.279619][T26762]  </TASK>
[ 2384.284305][T26762] ------------[ cut here ]------------
[ 2384.291715][T26762] refcount_t: underflow; use-after-free.
[ 2384.313228][T26762] WARNING: CPU: 1 PID: 26762 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0
[ 2384.323383][T26762] Modules linked in:
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, &(0x7f0000000700)="0f06c4c179fd89008000002ef20fc2469f000f01c366baf80cb851b3ef8def66bafc0cb000eec4c125f2420066b8f0008ed00fc75f1166f30f1b2266baa100ed", 0x40}], 0x1, 0x20, &(0x7f0000000800)=[@dstype3={0x7, 0x4}, @cr4={0x1, 0x200000}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
recvfrom$unix(r4, &(0x7f0000000840)=""/63, 0x3f, 0x20, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2384.329036][T26762] CPU: 0 PID: 26762 Comm: syz-executor.0 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 2384.341651][T26762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2384.352333][T26762] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.366120][T26762] Code: 04 01 48 c7 c7 c0 c4 82 85 e8 e4 9e dc fe 0f 0b eb 8b e8 6b 49 0b ff c6 05 73 8e 9e 04 01 48 c7 c7 20 c5 82 85 e8 c8 9e dc fe <0f> 0b e9 6c ff ff ff e8 4c 49 0b ff c6 05 55 8e 9e 04 01 48 c7 c7
[ 2384.388066][T26762] RSP: 0018:ffffc900019778c8 EFLAGS: 00010246
[ 2384.395119][T26762] RAX: 99077cbf03a91200 RBX: 0000000000000003 RCX: 0000000000040000
[ 2384.405991][T26762] RDX: ffffc9000ac55000 RSI: 00000000000186f6 RDI: 00000000000186f7
[ 2384.413875][T26762] RBP: ffffc900019778d8 R08: ffffffff81575f25 R09: ffffed103ee265e8
[ 2384.421831][T26762] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110325d42a8
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d1f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d20, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080), 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.429987][T26762] R13: ffff888192ea1540 R14: 0000000000000003 R15: ffff88819b15ed10
[ 2384.439649][T26762] FS:  00007f9d5e3146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2384.448816][T26762] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2384.457258][T26762] CR2: 00007ffe67908408 CR3: 000000019aada000 CR4: 00000000003506a0
[ 2384.466455][T26762] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080), 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
dup(r1) (async)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, &(0x7f0000000700)="0f06c4c179fd89008000002ef20fc2469f000f01c366baf80cb851b3ef8def66bafc0cb000eec4c125f2420066b8f0008ed00fc75f1166f30f1b2266baa100ed", 0x40}], 0x1, 0x20, &(0x7f0000000800)=[@dstype3={0x7, 0x4}, @cr4={0x1, 0x200000}], 0x2) (async)
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, &(0x7f0000000700)="0f06c4c179fd89008000002ef20fc2469f000f01c366baf80cb851b3ef8def66bafc0cb000eec4c125f2420066b8f0008ed00fc75f1166f30f1b2266baa100ed", 0x40}], 0x1, 0x20, &(0x7f0000000800)=[@dstype3={0x7, 0x4}, @cr4={0x1, 0x200000}], 0x2)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
recvfrom$unix(r4, &(0x7f0000000840)=""/63, 0x3f, 0x20, 0x0, 0x0) (async)
recvfrom$unix(r4, &(0x7f0000000840)=""/63, 0x3f, 0x20, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d21, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080), 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.477674][T26762] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2384.494471][T26762] Call Trace:
[ 2384.504204][T26762]  <TASK>
[ 2384.508435][T26762]  ? show_regs+0x58/0x60
[ 2384.512672][T26762]  ? __warn+0x160/0x2f0
[ 2384.516650][T26762]  ? refcount_warn_saturate+0x158/0x1a0
[ 2384.522894][T26762]  ? report_bug+0x3d9/0x5b0
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d22, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d23, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.528309][T26762]  ? refcount_warn_saturate+0x158/0x1a0
[ 2384.539279][T26762]  ? handle_bug+0x41/0x70
[ 2384.543534][T26762]  ? exc_invalid_op+0x1b/0x50
[ 2384.550170][T26762]  ? asm_exc_invalid_op+0x1b/0x20
[ 2384.559722][T26762]  ? __wake_up_klogd+0xd5/0x110
[ 2384.564545][T26762]  ? refcount_warn_saturate+0x158/0x1a0
[ 2384.573418][T26762]  ? refcount_warn_saturate+0x158/0x1a0
03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d24, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2384.578897][T26762]  vm_area_free_no_check+0x123/0x130
[ 2384.588855][T26762]  copy_mm+0xefb/0x13e0
[ 2384.592993][T26762]  ? copy_signal+0x610/0x610
[ 2384.601377][T26762]  ? __init_rwsem+0xd6/0x1c0
[ 2384.609418][T26762]  ? copy_signal+0x4e3/0x610
[ 2384.616510][T26762]  copy_process+0x1149/0x3290
[ 2384.622400][T26762]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2384.627548][T26762]  ? copy_clone_args_from_user+0x744/0x830
[ 2384.633473][T26762]  kernel_clone+0x21e/0x9e0
[ 2384.637931][T26762]  ? __delayed_free_task+0x20/0x20
[ 2384.642906][T26762]  ? create_io_thread+0x1e0/0x1e0
[ 2384.647812][T26762]  __x64_sys_clone3+0x376/0x3a0
[ 2384.652448][T26762]  ? __ia32_sys_clone+0x290/0x290
[ 2384.657747][T26762]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2384.662834][T26762]  ? __traceiter_sys_enter+0x2a/0x40
[ 2384.667984][T26762]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2384.673860][T26762]  do_syscall_64+0x3d/0xb0
[ 2384.678138][T26762]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2384.683843][T26762] RIP: 0033:0x7f9d5f592da9
[ 2384.688119][T26762] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2384.708299][T26762] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2384.716474][T26762] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d25, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:37 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 67)

03:36:37 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2384.724417][T26762] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2384.732231][T26762] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2384.740048][T26762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2384.747839][T26762] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2384.755648][T26762]  </TASK>
[ 2384.758525][T26762] ---[ end trace 557f018d70a18b14 ]---
[ 2384.783061][T13141] ==================================================================
[ 2384.791121][T13141] BUG: KASAN: use-after-free in __rb_insert_augmented+0xa0/0x610
[ 2384.798671][T13141] Read of size 8 at addr ffff8881c0000008 by task syz-executor.0/13141
[ 2384.807091][T13141] 
[ 2384.809322][T13141] CPU: 1 PID: 13141 Comm: syz-executor.0 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2384.820813][T13141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2384.830701][T13141] Call Trace:
[ 2384.833833][T13141]  <TASK>
[ 2384.836602][T13141]  dump_stack_lvl+0x151/0x1b7
[ 2384.841114][T13141]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2384.846578][T13141]  ? panic+0x751/0x751
[ 2384.850487][T13141]  print_address_description+0x87/0x3b0
[ 2384.855868][T13141]  kasan_report+0x179/0x1c0
[ 2384.860206][T13141]  ? __rb_insert_augmented+0xa0/0x610
[ 2384.865417][T13141]  ? __rb_insert_augmented+0xa0/0x610
[ 2384.870622][T13141]  __asan_report_load8_noabort+0x14/0x20
[ 2384.876183][T13141]  __rb_insert_augmented+0xa0/0x610
[ 2384.881218][T13141]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[ 2384.887555][T13141]  vma_interval_tree_insert_after+0x2be/0x2d0
[ 2384.893456][T13141]  copy_mm+0xba2/0x13e0
[ 2384.897454][T13141]  ? copy_signal+0x610/0x610
[ 2384.901877][T13141]  ? __init_rwsem+0xd6/0x1c0
[ 2384.906300][T13141]  ? copy_signal+0x4e3/0x610
[ 2384.910728][T13141]  copy_process+0x1149/0x3290
[ 2384.915245][T13141]  ? _raw_spin_lock+0x1b0/0x1b0
[ 2384.919928][T13141]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2384.924876][T13141]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[ 2384.930523][T13141]  kernel_clone+0x21e/0x9e0
[ 2384.934858][T13141]  ? bpf_ringbuf_notify+0x30/0x30
[ 2384.939716][T13141]  ? bpf_ringbuf_notify+0x30/0x30
[ 2384.944575][T13141]  ? create_io_thread+0x1e0/0x1e0
[ 2384.949447][T13141]  __x64_sys_clone+0x23f/0x290
[ 2384.954044][T13141]  ? __do_sys_vfork+0x130/0x130
[ 2384.958725][T13141]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2384.963846][T13141]  ? __traceiter_sys_enter+0x2a/0x40
[ 2384.968964][T13141]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2384.974869][T13141]  do_syscall_64+0x3d/0xb0
[ 2384.979119][T13141]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2384.984934][T13141] RIP: 0033:0x7f9d5f58fdd3
[ 2384.989192][T13141] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[ 2385.008629][T13141] RSP: 002b:00007ffe3023d128 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2385.016875][T13141] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9d5f58fdd3
[ 2385.024686][T13141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2385.032498][T13141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2385.040308][T13141] R10: 00005555565d8750 R11: 0000000000000246 R12: 0000000000000001
[ 2385.048122][T13141] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 2385.055948][T13141]  </TASK>
[ 2385.058803][T13141] 
[ 2385.060968][T13141] The buggy address belongs to the page:
[ 2385.066439][T13141] page:ffffea0007000000 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1c0000
[ 2385.076768][T13141] flags: 0x4000000000000000(zone=1)
[ 2385.081811][T13141] raw: 4000000000000000 ffffea0007010008 ffffea0006ff0008 0000000000000000
[ 2385.090226][T13141] raw: 0000000000000000 000000000000000a 00000000ffffff7f 0000000000000000
[ 2385.098635][T13141] page dumped because: kasan: bad access detected
[ 2385.104893][T13141] page_owner info is not present (never set?)
[ 2385.110787][T13141] 
[ 2385.112955][T13141] Memory state around the buggy address:
[ 2385.118440][T13141]  ffff8881bfffff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2385.126324][T13141]  ffff8881bfffff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2385.134223][T13141] >ffff8881c0000000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2385.142117][T13141]                       ^
[ 2385.146284][T13141]  ffff8881c0000080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2385.154183][T13141]  ffff8881c0000100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2385.162081][T13141] ==================================================================
[ 2385.169978][T13141] Disabling lock debugging due to kernel taint
03:36:38 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r5 = memfd_create(&(0x7f0000002280)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x01k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3F\x958\xf7\xa1c\x81k\'^&\xd9\x82]\x18]\xb2\xbe\xdc\xcd\xe4j\xad;\xd1q$\xb2\xe4\xec\xa9\x15\xbfy\xb7\xe1\xedq\xed\x13F\x85T\xe39\xa4R^#\xc0K\xcd\xe5\xf2\x9a@^\n(\xd5\n5\xcb\xe7~V\xc9\x8b@r\x1c1\xc7.,E\x82L\xf6\xd5\xfe\x9a\x84\xc3\xea\xa4*\xa2\xa3\x12\xce\xb9{X\va\\\xa2\xc6\x88\x9c\xc7%\x0e\x16(\v\xc3\xeam:\xc3@\xa6S|\xe9\xf1$\x11+Y\x1f\xecQ\x86\a\xf3', 0x0)
dup(r5) (async)
r6 = dup(r5)
write$cgroup_pid(r6, &(0x7f0000000000), 0x12)
pread64(r6, &(0x7f0000000200)=""/4096, 0x1000, 0x0)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab) (async)
getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', r8}, 0x48)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r10, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r12, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)=ANY=[@ANYBLOB="3c0000001800010006000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r12, @ANYBLOB="140100202000"], 0x3c}}, 0x0) (async)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)=ANY=[@ANYBLOB="3c0000001800010006000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r12, @ANYBLOB="140100202000"], 0x3c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000040)={'gretap0\x00', 0x0, 0x10, 0x700, 0x4, 0x2, {{0x6, 0x4, 0x1, 0x16, 0xfd03, 0x64, 0x0, 0x6, 0x4, 0x0, @remote, @multicast2, {[@noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000300)={'syztnl2\x00', <r13=>0x0, 0x20, 0x8000, 0x9, 0x1, {{0x14, 0x4, 0x1, 0x1, 0x50, 0x67, 0x0, 0x6, 0x29, 0x0, @broadcast, @multicast2, {[@lsrr={0x83, 0x13, 0x9, [@empty, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @rr={0x7, 0x27, 0x96, [@dev={0xac, 0x14, 0x14, 0x19}, @rand_addr=0x64010101, @remote, @local, @multicast2, @remote, @dev={0xac, 0x14, 0x14, 0x3e}, @dev={0xac, 0x14, 0x14, 0x29}, @empty]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@mpls_getnetconf={0x64, 0x52, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NETCONFA_IFINDEX={0x8, 0x1, r4}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x40000007}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x5000000}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffff00}, @NETCONFA_IFINDEX={0x8, 0x1, r8}, @NETCONFA_IFINDEX={0x8, 0x1, r12}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x800}, @NETCONFA_IFINDEX={0x8, 0x1, r13}]}, 0x64}, 0x1, 0x0, 0x0, 0x11}, 0xc1) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@mpls_getnetconf={0x64, 0x52, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NETCONFA_IFINDEX={0x8, 0x1, r4}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x40000007}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x5000000}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffff00}, @NETCONFA_IFINDEX={0x8, 0x1, r8}, @NETCONFA_IFINDEX={0x8, 0x1, r12}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x800}, @NETCONFA_IFINDEX={0x8, 0x1, r13}]}, 0x64}, 0x1, 0x0, 0x0, 0x11}, 0xc1)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r2, 0x0, 0x0) (async)
accept(r2, 0x0, 0x0)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d26, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.193806][T27146] FAULT_INJECTION: forcing a failure.
[ 2385.193806][T27146] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2385.208890][T27146] CPU: 0 PID: 27146 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2385.220438][T27146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2385.230332][T27146] Call Trace:
[ 2385.233453][T27146]  <TASK>
[ 2385.236231][T27146]  dump_stack_lvl+0x151/0x1b7
[ 2385.240742][T27146]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2385.246212][T27146]  dump_stack+0x15/0x17
[ 2385.250203][T27146]  should_fail+0x3c6/0x510
[ 2385.254458][T27146]  should_fail_alloc_page+0x5a/0x80
[ 2385.259502][T27146]  prepare_alloc_pages+0x15c/0x700
[ 2385.264450][T27146]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2385.269473][T27146]  __alloc_pages+0x18c/0x8f0
[ 2385.273896][T27146]  ? prep_new_page+0x110/0x110
[ 2385.278498][T27146]  ? stack_trace_save+0x1c0/0x1c0
[ 2385.283356][T27146]  ? __kernel_text_address+0x9b/0x110
[ 2385.288566][T27146]  pte_alloc_one+0x73/0x1b0
[ 2385.292907][T27146]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2385.297942][T27146]  __pte_alloc+0x86/0x350
[ 2385.302105][T27146]  ? free_pgtables+0x280/0x280
[ 2385.306716][T27146]  ? __stack_depot_save+0x34/0x470
[ 2385.311658][T27146]  ? anon_vma_clone+0x9a/0x500
[ 2385.316254][T27146]  copy_page_range+0x28a8/0x2f90
[ 2385.321027][T27146]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2385.325885][T27146]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2385.331010][T27146]  ? kernel_clone+0x21e/0x9e0
[ 2385.335541][T27146]  ? do_syscall_64+0x3d/0xb0
[ 2385.339948][T27146]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2385.345859][T27146]  ? pfn_valid+0x1e0/0x1e0
[ 2385.350102][T27146]  ? rwsem_write_trylock+0x15b/0x290
[ 2385.355223][T27146]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2385.361472][T27146]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2385.367027][T27146]  ? __rb_insert_augmented+0x5de/0x610
[ 2385.372324][T27146]  copy_mm+0xc7e/0x13e0
[ 2385.376319][T27146]  ? copy_signal+0x610/0x610
[ 2385.380743][T27146]  ? __init_rwsem+0xd6/0x1c0
[ 2385.385165][T27146]  ? copy_signal+0x4e3/0x610
[ 2385.389594][T27146]  copy_process+0x1149/0x3290
[ 2385.394111][T27146]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2385.399056][T27146]  ? copy_clone_args_from_user+0x744/0x830
[ 2385.404696][T27146]  kernel_clone+0x21e/0x9e0
[ 2385.409033][T27146]  ? __delayed_free_task+0x20/0x20
[ 2385.413982][T27146]  ? create_io_thread+0x1e0/0x1e0
[ 2385.418845][T27146]  __x64_sys_clone3+0x376/0x3a0
[ 2385.423530][T27146]  ? __ia32_sys_clone+0x290/0x290
[ 2385.428395][T27146]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2385.433513][T27146]  ? __traceiter_sys_enter+0x2a/0x40
[ 2385.438631][T27146]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2385.444533][T27146]  do_syscall_64+0x3d/0xb0
[ 2385.448787][T27146]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2385.454527][T27146] RIP: 0033:0x7f9d5f592da9
[ 2385.458770][T27146] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2385.478209][T27146] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2385.486453][T27146] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2385.494265][T27146] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2385.502074][T27146] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2385.509890][T27146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2385.517699][T27146] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2385.525517][T27146]  </TASK>
03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b788061", 0x24, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d27, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 68)

03:36:38 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b788061", 0x24, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d28, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.543134][T27228] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2385.557900][T27231] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2385.595231][T27268] FAULT_INJECTION: forcing a failure.
[ 2385.595231][T27268] name failslab, interval 1, probability 0, space 0, times 0
[ 2385.609978][T27268] CPU: 1 PID: 27268 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2385.621544][T27268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2385.631440][T27268] Call Trace:
[ 2385.634561][T27268]  <TASK>
[ 2385.637337][T27268]  dump_stack_lvl+0x151/0x1b7
03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d29, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.641852][T27268]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2385.647321][T27268]  dump_stack+0x15/0x17
[ 2385.651315][T27268]  should_fail+0x3c6/0x510
[ 2385.655569][T27268]  __should_failslab+0xa4/0xe0
[ 2385.660174][T27268]  ? anon_vma_clone+0x9a/0x500
[ 2385.664939][T27268]  should_failslab+0x9/0x20
[ 2385.669283][T27268]  slab_pre_alloc_hook+0x37/0xd0
[ 2385.674052][T27268]  ? anon_vma_clone+0x9a/0x500
[ 2385.678651][T27268]  kmem_cache_alloc+0x44/0x200
[ 2385.683256][T27268]  anon_vma_clone+0x9a/0x500
[ 2385.687682][T27268]  anon_vma_fork+0x91/0x4e0
03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.692022][T27268]  ? anon_vma_name+0x43/0x70
[ 2385.696445][T27268]  ? vm_area_dup+0x17a/0x230
[ 2385.700871][T27268]  copy_mm+0xa3a/0x13e0
[ 2385.704871][T27268]  ? copy_signal+0x610/0x610
[ 2385.709305][T27268]  ? __init_rwsem+0xd6/0x1c0
[ 2385.713709][T27268]  ? copy_signal+0x4e3/0x610
[ 2385.718143][T27268]  copy_process+0x1149/0x3290
[ 2385.722654][T27268]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2385.727597][T27268]  ? copy_clone_args_from_user+0x744/0x830
[ 2385.733239][T27268]  kernel_clone+0x21e/0x9e0
[ 2385.737578][T27268]  ? __delayed_free_task+0x20/0x20
[ 2385.742526][T27268]  ? create_io_thread+0x1e0/0x1e0
[ 2385.747390][T27268]  __x64_sys_clone3+0x376/0x3a0
[ 2385.752072][T27268]  ? __ia32_sys_clone+0x290/0x290
[ 2385.756940][T27268]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2385.762061][T27268]  ? __traceiter_sys_enter+0x2a/0x40
[ 2385.767175][T27268]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2385.773702][T27268]  do_syscall_64+0x3d/0xb0
[ 2385.777940][T27268]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2385.783676][T27268] RIP: 0033:0x7f9d5f592da9
[ 2385.787923][T27268] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2385.807364][T27268] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2385.815605][T27268] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2385.823423][T27268] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2385.831227][T27268] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b788061", 0x24, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:38 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:38 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 69)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d2f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.839041][T27268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2385.846849][T27268] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2385.854676][T27268]  </TASK>
03:36:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d30, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d31, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.903366][T27393] FAULT_INJECTION: forcing a failure.
[ 2385.903366][T27393] name failslab, interval 1, probability 0, space 0, times 0
[ 2385.917476][T27393] CPU: 1 PID: 27393 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2385.929028][T27393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2385.938918][T27393] Call Trace:
[ 2385.942040][T27393]  <TASK>
[ 2385.944819][T27393]  dump_stack_lvl+0x151/0x1b7
03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d32, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d33, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d34, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2385.949336][T27393]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2385.954803][T27393]  dump_stack+0x15/0x17
[ 2385.958794][T27393]  should_fail+0x3c6/0x510
[ 2385.963044][T27393]  __should_failslab+0xa4/0xe0
[ 2385.967645][T27393]  ? anon_vma_clone+0x9a/0x500
[ 2385.972247][T27393]  should_failslab+0x9/0x20
[ 2385.976585][T27393]  slab_pre_alloc_hook+0x37/0xd0
[ 2385.981359][T27393]  ? anon_vma_clone+0x9a/0x500
[ 2385.985957][T27393]  kmem_cache_alloc+0x44/0x200
[ 2385.990566][T27393]  anon_vma_clone+0x9a/0x500
[ 2385.995082][T27393]  anon_vma_fork+0x91/0x4e0
[ 2385.999412][T27393]  ? anon_vma_name+0x43/0x70
03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d35, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d36, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:38 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d37, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.003838][T27393]  ? vm_area_dup+0x17a/0x230
[ 2386.008264][T27393]  copy_mm+0xa3a/0x13e0
[ 2386.012262][T27393]  ? copy_signal+0x610/0x610
[ 2386.016685][T27393]  ? __init_rwsem+0xd6/0x1c0
[ 2386.021109][T27393]  ? copy_signal+0x4e3/0x610
[ 2386.025535][T27393]  copy_process+0x1149/0x3290
[ 2386.030048][T27393]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2386.035093][T27393]  ? copy_clone_args_from_user+0x744/0x830
[ 2386.040735][T27393]  kernel_clone+0x21e/0x9e0
[ 2386.045161][T27393]  ? __delayed_free_task+0x20/0x20
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d38, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d39, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.050195][T27393]  ? create_io_thread+0x1e0/0x1e0
[ 2386.055089][T27393]  __x64_sys_clone3+0x376/0x3a0
[ 2386.059741][T27393]  ? __ia32_sys_clone+0x290/0x290
[ 2386.064697][T27393]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2386.069808][T27393]  ? __traceiter_sys_enter+0x2a/0x40
[ 2386.074943][T27393]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2386.080938][T27393]  do_syscall_64+0x3d/0xb0
[ 2386.085185][T27393]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2386.090912][T27393] RIP: 0033:0x7f9d5f592da9
[ 2386.095168][T27393] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2386.114613][T27393] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2386.122852][T27393] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2386.130662][T27393] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2386.138472][T27393] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2386.146281][T27393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.154094][T27393] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2386.161914][T27393]  </TASK>
03:36:39 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x38, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @alu={0x4, 0x1, 0xa, 0x6, 0x9, 0x4, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @alu={0x7, 0x0, 0x6, 0x7, 0xb, 0xfffffffffffffff0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x9}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x1, 0xd, 0x2, 0x6, 0xc, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x28000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x402, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x800004, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 70)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c", 0x3f, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x38, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @alu={0x4, 0x1, 0xa, 0x6, 0x9, 0x4, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @alu={0x7, 0x0, 0x6, 0x7, 0xb, 0xfffffffffffffff0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x9}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x1, 0xd, 0x2, 0x6, 0xc, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c", 0x3f, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.394055][T27518] FAULT_INJECTION: forcing a failure.
[ 2386.394055][T27518] name failslab, interval 1, probability 0, space 0, times 0
[ 2386.415077][T27518] CPU: 1 PID: 27518 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2386.426898][T27518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2386.436793][T27518] Call Trace:
[ 2386.439915][T27518]  <TASK>
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d3f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d40, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.442698][T27518]  dump_stack_lvl+0x151/0x1b7
[ 2386.447212][T27518]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2386.452684][T27518]  dump_stack+0x15/0x17
[ 2386.456665][T27518]  should_fail+0x3c6/0x510
[ 2386.460927][T27518]  __should_failslab+0xa4/0xe0
[ 2386.465517][T27518]  ? anon_vma_clone+0x9a/0x500
[ 2386.470122][T27518]  should_failslab+0x9/0x20
[ 2386.474460][T27518]  slab_pre_alloc_hook+0x37/0xd0
[ 2386.479237][T27518]  ? anon_vma_clone+0x9a/0x500
[ 2386.483834][T27518]  kmem_cache_alloc+0x44/0x200
[ 2386.488442][T27518]  anon_vma_clone+0x9a/0x500
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d41, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d42, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d43, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d44, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.492864][T27518]  anon_vma_fork+0x91/0x4e0
[ 2386.497198][T27518]  ? anon_vma_name+0x43/0x70
[ 2386.501625][T27518]  ? vm_area_dup+0x17a/0x230
[ 2386.506053][T27518]  copy_mm+0xa3a/0x13e0
[ 2386.510053][T27518]  ? copy_signal+0x610/0x610
[ 2386.514470][T27518]  ? __init_rwsem+0xd6/0x1c0
[ 2386.518985][T27518]  ? copy_signal+0x4e3/0x610
[ 2386.523504][T27518]  copy_process+0x1149/0x3290
[ 2386.528017][T27518]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2386.532961][T27518]  ? copy_clone_args_from_user+0x744/0x830
[ 2386.538604][T27518]  kernel_clone+0x21e/0x9e0
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d45, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d46, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d47, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.542936][T27518]  ? __delayed_free_task+0x20/0x20
[ 2386.547888][T27518]  ? create_io_thread+0x1e0/0x1e0
[ 2386.552752][T27518]  __x64_sys_clone3+0x376/0x3a0
[ 2386.557436][T27518]  ? __ia32_sys_clone+0x290/0x290
[ 2386.562304][T27518]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2386.567422][T27518]  ? __traceiter_sys_enter+0x2a/0x40
[ 2386.572538][T27518]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2386.578445][T27518]  do_syscall_64+0x3d/0xb0
[ 2386.582701][T27518]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2386.588423][T27518] RIP: 0033:0x7f9d5f592da9
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d48, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d49, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.592677][T27518] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2386.612121][T27518] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2386.620360][T27518] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2386.628172][T27518] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2386.635982][T27518] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5}, 0x48) (async)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x38, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @alu={0x4, 0x1, 0xa, 0x6, 0x9, 0x4, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @alu={0x7, 0x0, 0x6, 0x7, 0xb, 0xfffffffffffffff0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x9}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x1, 0xd, 0x2, 0x6, 0xc, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0) (async)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0) (async)
accept(r4, 0x0, 0x0)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c", 0x3f, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf943", 0x44, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 71)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf943", 0x44, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2386.643798][T27518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2386.651606][T27518] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2386.659429][T27518]  </TASK>
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf943", 0x44, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.703699][T27568] FAULT_INJECTION: forcing a failure.
[ 2386.703699][T27568] name failslab, interval 1, probability 0, space 0, times 0
[ 2386.716934][T27568] CPU: 1 PID: 27568 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2386.728574][T27568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2386.738470][T27568] Call Trace:
[ 2386.741592][T27568]  <TASK>
[ 2386.744368][T27568]  dump_stack_lvl+0x151/0x1b7
03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d4f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2386.748881][T27568]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2386.754352][T27568]  dump_stack+0x15/0x17
[ 2386.758343][T27568]  should_fail+0x3c6/0x510
[ 2386.762597][T27568]  __should_failslab+0xa4/0xe0
[ 2386.767198][T27568]  ? vm_area_dup+0x26/0x230
[ 2386.771532][T27568]  should_failslab+0x9/0x20
[ 2386.775874][T27568]  slab_pre_alloc_hook+0x37/0xd0
[ 2386.780648][T27568]  ? vm_area_dup+0x26/0x230
[ 2386.784988][T27568]  kmem_cache_alloc+0x44/0x200
[ 2386.789619][T27568]  vm_area_dup+0x26/0x230
[ 2386.793857][T27568]  copy_mm+0x9a1/0x13e0
[ 2386.797846][T27568]  ? copy_signal+0x610/0x610
[ 2386.802276][T27568]  ? __init_rwsem+0xd6/0x1c0
[ 2386.806708][T27568]  ? copy_signal+0x4e3/0x610
[ 2386.811133][T27568]  copy_process+0x1149/0x3290
[ 2386.815654][T27568]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2386.820586][T27568]  ? copy_clone_args_from_user+0x744/0x830
[ 2386.826315][T27568]  kernel_clone+0x21e/0x9e0
[ 2386.830652][T27568]  ? __delayed_free_task+0x20/0x20
[ 2386.835598][T27568]  ? create_io_thread+0x1e0/0x1e0
[ 2386.840469][T27568]  __x64_sys_clone3+0x376/0x3a0
[ 2386.845148][T27568]  ? __ia32_sys_clone+0x290/0x290
[ 2386.850009][T27568]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2386.855129][T27568]  ? __traceiter_sys_enter+0x2a/0x40
[ 2386.860246][T27568]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2386.866150][T27568]  do_syscall_64+0x3d/0xb0
[ 2386.870403][T27568]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2386.876218][T27568] RIP: 0033:0x7f9d5f592da9
[ 2386.880471][T27568] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:39 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 32)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async, rerun: 32)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (rerun: 32)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x28000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x402, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x800004, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async, rerun: 64)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (rerun: 64)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d50, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3f", 0x46, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 72)

[ 2386.899913][T27568] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2386.908157][T27568] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2386.915966][T27568] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2386.923780][T27568] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2386.931590][T27568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2386.939401][T27568] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2386.947222][T27568]  </TASK>
03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3f", 0x46, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:39 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d51, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3f", 0x46, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2386.993070][T27685] FAULT_INJECTION: forcing a failure.
[ 2386.993070][T27685] name failslab, interval 1, probability 0, space 0, times 0
[ 2387.011166][T27685] CPU: 0 PID: 27685 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2387.022720][T27685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2387.032624][T27685] Call Trace:
[ 2387.035742][T27685]  <TASK>
[ 2387.038521][T27685]  dump_stack_lvl+0x151/0x1b7
[ 2387.043032][T27685]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2387.048496][T27685]  dump_stack+0x15/0x17
[ 2387.052487][T27685]  should_fail+0x3c6/0x510
[ 2387.056740][T27685]  __should_failslab+0xa4/0xe0
[ 2387.061338][T27685]  ? vm_area_dup+0x26/0x230
[ 2387.065679][T27685]  should_failslab+0x9/0x20
[ 2387.070018][T27685]  slab_pre_alloc_hook+0x37/0xd0
[ 2387.074790][T27685]  ? vm_area_dup+0x26/0x230
[ 2387.079131][T27685]  kmem_cache_alloc+0x44/0x200
[ 2387.083731][T27685]  vm_area_dup+0x26/0x230
[ 2387.087896][T27685]  copy_mm+0x9a1/0x13e0
[ 2387.091891][T27685]  ? copy_signal+0x610/0x610
[ 2387.096313][T27685]  ? __init_rwsem+0xd6/0x1c0
[ 2387.100746][T27685]  ? copy_signal+0x4e3/0x610
[ 2387.105169][T27685]  copy_process+0x1149/0x3290
[ 2387.109684][T27685]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2387.114630][T27685]  ? copy_clone_args_from_user+0x744/0x830
[ 2387.120271][T27685]  kernel_clone+0x21e/0x9e0
[ 2387.124609][T27685]  ? __delayed_free_task+0x20/0x20
[ 2387.129559][T27685]  ? create_io_thread+0x1e0/0x1e0
[ 2387.134439][T27685]  __x64_sys_clone3+0x376/0x3a0
[ 2387.139105][T27685]  ? __ia32_sys_clone+0x290/0x290
[ 2387.143971][T27685]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2387.149086][T27685]  ? __traceiter_sys_enter+0x2a/0x40
[ 2387.154208][T27685]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2387.160110][T27685]  do_syscall_64+0x3d/0xb0
[ 2387.164361][T27685]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2387.170088][T27685] RIP: 0033:0x7f9d5f592da9
[ 2387.174343][T27685] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d52, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x28000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x402, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x800004, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe", 0x47, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:40 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 73)

[ 2387.193785][T27685] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2387.202029][T27685] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2387.209841][T27685] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2387.217653][T27685] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2387.225464][T27685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2387.233275][T27685] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2387.241092][T27685]  </TASK>
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d53, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe", 0x47, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d54, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x123)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000d00)=""/114, 0x72}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="ee6efd2ce485f2dc12691b68529070c5549bf0b69d3267ed54228092d91a197d626d5e1ec27af6320db56480416b0d9b845282ea03d72156e52393c063f91bfa60c63c90267d65c4f30ed58b8fcfcaf143e0deed6d4e2ef146f3835108c879aff979a6479c1d3334564dafd0da16f5a71de773814690a1439c02c56dd24aa6f5c09c69a8"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@generic={0x1b, 0xb, 0x8, 0x9, 0x5}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x2, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0x200000c5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000880)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x7, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e000000000000f200006a670100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d55, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.282343][T27858] FAULT_INJECTION: forcing a failure.
[ 2387.282343][T27858] name failslab, interval 1, probability 0, space 0, times 0
[ 2387.295284][T27858] CPU: 1 PID: 27858 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2387.306916][T27858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2387.316812][T27858] Call Trace:
[ 2387.319937][T27858]  <TASK>
[ 2387.322715][T27858]  dump_stack_lvl+0x151/0x1b7
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d56, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d57, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d58, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.327227][T27858]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2387.332701][T27858]  dump_stack+0x15/0x17
[ 2387.336689][T27858]  should_fail+0x3c6/0x510
[ 2387.340944][T27858]  __should_failslab+0xa4/0xe0
[ 2387.345539][T27858]  ? anon_vma_fork+0x1df/0x4e0
[ 2387.350140][T27858]  should_failslab+0x9/0x20
[ 2387.354480][T27858]  slab_pre_alloc_hook+0x37/0xd0
[ 2387.359259][T27858]  ? anon_vma_fork+0x1df/0x4e0
[ 2387.363853][T27858]  kmem_cache_alloc+0x44/0x200
[ 2387.368458][T27858]  anon_vma_fork+0x1df/0x4e0
[ 2387.372887][T27858]  copy_mm+0xa3a/0x13e0
[ 2387.376880][T27858]  ? copy_signal+0x610/0x610
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d59, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.381298][T27858]  ? __init_rwsem+0xd6/0x1c0
[ 2387.385725][T27858]  ? copy_signal+0x4e3/0x610
[ 2387.390154][T27858]  copy_process+0x1149/0x3290
[ 2387.394672][T27858]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2387.399614][T27858]  ? copy_clone_args_from_user+0x744/0x830
[ 2387.405254][T27858]  kernel_clone+0x21e/0x9e0
[ 2387.409593][T27858]  ? __delayed_free_task+0x20/0x20
[ 2387.414547][T27858]  ? create_io_thread+0x1e0/0x1e0
[ 2387.419404][T27858]  __x64_sys_clone3+0x376/0x3a0
[ 2387.424088][T27858]  ? __ia32_sys_clone+0x290/0x290
[ 2387.428955][T27858]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2387.434069][T27858]  ? __traceiter_sys_enter+0x2a/0x40
[ 2387.439189][T27858]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2387.445091][T27858]  do_syscall_64+0x3d/0xb0
[ 2387.449342][T27858]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2387.455073][T27858] RIP: 0033:0x7f9d5f592da9
[ 2387.459323][T27858] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:40 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x3, [@const={0x4, 0x0, 0x0, 0xa, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1}}, @union={0x6, 0x2, 0x0, 0x5, 0x1, 0x9, [{0xe, 0x0, 0x5}, {0xd, 0x3, 0x2}]}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/235, 0x63, 0xeb}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0x5, &(0x7f0000000240)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x7, 0x4800)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r1, 0x20, &(0x7f0000000900)={&(0x7f0000000800)=""/255, 0xff, <r6=>0x0, &(0x7f0000000780)=""/15, 0xf}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0x13, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ldst={0x1, 0x2, 0x0, 0x9, 0x7, 0x0, 0x1}, @map_fd={0x18, 0x6, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000006c0)='GPL\x00', 0x61c4, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x35, r1, 0x8, &(0x7f0000000700)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000740)={0x4, 0x10, 0xfffffc00, 0x562}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f0000000980)=[r0, r0, r0], &(0x7f00000009c0)=[{0x4, 0x2, 0xb, 0xc}, {0x2, 0x5, 0x0, 0xb}, {0x4, 0x5, 0xf, 0x3}], 0x10, 0x1f}, 0x90)
sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipmr_getroute={0x1c, 0x1a, 0x4, 0x70bd2b, 0x25dfdbff, {0x80, 0x20, 0x20, 0xca, 0x0, 0x0, 0xfe, 0x5, 0x2000}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000040)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000ac0)={0x20002006})
bind$unix(r7, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r7, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r7, 0x0, 0x0)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe", 0x47, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, 0x0, 0x0)

03:36:40 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 74)

[ 2387.478762][T27858] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2387.487005][T27858] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2387.494822][T27858] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2387.502629][T27858] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2387.510442][T27858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2387.518253][T27858] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2387.526082][T27858]  </TASK>
03:36:40 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async, rerun: 64)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (rerun: 64)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async, rerun: 32)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x123) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000d00)=""/114, 0x72}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="ee6efd2ce485f2dc12691b68529070c5549bf0b69d3267ed54228092d91a197d626d5e1ec27af6320db56480416b0d9b845282ea03d72156e52393c063f91bfa60c63c90267d65c4f30ed58b8fcfcaf143e0deed6d4e2ef146f3835108c879aff979a6479c1d3334564dafd0da16f5a71de773814690a1439c02c56dd24aa6f5c09c69a8"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@generic={0x1b, 0xb, 0x8, 0x9, 0x5}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x2, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0x200000c5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000880)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x7, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e000000000000f200006a670100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x3, [@const={0x4, 0x0, 0x0, 0xa, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1}}, @union={0x6, 0x2, 0x0, 0x5, 0x1, 0x9, [{0xe, 0x0, 0x5}, {0xd, 0x3, 0x2}]}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/235, 0x63, 0xeb}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0x5, &(0x7f0000000240)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r5 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x7, 0x4800) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r1, 0x20, &(0x7f0000000900)={&(0x7f0000000800)=""/255, 0xff, <r6=>0x0, &(0x7f0000000780)=""/15, 0xf}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0x13, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ldst={0x1, 0x2, 0x0, 0x9, 0x7, 0x0, 0x1}, @map_fd={0x18, 0x6, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000006c0)='GPL\x00', 0x61c4, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x35, r1, 0x8, &(0x7f0000000700)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000740)={0x4, 0x10, 0xfffffc00, 0x562}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f0000000980)=[r0, r0, r0], &(0x7f00000009c0)=[{0x4, 0x2, 0xb, 0xc}, {0x2, 0x5, 0x0, 0xb}, {0x4, 0x5, 0xf, 0x3}], 0x10, 0x1f}, 0x90)
sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipmr_getroute={0x1c, 0x1a, 0x4, 0x70bd2b, 0x25dfdbff, {0x80, 0x20, 0x20, 0xca, 0x0, 0x0, 0xfe, 0x5, 0x2000}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000040)
r7 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
r8 = epoll_create(0x7) (rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000ac0)={0x20002006}) (async)
bind$unix(r7, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r7, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async, rerun: 32)
accept(r7, 0x0, 0x0) (rerun: 32)

03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, 0x0, 0x0)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.585093][T28037] FAULT_INJECTION: forcing a failure.
[ 2387.585093][T28037] name failslab, interval 1, probability 0, space 0, times 0
[ 2387.600010][T28037] CPU: 0 PID: 28037 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2387.611559][T28037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2387.621455][T28037] Call Trace:
[ 2387.624577][T28037]  <TASK>
[ 2387.627359][T28037]  dump_stack_lvl+0x151/0x1b7
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d5f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d60, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d61, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.631868][T28037]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2387.637342][T28037]  dump_stack+0x15/0x17
[ 2387.641325][T28037]  should_fail+0x3c6/0x510
[ 2387.645676][T28037]  __should_failslab+0xa4/0xe0
[ 2387.650276][T28037]  ? anon_vma_fork+0xf7/0x4e0
[ 2387.654789][T28037]  should_failslab+0x9/0x20
[ 2387.659128][T28037]  slab_pre_alloc_hook+0x37/0xd0
[ 2387.663901][T28037]  ? anon_vma_fork+0xf7/0x4e0
[ 2387.668413][T28037]  kmem_cache_alloc+0x44/0x200
[ 2387.673016][T28037]  anon_vma_fork+0xf7/0x4e0
[ 2387.677357][T28037]  ? anon_vma_name+0x43/0x70
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d62, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d63, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d64, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.681779][T28037]  ? vm_area_dup+0x17a/0x230
[ 2387.686205][T28037]  copy_mm+0xa3a/0x13e0
[ 2387.690203][T28037]  ? copy_signal+0x610/0x610
[ 2387.694624][T28037]  ? __init_rwsem+0xd6/0x1c0
[ 2387.699054][T28037]  ? copy_signal+0x4e3/0x610
[ 2387.703479][T28037]  copy_process+0x1149/0x3290
[ 2387.708001][T28037]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2387.712938][T28037]  ? copy_clone_args_from_user+0x744/0x830
[ 2387.718583][T28037]  kernel_clone+0x21e/0x9e0
[ 2387.722919][T28037]  ? __delayed_free_task+0x20/0x20
[ 2387.727867][T28037]  ? create_io_thread+0x1e0/0x1e0
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d65, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d66, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d67, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.732732][T28037]  __x64_sys_clone3+0x376/0x3a0
[ 2387.737415][T28037]  ? __ia32_sys_clone+0x290/0x290
[ 2387.742302][T28037]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2387.747394][T28037]  ? __traceiter_sys_enter+0x2a/0x40
[ 2387.752620][T28037]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2387.758505][T28037]  do_syscall_64+0x3d/0xb0
[ 2387.762759][T28037]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2387.768485][T28037] RIP: 0033:0x7f9d5f592da9
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d68, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d69, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.772740][T28037] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2387.792184][T28037] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2387.800428][T28037] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2387.808239][T28037] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2387.816052][T28037] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2387.823863][T28037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, 0x0, 0x0)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.831674][T28037] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2387.839491][T28037]  </TASK>
[ 2387.847079][T28037] ==================================================================
[ 2387.854960][T28037] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x220
[ 2387.862250][T28037] 
[ 2387.864422][T28037] CPU: 0 PID: 28037 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2387.875964][T28037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d6f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.885862][T28037] Call Trace:
[ 2387.888984][T28037]  <TASK>
[ 2387.891760][T28037]  dump_stack_lvl+0x151/0x1b7
[ 2387.896279][T28037]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2387.901744][T28037]  ? __wake_up_klogd+0xd5/0x110
[ 2387.906431][T28037]  ? panic+0x751/0x751
[ 2387.910336][T28037]  ? kfree+0xc8/0x220
[ 2387.914156][T28037]  print_address_description+0x87/0x3b0
[ 2387.919537][T28037]  ? kfree+0xc8/0x220
[ 2387.923361][T28037]  ? kfree+0xc8/0x220
[ 2387.927174][T28037]  kasan_report_invalid_free+0x6b/0xa0
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d70, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d71, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d72, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.932468][T28037]  ____kasan_slab_free+0x13e/0x160
[ 2387.937418][T28037]  __kasan_slab_free+0x11/0x20
[ 2387.942014][T28037]  slab_free_freelist_hook+0xbd/0x190
[ 2387.947227][T28037]  ? anon_vma_name_free+0x15/0x20
[ 2387.952084][T28037]  kfree+0xc8/0x220
[ 2387.955730][T28037]  anon_vma_name_free+0x15/0x20
[ 2387.960415][T28037]  vm_area_free_no_check+0xa6/0x130
[ 2387.965452][T28037]  copy_mm+0xefb/0x13e0
[ 2387.969447][T28037]  ? copy_signal+0x610/0x610
[ 2387.973869][T28037]  ? __init_rwsem+0xd6/0x1c0
[ 2387.978310][T28037]  ? copy_signal+0x4e3/0x610
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d73, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d74, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d75, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2387.982720][T28037]  copy_process+0x1149/0x3290
[ 2387.987241][T28037]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2387.992181][T28037]  ? copy_clone_args_from_user+0x744/0x830
[ 2387.997828][T28037]  kernel_clone+0x21e/0x9e0
[ 2388.002163][T28037]  ? __delayed_free_task+0x20/0x20
[ 2388.007109][T28037]  ? create_io_thread+0x1e0/0x1e0
[ 2388.011976][T28037]  __x64_sys_clone3+0x376/0x3a0
[ 2388.016657][T28037]  ? __ia32_sys_clone+0x290/0x290
[ 2388.021526][T28037]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2388.026642][T28037]  ? __traceiter_sys_enter+0x2a/0x40
03:36:40 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d76, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.031761][T28037]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2388.037662][T28037]  do_syscall_64+0x3d/0xb0
[ 2388.041919][T28037]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2388.047640][T28037] RIP: 0033:0x7f9d5f592da9
[ 2388.051899][T28037] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2388.071334][T28037] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2388.079578][T28037] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2388.087388][T28037] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2388.095200][T28037] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2388.103010][T28037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2388.110822][T28037] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2388.118639][T28037]  </TASK>
[ 2388.121497][T28037] 
[ 2388.123668][T28037] Allocated by task 13141:
[ 2388.127921][T28037]  __kasan_slab_alloc+0xb1/0xe0
[ 2388.132605][T28037]  slab_post_alloc_hook+0x53/0x2c0
[ 2388.137554][T28037]  kmem_cache_alloc+0xf5/0x200
[ 2388.142155][T28037]  vm_area_dup+0x26/0x230
[ 2388.146319][T28037]  copy_mm+0x9a1/0x13e0
[ 2388.150312][T28037]  copy_process+0x1149/0x3290
[ 2388.154825][T28037]  kernel_clone+0x21e/0x9e0
[ 2388.159166][T28037]  __x64_sys_clone+0x23f/0x290
[ 2388.163765][T28037]  do_syscall_64+0x3d/0xb0
[ 2388.168024][T28037]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2388.173746][T28037] 
[ 2388.175918][T28037] The buggy address belongs to the object at ffff888199341128
[ 2388.175918][T28037]  which belongs to the cache vm_area_struct of size 232
[ 2388.190066][T28037] The buggy address is located 88 bytes inside of
[ 2388.190066][T28037]  232-byte region [ffff888199341128, ffff888199341210)
[ 2388.203083][T28037] The buggy address belongs to the page:
[ 2388.208557][T28037] page:ffffea000664d040 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x199341
[ 2388.218621][T28037] flags: 0x4000000000000200(slab|zone=1)
[ 2388.224095][T28037] raw: 4000000000000200 0000000000000000 dead000000000122 ffff8881001bd800
[ 2388.232514][T28037] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[ 2388.240925][T28037] page dumped because: kasan: bad access detected
[ 2388.247177][T28037] page_owner tracks the page as allocated
[ 2388.252730][T28037] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 20172, ts 2387566773151, free_ts 2387559369200
[ 2388.268960][T28037]  post_alloc_hook+0x1a3/0x1b0
[ 2388.273558][T28037]  prep_new_page+0x1b/0x110
[ 2388.277910][T28037]  get_page_from_freelist+0x3550/0x35d0
[ 2388.283280][T28037]  __alloc_pages+0x27e/0x8f0
[ 2388.287707][T28037]  new_slab+0x9a/0x4e0
[ 2388.291612][T28037]  ___slab_alloc+0x39e/0x830
[ 2388.296167][T28037]  __slab_alloc+0x4a/0x90
[ 2388.300292][T28037]  kmem_cache_alloc+0x134/0x200
[ 2388.304978][T28037]  vm_area_dup+0x26/0x230
[ 2388.309146][T28037]  copy_mm+0x9a1/0x13e0
[ 2388.313137][T28037]  copy_process+0x1149/0x3290
[ 2388.317651][T28037]  kernel_clone+0x21e/0x9e0
[ 2388.321989][T28037]  __x64_sys_clone+0x23f/0x290
[ 2388.326590][T28037]  do_syscall_64+0x3d/0xb0
[ 2388.330843][T28037]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2388.336572][T28037] page last free stack trace:
[ 2388.341084][T28037]  free_unref_page_prepare+0x7c8/0x7d0
[ 2388.346378][T28037]  free_unref_page+0xe8/0x750
[ 2388.350895][T28037]  __free_pages+0x61/0xf0
[ 2388.355058][T28037]  __free_slab+0xec/0x1d0
[ 2388.359224][T28037]  __unfreeze_partials+0x165/0x1a0
[ 2388.364173][T28037]  put_cpu_partial+0xc4/0x120
[ 2388.368687][T28037]  __slab_free+0x1c8/0x290
[ 2388.372937][T28037]  ___cache_free+0x109/0x120
[ 2388.377365][T28037]  qlink_free+0x4d/0x90
[ 2388.381357][T28037]  qlist_free_all+0x44/0xb0
[ 2388.385696][T28037]  kasan_quarantine_reduce+0x15a/0x180
[ 2388.390993][T28037]  __kasan_slab_alloc+0x2f/0xe0
[ 2388.395677][T28037]  slab_post_alloc_hook+0x53/0x2c0
[ 2388.400625][T28037]  kmem_cache_alloc+0xf5/0x200
[ 2388.405253][T28037]  dup_task_struct+0x53/0xc60
[ 2388.409737][T28037]  copy_process+0x5c4/0x3290
[ 2388.414168][T28037] 
[ 2388.416337][T28037] Memory state around the buggy address:
[ 2388.421807][T28037]  ffff888199341080: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2388.429706][T28037]  ffff888199341100: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00
03:36:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

[ 2388.437600][T28037] >ffff888199341180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2388.445496][T28037]                    ^
[ 2388.449410][T28037]  ffff888199341200: 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00
[ 2388.457305][T28037]  ffff888199341280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2388.465197][T28037] ==================================================================
03:36:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 75)

03:36:41 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x3, [@const={0x4, 0x0, 0x0, 0xa, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1}}, @union={0x6, 0x2, 0x0, 0x5, 0x1, 0x9, [{0xe, 0x0, 0x5}, {0xd, 0x3, 0x2}]}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/235, 0x63, 0xeb}, 0x20) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x3, [@const={0x4, 0x0, 0x0, 0xa, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1}}, @union={0x6, 0x2, 0x0, 0x5, 0x1, 0x9, [{0xe, 0x0, 0x5}, {0xd, 0x3, 0x2}]}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/235, 0x63, 0xeb}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0x5, &(0x7f0000000240)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0x5, &(0x7f0000000240)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x7, 0x4800)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r1, 0x20, &(0x7f0000000900)={&(0x7f0000000800)=""/255, 0xff, <r6=>0x0, &(0x7f0000000780)=""/15, 0xf}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0x13, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ldst={0x1, 0x2, 0x0, 0x9, 0x7, 0x0, 0x1}, @map_fd={0x18, 0x6, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000006c0)='GPL\x00', 0x61c4, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x35, r1, 0x8, &(0x7f0000000700)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000740)={0x4, 0x10, 0xfffffc00, 0x562}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f0000000980)=[r0, r0, r0], &(0x7f00000009c0)=[{0x4, 0x2, 0xb, 0xc}, {0x2, 0x5, 0x0, 0xb}, {0x4, 0x5, 0xf, 0x3}], 0x10, 0x1f}, 0x90)
sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipmr_getroute={0x1c, 0x1a, 0x4, 0x70bd2b, 0x25dfdbff, {0x80, 0x20, 0x20, 0xca, 0x0, 0x0, 0xfe, 0x5, 0x2000}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000040)
socket$unix(0x1, 0x1, 0x0) (async)
r7 = socket$unix(0x1, 0x1, 0x0)
epoll_create(0x7) (async)
r8 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000ac0)={0x20002006})
bind$unix(r7, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r7, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r7, 0x0, 0x0)

03:36:41 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x123) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x123)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, 0x0, &(0x7f0000000d00)=""/114, 0x72}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000d00)=""/114, 0x72}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB="ee6efd2ce485f2dc12691b68529070c5549bf0b69d3267ed54228092d91a197d626d5e1ec27af6320db56480416b0d9b845282ea03d72156e52393c063f91bfa60c63c90267d65c4f30ed58b8fcfcaf143e0deed6d4e2ef146f3835108c879aff979a6479c1d3334564dafd0da16f5a71de773814690a1439c02c56dd24aa6f5c09c69a8"], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@generic={0x1b, 0xb, 0x8, 0x9, 0x5}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x2, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0x200000c5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000880)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x7, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e000000000000f200006a670100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d77, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:41 executing program 2:
r0 = socket(0x8, 0x1, 0x3ff)
r1 = syz_open_dev$mouse(&(0x7f00000003c0), 0x9, 0x121000)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000000400)={'ip_vti0\x00', <r2=>0x0, 0x10, 0x20, 0x4, 0x5bc7, {{0x9, 0x4, 0x0, 0x3, 0x24, 0x64, 0x0, 0x8, 0x4, 0x0, @empty, @multicast1, {[@generic={0x89, 0xf, "29b5448ab95148015aec8a39f2"}]}}}}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x101, 0x20, 0x1881, r1, 0xffff, '\x00', r2, r1, 0x0, 0x23, 0x1, 0xb}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000a152194227da8d2347f1d092fda320397c7ef4075b62036fd09f04001c36f0967ebe5658392295a88d4234fcfbf7f048a7a04bee7ef8d9fd9c5bd532918adab7f82d3314777fc9c4c9feaa6b2439baf2c998c1327eeb24651bf026f83a2fb49b8bb98227972d0df5"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2002, 0x38)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={<r8=>0x0, @multicast2, @empty}, &(0x7f0000000280)=0xc)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r10, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r10, 0x40045431, &(0x7f00000001c0))
r11 = syz_open_pts(r10, 0x0)
dup3(r11, r10, 0x0)
splice(r10, 0x0, r9, 0x0, 0x3, 0x0)
r12 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000680)='bpf_lsm_path_symlink\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0x1d, 0x29, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000500000018110000", @ANYRES32=r3, @ANYRESOCT=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000000717f31961200f0ffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018000000ff01000000000000ff01000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000540)=""/132, 0x1e00, 0x8, '\x00', r8, 0x1b, r9, 0x8, &(0x7f0000000600)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x9, 0x59a2, 0xfffff065}, 0x10, r12, 0x0, 0x9, &(0x7f00000006c0)=[r3, r3, r3], &(0x7f0000000700)=[{0x3, 0x4, 0xc}, {0x1, 0x1, 0x6, 0x1}, {0x1, 0x1, 0x2, 0xa}, {0x4, 0x4, 0x8, 0x5}, {0x5, 0x2, 0x7, 0xb}, {0x2, 0x5, 0xf, 0x9}, {0x1, 0x1, 0x1, 0x6}, {0x0, 0x3, 0x5, 0x2}, {0x5, 0x4, 0x2}]}, 0x90)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r6, 0x0, 0x0)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d78, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 2:
r0 = socket(0x8, 0x1, 0x3ff) (async)
r1 = syz_open_dev$mouse(&(0x7f00000003c0), 0x9, 0x121000)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000000400)={'ip_vti0\x00', <r2=>0x0, 0x10, 0x20, 0x4, 0x5bc7, {{0x9, 0x4, 0x0, 0x3, 0x24, 0x64, 0x0, 0x8, 0x4, 0x0, @empty, @multicast1, {[@generic={0x89, 0xf, "29b5448ab95148015aec8a39f2"}]}}}}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x101, 0x20, 0x1881, r1, 0xffff, '\x00', r2, r1, 0x0, 0x23, 0x1, 0xb}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000a152194227da8d2347f1d092fda320397c7ef4075b62036fd09f04001c36f0967ebe5658392295a88d4234fcfbf7f048a7a04bee7ef8d9fd9c5bd532918adab7f82d3314777fc9c4c9feaa6b2439baf2c998c1327eeb24651bf026f83a2fb49b8bb98227972d0df5"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10) (async)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0) (async)
r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2002, 0x38) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={<r8=>0x0, @multicast2, @empty}, &(0x7f0000000280)=0xc) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff}) (async)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r10, &(0x7f0000000080)=ANY=[], 0xff2e) (async)
ioctl$TCSETS(r10, 0x40045431, &(0x7f00000001c0)) (async)
r11 = syz_open_pts(r10, 0x0)
dup3(r11, r10, 0x0) (async)
splice(r10, 0x0, r9, 0x0, 0x3, 0x0) (async)
r12 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000680)='bpf_lsm_path_symlink\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0x1d, 0x29, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000500000018110000", @ANYRES32=r3, @ANYRESOCT=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000000717f31961200f0ffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018000000ff01000000000000ff01000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000540)=""/132, 0x1e00, 0x8, '\x00', r8, 0x1b, r9, 0x8, &(0x7f0000000600)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x9, 0x59a2, 0xfffff065}, 0x10, r12, 0x0, 0x9, &(0x7f00000006c0)=[r3, r3, r3], &(0x7f0000000700)=[{0x3, 0x4, 0xc}, {0x1, 0x1, 0x6, 0x1}, {0x1, 0x1, 0x2, 0xa}, {0x4, 0x4, 0x8, 0x5}, {0x5, 0x2, 0x7, 0xb}, {0x2, 0x5, 0xf, 0x9}, {0x1, 0x1, 0x1, 0x6}, {0x0, 0x3, 0x5, 0x2}, {0x5, 0x4, 0x2}]}, 0x90) (async)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r6, 0x0) (async)
connect$unix(r5, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r6, 0x0, 0x0)

[ 2388.544672][T28216] FAULT_INJECTION: forcing a failure.
[ 2388.544672][T28216] name failslab, interval 1, probability 0, space 0, times 0
[ 2388.558513][T28216] CPU: 0 PID: 28216 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2388.570054][T28216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2388.579948][T28216] Call Trace:
[ 2388.583070][T28216]  <TASK>
[ 2388.585850][T28216]  dump_stack_lvl+0x151/0x1b7
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d79, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.590383][T28216]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2388.595838][T28216]  dump_stack+0x15/0x17
[ 2388.599825][T28216]  should_fail+0x3c6/0x510
[ 2388.604079][T28216]  __should_failslab+0xa4/0xe0
[ 2388.608679][T28216]  ? anon_vma_clone+0x9a/0x500
[ 2388.613276][T28216]  should_failslab+0x9/0x20
[ 2388.617618][T28216]  slab_pre_alloc_hook+0x37/0xd0
[ 2388.622393][T28216]  ? anon_vma_clone+0x9a/0x500
[ 2388.626996][T28216]  kmem_cache_alloc+0x44/0x200
[ 2388.631592][T28216]  anon_vma_clone+0x9a/0x500
[ 2388.636020][T28216]  anon_vma_fork+0x91/0x4e0
[ 2388.640355][T28216]  ? anon_vma_name+0x43/0x70
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.644787][T28216]  ? vm_area_dup+0x17a/0x230
[ 2388.649211][T28216]  copy_mm+0xa3a/0x13e0
[ 2388.653206][T28216]  ? copy_signal+0x610/0x610
[ 2388.657628][T28216]  ? __init_rwsem+0xd6/0x1c0
[ 2388.662060][T28216]  ? copy_signal+0x4e3/0x610
[ 2388.666481][T28216]  copy_process+0x1149/0x3290
[ 2388.671006][T28216]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2388.675943][T28216]  ? copy_clone_args_from_user+0x744/0x830
[ 2388.681590][T28216]  kernel_clone+0x21e/0x9e0
[ 2388.685925][T28216]  ? __delayed_free_task+0x20/0x20
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d7f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d80, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d81, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.690871][T28216]  ? create_io_thread+0x1e0/0x1e0
[ 2388.695822][T28216]  __x64_sys_clone3+0x376/0x3a0
[ 2388.700505][T28216]  ? __ia32_sys_clone+0x290/0x290
[ 2388.705378][T28216]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2388.710489][T28216]  ? __traceiter_sys_enter+0x2a/0x40
[ 2388.715608][T28216]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2388.721511][T28216]  do_syscall_64+0x3d/0xb0
[ 2388.725761][T28216]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2388.731494][T28216] RIP: 0033:0x7f9d5f592da9
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d82, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d83, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d84, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.735751][T28216] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2388.755185][T28216] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2388.763433][T28216] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2388.771243][T28216] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2388.781050][T28216] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d85, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d86, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:41 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321001e00ff0200000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000640)={0x0, 0x5, {0x3, @struct={0x1, 0xfff}, 0x0, 0x5, 0x6, 0x3, 0x5, 0xffff, 0x420, @usage=0x4, 0x2800000, 0x80, [0x2a, 0x2570c1e, 0x1, 0xffffffff00000000, 0x10001, 0x4]}, {0x4, @struct={0x8001, 0x5}, 0x0, 0x40, 0x8, 0x5, 0x827, 0x1, 0x480, @struct={0x2, 0x800}, 0x0, 0x0, [0x2, 0x1ff, 0x4, 0xa4fc, 0x5bb8, 0x7fffffffffffffff]}, {0xffff, @usage=0xaee, 0x0, 0x2, 0x80000000, 0x3, 0x81, 0x1, 0x42c, @struct={0x5b, 0x1000}, 0x3, 0x7, [0xfffffffffffffff9, 0x4c, 0x4, 0xfffffffffffffeff, 0x401, 0xf430]}, {0x4, 0xff, 0x1}})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c90de4fb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000003c2bdef529513c925a6f1d97de4de54a6ebf4927d647eedbeba7a0008c6bf5d37257d760c7dfe0caeb8816287b453008c8b60b5ae7a02273175b78a6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0), 0x0)
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x4, 0x0, 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f00000025c0), 0x4)
setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4)
sendto$inet6(r6, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r6, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r7=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7})
bpf$PROG_LOAD(0x5, &(0x7f0000003880)={0x28, 0x20, &(0x7f0000003500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x4, 0x0, 0xd, 0x0, 0x4, 0x341de92a81be384, 0x8}, @generic={0x1f, 0x4, 0x8, 0x8, 0x5}, @call={0x85, 0x0, 0x0, 0xa1}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x7}, @alu={0x4, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc, 0x4}, @ringbuf_query, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000003600)='GPL\x00', 0x6, 0xb3, &(0x7f0000003640)=""/179, 0x100, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000003700)={0xa, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x0, &(0x7f0000003800)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000003840), 0x10, 0x6}, 0x90)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r5}, 0x0, 0x0, @unused=[0x0, 0x0, 0x0, 0x60], @devid=r7})
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1})

03:36:41 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 76)

[ 2388.788869][T28216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2388.796680][T28216] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2388.804501][T28216]  </TASK>
03:36:41 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d87, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2388.855922][T28363] netlink: 'syz-executor.1': attribute type 30 has an invalid length.
[ 2388.870891][T28363] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[ 2388.880904][T28365] FAULT_INJECTION: forcing a failure.
[ 2388.880904][T28365] name failslab, interval 1, probability 0, space 0, times 0
[ 2388.881689][T28363] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2388.894332][T28365] CPU: 1 PID: 28365 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2388.911857][T28365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2388.921746][T28365] Call Trace:
[ 2388.924871][T28365]  <TASK>
[ 2388.927652][T28365]  dump_stack_lvl+0x151/0x1b7
[ 2388.932160][T28365]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2388.937638][T28365]  dump_stack+0x15/0x17
[ 2388.941622][T28365]  should_fail+0x3c6/0x510
[ 2388.945873][T28365]  __should_failslab+0xa4/0xe0
[ 2388.950477][T28365]  ? anon_vma_clone+0x9a/0x500
[ 2388.955085][T28365]  should_failslab+0x9/0x20
[ 2388.959425][T28365]  slab_pre_alloc_hook+0x37/0xd0
[ 2388.964186][T28365]  ? anon_vma_clone+0x9a/0x500
[ 2388.968787][T28365]  kmem_cache_alloc+0x44/0x200
[ 2388.973395][T28365]  anon_vma_clone+0x9a/0x500
[ 2388.977818][T28365]  anon_vma_fork+0x91/0x4e0
[ 2388.982157][T28365]  ? anon_vma_name+0x4c/0x70
[ 2388.986582][T28365]  ? vm_area_dup+0x17a/0x230
[ 2388.991009][T28365]  copy_mm+0xa3a/0x13e0
[ 2388.995011][T28365]  ? copy_signal+0x610/0x610
[ 2388.999425][T28365]  ? __init_rwsem+0xd6/0x1c0
[ 2389.003937][T28365]  ? copy_signal+0x4e3/0x610
[ 2389.008367][T28365]  copy_process+0x1149/0x3290
[ 2389.012883][T28365]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2389.017826][T28365]  ? copy_clone_args_from_user+0x744/0x830
[ 2389.023475][T28365]  kernel_clone+0x21e/0x9e0
[ 2389.027809][T28365]  ? __delayed_free_task+0x20/0x20
[ 2389.032762][T28365]  ? create_io_thread+0x1e0/0x1e0
[ 2389.037620][T28365]  __x64_sys_clone3+0x376/0x3a0
[ 2389.042301][T28365]  ? __ia32_sys_clone+0x290/0x290
[ 2389.047253][T28365]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2389.052465][T28365]  ? __traceiter_sys_enter+0x2a/0x40
[ 2389.057672][T28365]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2389.063573][T28365]  do_syscall_64+0x3d/0xb0
[ 2389.067827][T28365]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2389.073556][T28365] RIP: 0033:0x7f9d5f592da9
[ 2389.077810][T28365] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2389.097252][T28365] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d88, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d89, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2389.105492][T28365] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2389.113392][T28365] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2389.121208][T28365] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2389.129015][T28365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2389.136826][T28365] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2389.144646][T28365]  </TASK>
03:36:42 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 77)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2389.205878][T28481] FAULT_INJECTION: forcing a failure.
[ 2389.205878][T28481] name failslab, interval 1, probability 0, space 0, times 0
[ 2389.218905][T28481] CPU: 0 PID: 28481 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2389.230465][T28481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2389.240349][T28481] Call Trace:
[ 2389.243472][T28481]  <TASK>
[ 2389.246250][T28481]  dump_stack_lvl+0x151/0x1b7
[ 2389.250756][T28481]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2389.256315][T28481]  dump_stack+0x15/0x17
[ 2389.260301][T28481]  should_fail+0x3c6/0x510
[ 2389.264555][T28481]  __should_failslab+0xa4/0xe0
[ 2389.269157][T28481]  ? anon_vma_clone+0x9a/0x500
[ 2389.273757][T28481]  should_failslab+0x9/0x20
[ 2389.278097][T28481]  slab_pre_alloc_hook+0x37/0xd0
[ 2389.282871][T28481]  ? anon_vma_clone+0x9a/0x500
[ 2389.287468][T28481]  kmem_cache_alloc+0x44/0x200
[ 2389.292069][T28481]  anon_vma_clone+0x9a/0x500
[ 2389.296500][T28481]  anon_vma_fork+0x91/0x4e0
[ 2389.300833][T28481]  ? anon_vma_name+0x43/0x70
[ 2389.305257][T28481]  ? vm_area_dup+0x17a/0x230
[ 2389.309687][T28481]  copy_mm+0xa3a/0x13e0
[ 2389.313681][T28481]  ? copy_signal+0x610/0x610
[ 2389.318104][T28481]  ? __init_rwsem+0xd6/0x1c0
[ 2389.322531][T28481]  ? copy_signal+0x4e3/0x610
[ 2389.326957][T28481]  copy_process+0x1149/0x3290
[ 2389.331476][T28481]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2389.336427][T28481]  ? copy_clone_args_from_user+0x744/0x830
[ 2389.342060][T28481]  kernel_clone+0x21e/0x9e0
[ 2389.346401][T28481]  ? __delayed_free_task+0x20/0x20
[ 2389.351350][T28481]  ? create_io_thread+0x1e0/0x1e0
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2389.356215][T28481]  __x64_sys_clone3+0x376/0x3a0
[ 2389.360894][T28481]  ? __ia32_sys_clone+0x290/0x290
[ 2389.365758][T28481]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2389.370876][T28481]  ? __traceiter_sys_enter+0x2a/0x40
[ 2389.375996][T28481]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2389.381912][T28481]  do_syscall_64+0x3d/0xb0
[ 2389.386166][T28481]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2389.391881][T28481] RIP: 0033:0x7f9d5f592da9
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 2:
r0 = socket(0x8, 0x1, 0x3ff)
r1 = syz_open_dev$mouse(&(0x7f00000003c0), 0x9, 0x121000)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000000400)={'ip_vti0\x00', <r2=>0x0, 0x10, 0x20, 0x4, 0x5bc7, {{0x9, 0x4, 0x0, 0x3, 0x24, 0x64, 0x0, 0x8, 0x4, 0x0, @empty, @multicast1, {[@generic={0x89, 0xf, "29b5448ab95148015aec8a39f2"}]}}}}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x101, 0x20, 0x1881, r1, 0xffff, '\x00', r2, r1, 0x0, 0x23, 0x1, 0xb}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000a152194227da8d2347f1d092fda320397c7ef4075b62036fd09f04001c36f0967ebe5658392295a88d4234fcfbf7f048a7a04bee7ef8d9fd9c5bd532918adab7f82d3314777fc9c4c9feaa6b2439baf2c998c1327eeb24651bf026f83a2fb49b8bb98227972d0df5"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2002, 0x38) (async)
r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2002, 0x38)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={0x0, @multicast2, @empty}, &(0x7f0000000280)=0xc) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={<r8=>0x0, @multicast2, @empty}, &(0x7f0000000280)=0xc)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) (async)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r10, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r10, 0x40045431, &(0x7f00000001c0)) (async)
ioctl$TCSETS(r10, 0x40045431, &(0x7f00000001c0))
r11 = syz_open_pts(r10, 0x0)
dup3(r11, r10, 0x0)
splice(r10, 0x0, r9, 0x0, 0x3, 0x0) (async)
splice(r10, 0x0, r9, 0x0, 0x3, 0x0)
r12 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000680)='bpf_lsm_path_symlink\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0x1d, 0x29, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000500000018110000", @ANYRES32=r3, @ANYRESOCT=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000000717f31961200f0ffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018000000ff01000000000000ff01000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000540)=""/132, 0x1e00, 0x8, '\x00', r8, 0x1b, r9, 0x8, &(0x7f0000000600)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x9, 0x59a2, 0xfffff065}, 0x10, r12, 0x0, 0x9, &(0x7f00000006c0)=[r3, r3, r3], &(0x7f0000000700)=[{0x3, 0x4, 0xc}, {0x1, 0x1, 0x6, 0x1}, {0x1, 0x1, 0x2, 0xa}, {0x4, 0x4, 0x8, 0x5}, {0x5, 0x2, 0x7, 0xb}, {0x2, 0x5, 0xf, 0x9}, {0x1, 0x1, 0x1, 0x6}, {0x0, 0x3, 0x5, 0x2}, {0x5, 0x4, 0x2}]}, 0x90) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0x1d, 0x29, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000500000018110000", @ANYRES32=r3, @ANYRESOCT=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000000717f31961200f0ffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018000000ff01000000000000ff01000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000540)=""/132, 0x1e00, 0x8, '\x00', r8, 0x1b, r9, 0x8, &(0x7f0000000600)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x9, 0x59a2, 0xfffff065}, 0x10, r12, 0x0, 0x9, &(0x7f00000006c0)=[r3, r3, r3], &(0x7f0000000700)=[{0x3, 0x4, 0xc}, {0x1, 0x1, 0x6, 0x1}, {0x1, 0x1, 0x2, 0xa}, {0x4, 0x4, 0x8, 0x5}, {0x5, 0x2, 0x7, 0xb}, {0x2, 0x5, 0xf, 0x9}, {0x1, 0x1, 0x1, 0x6}, {0x0, 0x3, 0x5, 0x2}, {0x5, 0x4, 0x2}]}, 0x90)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r6, 0x0, 0x0)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2389.396136][T28481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2389.415580][T28481] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2389.423826][T28481] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2389.431636][T28481] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2389.439447][T28481] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2389.447261][T28481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:36:42 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x80, 0x1ff, 0x3, 0x886, r0, 0x200, '\x00', 0x0, r2, 0x3, 0x3, 0x4, 0xd}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0xa, 0x1000, &(0x7f0000000040)="5637cc4c5a2a2f3521da", &(0x7f0000000800)=""/4096, 0xd385, 0x0, 0xbb, 0x0, &(0x7f0000000340)="ca7786b1d803256472c0d7242ab06783713a8bf351ca0e4cb81f4a9381b26d7e0474e9aaf57a4a0a1a6785fef11a89c222213c6633ebe7dc5342f3df2ef4653b625d6997f4e18799df1367d0d5331239f4a575fbb64ab9b09b5b20c60113c1a4e5d637f9c3874a43434eff57da55cab404345be45600d7f06870eca4ac7f3a3206dda25bb5eb4c491b5a9236dd3e07d5f544d49d464f41f2552bdb567120ba4a09cff90ec62eaf55046b0add84d2ab9ae6e2be158a11a1b855f370", &(0x7f0000000400), 0x0, 0x0, 0x10001}, 0x50)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)
sendfile(r3, r0, &(0x7f0000000000)=0x6, 0x8)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 78)

[ 2389.455070][T28481] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2389.462889][T28481]  </TASK>
03:36:42 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d8b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x80, 0x1ff, 0x3, 0x886, r0, 0x200, '\x00', 0x0, r2, 0x3, 0x3, 0x4, 0xd}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
r4 = socket$unix(0x1, 0x1, 0x0) (rerun: 64)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0xa, 0x1000, &(0x7f0000000040)="5637cc4c5a2a2f3521da", &(0x7f0000000800)=""/4096, 0xd385, 0x0, 0xbb, 0x0, &(0x7f0000000340)="ca7786b1d803256472c0d7242ab06783713a8bf351ca0e4cb81f4a9381b26d7e0474e9aaf57a4a0a1a6785fef11a89c222213c6633ebe7dc5342f3df2ef4653b625d6997f4e18799df1367d0d5331239f4a575fbb64ab9b09b5b20c60113c1a4e5d637f9c3874a43434eff57da55cab404345be45600d7f06870eca4ac7f3a3206dda25bb5eb4c491b5a9236dd3e07d5f544d49d464f41f2552bdb567120ba4a09cff90ec62eaf55046b0add84d2ab9ae6e2be158a11a1b855f370", &(0x7f0000000400), 0x0, 0x0, 0x10001}, 0x50) (async)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0) (async)
sendfile(r3, r0, &(0x7f0000000000)=0x6, 0x8)

03:36:42 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0})
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000700)={r4, 0x7fff, 0xfff, r4})
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

[ 2389.509536][T28635] FAULT_INJECTION: forcing a failure.
[ 2389.509536][T28635] name failslab, interval 1, probability 0, space 0, times 0
[ 2389.535887][T28635] CPU: 0 PID: 28635 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2389.547530][T28635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2389.557427][T28635] Call Trace:
[ 2389.560546][T28635]  <TASK>
[ 2389.563322][T28635]  dump_stack_lvl+0x151/0x1b7
[ 2389.567842][T28635]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2389.573304][T28635]  dump_stack+0x15/0x17
[ 2389.577294][T28635]  should_fail+0x3c6/0x510
[ 2389.581548][T28635]  __should_failslab+0xa4/0xe0
[ 2389.586149][T28635]  ? anon_vma_fork+0xf7/0x4e0
[ 2389.590662][T28635]  should_failslab+0x9/0x20
[ 2389.594999][T28635]  slab_pre_alloc_hook+0x37/0xd0
[ 2389.599775][T28635]  ? anon_vma_fork+0xf7/0x4e0
[ 2389.604298][T28635]  kmem_cache_alloc+0x44/0x200
[ 2389.608890][T28635]  anon_vma_fork+0xf7/0x4e0
[ 2389.613228][T28635]  ? anon_vma_name+0x4c/0x70
[ 2389.617667][T28635]  ? vm_area_dup+0x17a/0x230
[ 2389.622080][T28635]  copy_mm+0xa3a/0x13e0
[ 2389.626076][T28635]  ? copy_signal+0x610/0x610
[ 2389.630499][T28635]  ? __init_rwsem+0xd6/0x1c0
[ 2389.634926][T28635]  ? copy_signal+0x4e3/0x610
[ 2389.639352][T28635]  copy_process+0x1149/0x3290
[ 2389.643872][T28635]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2389.648816][T28635]  ? copy_clone_args_from_user+0x744/0x830
[ 2389.654457][T28635]  kernel_clone+0x21e/0x9e0
[ 2389.658794][T28635]  ? __delayed_free_task+0x20/0x20
[ 2389.663749][T28635]  ? create_io_thread+0x1e0/0x1e0
[ 2389.668607][T28635]  __x64_sys_clone3+0x376/0x3a0
[ 2389.673293][T28635]  ? __ia32_sys_clone+0x290/0x290
[ 2389.678159][T28635]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2389.683277][T28635]  ? __traceiter_sys_enter+0x2a/0x40
[ 2389.688395][T28635]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2389.694294][T28635]  do_syscall_64+0x3d/0xb0
[ 2389.698544][T28635]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2389.704376][T28635] RIP: 0033:0x7f9d5f592da9
[ 2389.708615][T28635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2389.729183][T28635] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2389.737435][T28635] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2389.745243][T28635] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2389.753053][T28635] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d90, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x80, 0x1ff, 0x3, 0x886, r0, 0x200, '\x00', 0x0, r2, 0x3, 0x3, 0x4, 0xd}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0xa, 0x1000, &(0x7f0000000040)="5637cc4c5a2a2f3521da", &(0x7f0000000800)=""/4096, 0xd385, 0x0, 0xbb, 0x0, &(0x7f0000000340)="ca7786b1d803256472c0d7242ab06783713a8bf351ca0e4cb81f4a9381b26d7e0474e9aaf57a4a0a1a6785fef11a89c222213c6633ebe7dc5342f3df2ef4653b625d6997f4e18799df1367d0d5331239f4a575fbb64ab9b09b5b20c60113c1a4e5d637f9c3874a43434eff57da55cab404345be45600d7f06870eca4ac7f3a3206dda25bb5eb4c491b5a9236dd3e07d5f544d49d464f41f2552bdb567120ba4a09cff90ec62eaf55046b0add84d2ab9ae6e2be158a11a1b855f370", &(0x7f0000000400), 0x0, 0x0, 0x10001}, 0x50)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)
sendfile(r3, r0, &(0x7f0000000000)=0x6, 0x8)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d91, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d88, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000180)=0xfffffff9) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x80, 0x1ff, 0x3, 0x886, r0, 0x200, '\x00', 0x0, r2, 0x3, 0x3, 0x4, 0xd}, 0x48) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r3 = socket$unix(0x1, 0x1, 0x0) (async)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0xa, 0x1000, &(0x7f0000000040)="5637cc4c5a2a2f3521da", &(0x7f0000000800)=""/4096, 0xd385, 0x0, 0xbb, 0x0, &(0x7f0000000340)="ca7786b1d803256472c0d7242ab06783713a8bf351ca0e4cb81f4a9381b26d7e0474e9aaf57a4a0a1a6785fef11a89c222213c6633ebe7dc5342f3df2ef4653b625d6997f4e18799df1367d0d5331239f4a575fbb64ab9b09b5b20c60113c1a4e5d637f9c3874a43434eff57da55cab404345be45600d7f06870eca4ac7f3a3206dda25bb5eb4c491b5a9236dd3e07d5f544d49d464f41f2552bdb567120ba4a09cff90ec62eaf55046b0add84d2ab9ae6e2be158a11a1b855f370", &(0x7f0000000400), 0x0, 0x0, 0x10001}, 0x50)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r4, 0x0, 0x0) (async)
sendfile(r3, r0, &(0x7f0000000000)=0x6, 0x8)

[ 2389.760863][T28635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2389.768673][T28635] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2389.776493][T28635]  </TASK>
03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x61)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d92, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d87, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x61) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x61)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x61) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0) (async)

03:36:42 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 79)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d93, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
open(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa0000, 0x148)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:42 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r5 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff})
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d94, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d95, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d96, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2389.904440][T28753] FAULT_INJECTION: forcing a failure.
[ 2389.904440][T28753] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2389.921801][T28753] CPU: 1 PID: 28753 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2389.933360][T28753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2389.943257][T28753] Call Trace:
[ 2389.946375][T28753]  <TASK>
[ 2389.949153][T28753]  dump_stack_lvl+0x151/0x1b7
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d97, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d98, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d99, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2389.953669][T28753]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2389.959137][T28753]  ? perf_pmu_sched_task+0x190/0x190
[ 2389.964259][T28753]  dump_stack+0x15/0x17
[ 2389.968252][T28753]  should_fail+0x3c6/0x510
[ 2389.972505][T28753]  should_fail_alloc_page+0x5a/0x80
[ 2389.977539][T28753]  prepare_alloc_pages+0x15c/0x700
[ 2389.982490][T28753]  ? __alloc_pages_bulk+0xe40/0xe40
[ 2389.987523][T28753]  __alloc_pages+0x18c/0x8f0
[ 2389.991949][T28753]  ? prep_new_page+0x110/0x110
[ 2389.996558][T28753]  ? stack_trace_save+0x1c0/0x1c0
03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9a, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:42 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9b, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9c, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2390.001497][T28753]  ? __kernel_text_address+0x9b/0x110
[ 2390.006706][T28753]  pte_alloc_one+0x73/0x1b0
[ 2390.011037][T28753]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 2390.016076][T28753]  __pte_alloc+0x86/0x350
[ 2390.020241][T28753]  ? free_pgtables+0x280/0x280
[ 2390.024838][T28753]  ? _raw_spin_lock+0xa4/0x1b0
[ 2390.029439][T28753]  ? __kasan_check_write+0x14/0x20
[ 2390.034382][T28753]  copy_page_range+0x28a8/0x2f90
[ 2390.039158][T28753]  ? __kasan_slab_alloc+0xb1/0xe0
[ 2390.044021][T28753]  ? slab_post_alloc_hook+0x53/0x2c0
[ 2390.049145][T28753]  ? do_syscall_64+0x3d/0xb0
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9d, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9e, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2390.053579][T28753]  ? pfn_valid+0x1e0/0x1e0
[ 2390.057821][T28753]  ? rwsem_write_trylock+0x15b/0x290
[ 2390.062942][T28753]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 2390.069193][T28753]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 2390.074745][T28753]  ? __rb_insert_augmented+0x5de/0x610
[ 2390.080045][T28753]  copy_mm+0xc7e/0x13e0
[ 2390.084039][T28753]  ? copy_signal+0x610/0x610
[ 2390.088457][T28753]  ? __init_rwsem+0xd6/0x1c0
[ 2390.092886][T28753]  ? copy_signal+0x4e3/0x610
[ 2390.097312][T28753]  copy_process+0x1149/0x3290
[ 2390.101832][T28753]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2390.106783][T28753]  ? copy_clone_args_from_user+0x744/0x830
[ 2390.112413][T28753]  kernel_clone+0x21e/0x9e0
[ 2390.116755][T28753]  ? __delayed_free_task+0x20/0x20
[ 2390.121714][T28753]  ? create_io_thread+0x1e0/0x1e0
[ 2390.126563][T28753]  __x64_sys_clone3+0x376/0x3a0
[ 2390.131249][T28753]  ? __ia32_sys_clone+0x290/0x290
[ 2390.136115][T28753]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2390.141230][T28753]  ? __traceiter_sys_enter+0x2a/0x40
[ 2390.146350][T28753]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2390.152253][T28753]  do_syscall_64+0x3d/0xb0
[ 2390.156503][T28753]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2390.162232][T28753] RIP: 0033:0x7f9d5f592da9
[ 2390.166485][T28753] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2390.185929][T28753] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2390.194172][T28753] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7d9f, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da2, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da4, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async, rerun: 32)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async, rerun: 64)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000700)={r4, 0x7fff, 0xfff, r4}) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async, rerun: 32)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async, rerun: 64)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0) (rerun: 64)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da5, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
r2 = socket$unix(0x1, 0x1, 0x0) (async, rerun: 64)
open(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa0000, 0x148) (rerun: 64)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

03:36:43 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 80)

[ 2390.201980][T28753] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2390.209789][T28753] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2390.217602][T28753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2390.225413][T28753] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2390.233232][T28753]  </TASK>
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
open(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa0000, 0x148)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0) (async)
accept(r3, 0x0, 0x0)

[ 2390.273601][T28902] FAULT_INJECTION: forcing a failure.
[ 2390.273601][T28902] name failslab, interval 1, probability 0, space 0, times 0
[ 2390.286678][T28902] CPU: 1 PID: 28902 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2390.298227][T28902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2390.308119][T28902] Call Trace:
[ 2390.311240][T28902]  <TASK>
[ 2390.314017][T28902]  dump_stack_lvl+0x151/0x1b7
[ 2390.318534][T28902]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2390.323997][T28902]  ? avc_denied+0x1b0/0x1b0
[ 2390.328337][T28902]  dump_stack+0x15/0x17
[ 2390.332326][T28902]  should_fail+0x3c6/0x510
[ 2390.336579][T28902]  __should_failslab+0xa4/0xe0
[ 2390.341180][T28902]  ? vm_area_dup+0x26/0x230
[ 2390.345519][T28902]  should_failslab+0x9/0x20
[ 2390.349858][T28902]  slab_pre_alloc_hook+0x37/0xd0
[ 2390.354649][T28902]  ? vm_area_dup+0x26/0x230
[ 2390.359058][T28902]  kmem_cache_alloc+0x44/0x200
[ 2390.363660][T28902]  vm_area_dup+0x26/0x230
[ 2390.367823][T28902]  copy_mm+0x9a1/0x13e0
[ 2390.371822][T28902]  ? copy_signal+0x610/0x610
[ 2390.376246][T28902]  ? __init_rwsem+0xd6/0x1c0
[ 2390.380757][T28902]  ? copy_signal+0x4e3/0x610
[ 2390.385183][T28902]  copy_process+0x1149/0x3290
[ 2390.389701][T28902]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2390.394644][T28902]  ? copy_clone_args_from_user+0x744/0x830
[ 2390.400287][T28902]  kernel_clone+0x21e/0x9e0
[ 2390.404627][T28902]  ? __delayed_free_task+0x20/0x20
[ 2390.409576][T28902]  ? create_io_thread+0x1e0/0x1e0
[ 2390.414434][T28902]  __x64_sys_clone3+0x376/0x3a0
[ 2390.419119][T28902]  ? __ia32_sys_clone+0x290/0x290
[ 2390.423985][T28902]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2390.429101][T28902]  ? __traceiter_sys_enter+0x2a/0x40
[ 2390.434223][T28902]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2390.440123][T28902]  do_syscall_64+0x3d/0xb0
[ 2390.444381][T28902]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2390.450104][T28902] RIP: 0033:0x7f9d5f592da9
[ 2390.454360][T28902] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = dup2(r3, r3)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r4, 0x5, 0x2}, 0x48) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5) (async)
bind$inet(r7, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r8=>0x0}) (async)
sendto$inet(r7, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10) (async)
recvmsg(r7, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) (async)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write$binfmt_elf64(r7, &(0x7f0000000740)=ANY=[@ANYRESHEX=r4, @ANYRES16=0x0, @ANYRES8=r9, @ANYRES16=r4], 0x100000530) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r10=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000700)={r4, 0x7fff, 0xfff, r4}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r8, 0x2c, r5, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r10, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90) (async)
r11 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r2, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r10, r11, 0x6, &(0x7f0000000540)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90) (async)
sendmsg$key(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 81)

[ 2390.473800][T28902] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2390.482043][T28902] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2390.489855][T28902] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2390.497666][T28902] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2390.505478][T28902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2390.513390][T28902] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2390.521194][T28902]  </TASK>
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7da9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7daa, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7dab, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2390.559763][T29026] FAULT_INJECTION: forcing a failure.
[ 2390.559763][T29026] name failslab, interval 1, probability 0, space 0, times 0
[ 2390.572982][T29026] CPU: 1 PID: 29026 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2390.584621][T29026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2390.594513][T29026] Call Trace:
[ 2390.597638][T29026]  <TASK>
[ 2390.600412][T29026]  dump_stack_lvl+0x151/0x1b7
03:36:43 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7dac, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

[ 2390.604925][T29026]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2390.610397][T29026]  dump_stack+0x15/0x17
[ 2390.614386][T29026]  should_fail+0x3c6/0x510
[ 2390.618640][T29026]  __should_failslab+0xa4/0xe0
[ 2390.623240][T29026]  ? anon_vma_fork+0x1df/0x4e0
[ 2390.627839][T29026]  should_failslab+0x9/0x20
[ 2390.632176][T29026]  slab_pre_alloc_hook+0x37/0xd0
[ 2390.636951][T29026]  ? anon_vma_fork+0x1df/0x4e0
[ 2390.641554][T29026]  kmem_cache_alloc+0x44/0x200
[ 2390.646152][T29026]  anon_vma_fork+0x1df/0x4e0
[ 2390.650575][T29026]  copy_mm+0xa3a/0x13e0
[ 2390.654655][T29026]  ? copy_signal+0x610/0x610
[ 2390.659079][T29026]  ? __init_rwsem+0xd6/0x1c0
[ 2390.663504][T29026]  ? copy_signal+0x4e3/0x610
[ 2390.667930][T29026]  copy_process+0x1149/0x3290
[ 2390.672449][T29026]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2390.677400][T29026]  ? copy_clone_args_from_user+0x744/0x830
[ 2390.683035][T29026]  kernel_clone+0x21e/0x9e0
[ 2390.687386][T29026]  ? __delayed_free_task+0x20/0x20
[ 2390.692323][T29026]  ? create_io_thread+0x1e0/0x1e0
[ 2390.697185][T29026]  __x64_sys_clone3+0x376/0x3a0
[ 2390.701869][T29026]  ? __ia32_sys_clone+0x290/0x290
[ 2390.706732][T29026]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2390.711848][T29026]  ? __traceiter_sys_enter+0x2a/0x40
[ 2390.716971][T29026]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[ 2390.722873][T29026]  do_syscall_64+0x3d/0xb0
[ 2390.727128][T29026]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2390.732852][T29026] RIP: 0033:0x7f9d5f592da9
[ 2390.737110][T29026] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 2390.756549][T29026] RSP: 002b:00007f9d5e313f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2390.764884][T29026] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9d5f592da9
[ 2390.772694][T29026] RDX: 00007f9d5e313fb0 RSI: 0000000000000058 RDI: 00007f9d5e313fb0
[ 2390.780505][T29026] RBP: 00007f9d5e314120 R08: 0000000000000000 R09: 0000000000000058
[ 2390.788333][T29026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2390.796132][T29026] R13: 000000000000004d R14: 00007f9d5f6c0f80 R15: 00007ffe3023cf18
[ 2390.804119][T29026]  </TASK>
03:36:45 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}, {0x2, 0x0, @multicast2}, 0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='ip_vti0\x00'})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
preadv(r4, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4096, 0x79}], 0x1, 0x79, 0x0)
write$binfmt_misc(r4, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRES64=r0, @ANYRES32=r3, @ANYRESOCT=r0], 0x2000011a)
splice(r2, 0x0, r1, 0x0, 0x4ff9c, 0x0)
r5 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x3, 0x2, 0x401, 0x1ff})
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000080)={0x8, [0x4, 0x6], 0x4}, 0x10)

03:36:45 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x7dad, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

03:36:45 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000004840)={0x80, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 82)

03:36:45 executing program 3:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000700), 0x8)
recvmmsg(r0, &(0x7f0000006e40)=[{{&(0x7f00000007c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000840)=""/114, 0x72}, {&(0x7f0000000900)=""/7, 0x7}, {&(0x7f0000000940)=""/72, 0x48}, {&(0x7f00000009c0)=""/57, 0x39}, {&(0x7f0000000a00)=""/62, 0x3e}, {&(0x7f0000000a40)=""/138, 0x8a}], 0x6, &(0x7f0000000b80)=""/168, 0xa8}, 0x80000000}, {{&(0x7f0000000c40)=@pppol2tpv3in6, 0x80, &(0x7f0000002ec0)=[{&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001cc0)=""/4096, 0x1000}, {&(0x7f0000002cc0)=""/54, 0x36}, {&(0x7f0000002d00)=""/125, 0x7d}, {&(0x7f0000002d80)=""/249, 0xf9}, {&(0x7f0000002e80)=""/36, 0x24}, {&(0x7f0000004ac0)=""/4096, 0x1000}], 0x7, &(0x7f0000002f40)=""/49, 0x31}, 0x120}, {{&(0x7f0000002f80)=@can, 0x80, &(0x7f0000003100)=[{&(0x7f0000003000)=""/200, 0xc8}], 0x1}, 0x9}, {{0x0, 0x0, &(0x7f0000003340)=[{&(0x7f0000003140)=""/247, 0xf7}, {&(0x7f0000003240)=""/18, 0x12}, {&(0x7f0000003280)=""/150, 0x96}], 0x3, &(0x7f0000003380)=""/178, 0xb2}}, {{&(0x7f0000003440)=@hci, 0x80, &(0x7f00000038c0)=[{&(0x7f00000034c0)=""/66, 0x42}, {&(0x7f0000003540)=""/232, 0xe8}, {&(0x7f0000005ac0)=""/4096, 0x1000}, {&(0x7f0000003640)=""/148, 0x94}, {&(0x7f0000003700)=""/227, 0xe3}, {&(0x7f0000003800)=""/33, 0x21}, {&(0x7f0000003840)=""/90, 0x5a}], 0x7, &(0x7f0000003940)=""/96, 0x60}, 0x688c80}, {{0x0, 0x0, &(0x7f0000006b40)=[{&(0x7f00000039c0)=""/194, 0xc2}, {&(0x7f0000007180)=""/4096, 0x1000}, {&(0x7f0000006ac0)}, {&(0x7f0000008180)=""/4096, 0x1000}, {&(0x7f0000009180)=""/4096, 0x1000}, {&(0x7f0000006b00)=""/8, 0x8}], 0x6, &(0x7f0000006bc0)=""/200, 0xc8}, 0x7f}, {{0x0, 0x0, &(0x7f0000006d80)=[{&(0x7f0000006cc0)=""/154, 0x9a}], 0x1, &(0x7f000000a180)=""/4096, 0x1000}, 0x1}, {{0x0, 0x0, &(0x7f0000006dc0), 0x0, &(0x7f0000006e00)=""/59, 0x3b}, 0x4}], 0x8, 0x4000a060, &(0x7f0000007040)={0x0, 0x989680})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000453e0100002020702500000000002020207b1af8ff0000800000ffff000000000048e77991ffffb702000001000000b703000000000000850000002d00000095000000c68eb8c4000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = dup2(r4, r4)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0xc82, '\x00', 0x0, r5, 0x5, 0x2}, 0x48)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000001c0)='reno\x00', 0x5)
bind$inet(r8, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000007140)={'batadv_slave_1\x00', <r9=>0x0})
sendto$inet(r8, &(0x7f0000000780)="e1096a8575c5b6a23438392b32c6e6d80d", 0x11, 0x800, &(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10)
recvmsg(r8, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$unix(r5, &(0x7f0000007080)=@file={0x0, './file0\x00'}, 0x6e)
write$binfmt_elf64(r8, &(0x7f0000000740)=ANY=[@ANYRESHEX=r5, @ANYRES16=0x0, @ANYRES8=r10, @ANYRES16=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/29, 0x1d, <r11=>0x0, &(0x7f0000000500)=""/100, 0x64}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x16, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000056f9ffff18110000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x24, '\x00', r9, 0x2c, r6, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x9, 0x5}, 0x10, r11, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0xc, 0x5}], 0x10, 0x3ff}, 0x90)
r12 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x9, 0x2, 0x4, 0x3618, 0x7601}, @alu={0x4, 0x1, 0xc, 0x0, 0x9, 0xffffffffffffff70, 0x10}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0xc5}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x96, &(0x7f0000000380)=""/150, 0x41100, 0x12, '\x00', 0x0, 0x29, r3, 0x8, &(0x7f0000000080)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x7, 0x80000000}, 0x10, r11, r12, 0x6, &(0x7f0000000540)=[r3, r3, r3, r3], &(0x7f0000000580)=[{0x0, 0x5, 0x5, 0x2}, {0x4, 0x3, 0x0, 0x7}, {0x4, 0x5, 0x0, 0x7}, {0x0, 0x1, 0x4, 0x4}, {0x3, 0x4, 0xc, 0x4}, {0x5, 0x4, 0x7, 0x6}], 0x10, 0xfffffffc}, 0x90)
sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="02a0cbb48e00000000000000000000000100000300b0ffffb0cc3e447b1b33f6bec30ae1792f38a7fe2b65caa0be64227b2cd1b5831b011cafd5c2382246bd92bb5e03038795bc"], 0x18}}, 0x0)

03:36:45 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
accept(r3, &(0x7f0000000000)=@nfc, &(0x7f00000002c0)=0x80)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

03:36:45 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
accept(r3, &(0x7f0000000000)=@nfc, &(0x7f00000002c0)=0x80) (async)
listen(r3, 0x0) (async)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
accept(r3, 0x0, 0x0)

[ 2392.916486][T29145] FAULT_INJECTION: forcing a failure.
[ 2392.916486][T29145] name failslab, interval 1, probability 0, space 0, times 0
[ 2392.931681][T29145] CPU: 0 PID: 29145 Comm: syz-executor.0 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[ 2392.943226][T29145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2392.953117][T29145] Call Trace:
[ 2392.956239][T29145]  <TASK>
[ 2392.959021][