last executing test programs:

2.916346832s ago: executing program 1 (id=2679):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f00000001c0), &(0x7f00000005c0)=""/155}, 0x20) (async, rerun: 64)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='afs_cb_miss\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x39, 0xffffffffffffff0d, 0x7}, 0x6f)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=r3, 0x0) (async)
perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x2}, 0x0, 0xc8, 0x0, 0x7, 0x1}, 0x0, 0x3, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000006020000f8ffffffb7030000080000820000009500000000000000000000000000000000000000003c1d6f22278e6d8acad35e3e98844e8a289cd95c03c3cac9a82ca55c84ac5f596f7c000000009c3ff09984f9c3c495bc20f3e58246643fe9d5", @ANYBLOB="e21369c5acaba96a965d3c222acc2e00b7aff886bdbbf597dc65ffc54909c8002e576943378e0e60486eec60bcc9ae2a446ed504b56affd9eeb90aec2f", @ANYRESHEX=r1, @ANYRESHEX=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7) (async, rerun: 32)
socketpair$unix(0x1, 0x8, 0x0, &(0x7f0000000400)={<r8=>0xffffffffffffffff}) (rerun: 32)
recvmsg$unix(r8, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000d00)}, 0x40002101)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102031100fef2000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x11, &(0x7f0000000a40)=ANY=[@ANYBLOB="18191ddf2b0001000000000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018530000080000000000080000000000bf91000000000000b7080000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000500)='GPL\x00', 0x800, 0xb5, &(0x7f0000000680)=""/181, 0x40f00, 0x60, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000080)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x3, 0xa, 0x7, 0x481}, 0x10, r3, 0xffffffffffffffff, 0x5, &(0x7f00000001c0)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000780)=[{0x2, 0x5, 0x4, 0x8}, {0x0, 0x5, 0xd, 0x7}, {0x5, 0x1, 0x5, 0xb}, {0x5, 0x4, 0x0, 0x3}, {0x0, 0x5, 0x8, 0x4}], 0x10, 0x1e}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xc3200, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r9}, 0x20) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r10}, 0x10)
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x20000, 0x0)
ioctl$TUNSETOFFLOAD(r11, 0xc004743e, 0x20001400) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$TUNSETOFFLOAD(r11, 0x40047451, 0x2000000c) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1000000}, 0x48) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000280)='start_task_reaping\x00'}, 0x10) (async, rerun: 32)
unlink(0x0)

2.727420389s ago: executing program 1 (id=2686):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r6}, 0x10)
write$cgroup_int(r5, &(0x7f0000000200), 0x43451)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r7, &(0x7f0000000200), 0x43451)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_clone(0x100000, 0x0, 0x0, &(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940)="718bfffd565b5e232a28e55d84cb8d403a455670c52274aa44e0a9e741")
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffc}, 0x48)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
bpf$ENABLE_STATS(0x20, &(0x7f0000000180), 0x4)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.448525322s ago: executing program 0 (id=2691):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040))
ioctl$TUNGETVNETBE(r0, 0x800454df, &(0x7f0000000080)=0x1)
socketpair(0x1e, 0x2, 0x3, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
sendmsg$sock(r1, &(0x7f00000002c0)={&(0x7f0000000100)=@pppoe={0x18, 0x0, {0x4, @broadcast, 'netdevsim0\x00'}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="61702c21e8addb3fa8aa8ad7178e703d2a3bdf4248c384a1945c38f5ac0901e13c712df4faff6fe438332aaa91233a23078f09b8e9490092a476dd0181856460ea5e5b1b3af0be385015f5d572fbad6adacdb59b524d", 0x56}, {&(0x7f0000000200)="dc02ea", 0x3}], 0x2, &(0x7f0000000280)=[@mark={{0x14, 0x1, 0x24, 0xfdef}}, @mark={{0x14}}], 0x30}, 0x4080)
r2 = perf_event_open(&(0x7f0000000340)={0x5, 0x80, 0x3f, 0x2, 0xc9, 0x95, 0x0, 0x9, 0x6418, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000300), 0x8}, 0x300, 0x800, 0x7, 0x9, 0xfffffffffffffffe, 0x1, 0xc5c, 0x0, 0x2, 0x0, 0x9}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xa)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r4 = perf_event_open$cgroup(&(0x7f0000000400)={0x1, 0x80, 0xa, 0x3, 0xb, 0xe, 0x0, 0x6, 0x4406, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x2, @perf_bp={&(0x7f00000003c0), 0x1}, 0x2000, 0x2, 0xfffffffa, 0x1, 0x8, 0x6, 0x7, 0x0, 0x4, 0x0, 0x8}, r3, 0xb, r2, 0x4)
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x3, 0x3, 0x7, 0x76, 0x0, 0x6, 0x510, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x55, 0x4, @perf_config_ext={0xb, 0xc}, 0x1000, 0x2, 0x2, 0x8, 0x9, 0x6b, 0x5, 0x0, 0x3, 0x0, 0x1ff}, 0x0, 0x9, r2, 0x9)
bpf$ENABLE_STATS(0x20, &(0x7f0000000540), 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000580))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x7, 0x5, 0x4, 0x1, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0xf}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r1, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000640)=[0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000680)=[0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], <r7=>0x0, 0x79, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x8f, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a40)={&(0x7f0000000940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x54, 0x54, 0x3, [@ptr={0xc, 0x0, 0x0, 0x2, 0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x5, 0xc}}, @restrict={0x1, 0x0, 0x0, 0xb, 0x2}, @func={0x5, 0x0, 0x0, 0xc, 0x5}, @fwd={0xd}, @typedef={0xe}]}, {0x0, [0x9904961867cec0d7]}}, &(0x7f00000009c0)=""/73, 0x6f, 0x49, 0x1, 0x6}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0xb, 0x2, 0xd9, 0x9, 0x800, r5, 0x80, '\x00', r6, r8, 0x1, 0x1, 0x4}, 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000b00), 0x4)
r10 = getpid()
r11 = perf_event_open(&(0x7f0000000b80)={0x4, 0x80, 0x91, 0xc3, 0x98, 0x0, 0x0, 0xffffffffffffc131, 0x2a204, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8a7, 0x4, @perf_bp={&(0x7f0000000b40), 0x3}, 0x100dc0, 0x10000, 0x3, 0x3, 0x1, 0x5, 0x400, 0x0, 0x2, 0x0, 0xd}, r10, 0xd, r4, 0x1)
r12 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@generic={&(0x7f0000000c00)='./file0\x00', 0x0, 0x10}, 0x18)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000c80)={'vlan0\x00', @multicast})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000cc0)=0xffffffffffffffff, 0x4)
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000d40), 0x801, 0x0)
r14 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000d80)=@o_path={&(0x7f0000000d00)='./file0\x00', 0x0, 0x0, r13}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r14, <r15=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x12, 0x25, &(0x7f0000000dc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@cb_func={0x18, 0x5, 0x4, 0x0, 0xffffffffffffffff}, @exit, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r14}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000f00)='GPL\x00', 0x3, 0xbc, &(0x7f0000000f40)=""/188, 0x40f00, 0x2, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000001000)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000001040)={0x4, 0xe, 0x6, 0x1}, 0x10, r7, 0xffffffffffffffff, 0x2, &(0x7f0000001140)=[r14, r9, r15, r12, r14], &(0x7f0000001180)=[{0x0, 0x1, 0xf, 0x6}, {0x0, 0x1, 0x0, 0x3}], 0x10, 0x1}, 0x90)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000001280)='!\x00')
perf_event_open(&(0x7f0000001300)={0x0, 0x80, 0x5, 0x8, 0x4, 0x6, 0x0, 0x8, 0x220, 0x8, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x97, 0x4, @perf_bp={&(0x7f00000012c0)}, 0x8006, 0x9, 0x4, 0x0, 0xffffffff, 0x3, 0x88, 0x0, 0x3, 0x0, 0x485}, r10, 0x7, r11, 0x3)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000002480)={&(0x7f0000001380)="b8b2cce608d772fac6ff0b96aeae5e6235483557efff6ba0539a1b", &(0x7f00000013c0)=""/4096, &(0x7f00000023c0)="0c4a9f0a172a6183f625605b4c92decf26563c61ba6a855dec9cc865239198fc9fb45f3f23365fd31d7e827d849e5dea7250451dfe76e9601929dd8bc78a19ee4329bd064c24d49e3fd676043565953381ab7ff4f02eed5e657ad7136d954d", &(0x7f0000002440), 0x7ff, r5, 0x4}, 0x38)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000024c0))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002500)='./cgroup/syz0\x00', 0x200002, 0x0)

2.440924713s ago: executing program 1 (id=2692):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)=r0}, 0xfffffffffffffe12)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x6, 0x5, 0x9, 0x4, 0x0, 0x8000, 0xd0008, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x10344d, 0x1, 0x3ff, 0x0, 0x100, 0xffff502a, 0x8000, 0x0, 0x8, 0x0, 0x1000}, 0x0, 0x9, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.051009186s ago: executing program 2 (id=2693):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f00000002c0), &(0x7f0000000280)=r0}, 0xfffffffffffffe12)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})

1.866599582s ago: executing program 0 (id=2696):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000190fda52ffffffffffffff08000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x2d57, 0xfffffff3, 0x8001, 0x580, 0xffffffffffffffff, 0x7ff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x2, 0xa}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000e56520207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYRESOCT=r1, @ANYBLOB="bca8f96b1c61c0fe6f98d80cdcee4b55dcdec6738679bfbaf8b9d2a1a25dcb44b2edd063013fb0f65084c47ed2531f89ead7619fe45cbb177f09b6fcd7e82d2004288806dd586a3a7017feb3f4c8498eba6af98971dca98fb435555d5aab94125a330d63d03c9b8c2cd2292d088d2e72621ac55d28f10a97390923aa69c5f9a985ff3a4c514d954fd505d531f26c16f8bd99948bc76ef55f3e199b1c5d508d5420ff3ed2a4c905d540"], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r4}, &(0x7f0000000700), &(0x7f0000000740)=r5}, 0x20) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r7, 0x0, 0x0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (async)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10) (async)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000400))
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x3}}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x15, 0x16, &(0x7f0000000500)=ANY=[@ANYRESHEX=r8, @ANYRESHEX], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x90) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x1000, 0x1}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e6ffffff0000000000000000000018110001", @ANYRES32=r6, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{}, &(0x7f0000000680), &(0x7f0000000740)=r9}, 0x20) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xf, 0x5, &(0x7f0000001080)=ANY=[@ANYRESDEC=0x0], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)

1.815307746s ago: executing program 4 (id=2698):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})

1.789487088s ago: executing program 0 (id=2699):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x1a8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)

1.784102188s ago: executing program 1 (id=2700):
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7fffffff, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x40, 0x0, 0x4000000000, 0x20024, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x0, 0x9f89}, 0x8519}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0xe4d, 0xebd2, 0x89ef, 0x420, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3, 0xb}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000001018", @ANYBLOB="4f08fec5ce52bd53e5b5f92ad99099ac3b7000552a4d0a8eff48aba3111f76b82adabcbaf022b51fc72a31cdb41f28701e6d0f14ebd61274925337fa8f4046056225204bff3eb8c265b052ec1948577a9ad45b28e656824e6969"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000100), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000100)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT=r0, @ANYRESOCT=r6, @ANYRES16=r5, @ANYRES16, @ANYRES16, @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000200)=@framed={{0x18, 0xa}}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0xab, 0xffffffffffffffff}, 0x80)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})

1.756106971s ago: executing program 2 (id=2701):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x1a8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)

1.716320825s ago: executing program 2 (id=2702):
perf_event_open(&(0x7f0000000a00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f90003ffb703000008000000b704d18866cbe0b376a3305000000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
gettid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="186800000006", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

1.715922294s ago: executing program 0 (id=2703):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x81, <r0=>0x0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r3, <r4=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xd, 0x6, 0x9, 0xff, 0x2910, r4, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x8020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
recvmsg$unix(r7, &(0x7f0000001480)={0x0, 0xfffffffffffffed6, 0x0}, 0x0)
sendmsg$inet(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
close(r8)
recvmsg$unix(r6, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x40000062)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3f, &(0x7f0000000600)=ANY=[@ANYBLOB="1863392b6463fdcbb4c92f68965cdaaa649cae9bf400970b1d15ba3b39f500000000000018190000daca7bc05c3350369198bda5f7fe2666c507a566eed2d3c7dbf08c4e0700988e31693f15931e1a6f71ff90b59c3ab5b931d26000e577b2a3cdf5ae745d9b3f1cd540fb4587", @ANYRESOCT=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a647300ed6dd26eea3837229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x8912, &(0x7f0000000080))
syz_clone(0xa00d000, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xfffffffe}, 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

1.509380122s ago: executing program 1 (id=2704):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='rss_stat\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

1.457270566s ago: executing program 4 (id=2705):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x0, 0x0, 0x0, 0x0, 0x100, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0xc0046686, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000), 0x4)
socketpair(0x21, 0x1, 0x7fffffff, &(0x7f0000000440))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x4, 0x5, 0x3ff, 0xa5, r4, 0xe223, '\x00', 0x0, r4, 0x1, 0x4, 0x4, 0x5}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xb, 0x1e, &(0x7f0000000b80)=ANY=[@ANYBLOB="18270000", @ANYRES32=r2, @ANYBLOB="000000000600000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000100008500000006000000182200004cc4175f6bbf8188f008874c1ea9d9e16b5318b70aa807ce8d1d43169dbb8a0bdd6052d8", @ANYRES32=r4, @ANYBLOB="000000000100000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b7080000672500007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="640000170000025e83237bd6b0d8dfa82a4b2dbb8e8500b70500680085261500008b2a1700000b00000000000000"], &(0x7f0000000680)='syzkaller\x00', 0xffffff80, 0x0, 0x0, 0x41100, 0x22, '\x00', r6, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0xa}, 0x8, 0x10, &(0x7f00000009c0)={0x3, 0x8, 0x40, 0x1}, 0x10, 0x0, r3, 0x5, &(0x7f0000000a00)=[r4], &(0x7f0000000a40)=[{0x4, 0x1, 0x10, 0x8}, {0x3, 0x1, 0xf, 0x8}, {0x1, 0x3, 0xf, 0x4}, {0x0, 0x4, 0xe, 0x6}, {0x4, 0x4, 0x9, 0x8}], 0x10, 0x7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$tipc(r7, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8, <r9=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x7f, 0x0, 0x10, 0x5, 0x0, 0x3, 0x80000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x401, 0x0, @perf_config_ext={0x4, 0x1}, 0x8080, 0x8, 0x8, 0x2, 0x5, 0x1, 0x101, 0x0, 0xfffff01c, 0x0, 0x2f0}, 0xffffffffffffffff, 0x6, r4, 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
sendmsg$inet(r7, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)

1.457017477s ago: executing program 2 (id=2706):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x81, <r0=>0x0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r3, <r4=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xd, 0x6, 0x9, 0xff, 0x2910, r4, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x8020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x2a, &(0x7f0000000100)=r9, 0x4)
recvmsg$unix(r7, &(0x7f0000001480)={0x0, 0xfffffffffffffed6, 0x0}, 0x0)
sendmsg$inet(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
close(r8)
recvmsg$unix(r6, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x40000062)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3f, &(0x7f0000000600)=ANY=[@ANYBLOB="1863392b6463fdcbb4c92f68965cdaaa649cae9bf400970b1d15ba3b39f500000000000018190000daca7bc05c3350369198bda5f7fe2666c507a566eed2d3c7dbf08c4e0700988e31693f15931e1a6f71ff90b59c3ab5b931d26000e577b2a3cdf5ae745d9b3f1cd540fb4587", @ANYRESOCT=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a647300ed6dd26eea3837229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x8912, &(0x7f0000000080))
syz_clone(0xa00d000, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xfffffffe}, 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r11, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

1.451143287s ago: executing program 3 (id=2707):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102030400fe08000e40000200875a65969ff57b00000000000000000020000000ac1414aa"], 0xfdef)

1.386189022s ago: executing program 4 (id=2708):
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
mkdir(0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.108091036s ago: executing program 3 (id=2709):
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r0, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x2)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x3, [@var={0x2, 0x0, 0x0, 0xe, 0x4}, @restrict={0x0, 0x0, 0x0, 0xb, 0x3}]}, {0x0, [0x30]}}, &(0x7f0000000440)=""/194, 0x37, 0xc2, 0x0, 0x7}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1c, 0xd5c, 0xe, 0x0, 0x400, 0xffffffffffffffff, 0x9f, '\x00', r1, r2, 0x2, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001}, 0x48)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xc, 0x4, 0x4, 0xbf22, 0x804}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext, 0x108c02}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext, 0x108c02}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000100)={'dvmrp0\x00', 0x2})
ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000400)={0x2, &(0x7f0000000440)=[{0x28, 0x0, 0x8, 0xfffff038}, {0x6, 0x2, 0x2, 0xfffffffa}]})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0xd) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0xd)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r9, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) (async)
r10 = openat$cgroup_procs(r9, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f0000000080), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r11, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) (async)
r12 = openat$cgroup_procs(r11, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r12, &(0x7f0000000140), 0x12)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
close(0xffffffffffffffff) (async)
close(0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)

1.034995642s ago: executing program 3 (id=2710):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r4}, 0x3d)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f00000001c0)="8bc3374294c823a13c083018353baa1ef971a2ae14384184490d18bee4d95818965b6d3b38753ef444432379d6b4e300cd3fe3e1b3ab8ad2473ed13efca54f9c26c39f979e5b4883639491cf37c256ccfb35349e6a88a9f50cf88f", &(0x7f0000000340)=""/178}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xfffffffffdffffff, 0xffffffffffffffff, 0x6)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0xfffffffd, 0x4, 0xff, 0x800, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fcfc082900db5b6861589bcfe8875a060300000023000000000000000000000000ac"], 0xfdef)
ioctl$TUNSETNOCSUM(r7, 0x400454c8, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r9}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907003675f3757f0086dd6317ce800000000000e0865a6596aff57b00000000000000000000000000ac1414"], 0xfe1b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f00000004c0)=ANY=[@ANYRES64=r5, @ANYBLOB="f0051192647bbbde2024b16c93bf85206e6a556e59fdafaa235d28b40990bf1ffda719ba33eab8b1ce34d7cdd14d32e712d175e0bd7f6e8c7159782cce800d2c31818f024e45a5377412762d86424f2ebec727e2cc8963b805bf6c3741f0738a50556afcb51484f8aa8ff1bc42b972e22c9805d910b0bbf3c45344f231e6bca64050023944da944eb0158ba2f8b1f1b0aaf28d3288238f861f64cb400188c38cfd99c0458e2bbecbc3a182747355d9b80191e99ed71e2c0d708bc33b4f6649419648393422fa6e0f4f72a2e0eafebe4b1928efa21cc47d502ca9cf2798c843a861a7227e34e65c30543d7dc85e6b0c8d4a5c8b8eb3e974deb04245b5f3", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x90)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x89f1, &(0x7f0000000080))

988.330896ms ago: executing program 0 (id=2711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)=r0}, 0xfffffffffffffe12)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x6, 0x5, 0x9, 0x4, 0x0, 0x8000, 0xd0008, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x10344d, 0x1, 0x3ff, 0x0, 0x100, 0xffff502a, 0x8000, 0x0, 0x8, 0x0, 0x1000}, 0x0, 0x9, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

721.332559ms ago: executing program 3 (id=2712):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x1a8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)

645.484955ms ago: executing program 3 (id=2713):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f00000002c0), &(0x7f0000000280)=r0}, 0xfffffffffffffe12)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})

645.160225ms ago: executing program 2 (id=2714):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x1a8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)

504.462317ms ago: executing program 4 (id=2715):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})

503.905137ms ago: executing program 2 (id=2716):
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7fffffff, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x40, 0x0, 0x4000000000, 0x20024, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x0, 0x9f89}, 0x8519}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0xe4d, 0xebd2, 0x89ef, 0x420, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3, 0xb}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x7, 0x8000}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000001018", @ANYBLOB="4f08fec5ce52bd53e5b5f92ad99099ac3b7000552a4d0a8eff48aba3111f76b82adabcbaf022b51fc72a31cdb41f28701e6d0f14ebd61274925337fa8f4046056225204bff3eb8c265b052ec1948577a9ad45b28e656824e6969"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000100), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000100)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT=r0, @ANYRESOCT=r7, @ANYRES16=r6, @ANYRES16, @ANYRES16, @ANYRES32=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000200)=@framed={{0x18, 0xa}}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0xab, 0xffffffffffffffff}, 0x80)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})

435.952323ms ago: executing program 0 (id=2717):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='freezer.self_freezing\x00', 0x275a, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0xfff, 0x0, 0x7, 0x4, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3, 0xc}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffef0, 0x0, r2, 0xfffffe39, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x7, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180006040000000000000000"], 0x0, 0x4}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48)
close(r4)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x10e40, 0x8000000000000000, 0x0, 0x2, 0x6, 0x1, 0x5, 0x0, 0x8, 0x0, 0xc047}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000740)=@bpf_ext={0x1c, 0x10, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x1000}, {}, {}, [@generic={0x9, 0x3, 0x1, 0x4, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='GPL\x00', 0x8, 0x45, &(0x7f0000000540)=""/69, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x0, 0x5, 0x7, 0x4}, 0x10, 0xc04e, 0xffffffffffffffff, 0x3, 0x0, &(0x7f00000005c0)=[{0x2, 0x2, 0x2, 0x2}, {0x4, 0x5, 0x6, 0x8}, {0x4, 0x3, 0x3, 0x6}]}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r7)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x3, 0xa, 0x4, 0x880, r3, 0x1000, '\x00', 0x0, r5, 0x0, 0x4, 0x1, 0x1}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

227.253791ms ago: executing program 3 (id=2718):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r0, 0x8004745a, 0x2000000c)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000001c0), 0x12)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x30)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f00000001c0)=[{}, {0x0, 0x4}, {}]})
socketpair(0xa, 0x6, 0x10005, &(0x7f0000000740)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8940, &(0x7f0000000080))
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095", @ANYRES8=r3, @ANYRES32=r4, @ANYRES64], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
socketpair(0xa, 0x2, 0x0, &(0x7f0000000000))

62.674694ms ago: executing program 4 (id=2719):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102030400fe08000e40000200875a65969ff57b000000000000000000ff000000ac1414aa"], 0xfdef)

62.325184ms ago: executing program 4 (id=2720):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0xf9, 0xfffffffd, 0x0, 0x200, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x0, 0xb}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701000003ffffffb702000008000000b7030000000000838500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x229c, 0x6, 0x3b14, 0x10, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x3, 0x2}, 0x48)
write$cgroup_pressure(r1, &(0x7f00000013c0)={'full', 0x20, 0x1, 0x20, 0x7}, 0x2f)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001b00)={r4, &(0x7f0000001a40), 0x0}, 0x20)
perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001380)={r0, &(0x7f00000011c0)="306f739fa1fdfeda2521e768d778b31eb5f9636667310ca2e26ebb4c6fdac46ba4f94d3c96daf8d691856beb6291b019509bf50027ddadcdd9f53ce0ab34cee57562f89c274fecdf236c4f2f78d8398cf95d6cfa02a8c421157806f6986d730b38fe6c6693a2a102866253903a7bf1f2df82e0189dc472c8c084405b34b374b3e7d2580252a799c3c0f69524e64be8ec09d0b4f1e5f76e4bed3870df42c459f72643987fd609ec2d3ba5b0", &(0x7f0000001280)=""/222}, 0x20)
r5 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r5, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000001400), 0x121000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x1, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000ffffff9f6000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe8023c889fd4cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d3536e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae374bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de589020000dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09229dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9c5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba33770ce3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5cd39fc687c94efcac5d4efa734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f2460000001c1c4890fceb9a9fb3b2ff8f2e27a1967e85557b5260bda25fea9fce639e64dc57a9e3a67fa33738690da5fb8754f22b863d965f1c52ffdbfe63638a4f4c4ca9f25981e1e629bff86264765b292e6f991df93742e53fc8039bbfa163b9c84c57ea5a237e3291832e65b5df2d20b391c0bcaf31030d260cfc46738ff4d251860b6c9292cc5bf20ff7725b08e07e77657800c8049bbf4c74bc4f4768e82a31901d801c142ac237d54d35c2787815ff2b"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0xc025, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=2721):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x81, <r0=>0x0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r3, <r4=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xd, 0x6, 0x9, 0xff, 0x2910, r4, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x8020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
recvmsg$unix(r7, &(0x7f0000001480)={0x0, 0xfffffffffffffed6, 0x0}, 0x0)
sendmsg$inet(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
close(r8)
recvmsg$unix(r6, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x40000062)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3f, &(0x7f0000000600)=ANY=[@ANYBLOB="1863392b6463fdcbb4c92f68965cdaaa649cae9bf400970b1d15ba3b39f500000000000018190000daca7bc05c3350369198bda5f7fe2666c507a566eed2d3c7dbf08c4e0700988e31693f15931e1a6f71ff90b59c3ab5b931d26000e577b2a3cdf5ae745d9b3f1cd540fb4587", @ANYRESOCT=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a647300ed6dd26eea3837229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x8912, &(0x7f0000000080))
syz_clone(0xa00d000, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xfffffffe}, 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

kernel console output (not intermixed with test programs):

251]  __pmd_alloc+0xb1/0x550
[  237.572486][ T8251]  ? __pud_alloc+0x260/0x260
[  237.576909][ T8251]  ? __pud_alloc+0x213/0x260
[  237.581343][ T8251]  ? do_handle_mm_fault+0x2400/0x2400
[  237.586552][ T8251]  ? __stack_depot_save+0x34/0x470
[  237.591491][ T8251]  ? anon_vma_clone+0x9a/0x500
[  237.596105][ T8251]  copy_page_range+0x2b3d/0x2f90
[  237.600866][ T8251]  ? __kasan_slab_alloc+0xb1/0xe0
[  237.605737][ T8251]  ? slab_post_alloc_hook+0x53/0x2c0
[  237.610848][ T8251]  ? copy_mm+0xa3a/0x13e0
[  237.615010][ T8251]  ? copy_process+0x1149/0x3290
[  237.619699][ T8251]  ? kernel_clone+0x21e/0x9e0
[  237.624215][ T8251]  ? x64_sys_call+0x1b0/0x9a0
[  237.628727][ T8251]  ? do_syscall_64+0x3b/0xb0
[  237.633151][ T8251]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  237.639068][ T8251]  ? pfn_valid+0x1e0/0x1e0
[  237.643658][ T8251]  ? rwsem_write_trylock+0x153/0x340
[  237.648775][ T8251]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  237.655024][ T8251]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  237.660578][ T8251]  ? __rb_insert_augmented+0x5de/0x610
[  237.665890][ T8251]  copy_mm+0xc7e/0x13e0
[  237.669873][ T8251]  ? copy_signal+0x610/0x610
[  237.674289][ T8251]  ? __init_rwsem+0xfe/0x1d0
[  237.678718][ T8251]  ? copy_signal+0x4e3/0x610
[  237.683144][ T8251]  copy_process+0x1149/0x3290
[  237.687658][ T8251]  ? __kasan_check_write+0x14/0x20
[  237.692608][ T8251]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  237.697550][ T8251]  ? vfs_write+0x9ec/0x1110
[  237.701894][ T8251]  kernel_clone+0x21e/0x9e0
[  237.706233][ T8251]  ? __kasan_check_write+0x14/0x20
[  237.711178][ T8251]  ? create_io_thread+0x1e0/0x1e0
[  237.716043][ T8251]  __x64_sys_clone+0x23f/0x290
[  237.720640][ T8251]  ? __do_sys_vfork+0x130/0x130
[  237.725332][ T8251]  ? debug_smp_processor_id+0x17/0x20
[  237.730532][ T8251]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  237.736435][ T8251]  ? exit_to_user_mode_prepare+0x39/0xa0
[  237.741904][ T8251]  x64_sys_call+0x1b0/0x9a0
[  237.746244][ T8251]  do_syscall_64+0x3b/0xb0
[  237.750493][ T8251]  ? clear_bhb_loop+0x35/0x90
[  237.755015][ T8251]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  237.760736][ T8251] RIP: 0033:0x7f2878f39e79
[  237.764990][ T8251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.784432][ T8251] RSP: 002b:00007f2877bb6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  237.792676][ T8251] RAX: ffffffffffffffda RBX: 00007f28790d5f80 RCX: 00007f2878f39e79
[  237.800492][ T8251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  237.808297][ T8251] RBP: 00007f2877bb7090 R08: 0000000000000000 R09: 0000000000000000
[  237.816125][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.823920][ T8251] R13: 0000000000000000 R14: 00007f28790d5f80 R15: 00007ffe647d8c08
[  237.831742][ T8251]  </TASK>
[  237.933767][   T30] audit: type=1400 audit(1724741385.993:164): avc:  denied  { create } for  pid=8254 comm="syz.3.2320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  238.034379][ T8259] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.042073][ T8259] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.053805][ T8259] device bridge0 left promiscuous mode
[  238.228780][ T8273] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.235761][ T8273] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.305644][ T8273] device bridge0 left promiscuous mode
[  238.355036][ T8275] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.361941][ T8275] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.369103][ T8275] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.375963][ T8275] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.457691][ T8275] device bridge0 entered promiscuous mode
[  239.446576][ T8286] FAULT_INJECTION: forcing a failure.
[  239.446576][ T8286] name failslab, interval 1, probability 0, space 0, times 0
[  239.465039][ T8286] CPU: 0 PID: 8286 Comm: syz.0.2330 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  239.476167][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  239.486138][ T8286] Call Trace:
[  239.489267][ T8286]  <TASK>
[  239.492041][ T8286]  dump_stack_lvl+0x151/0x1c0
[  239.496560][ T8286]  ? io_uring_drop_tctx_refs+0x190/0x190
[  239.502026][ T8286]  dump_stack+0x15/0x20
[  239.506012][ T8286]  should_fail+0x3c6/0x510
[  239.510264][ T8286]  __should_failslab+0xa4/0xe0
[  239.514864][ T8286]  ? vm_area_dup+0x26/0x230
[  239.519206][ T8286]  should_failslab+0x9/0x20
[  239.523544][ T8286]  slab_pre_alloc_hook+0x37/0xd0
[  239.528328][ T8286]  ? vm_area_dup+0x26/0x230
[  239.532653][ T8286]  kmem_cache_alloc+0x44/0x200
[  239.537256][ T8286]  vm_area_dup+0x26/0x230
[  239.541423][ T8286]  copy_mm+0x9a1/0x13e0
[  239.545424][ T8286]  ? copy_signal+0x610/0x610
[  239.549841][ T8286]  ? __init_rwsem+0xfe/0x1d0
[  239.554379][ T8286]  ? copy_signal+0x4e3/0x610
[  239.558790][ T8286]  copy_process+0x1149/0x3290
[  239.563301][ T8286]  ? __kasan_check_write+0x14/0x20
[  239.568259][ T8286]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  239.573281][ T8286]  ? vfs_write+0x9ec/0x1110
[  239.577623][ T8286]  kernel_clone+0x21e/0x9e0
[  239.581963][ T8286]  ? __kasan_check_write+0x14/0x20
[  239.587080][ T8286]  ? create_io_thread+0x1e0/0x1e0
[  239.591945][ T8286]  __x64_sys_clone+0x23f/0x290
[  239.596539][ T8286]  ? __do_sys_vfork+0x130/0x130
[  239.601228][ T8286]  ? debug_smp_processor_id+0x17/0x20
[  239.606432][ T8286]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  239.612425][ T8286]  ? exit_to_user_mode_prepare+0x39/0xa0
[  239.617894][ T8286]  x64_sys_call+0x1b0/0x9a0
[  239.622232][ T8286]  do_syscall_64+0x3b/0xb0
[  239.626498][ T8286]  ? clear_bhb_loop+0x35/0x90
[  239.630996][ T8286]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  239.636728][ T8286] RIP: 0033:0x7fb926837e79
[  239.640986][ T8286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.660419][ T8286] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  239.668665][ T8286] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  239.676477][ T8286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  239.684286][ T8286] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  239.692271][ T8286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.700168][ T8286] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  239.707987][ T8286]  </TASK>
[  240.043438][ T8322] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.050443][ T8322] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.057725][ T8322] device bridge0 left promiscuous mode
[  240.066753][ T8322] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.073647][ T8322] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.080743][ T8322] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.087579][ T8322] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.114844][ T8322] device bridge0 entered promiscuous mode
[  240.437759][ T8331] device veth0_vlan left promiscuous mode
[  240.538673][ T8331] device veth0_vlan entered promiscuous mode
[  240.586313][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  240.586802][ T8335] FAULT_INJECTION: forcing a failure.
[  240.586802][ T8335] name failslab, interval 1, probability 0, space 0, times 0
[  240.628956][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  240.636053][ T8335] CPU: 0 PID: 8335 Comm: syz.0.2346 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  240.647130][ T8335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  240.656990][ T8335] Call Trace:
[  240.660113][ T8335]  <TASK>
[  240.662894][ T8335]  dump_stack_lvl+0x151/0x1c0
[  240.667406][ T8335]  ? io_uring_drop_tctx_refs+0x190/0x190
[  240.672874][ T8335]  dump_stack+0x15/0x20
[  240.676865][ T8335]  should_fail+0x3c6/0x510
[  240.681118][ T8335]  __should_failslab+0xa4/0xe0
[  240.685716][ T8335]  ? anon_vma_clone+0x9a/0x500
[  240.690316][ T8335]  should_failslab+0x9/0x20
[  240.694656][ T8335]  slab_pre_alloc_hook+0x37/0xd0
[  240.699430][ T8335]  ? anon_vma_clone+0x9a/0x500
[  240.704036][ T8335]  kmem_cache_alloc+0x44/0x200
[  240.708635][ T8335]  anon_vma_clone+0x9a/0x500
[  240.713059][ T8335]  anon_vma_fork+0x91/0x4e0
[  240.717396][ T8335]  ? anon_vma_name+0x4c/0x70
[  240.721824][ T8335]  ? vm_area_dup+0x17a/0x230
[  240.726257][ T8335]  copy_mm+0xa3a/0x13e0
[  240.730249][ T8335]  ? copy_signal+0x610/0x610
[  240.734670][ T8335]  ? __init_rwsem+0xfe/0x1d0
[  240.739097][ T8335]  ? copy_signal+0x4e3/0x610
[  240.743522][ T8335]  copy_process+0x1149/0x3290
[  240.748038][ T8335]  ? __kasan_check_write+0x14/0x20
[  240.752986][ T8335]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  240.757929][ T8335]  ? vfs_write+0x9ec/0x1110
[  240.762272][ T8335]  kernel_clone+0x21e/0x9e0
[  240.766611][ T8335]  ? __kasan_check_write+0x14/0x20
[  240.771557][ T8335]  ? create_io_thread+0x1e0/0x1e0
[  240.776418][ T8335]  __x64_sys_clone+0x23f/0x290
[  240.781020][ T8335]  ? __do_sys_vfork+0x130/0x130
[  240.785703][ T8335]  ? debug_smp_processor_id+0x17/0x20
[  240.790908][ T8335]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  240.796812][ T8335]  ? exit_to_user_mode_prepare+0x39/0xa0
[  240.802282][ T8335]  x64_sys_call+0x1b0/0x9a0
[  240.806714][ T8335]  do_syscall_64+0x3b/0xb0
[  240.810968][ T8335]  ? clear_bhb_loop+0x35/0x90
[  240.815480][ T8335]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  240.821211][ T8335] RIP: 0033:0x7fb926837e79
[  240.825462][ T8335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.844913][ T8335] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  240.853148][ T8335] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  240.860957][ T8335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.868855][ T8335] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  240.876676][ T8335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  240.884482][ T8335] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  240.892309][ T8335]  </TASK>
[  240.899027][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  240.944728][ T8341] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.957759][ T8341] device bridge0 left promiscuous mode
[  241.040834][ T8353] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.047769][ T8353] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.054745][ T8353] device bridge0 left promiscuous mode
[  241.074558][ T8353] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.081451][ T8353] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.088568][ T8353] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.095422][ T8353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.105306][ T8353] device bridge0 entered promiscuous mode
[  241.161923][ T8341] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.169232][ T8341] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.228943][ T8341] device bridge0 entered promiscuous mode
[  241.546755][ T8388] bridge0: port 3(veth0_to_batadv) entered blocking state
[  241.554576][ T8388] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  241.564056][ T8388] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.571285][ T8388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.586293][ T8388] device bridge0 entered promiscuous mode
[  241.642012][ T8398] device sit0 entered promiscuous mode
[  241.883573][ T8409] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.891608][ T8409] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.920433][ T8409] device bridge0 left promiscuous mode
[  241.987056][  T555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  242.011482][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.019043][ T8409] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.028113][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.035645][ T8409] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.051957][ T8409] device bridge0 entered promiscuous mode
[  242.062980][ T8415] FAULT_INJECTION: forcing a failure.
[  242.062980][ T8415] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  242.090568][ T8406] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.106151][ T8406] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.115386][ T8415] CPU: 0 PID: 8415 Comm: syz.4.2372 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  242.126489][ T8415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  242.136388][ T8415] Call Trace:
[  242.139509][ T8415]  <TASK>
[  242.142288][ T8415]  dump_stack_lvl+0x151/0x1c0
[  242.146976][ T8415]  ? io_uring_drop_tctx_refs+0x190/0x190
[  242.152439][ T8415]  ? unwind_get_return_address+0x4d/0x90
[  242.157909][ T8415]  ? arch_stack_walk+0xf3/0x140
[  242.162593][ T8415]  dump_stack+0x15/0x20
[  242.166590][ T8415]  should_fail+0x3c6/0x510
[  242.170844][ T8415]  should_fail_alloc_page+0x5a/0x80
[  242.175881][ T8415]  prepare_alloc_pages+0x15c/0x700
[  242.180821][ T8415]  ? stack_trace_snprint+0xf0/0xf0
[  242.185767][ T8415]  ? __alloc_pages_bulk+0xe40/0xe40
[  242.190800][ T8415]  ? copy_page_range+0x2c97/0x2f90
[  242.195754][ T8415]  __alloc_pages+0x18c/0x8f0
[  242.200176][ T8415]  ? x64_sys_call+0x1b0/0x9a0
[  242.204686][ T8415]  ? prep_new_page+0x110/0x110
[  242.209290][ T8415]  ? avc_has_perm_noaudit+0x2dd/0x430
[  242.214496][ T8415]  new_slab+0x9a/0x4e0
[  242.218407][ T8415]  ___slab_alloc+0x39e/0x830
[  242.222828][ T8415]  ? vm_area_dup+0x26/0x230
[  242.227439][ T8415]  ? vm_area_dup+0x26/0x230
[  242.231767][ T8415]  __slab_alloc+0x4a/0x90
[  242.235935][ T8415]  ? vm_area_dup+0x26/0x230
[  242.240283][ T8415]  kmem_cache_alloc+0x134/0x200
[  242.244970][ T8415]  vm_area_dup+0x26/0x230
[  242.249126][ T8415]  copy_mm+0x9a1/0x13e0
[  242.253122][ T8415]  ? copy_signal+0x610/0x610
[  242.257563][ T8415]  ? __init_rwsem+0xfe/0x1d0
[  242.261973][ T8415]  ? copy_signal+0x4e3/0x610
[  242.266397][ T8415]  copy_process+0x1149/0x3290
[  242.270918][ T8415]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  242.276553][ T8415]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  242.281498][ T8415]  ? group_send_sig_info+0x1ba/0x460
[  242.286621][ T8415]  kernel_clone+0x21e/0x9e0
[  242.290983][ T8415]  ? create_io_thread+0x1e0/0x1e0
[  242.295834][ T8415]  __x64_sys_clone+0x23f/0x290
[  242.300420][ T8415]  ? __do_sys_vfork+0x130/0x130
[  242.305116][ T8415]  ? debug_smp_processor_id+0x17/0x20
[  242.310315][ T8415]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  242.316228][ T8415]  ? exit_to_user_mode_prepare+0x39/0xa0
[  242.321689][ T8415]  x64_sys_call+0x1b0/0x9a0
[  242.326028][ T8415]  do_syscall_64+0x3b/0xb0
[  242.330275][ T8415]  ? clear_bhb_loop+0x35/0x90
[  242.334790][ T8415]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  242.340516][ T8415] RIP: 0033:0x7fc893175e79
[  242.344773][ T8415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.364213][ T8415] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  242.372455][ T8415] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  242.380267][ T8415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  242.388166][ T8415] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  242.395977][ T8415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  242.403788][ T8415] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  242.411606][ T8415]  </TASK>
[  242.429022][ T8406] device bridge_slave_0 entered promiscuous mode
[  242.446668][ T8406] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.471135][ T8406] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.481851][ T8406] device bridge_slave_1 entered promiscuous mode
[  242.522764][ T8431] bridge0: port 3(veth0_to_batadv) entered disabled state
[  242.533219][ T8431] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.574030][ T8431] device bridge0 left promiscuous mode
[  242.695191][ T8436] bridge0: port 3(veth0_to_batadv) entered blocking state
[  242.702182][ T8436] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  242.709388][ T8436] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.716229][ T8436] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.748206][ T8436] device bridge0 entered promiscuous mode
[  242.829380][ T8442] device sit0 left promiscuous mode
[  242.865378][ T8442] device sit0 entered promiscuous mode
[  243.135832][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.214621][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  243.223456][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  243.245923][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  243.254114][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.265640][  T547] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.272544][  T547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.280075][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  243.289183][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.297232][  T547] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.297789][ T8460] FAULT_INJECTION: forcing a failure.
[  243.297789][ T8460] name failslab, interval 1, probability 0, space 0, times 0
[  243.304186][  T547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.304632][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.331308][ T8460] CPU: 1 PID: 8460 Comm: syz.4.2387 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  243.342422][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  243.352308][ T8460] Call Trace:
[  243.355442][ T8460]  <TASK>
[  243.358213][ T8460]  dump_stack_lvl+0x151/0x1c0
[  243.362727][ T8460]  ? io_uring_drop_tctx_refs+0x190/0x190
[  243.368198][ T8460]  dump_stack+0x15/0x20
[  243.372294][ T8460]  should_fail+0x3c6/0x510
[  243.376548][ T8460]  __should_failslab+0xa4/0xe0
[  243.381145][ T8460]  ? anon_vma_fork+0x1df/0x4e0
[  243.385756][ T8460]  should_failslab+0x9/0x20
[  243.390083][ T8460]  slab_pre_alloc_hook+0x37/0xd0
[  243.394857][ T8460]  ? anon_vma_fork+0x1df/0x4e0
[  243.399456][ T8460]  kmem_cache_alloc+0x44/0x200
[  243.404146][ T8460]  anon_vma_fork+0x1df/0x4e0
[  243.408573][ T8460]  copy_mm+0xa3a/0x13e0
[  243.412566][ T8460]  ? copy_signal+0x610/0x610
[  243.416992][ T8460]  ? __init_rwsem+0xfe/0x1d0
[  243.421415][ T8460]  ? copy_signal+0x4e3/0x610
[  243.425842][ T8460]  copy_process+0x1149/0x3290
[  243.430355][ T8460]  ? __kasan_check_write+0x14/0x20
[  243.435304][ T8460]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  243.440341][ T8460]  ? vfs_write+0x9ec/0x1110
[  243.444678][ T8460]  kernel_clone+0x21e/0x9e0
[  243.449039][ T8460]  ? __kasan_check_write+0x14/0x20
[  243.453958][ T8460]  ? create_io_thread+0x1e0/0x1e0
[  243.458824][ T8460]  __x64_sys_clone+0x23f/0x290
[  243.463422][ T8460]  ? __do_sys_vfork+0x130/0x130
[  243.468205][ T8460]  ? debug_smp_processor_id+0x17/0x20
[  243.473410][ T8460]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  243.479313][ T8460]  ? exit_to_user_mode_prepare+0x39/0xa0
[  243.484781][ T8460]  x64_sys_call+0x1b0/0x9a0
[  243.489122][ T8460]  do_syscall_64+0x3b/0xb0
[  243.493372][ T8460]  ? clear_bhb_loop+0x35/0x90
[  243.497888][ T8460]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  243.503795][ T8460] RIP: 0033:0x7fc893175e79
[  243.508048][ T8460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.527480][ T8460] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  243.535725][ T8460] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  243.543553][ T8460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  243.551349][ T8460] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  243.559165][ T8460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  243.566972][ T8460] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  243.574788][ T8460]  </TASK>
[  243.595021][ T8457] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.605473][ T8457] device bridge0 left promiscuous mode
[  243.688841][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  243.696955][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  243.705528][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  243.713589][  T547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  243.721804][  T354] device bridge_slave_1 left promiscuous mode
[  243.727839][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.735424][  T354] device bridge_slave_0 left promiscuous mode
[  243.741437][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.749668][  T354] device veth1_macvtap left promiscuous mode
[  243.755547][  T354] device veth0_vlan left promiscuous mode
[  243.988711][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.995594][ T8475] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.016380][ T8475] device bridge0 entered promiscuous mode
[  244.030414][ T8487] device sit0 left promiscuous mode
[  244.060682][ T8489] device sit0 entered promiscuous mode
[  244.223343][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  244.232091][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  244.240915][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  244.253018][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  244.266037][ T8502] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.273495][ T8502] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.282690][ T8502] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.290235][ T8502] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.309033][ T8508] FAULT_INJECTION: forcing a failure.
[  244.309033][ T8508] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  244.343941][ T8508] CPU: 1 PID: 8508 Comm: syz.4.2404 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  244.355083][ T8508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  244.364975][ T8508] Call Trace:
[  244.368099][ T8508]  <TASK>
[  244.370875][ T8508]  dump_stack_lvl+0x151/0x1c0
[  244.375487][ T8508]  ? io_uring_drop_tctx_refs+0x190/0x190
[  244.380964][ T8508]  dump_stack+0x15/0x20
[  244.384946][ T8508]  should_fail+0x3c6/0x510
[  244.388810][ T8502] device bridge0 entered promiscuous mode
[  244.389206][ T8508]  should_fail_alloc_page+0x5a/0x80
[  244.389234][ T8508]  prepare_alloc_pages+0x15c/0x700
[  244.389260][ T8508]  ? __alloc_pages_bulk+0xe40/0xe40
[  244.389286][ T8508]  __alloc_pages+0x18c/0x8f0
[  244.389308][ T8508]  ? prep_new_page+0x110/0x110
[  244.389337][ T8508]  get_zeroed_page+0x1b/0x40
[  244.389358][ T8508]  __pud_alloc+0x8b/0x260
[  244.389377][ T8508]  ? stack_trace_snprint+0xf0/0xf0
[  244.389398][ T8508]  ? do_handle_mm_fault+0x2400/0x2400
[  244.389418][ T8508]  ? __stack_depot_save+0x34/0x470
[  244.389436][ T8508]  ? anon_vma_clone+0x9a/0x500
[  244.389457][ T8508]  copy_page_range+0x2bcf/0x2f90
[  244.389476][ T8508]  ? __kasan_slab_alloc+0xb1/0xe0
[  244.389498][ T8508]  ? slab_post_alloc_hook+0x53/0x2c0
[  244.389519][ T8508]  ? copy_mm+0xa3a/0x13e0
[  244.389537][ T8508]  ? copy_process+0x1149/0x3290
[  244.471174][ T8508]  ? kernel_clone+0x21e/0x9e0
[  244.475691][ T8508]  ? __x64_sys_clone+0x23f/0x290
[  244.480460][ T8508]  ? x64_sys_call+0x1b0/0x9a0
[  244.484974][ T8508]  ? do_syscall_64+0x3b/0xb0
[  244.489404][ T8508]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  244.495313][ T8508]  ? pfn_valid+0x1e0/0x1e0
[  244.499556][ T8508]  ? rwsem_write_trylock+0x153/0x340
[  244.504674][ T8508]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  244.510923][ T8508]  ? vma_gap_callbacks_rotate+0x1b7/0x210
[  244.516479][ T8508]  ? __rb_insert_augmented+0x5de/0x610
[  244.521780][ T8508]  copy_mm+0xc7e/0x13e0
[  244.525771][ T8508]  ? copy_signal+0x610/0x610
[  244.530191][ T8508]  ? __init_rwsem+0xfe/0x1d0
[  244.534625][ T8508]  ? copy_signal+0x4e3/0x610
[  244.539049][ T8508]  copy_process+0x1149/0x3290
[  244.543562][ T8508]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  244.549201][ T8508]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  244.554148][ T8508]  ? group_send_sig_info+0x1ba/0x460
[  244.559272][ T8508]  kernel_clone+0x21e/0x9e0
[  244.563608][ T8508]  ? create_io_thread+0x1e0/0x1e0
[  244.568474][ T8508]  __x64_sys_clone+0x23f/0x290
[  244.573068][ T8508]  ? __do_sys_vfork+0x130/0x130
[  244.577765][ T8508]  ? debug_smp_processor_id+0x17/0x20
[  244.582961][ T8508]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  244.588864][ T8508]  ? exit_to_user_mode_prepare+0x39/0xa0
[  244.594332][ T8508]  x64_sys_call+0x1b0/0x9a0
[  244.598670][ T8508]  do_syscall_64+0x3b/0xb0
[  244.602923][ T8508]  ? clear_bhb_loop+0x35/0x90
[  244.607437][ T8508]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  244.613165][ T8508] RIP: 0033:0x7fc893175e79
[  244.617421][ T8508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.636861][ T8508] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  244.645117][ T8508] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  244.652916][ T8508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  244.660728][ T8508] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  244.668538][ T8508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  244.676348][ T8508] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  244.684170][ T8508]  </TASK>
[  244.697058][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  244.711845][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  244.725635][ T8406] device veth0_vlan entered promiscuous mode
[  244.781243][ T8406] device veth1_macvtap entered promiscuous mode
[  244.826213][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  244.837913][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  244.848902][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  244.856709][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  244.865509][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  244.873996][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  244.884652][  T588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  244.933950][ T8530] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.943222][ T8530] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.958702][ T8530] device bridge0 left promiscuous mode
[  245.078635][ T8532] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.085537][ T8532] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.092663][ T8532] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.099536][ T8532] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.146991][ T8532] device bridge0 entered promiscuous mode
[  245.154387][ T8539] device sit0 left promiscuous mode
[  245.202404][ T8546] device sit0 entered promiscuous mode
[  245.425709][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  245.448525][ T8548] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.455618][ T8548] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.496559][ T8549] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.503451][ T8549] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.510566][ T8549] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.517314][ T8549] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.548188][ T8549] device bridge0 entered promiscuous mode
[  245.555811][ T8558] FAULT_INJECTION: forcing a failure.
[  245.555811][ T8558] name failslab, interval 1, probability 0, space 0, times 0
[  245.603116][ T8558] CPU: 1 PID: 8558 Comm: syz.0.2420 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  245.614348][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  245.624229][ T8558] Call Trace:
[  245.627348][ T8558]  <TASK>
[  245.630131][ T8558]  dump_stack_lvl+0x151/0x1c0
[  245.634641][ T8558]  ? io_uring_drop_tctx_refs+0x190/0x190
[  245.640111][ T8558]  dump_stack+0x15/0x20
[  245.644099][ T8558]  should_fail+0x3c6/0x510
[  245.648351][ T8558]  __should_failslab+0xa4/0xe0
[  245.652958][ T8558]  ? vm_area_dup+0x26/0x230
[  245.657287][ T8558]  should_failslab+0x9/0x20
[  245.661630][ T8558]  slab_pre_alloc_hook+0x37/0xd0
[  245.666401][ T8558]  ? vm_area_dup+0x26/0x230
[  245.670740][ T8558]  kmem_cache_alloc+0x44/0x200
[  245.675342][ T8558]  vm_area_dup+0x26/0x230
[  245.679508][ T8558]  copy_mm+0x9a1/0x13e0
[  245.683500][ T8558]  ? copy_signal+0x610/0x610
[  245.687925][ T8558]  ? __init_rwsem+0xfe/0x1d0
[  245.692441][ T8558]  ? copy_signal+0x4e3/0x610
[  245.696864][ T8558]  copy_process+0x1149/0x3290
[  245.701382][ T8558]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  245.707033][ T8558]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  245.711969][ T8558]  ? group_send_sig_info+0x1ba/0x460
[  245.717090][ T8558]  kernel_clone+0x21e/0x9e0
[  245.721427][ T8558]  ? create_io_thread+0x1e0/0x1e0
[  245.726300][ T8558]  __x64_sys_clone+0x23f/0x290
[  245.730892][ T8558]  ? __do_sys_vfork+0x130/0x130
[  245.735577][ T8558]  ? debug_smp_processor_id+0x17/0x20
[  245.740783][ T8558]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  245.746686][ T8558]  ? exit_to_user_mode_prepare+0x39/0xa0
[  245.752163][ T8558]  x64_sys_call+0x1b0/0x9a0
[  245.756509][ T8558]  do_syscall_64+0x3b/0xb0
[  245.760749][ T8558]  ? clear_bhb_loop+0x35/0x90
[  245.765258][ T8558]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  245.770986][ T8558] RIP: 0033:0x7fb926837e79
[  245.775247][ T8558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.794683][ T8558] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  245.803014][ T8558] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  245.810823][ T8558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  245.818635][ T8558] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  245.826533][ T8558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  245.834345][ T8558] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  245.842163][ T8558]  </TASK>
[  246.037173][ T8608] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.044983][ T8608] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.075845][ T8608] device bridge0 left promiscuous mode
[  246.146413][ T8613] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.153316][ T8613] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.160455][ T8613] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.167303][ T8613] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.174608][ T8613] device bridge0 entered promiscuous mode
[  246.392641][ T8621] device sit0 left promiscuous mode
[  246.420711][ T8621] device sit0 entered promiscuous mode
[  246.688520][ T8631] FAULT_INJECTION: forcing a failure.
[  246.688520][ T8631] name failslab, interval 1, probability 0, space 0, times 0
[  246.711522][ T8623] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.718479][ T8623] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.768379][ T8623] device bridge0 left promiscuous mode
[  246.773766][ T8631] CPU: 1 PID: 8631 Comm: syz.2.2436 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  246.784789][ T8631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  246.794680][ T8631] Call Trace:
[  246.797804][ T8631]  <TASK>
[  246.800582][ T8631]  dump_stack_lvl+0x151/0x1c0
[  246.805101][ T8631]  ? io_uring_drop_tctx_refs+0x190/0x190
[  246.810651][ T8631]  dump_stack+0x15/0x20
[  246.814638][ T8631]  should_fail+0x3c6/0x510
[  246.818896][ T8631]  __should_failslab+0xa4/0xe0
[  246.823493][ T8631]  ? vm_area_dup+0x26/0x230
[  246.827847][ T8631]  should_failslab+0x9/0x20
[  246.832175][ T8631]  slab_pre_alloc_hook+0x37/0xd0
[  246.836949][ T8631]  ? vm_area_dup+0x26/0x230
[  246.841286][ T8631]  kmem_cache_alloc+0x44/0x200
[  246.845888][ T8631]  vm_area_dup+0x26/0x230
[  246.850055][ T8631]  copy_mm+0x9a1/0x13e0
[  246.854055][ T8631]  ? copy_signal+0x610/0x610
[  246.858471][ T8631]  ? __init_rwsem+0xfe/0x1d0
[  246.862898][ T8631]  ? copy_signal+0x4e3/0x610
[  246.867555][ T8631]  copy_process+0x1149/0x3290
[  246.872063][ T8631]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  246.877700][ T8631]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  246.882747][ T8631]  ? group_send_sig_info+0x1ba/0x460
[  246.887875][ T8631]  kernel_clone+0x21e/0x9e0
[  246.892207][ T8631]  ? create_io_thread+0x1e0/0x1e0
[  246.897066][ T8631]  __x64_sys_clone+0x23f/0x290
[  246.901759][ T8631]  ? __do_sys_vfork+0x130/0x130
[  246.906439][ T8631]  ? debug_smp_processor_id+0x17/0x20
[  246.911651][ T8631]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  246.917552][ T8631]  ? exit_to_user_mode_prepare+0x39/0xa0
[  246.923014][ T8631]  x64_sys_call+0x1b0/0x9a0
[  246.927482][ T8631]  do_syscall_64+0x3b/0xb0
[  246.931725][ T8631]  ? clear_bhb_loop+0x35/0x90
[  246.936239][ T8631]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  246.941968][ T8631] RIP: 0033:0x7f509d8afe79
[  246.946222][ T8631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.965661][ T8631] RSP: 002b:00007f509c52cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  246.973908][ T8631] RAX: ffffffffffffffda RBX: 00007f509da4bf80 RCX: 00007f509d8afe79
[  246.981717][ T8631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  246.989537][ T8631] RBP: 00007f509c52d090 R08: 0000000000000000 R09: 0000000000000000
[  246.997341][ T8631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.005237][ T8631] R13: 0000000000000000 R14: 00007f509da4bf80 R15: 00007ffe6a799028
[  247.013071][ T8631]  </TASK>
[  247.039132][ T8626] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.046086][ T8626] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.053249][ T8626] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.060115][ T8626] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.147501][ T8626] device bridge0 entered promiscuous mode
[  247.189943][ T8643] bridge0: port 3(veth0_vlan) entered blocking state
[  247.203268][ T8643] bridge0: port 3(veth0_vlan) entered disabled state
[  247.211036][ T8643] bridge0: port 3(veth0_vlan) entered blocking state
[  247.217563][ T8643] bridge0: port 3(veth0_vlan) entered forwarding state
[  247.244476][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.319979][ T8646] device bridge0 left promiscuous mode
[  247.403218][ T8653] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.410194][ T8653] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.460157][ T8653] device bridge0 entered promiscuous mode
[  247.566049][ T8668] device sit0 left promiscuous mode
[  247.579825][ T8672] FAULT_INJECTION: forcing a failure.
[  247.579825][ T8672] name failslab, interval 1, probability 0, space 0, times 0
[  247.618213][ T8672] CPU: 0 PID: 8672 Comm: syz.3.2451 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  247.629339][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  247.639234][ T8672] Call Trace:
[  247.642355][ T8672]  <TASK>
[  247.645133][ T8672]  dump_stack_lvl+0x151/0x1c0
[  247.649644][ T8672]  ? io_uring_drop_tctx_refs+0x190/0x190
[  247.655115][ T8672]  dump_stack+0x15/0x20
[  247.659105][ T8672]  should_fail+0x3c6/0x510
[  247.663359][ T8672]  __should_failslab+0xa4/0xe0
[  247.667971][ T8672]  ? anon_vma_fork+0xf7/0x4e0
[  247.672645][ T8672]  should_failslab+0x9/0x20
[  247.676985][ T8672]  slab_pre_alloc_hook+0x37/0xd0
[  247.681762][ T8672]  ? anon_vma_fork+0xf7/0x4e0
[  247.686273][ T8672]  kmem_cache_alloc+0x44/0x200
[  247.690872][ T8672]  anon_vma_fork+0xf7/0x4e0
[  247.695218][ T8672]  ? anon_vma_name+0x4c/0x70
[  247.699637][ T8672]  ? vm_area_dup+0x17a/0x230
[  247.704077][ T8672]  copy_mm+0xa3a/0x13e0
[  247.708065][ T8672]  ? copy_signal+0x610/0x610
[  247.712481][ T8672]  ? __init_rwsem+0xfe/0x1d0
[  247.716909][ T8672]  ? copy_signal+0x4e3/0x610
[  247.721343][ T8672]  copy_process+0x1149/0x3290
[  247.725847][ T8672]  ? __kasan_check_write+0x14/0x20
[  247.730803][ T8672]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  247.735743][ T8672]  ? vfs_write+0x9ec/0x1110
[  247.740085][ T8672]  kernel_clone+0x21e/0x9e0
[  247.744424][ T8672]  ? __kasan_check_write+0x14/0x20
[  247.749371][ T8672]  ? create_io_thread+0x1e0/0x1e0
[  247.754322][ T8672]  __x64_sys_clone+0x23f/0x290
[  247.758919][ T8672]  ? __do_sys_vfork+0x130/0x130
[  247.763607][ T8672]  ? debug_smp_processor_id+0x17/0x20
[  247.768813][ T8672]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  247.774733][ T8672]  ? exit_to_user_mode_prepare+0x39/0xa0
[  247.780201][ T8672]  x64_sys_call+0x1b0/0x9a0
[  247.784519][ T8672]  do_syscall_64+0x3b/0xb0
[  247.788776][ T8672]  ? clear_bhb_loop+0x35/0x90
[  247.793286][ T8672]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  247.799021][ T8672] RIP: 0033:0x7f2878f39e79
[  247.803270][ T8672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.822884][ T8672] RSP: 002b:00007f2877bb6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  247.831125][ T8672] RAX: ffffffffffffffda RBX: 00007f28790d5f80 RCX: 00007f2878f39e79
[  247.838943][ T8672] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  247.846749][ T8672] RBP: 00007f2877bb7090 R08: 0000000000000000 R09: 0000000000000000
[  247.854570][ T8672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.862374][ T8672] R13: 0000000000000000 R14: 00007f28790d5f80 R15: 00007ffe647d8c08
[  247.870195][ T8672]  </TASK>
[  247.879743][ T8675] device sit0 entered promiscuous mode
[  248.140182][ T3396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  248.178906][ T8679] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.185833][ T8679] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.200695][ T8679] device bridge0 left promiscuous mode
[  248.207632][ T8680] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.214559][ T8680] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.221736][ T8680] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.228594][ T8680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.241748][ T8680] device bridge0 entered promiscuous mode
[  248.294908][ T8689] device syzkaller0 entered promiscuous mode
[  248.302384][ T8695] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.309331][ T8695] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.319615][ T8695] device bridge0 left promiscuous mode
[  248.421964][ T8700] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.439861][ T8700] device bridge0 left promiscuous mode
[  249.265334][ T8716] device sit0 entered promiscuous mode
[  249.289300][ T8705] FAULT_INJECTION: forcing a failure.
[  249.289300][ T8705] name failslab, interval 1, probability 0, space 0, times 0
[  249.301782][ T8705] CPU: 0 PID: 8705 Comm: syz.3.2462 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  249.312823][ T8705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  249.322717][ T8705] Call Trace:
[  249.325843][ T8705]  <TASK>
[  249.328623][ T8705]  dump_stack_lvl+0x151/0x1c0
[  249.333133][ T8705]  ? io_uring_drop_tctx_refs+0x190/0x190
[  249.338608][ T8705]  dump_stack+0x15/0x20
[  249.342598][ T8705]  should_fail+0x3c6/0x510
[  249.346846][ T8705]  __should_failslab+0xa4/0xe0
[  249.351444][ T8705]  ? anon_vma_fork+0x1df/0x4e0
[  249.356052][ T8705]  should_failslab+0x9/0x20
[  249.360385][ T8705]  slab_pre_alloc_hook+0x37/0xd0
[  249.365160][ T8705]  ? anon_vma_fork+0x1df/0x4e0
[  249.369759][ T8705]  kmem_cache_alloc+0x44/0x200
[  249.374360][ T8705]  anon_vma_fork+0x1df/0x4e0
[  249.378788][ T8705]  copy_mm+0xa3a/0x13e0
[  249.382784][ T8705]  ? copy_signal+0x610/0x610
[  249.387208][ T8705]  ? __init_rwsem+0xfe/0x1d0
[  249.391630][ T8705]  ? copy_signal+0x4e3/0x610
[  249.396332][ T8705]  copy_process+0x1149/0x3290
[  249.400833][ T8705]  ? __kasan_check_write+0x14/0x20
[  249.405784][ T8705]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  249.410724][ T8705]  ? vfs_write+0x9ec/0x1110
[  249.415069][ T8705]  kernel_clone+0x21e/0x9e0
[  249.419403][ T8705]  ? __kasan_check_write+0x14/0x20
[  249.424354][ T8705]  ? create_io_thread+0x1e0/0x1e0
[  249.429217][ T8705]  __x64_sys_clone+0x23f/0x290
[  249.433813][ T8705]  ? __do_sys_vfork+0x130/0x130
[  249.438505][ T8705]  ? debug_smp_processor_id+0x17/0x20
[  249.443707][ T8705]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  249.449622][ T8705]  ? exit_to_user_mode_prepare+0x39/0xa0
[  249.455076][ T8705]  x64_sys_call+0x1b0/0x9a0
[  249.459415][ T8705]  do_syscall_64+0x3b/0xb0
[  249.463756][ T8705]  ? clear_bhb_loop+0x35/0x90
[  249.468270][ T8705]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  249.473993][ T8705] RIP: 0033:0x7f2878f39e79
[  249.478249][ T8705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.497690][ T8705] RSP: 002b:00007f2877bb6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  249.505934][ T8705] RAX: ffffffffffffffda RBX: 00007f28790d5f80 RCX: 00007f2878f39e79
[  249.513850][ T8705] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  249.521661][ T8705] RBP: 00007f2877bb7090 R08: 0000000000000000 R09: 0000000000000000
[  249.529468][ T8705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  249.537282][ T8705] R13: 0000000000000000 R14: 00007f28790d5f80 R15: 00007ffe647d8c08
[  249.545101][ T8705]  </TASK>
[  249.771737][ T8700] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.779291][ T8700] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.787690][ T8700] device bridge0 entered promiscuous mode
[  249.794406][ T8723] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.801281][ T8723] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.862118][ T8723] device bridge0 entered promiscuous mode
[  249.945534][ T8748] FAULT_INJECTION: forcing a failure.
[  249.945534][ T8748] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  249.960303][ T8748] CPU: 1 PID: 8748 Comm: syz.0.2479 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  249.971521][ T8748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  249.981408][ T8748] Call Trace:
[  249.984530][ T8748]  <TASK>
[  249.987309][ T8748]  dump_stack_lvl+0x151/0x1c0
[  249.991819][ T8748]  ? io_uring_drop_tctx_refs+0x190/0x190
[  249.997297][ T8748]  dump_stack+0x15/0x20
[  250.001280][ T8748]  should_fail+0x3c6/0x510
[  250.005537][ T8748]  should_fail_alloc_page+0x5a/0x80
[  250.010584][ T8748]  prepare_alloc_pages+0x15c/0x700
[  250.015519][ T8748]  ? __alloc_pages_bulk+0xe40/0xe40
[  250.020555][ T8748]  __alloc_pages+0x18c/0x8f0
[  250.024987][ T8748]  ? prep_new_page+0x110/0x110
[  250.029590][ T8748]  get_zeroed_page+0x1b/0x40
[  250.034094][ T8748]  __pud_alloc+0x8b/0x260
[  250.038346][ T8748]  ? stack_trace_snprint+0xf0/0xf0
[  250.043295][ T8748]  ? do_handle_mm_fault+0x2400/0x2400
[  250.048496][ T8748]  ? __stack_depot_save+0x34/0x470
[  250.053443][ T8748]  ? anon_vma_clone+0x9a/0x500
[  250.058045][ T8748]  copy_page_range+0x2bcf/0x2f90
[  250.062815][ T8748]  ? __kasan_slab_alloc+0xb1/0xe0
[  250.067679][ T8748]  ? slab_post_alloc_hook+0x53/0x2c0
[  250.072800][ T8748]  ? copy_mm+0xa3a/0x13e0
[  250.076965][ T8748]  ? copy_process+0x1149/0x3290
[  250.081649][ T8748]  ? kernel_clone+0x21e/0x9e0
[  250.086165][ T8748]  ? __x64_sys_clone+0x23f/0x290
[  250.090935][ T8748]  ? x64_sys_call+0x1b0/0x9a0
[  250.095448][ T8748]  ? do_syscall_64+0x3b/0xb0
[  250.099876][ T8748]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  250.105789][ T8748]  ? pfn_valid+0x1e0/0x1e0
[  250.110030][ T8748]  ? rwsem_write_trylock+0x153/0x340
[  250.115155][ T8748]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  250.121402][ T8748]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  250.126957][ T8748]  ? __rb_insert_augmented+0x5de/0x610
[  250.132257][ T8748]  copy_mm+0xc7e/0x13e0
[  250.136258][ T8748]  ? copy_signal+0x610/0x610
[  250.140669][ T8748]  ? __init_rwsem+0xfe/0x1d0
[  250.145098][ T8748]  ? copy_signal+0x4e3/0x610
[  250.149526][ T8748]  copy_process+0x1149/0x3290
[  250.154054][ T8748]  ? __kasan_check_write+0x14/0x20
[  250.158987][ T8748]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  250.163929][ T8748]  ? vfs_write+0x9ec/0x1110
[  250.168275][ T8748]  kernel_clone+0x21e/0x9e0
[  250.172610][ T8748]  ? __kasan_check_write+0x14/0x20
[  250.177565][ T8748]  ? create_io_thread+0x1e0/0x1e0
[  250.182436][ T8748]  __x64_sys_clone+0x23f/0x290
[  250.187024][ T8748]  ? __do_sys_vfork+0x130/0x130
[  250.191709][ T8748]  ? debug_smp_processor_id+0x17/0x20
[  250.196909][ T8748]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  250.202816][ T8748]  ? exit_to_user_mode_prepare+0x39/0xa0
[  250.208284][ T8748]  x64_sys_call+0x1b0/0x9a0
[  250.212624][ T8748]  do_syscall_64+0x3b/0xb0
[  250.216871][ T8748]  ? clear_bhb_loop+0x35/0x90
[  250.221390][ T8748]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  250.227114][ T8748] RIP: 0033:0x7fb926837e79
[  250.231370][ T8748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.250810][ T8748] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  250.259054][ T8748] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  250.266958][ T8748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  250.274761][ T8748] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  250.282575][ T8748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  250.290481][ T8748] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  250.298297][ T8748]  </TASK>
[  250.302732][  T555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  250.335415][  T555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  250.404145][ T8763] device syzkaller0 entered promiscuous mode
[  250.547396][ T8766] bridge0: port 3(veth0_vlan) entered disabled state
[  250.555796][ T8766] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.564472][ T8766] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.573442][ T8766] device bridge0 left promiscuous mode
[  250.606656][ T8767] bridge0: port 3(veth0_vlan) entered blocking state
[  250.613299][ T8767] bridge0: port 3(veth0_vlan) entered forwarding state
[  250.620076][ T8767] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.626924][ T8767] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.634057][ T8767] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.640839][ T8767] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.711202][ T8767] device bridge0 entered promiscuous mode
[  250.724102][ T8771] device sit0 left promiscuous mode
[  250.736826][ T8772] bridge0: port 3(veth0_to_batadv) entered disabled state
[  250.743910][ T8772] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.765511][ T8772] device bridge0 left promiscuous mode
[  250.785714][ T8775] bridge0: port 3(veth0_to_batadv) entered blocking state
[  250.792709][ T8775] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  250.800013][ T8775] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.806849][ T8775] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.816785][ T8785] FAULT_INJECTION: forcing a failure.
[  250.816785][ T8785] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  250.860819][ T8775] device bridge0 entered promiscuous mode
[  250.864927][ T8785] CPU: 0 PID: 8785 Comm: syz.3.2491 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  250.874580][ T8776] device sit0 entered promiscuous mode
[  250.877481][ T8785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  250.877497][ T8785] Call Trace:
[  250.877504][ T8785]  <TASK>
[  250.877513][ T8785]  dump_stack_lvl+0x151/0x1c0
[  250.877544][ T8785]  ? io_uring_drop_tctx_refs+0x190/0x190
[  250.877572][ T8785]  dump_stack+0x15/0x20
[  250.877593][ T8785]  should_fail+0x3c6/0x510
[  250.877616][ T8785]  should_fail_alloc_page+0x5a/0x80
[  250.877638][ T8785]  prepare_alloc_pages+0x15c/0x700
[  250.877664][ T8785]  ? __alloc_pages_bulk+0xe40/0xe40
[  250.877691][ T8785]  __alloc_pages+0x18c/0x8f0
[  250.877713][ T8785]  ? prep_new_page+0x110/0x110
[  250.877735][ T8785]  ? __alloc_pages+0x27e/0x8f0
[  250.877766][ T8785]  ? __kasan_check_write+0x14/0x20
[  250.877788][ T8785]  ? _raw_spin_lock+0xa4/0x1b0
[  250.877811][ T8785]  __pmd_alloc+0xb1/0x550
[  250.877834][ T8785]  ? __pud_alloc+0x260/0x260
[  250.877853][ T8785]  ? __pud_alloc+0x213/0x260
[  250.877874][ T8785]  ? do_handle_mm_fault+0x2400/0x2400
[  250.877895][ T8785]  ? __stack_depot_save+0x34/0x470
[  250.877914][ T8785]  ? anon_vma_clone+0x9a/0x500
[  250.877936][ T8785]  copy_page_range+0x2b3d/0x2f90
[  250.877974][ T8785]  ? __kasan_slab_alloc+0xb1/0xe0
[  250.877995][ T8785]  ? slab_post_alloc_hook+0x53/0x2c0
[  250.878018][ T8785]  ? copy_mm+0xa3a/0x13e0
[  250.878036][ T8785]  ? copy_process+0x1149/0x3290
[  250.878058][ T8785]  ? kernel_clone+0x21e/0x9e0
[  251.011701][ T8785]  ? x64_sys_call+0x1b0/0x9a0
[  251.016204][ T8785]  ? do_syscall_64+0x3b/0xb0
[  251.020630][ T8785]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  251.026538][ T8785]  ? pfn_valid+0x1e0/0x1e0
[  251.030786][ T8785]  ? rwsem_write_trylock+0x153/0x340
[  251.036032][ T8785]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  251.042263][ T8785]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  251.047818][ T8785]  ? __rb_insert_augmented+0x5de/0x610
[  251.053114][ T8785]  copy_mm+0xc7e/0x13e0
[  251.057107][ T8785]  ? copy_signal+0x610/0x610
[  251.061529][ T8785]  ? __init_rwsem+0xfe/0x1d0
[  251.065957][ T8785]  ? copy_signal+0x4e3/0x610
[  251.070486][ T8785]  copy_process+0x1149/0x3290
[  251.074999][ T8785]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  251.080637][ T8785]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  251.085583][ T8785]  ? group_send_sig_info+0x1ba/0x460
[  251.090705][ T8785]  kernel_clone+0x21e/0x9e0
[  251.095046][ T8785]  ? create_io_thread+0x1e0/0x1e0
[  251.099907][ T8785]  __x64_sys_clone+0x23f/0x290
[  251.104506][ T8785]  ? __do_sys_vfork+0x130/0x130
[  251.109195][ T8785]  ? debug_smp_processor_id+0x17/0x20
[  251.114397][ T8785]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  251.120298][ T8785]  ? exit_to_user_mode_prepare+0x39/0xa0
[  251.125854][ T8785]  x64_sys_call+0x1b0/0x9a0
[  251.130194][ T8785]  do_syscall_64+0x3b/0xb0
[  251.134445][ T8785]  ? clear_bhb_loop+0x35/0x90
[  251.138961][ T8785]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  251.144687][ T8785] RIP: 0033:0x7f2878f39e79
[  251.148951][ T8785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.168732][ T8785] RSP: 002b:00007f2877bb6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  251.176973][ T8785] RAX: ffffffffffffffda RBX: 00007f28790d5f80 RCX: 00007f2878f39e79
[  251.184784][ T8785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.192595][ T8785] RBP: 00007f2877bb7090 R08: 0000000000000000 R09: 0000000000000000
[  251.200413][ T8785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.208220][ T8785] R13: 0000000000000000 R14: 00007f28790d5f80 R15: 00007ffe647d8c08
[  251.216036][ T8785]  </TASK>
[  251.348302][ T8803] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.355443][ T8803] device bridge0 left promiscuous mode
[  251.365215][ T8808] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.372135][ T8808] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.388464][ T8808] device bridge0 entered promiscuous mode
[  251.463724][ T8823] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.472199][ T8823] device bridge0 left promiscuous mode
[  251.518298][ T8831] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.525240][ T8831] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.568338][ T8831] device bridge0 left promiscuous mode
[  251.589131][ T8831] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.596012][ T8831] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.603134][ T8831] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.609901][ T8831] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.617230][ T8831] device bridge0 entered promiscuous mode
[  251.634916][ T8838] FAULT_INJECTION: forcing a failure.
[  251.634916][ T8838] name failslab, interval 1, probability 0, space 0, times 0
[  251.653786][ T8823] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.660886][ T8823] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.673872][ T8838] CPU: 1 PID: 8838 Comm: syz.1.2504 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  251.684987][ T8838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  251.694889][ T8838] Call Trace:
[  251.698009][ T8838]  <TASK>
[  251.700794][ T8838]  dump_stack_lvl+0x151/0x1c0
[  251.705298][ T8838]  ? io_uring_drop_tctx_refs+0x190/0x190
[  251.710765][ T8838]  dump_stack+0x15/0x20
[  251.714756][ T8838]  should_fail+0x3c6/0x510
[  251.719016][ T8838]  __should_failslab+0xa4/0xe0
[  251.723614][ T8838]  ? vm_area_dup+0x26/0x230
[  251.727952][ T8838]  should_failslab+0x9/0x20
[  251.732296][ T8838]  slab_pre_alloc_hook+0x37/0xd0
[  251.737064][ T8838]  ? vm_area_dup+0x26/0x230
[  251.741404][ T8838]  kmem_cache_alloc+0x44/0x200
[  251.746002][ T8838]  vm_area_dup+0x26/0x230
[  251.750179][ T8838]  copy_mm+0x9a1/0x13e0
[  251.754169][ T8838]  ? copy_signal+0x610/0x610
[  251.758590][ T8838]  ? __init_rwsem+0xfe/0x1d0
[  251.763056][ T8838]  ? copy_signal+0x4e3/0x610
[  251.767443][ T8838]  copy_process+0x1149/0x3290
[  251.771960][ T8838]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  251.777595][ T8838]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  251.782570][ T8838]  ? group_send_sig_info+0x1ba/0x460
[  251.787665][ T8838]  kernel_clone+0x21e/0x9e0
[  251.792003][ T8838]  ? create_io_thread+0x1e0/0x1e0
[  251.796870][ T8838]  __x64_sys_clone+0x23f/0x290
[  251.801462][ T8838]  ? __do_sys_vfork+0x130/0x130
[  251.806152][ T8838]  ? debug_smp_processor_id+0x17/0x20
[  251.811357][ T8838]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  251.817262][ T8838]  ? exit_to_user_mode_prepare+0x39/0xa0
[  251.822732][ T8838]  x64_sys_call+0x1b0/0x9a0
[  251.827067][ T8838]  do_syscall_64+0x3b/0xb0
[  251.831320][ T8838]  ? clear_bhb_loop+0x35/0x90
[  251.835832][ T8838]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  251.841562][ T8838] RIP: 0033:0x7f895dd48e79
[  251.845837][ T8838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.865255][ T8838] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  251.873502][ T8838] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  251.881313][ T8838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.889211][ T8838] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  251.897023][ T8838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.904836][ T8838] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  251.912651][ T8838]  </TASK>
[  251.917781][ T8823] device bridge0 entered promiscuous mode
[  252.115749][ T8852] device sit0 left promiscuous mode
[  252.153490][ T8856] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.198849][ T8856] device bridge0 left promiscuous mode
[  252.212368][   T30] audit: type=1400 audit(1724741400.273:165): avc:  denied  { create } for  pid=8858 comm="syz.0.2513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  252.234345][ T8852] device sit0 entered promiscuous mode
[  252.277855][ T8867] ref_ctr_offset mismatch. inode: 0x40d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1fe
[  252.376539][ T8862] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.383583][ T8862] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.395311][ T8862] device bridge0 entered promiscuous mode
[  252.403634][ T8871] bridge0: port 3(veth0_to_batadv) entered disabled state
[  252.410745][ T8871] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.417896][ T8871] device bridge0 left promiscuous mode
[  252.426948][ T8873] bridge0: port 3(veth0_to_batadv) entered blocking state
[  252.433902][ T8873] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  252.441059][ T8873] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.447858][ T8873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.456192][ T8875] FAULT_INJECTION: forcing a failure.
[  252.456192][ T8875] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  252.456241][ T8873] device bridge0 entered promiscuous mode
[  252.473653][ T8875] CPU: 0 PID: 8875 Comm: syz.1.2516 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  252.485862][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  252.495762][ T8875] Call Trace:
[  252.498886][ T8875]  <TASK>
[  252.501661][ T8875]  dump_stack_lvl+0x151/0x1c0
[  252.506178][ T8875]  ? io_uring_drop_tctx_refs+0x190/0x190
[  252.511646][ T8875]  dump_stack+0x15/0x20
[  252.515631][ T8875]  should_fail+0x3c6/0x510
[  252.519883][ T8875]  should_fail_alloc_page+0x5a/0x80
[  252.524914][ T8875]  prepare_alloc_pages+0x15c/0x700
[  252.529865][ T8875]  ? __alloc_pages_bulk+0xe40/0xe40
[  252.534911][ T8875]  __alloc_pages+0x18c/0x8f0
[  252.539338][ T8875]  ? prep_new_page+0x110/0x110
[  252.543923][ T8875]  ? __alloc_pages+0x27e/0x8f0
[  252.548526][ T8875]  ? __kasan_check_write+0x14/0x20
[  252.553469][ T8875]  ? _raw_spin_lock+0xa4/0x1b0
[  252.558073][ T8875]  pte_alloc_one+0x73/0x1b0
[  252.562412][ T8875]  ? pfn_modify_allowed+0x2f0/0x2f0
[  252.567443][ T8875]  ? __pmd_alloc+0x48d/0x550
[  252.571873][ T8875]  __pte_alloc+0x86/0x350
[  252.576036][ T8875]  ? __pud_alloc+0x260/0x260
[  252.580471][ T8875]  ? __pud_alloc+0x213/0x260
[  252.584892][ T8875]  ? free_pgtables+0x280/0x280
[  252.589491][ T8875]  ? do_handle_mm_fault+0x2400/0x2400
[  252.594699][ T8875]  ? __stack_depot_save+0x34/0x470
[  252.599646][ T8875]  ? anon_vma_clone+0x9a/0x500
[  252.604245][ T8875]  copy_page_range+0x28a8/0x2f90
[  252.609018][ T8875]  ? __kasan_slab_alloc+0xb1/0xe0
[  252.613881][ T8875]  ? slab_post_alloc_hook+0x53/0x2c0
[  252.619001][ T8875]  ? kernel_clone+0x21e/0x9e0
[  252.623512][ T8875]  ? x64_sys_call+0x1b0/0x9a0
[  252.628025][ T8875]  ? do_syscall_64+0x3b/0xb0
[  252.632451][ T8875]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  252.638365][ T8875]  ? pfn_valid+0x1e0/0x1e0
[  252.642607][ T8875]  ? rwsem_write_trylock+0x153/0x340
[  252.647727][ T8875]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  252.653997][ T8875]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  252.659531][ T8875]  ? __rb_insert_augmented+0x5de/0x610
[  252.664914][ T8875]  copy_mm+0xc7e/0x13e0
[  252.668912][ T8875]  ? copy_signal+0x610/0x610
[  252.673426][ T8875]  ? __init_rwsem+0xfe/0x1d0
[  252.677935][ T8875]  ? copy_signal+0x4e3/0x610
[  252.682362][ T8875]  copy_process+0x1149/0x3290
[  252.686874][ T8875]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  252.692517][ T8875]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  252.697461][ T8875]  ? group_send_sig_info+0x1ba/0x460
[  252.702586][ T8875]  kernel_clone+0x21e/0x9e0
[  252.706928][ T8875]  ? create_io_thread+0x1e0/0x1e0
[  252.711785][ T8875]  __x64_sys_clone+0x23f/0x290
[  252.716381][ T8875]  ? __do_sys_vfork+0x130/0x130
[  252.721071][ T8875]  ? debug_smp_processor_id+0x17/0x20
[  252.726277][ T8875]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  252.732178][ T8875]  ? exit_to_user_mode_prepare+0x39/0xa0
[  252.737646][ T8875]  x64_sys_call+0x1b0/0x9a0
[  252.741993][ T8875]  do_syscall_64+0x3b/0xb0
[  252.746240][ T8875]  ? clear_bhb_loop+0x35/0x90
[  252.750751][ T8875]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  252.756482][ T8875] RIP: 0033:0x7f895dd48e79
[  252.760734][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.780188][ T8875] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  252.788419][ T8875] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  252.796229][ T8875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  252.804040][ T8875] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  252.811849][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  252.819664][ T8875] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  252.827481][ T8875]  </TASK>
[  252.868244][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.881722][ T8881] device bridge0 left promiscuous mode
[  253.019305][ T8881] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.026812][ T8881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.040971][ T8881] device bridge0 entered promiscuous mode
[  253.095507][ T8904] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.102479][ T8904] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.126260][ T8904] device bridge0 left promiscuous mode
[  253.134716][ T8901] device sit0 left promiscuous mode
[  253.141465][ T8908] FAULT_INJECTION: forcing a failure.
[  253.141465][ T8908] name failslab, interval 1, probability 0, space 0, times 0
[  253.159617][ T8904] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.166498][ T8904] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.173622][ T8904] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.180483][ T8904] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.187967][ T8908] CPU: 1 PID: 8908 Comm: syz.2.2529 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  253.199070][ T8908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  253.208966][ T8908] Call Trace:
[  253.212085][ T8908]  <TASK>
[  253.214866][ T8908]  dump_stack_lvl+0x151/0x1c0
[  253.219471][ T8908]  ? io_uring_drop_tctx_refs+0x190/0x190
[  253.224937][ T8908]  dump_stack+0x15/0x20
[  253.228926][ T8908]  should_fail+0x3c6/0x510
[  253.233181][ T8908]  __should_failslab+0xa4/0xe0
[  253.237778][ T8908]  ? vm_area_dup+0x26/0x230
[  253.242115][ T8908]  should_failslab+0x9/0x20
[  253.246457][ T8908]  slab_pre_alloc_hook+0x37/0xd0
[  253.251234][ T8908]  ? vm_area_dup+0x26/0x230
[  253.255569][ T8908]  kmem_cache_alloc+0x44/0x200
[  253.260223][ T8908]  vm_area_dup+0x26/0x230
[  253.264349][ T8908]  copy_mm+0x9a1/0x13e0
[  253.268337][ T8908]  ? copy_signal+0x610/0x610
[  253.272766][ T8908]  ? __init_rwsem+0xfe/0x1d0
[  253.277179][ T8908]  ? copy_signal+0x4e3/0x610
[  253.281613][ T8908]  copy_process+0x1149/0x3290
[  253.286122][ T8908]  ? __kasan_check_write+0x14/0x20
[  253.291084][ T8908]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  253.296014][ T8908]  ? vfs_write+0x9ec/0x1110
[  253.300361][ T8908]  kernel_clone+0x21e/0x9e0
[  253.304694][ T8908]  ? __kasan_check_write+0x14/0x20
[  253.309645][ T8908]  ? create_io_thread+0x1e0/0x1e0
[  253.314509][ T8908]  __x64_sys_clone+0x23f/0x290
[  253.319105][ T8908]  ? __do_sys_vfork+0x130/0x130
[  253.323790][ T8908]  ? debug_smp_processor_id+0x17/0x20
[  253.325350][ T8904] device bridge0 entered promiscuous mode
[  253.328991][ T8908]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  253.329021][ T8908]  ? exit_to_user_mode_prepare+0x39/0xa0
[  253.329045][ T8908]  x64_sys_call+0x1b0/0x9a0
[  253.350262][ T8908]  do_syscall_64+0x3b/0xb0
[  253.354517][ T8908]  ? clear_bhb_loop+0x35/0x90
[  253.359026][ T8908]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  253.364756][ T8908] RIP: 0033:0x7f509d8afe79
[  253.369008][ T8908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.370704][ T8901] device sit0 entered promiscuous mode
[  253.388445][ T8908] RSP: 002b:00007f509c52cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  253.388479][ T8908] RAX: ffffffffffffffda RBX: 00007f509da4bf80 RCX: 00007f509d8afe79
[  253.388496][ T8908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.388509][ T8908] RBP: 00007f509c52d090 R08: 0000000000000000 R09: 0000000000000000
[  253.388524][ T8908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  253.388537][ T8908] R13: 0000000000000000 R14: 00007f509da4bf80 R15: 00007ffe6a799028
[  253.388561][ T8908]  </TASK>
[  253.664450][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.688026][ T8913] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.697311][ T8913] device bridge0 left promiscuous mode
[  253.718572][ T8916] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.725464][ T8916] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.778202][ T8916] device bridge0 entered promiscuous mode
[  253.794992][ T8937] bridge0: port 3(veth0_vlan) entered disabled state
[  253.802734][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.810091][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.855909][ T8937] device bridge0 left promiscuous mode
[  253.927511][ T8940] bridge0: port 3(veth0_vlan) entered blocking state
[  253.934066][ T8940] bridge0: port 3(veth0_vlan) entered forwarding state
[  253.940839][ T8940] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.947795][ T8940] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.954903][ T8940] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.961689][ T8940] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.023879][ T8940] device bridge0 entered promiscuous mode
[  254.065227][ T8950] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.077913][ T8950] device bridge0 left promiscuous mode
[  254.137075][ T8958] FAULT_INJECTION: forcing a failure.
[  254.137075][ T8958] name failslab, interval 1, probability 0, space 0, times 0
[  254.149661][ T8954] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.156505][ T8954] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.178537][ T8954] device bridge0 entered promiscuous mode
[  254.198138][ T8958] CPU: 1 PID: 8958 Comm: syz.1.2544 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  254.209421][ T8958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  254.219353][ T8958] Call Trace:
[  254.222442][ T8958]  <TASK>
[  254.225224][ T8958]  dump_stack_lvl+0x151/0x1c0
[  254.229901][ T8958]  ? io_uring_drop_tctx_refs+0x190/0x190
[  254.235370][ T8958]  dump_stack+0x15/0x20
[  254.239366][ T8958]  should_fail+0x3c6/0x510
[  254.243614][ T8958]  __should_failslab+0xa4/0xe0
[  254.248224][ T8958]  ? vm_area_dup+0x26/0x230
[  254.252554][ T8958]  should_failslab+0x9/0x20
[  254.256898][ T8958]  slab_pre_alloc_hook+0x37/0xd0
[  254.261667][ T8958]  ? vm_area_dup+0x26/0x230
[  254.266005][ T8958]  kmem_cache_alloc+0x44/0x200
[  254.270608][ T8958]  vm_area_dup+0x26/0x230
[  254.274772][ T8958]  copy_mm+0x9a1/0x13e0
[  254.278769][ T8958]  ? copy_signal+0x610/0x610
[  254.283192][ T8958]  ? __init_rwsem+0xfe/0x1d0
[  254.287703][ T8958]  ? copy_signal+0x4e3/0x610
[  254.292132][ T8958]  copy_process+0x1149/0x3290
[  254.296829][ T8958]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  254.302478][ T8958]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  254.307408][ T8958]  ? group_send_sig_info+0x1ba/0x460
[  254.312535][ T8958]  kernel_clone+0x21e/0x9e0
[  254.316870][ T8958]  ? create_io_thread+0x1e0/0x1e0
[  254.321730][ T8958]  __x64_sys_clone+0x23f/0x290
[  254.326328][ T8958]  ? __do_sys_vfork+0x130/0x130
[  254.331017][ T8958]  ? debug_smp_processor_id+0x17/0x20
[  254.336228][ T8958]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  254.342139][ T8958]  ? exit_to_user_mode_prepare+0x39/0xa0
[  254.347592][ T8958]  x64_sys_call+0x1b0/0x9a0
[  254.351935][ T8958]  do_syscall_64+0x3b/0xb0
[  254.356185][ T8958]  ? clear_bhb_loop+0x35/0x90
[  254.360695][ T8958]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  254.366426][ T8958] RIP: 0033:0x7f895dd48e79
[  254.370679][ T8958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.390121][ T8958] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  254.398365][ T8958] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  254.406176][ T8958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  254.413989][ T8958] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  254.421797][ T8958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.429608][ T8958] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  254.437445][ T8958]  </TASK>
[  254.491029][ T8973] device sit0 left promiscuous mode
[  254.517328][ T8973] device sit0 entered promiscuous mode
[  254.768210][ T8980] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.795196][ T8980] device bridge0 left promiscuous mode
[  254.842764][ T8984] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.849671][ T8984] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.869962][ T8984] device bridge0 entered promiscuous mode
[  254.961507][ T8990] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.969397][ T8990] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.070015][ T8990] device bridge0 left promiscuous mode
[  255.140397][ T8991] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.147294][ T8991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.154398][ T8991] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.161159][ T8991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.201123][ T8991] device bridge0 entered promiscuous mode
[  255.209335][ T9005] FAULT_INJECTION: forcing a failure.
[  255.209335][ T9005] name failslab, interval 1, probability 0, space 0, times 0
[  255.230302][ T9001] bridge0: port 3(veth0_to_batadv) entered disabled state
[  255.232475][ T9005] CPU: 1 PID: 9005 Comm: syz.2.2559 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  255.237968][ T9001] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.248688][ T9005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  255.248704][ T9005] Call Trace:
[  255.248711][ T9005]  <TASK>
[  255.248720][ T9005]  dump_stack_lvl+0x151/0x1c0
[  255.248752][ T9005]  ? io_uring_drop_tctx_refs+0x190/0x190
[  255.248780][ T9005]  dump_stack+0x15/0x20
[  255.248802][ T9005]  should_fail+0x3c6/0x510
[  255.289580][ T9005]  __should_failslab+0xa4/0xe0
[  255.293941][ T9001] device bridge0 left promiscuous mode
[  255.294166][ T9005]  ? vm_area_dup+0x26/0x230
[  255.294195][ T9005]  should_failslab+0x9/0x20
[  255.294217][ T9005]  slab_pre_alloc_hook+0x37/0xd0
[  255.294243][ T9005]  ? vm_area_dup+0x26/0x230
[  255.294265][ T9005]  kmem_cache_alloc+0x44/0x200
[  255.294295][ T9005]  vm_area_dup+0x26/0x230
[  255.294319][ T9005]  copy_mm+0x9a1/0x13e0
[  255.294345][ T9005]  ? copy_signal+0x610/0x610
[  255.294365][ T9005]  ? __init_rwsem+0xfe/0x1d0
[  255.294388][ T9005]  ? copy_signal+0x4e3/0x610
[  255.294409][ T9005]  copy_process+0x1149/0x3290
[  255.294434][ T9005]  ? send_signal+0x43a/0x590
[  255.294459][ T9005]  ? do_send_sig_info+0xfb/0x230
[  255.337456][ T9002] bridge0: port 3(veth0_to_batadv) entered blocking state
[  255.339114][ T9005]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  255.339145][ T9005]  ? group_send_sig_info+0x1ba/0x460
[  255.343548][ T9002] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  255.348052][ T9005]  ? __lock_task_sighand+0x100/0x100
[  255.348081][ T9005]  kernel_clone+0x21e/0x9e0
[  255.352579][ T9002] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.357250][ T9005]  ? __kasan_check_write+0x14/0x20
[  255.364227][ T9002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.369140][ T9005]  ? create_io_thread+0x1e0/0x1e0
[  255.414543][ T9005]  __x64_sys_clone+0x23f/0x290
[  255.419153][ T9005]  ? __do_sys_vfork+0x130/0x130
[  255.423838][ T9005]  ? debug_smp_processor_id+0x17/0x20
[  255.429031][ T9005]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  255.435033][ T9005]  ? exit_to_user_mode_prepare+0x39/0xa0
[  255.440500][ T9005]  x64_sys_call+0x1b0/0x9a0
[  255.442177][ T9002] device bridge0 entered promiscuous mode
[  255.444835][ T9005]  do_syscall_64+0x3b/0xb0
[  255.444863][ T9005]  ? clear_bhb_loop+0x35/0x90
[  255.459168][ T9005]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  255.464886][ T9005] RIP: 0033:0x7f509d8afe79
[  255.469157][ T9005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.488583][ T9005] RSP: 002b:00007f509c52cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  255.496822][ T9005] RAX: ffffffffffffffda RBX: 00007f509da4bf80 RCX: 00007f509d8afe79
[  255.504635][ T9005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.512482][ T9005] RBP: 00007f509c52d090 R08: 0000000000000000 R09: 0000000000000000
[  255.520259][ T9005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  255.528071][ T9005] R13: 0000000000000000 R14: 00007f509da4bf80 R15: 00007ffe6a799028
[  255.535888][ T9005]  </TASK>
[  255.851101][ T9008] device syzkaller0 entered promiscuous mode
[  255.874844][ T9033] device sit0 left promiscuous mode
[  255.907609][ T9025] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.914572][ T9025] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.953030][ T9025] device bridge0 left promiscuous mode
[  255.980459][ T9034] device sit0 entered promiscuous mode
[  256.168540][ T9035] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.175462][ T9035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.182586][ T9035] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.189451][ T9035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.198028][ T9035] device bridge0 entered promiscuous mode
[  256.287230][ T9054] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.304382][ T9054] device bridge0 left promiscuous mode
[  256.352243][ T9056] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.360859][ T9056] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.487025][ T9056] device bridge0 left promiscuous mode
[  256.587806][ T9054] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.595014][ T9054] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.625471][ T9065] FAULT_INJECTION: forcing a failure.
[  256.625471][ T9065] name failslab, interval 1, probability 0, space 0, times 0
[  256.628854][ T9054] device bridge0 entered promiscuous mode
[  256.768682][ T9061] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.775580][ T9061] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.782697][ T9061] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.789556][ T9061] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.816998][ T9065] CPU: 0 PID: 9065 Comm: syz.4.2575 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  256.828200][ T9065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  256.838098][ T9065] Call Trace:
[  256.841386][ T9065]  <TASK>
[  256.844167][ T9065]  dump_stack_lvl+0x151/0x1c0
[  256.848679][ T9065]  ? io_uring_drop_tctx_refs+0x190/0x190
[  256.854148][ T9065]  ? avc_denied+0x1b0/0x1b0
[  256.858490][ T9065]  dump_stack+0x15/0x20
[  256.862479][ T9065]  should_fail+0x3c6/0x510
[  256.866819][ T9065]  __should_failslab+0xa4/0xe0
[  256.871417][ T9065]  ? vm_area_dup+0x26/0x230
[  256.875766][ T9065]  should_failslab+0x9/0x20
[  256.880218][ T9065]  slab_pre_alloc_hook+0x37/0xd0
[  256.884984][ T9065]  ? vm_area_dup+0x26/0x230
[  256.889344][ T9065]  kmem_cache_alloc+0x44/0x200
[  256.893925][ T9065]  vm_area_dup+0x26/0x230
[  256.898092][ T9065]  copy_mm+0x9a1/0x13e0
[  256.902086][ T9065]  ? copy_signal+0x610/0x610
[  256.906517][ T9065]  ? __init_rwsem+0xfe/0x1d0
[  256.910945][ T9065]  ? copy_signal+0x4e3/0x610
[  256.915361][ T9065]  copy_process+0x1149/0x3290
[  256.919879][ T9065]  ? send_signal+0x43a/0x590
[  256.924316][ T9065]  ? do_send_sig_info+0xfb/0x230
[  256.929160][ T9065]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  256.934104][ T9065]  ? group_send_sig_info+0x1ba/0x460
[  256.939228][ T9065]  ? __lock_task_sighand+0x100/0x100
[  256.944347][ T9065]  kernel_clone+0x21e/0x9e0
[  256.948691][ T9065]  ? __kasan_check_write+0x14/0x20
[  256.953639][ T9065]  ? create_io_thread+0x1e0/0x1e0
[  256.958501][ T9065]  __x64_sys_clone+0x23f/0x290
[  256.963097][ T9065]  ? __do_sys_vfork+0x130/0x130
[  256.967783][ T9065]  ? debug_smp_processor_id+0x17/0x20
[  256.973003][ T9065]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  256.978891][ T9065]  ? exit_to_user_mode_prepare+0x39/0xa0
[  256.984363][ T9065]  x64_sys_call+0x1b0/0x9a0
[  256.988698][ T9065]  do_syscall_64+0x3b/0xb0
[  256.992951][ T9065]  ? clear_bhb_loop+0x35/0x90
[  256.997462][ T9065]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  257.003285][ T9065] RIP: 0033:0x7fc893175e79
[  257.007619][ T9065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.027063][ T9065] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  257.035400][ T9065] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  257.043206][ T9065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  257.051015][ T9065] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  257.058828][ T9065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  257.066762][ T9065] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  257.074546][ T9065]  </TASK>
[  257.077667][ T9061] device bridge0 entered promiscuous mode
[  257.165508][ T9073] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.172495][ T9073] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.216375][ T9073] device bridge0 left promiscuous mode
[  257.224296][ T9083] device sit0 left promiscuous mode
[  257.239830][ T9090] device sit0 left promiscuous mode
[  257.251396][ T9073] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.258275][ T9073] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.265392][ T9073] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.272263][ T9073] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.287196][ T9073] device bridge0 entered promiscuous mode
[  257.294180][ T9083] device sit0 entered promiscuous mode
[  257.408091][ T9090] device sit0 entered promiscuous mode
[  257.514206][ T9102] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.521806][ T9102] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.532276][ T9102] device bridge0 left promiscuous mode
[  257.593558][ T9104] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.600560][ T9104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.607677][ T9104] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.614550][ T9104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.658262][ T9104] device bridge0 entered promiscuous mode
[  257.669852][ T9110] bridge0: port 3(veth0_vlan) entered disabled state
[  257.677497][ T9110] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.685748][ T9110] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.739858][ T9110] device bridge0 left promiscuous mode
[  257.757693][ T9124] FAULT_INJECTION: forcing a failure.
[  257.757693][ T9124] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  257.787286][ T9124] CPU: 0 PID: 9124 Comm: syz.3.2595 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  257.798402][ T9124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  257.808305][ T9124] Call Trace:
[  257.811419][ T9124]  <TASK>
[  257.814199][ T9124]  dump_stack_lvl+0x151/0x1c0
[  257.818713][ T9124]  ? io_uring_drop_tctx_refs+0x190/0x190
[  257.824181][ T9124]  dump_stack+0x15/0x20
[  257.828172][ T9124]  should_fail+0x3c6/0x510
[  257.832430][ T9124]  should_fail_alloc_page+0x5a/0x80
[  257.837462][ T9124]  prepare_alloc_pages+0x15c/0x700
[  257.842408][ T9124]  ? __alloc_pages+0x8f0/0x8f0
[  257.847013][ T9124]  ? __alloc_pages_bulk+0xe40/0xe40
[  257.852038][ T9124]  ? _raw_spin_lock+0x1b0/0x1b0
[  257.856732][ T9124]  __alloc_pages+0x18c/0x8f0
[  257.861252][ T9124]  ? prep_new_page+0x110/0x110
[  257.865843][ T9124]  ? queue_map_pop_elem+0x255/0x3b0
[  257.870884][ T9124]  pte_alloc_one+0x73/0x1b0
[  257.875212][ T9124]  ? pfn_modify_allowed+0x2f0/0x2f0
[  257.880255][ T9124]  ? bpf_trace_run2+0x210/0x210
[  257.884932][ T9124]  ? arch_stack_walk+0xf3/0x140
[  257.889627][ T9124]  __pte_alloc+0x86/0x350
[  257.893786][ T9124]  ? free_pgtables+0x280/0x280
[  257.898389][ T9124]  ? __bpf_trace_rss_stat+0x95/0xc0
[  257.903430][ T9124]  copy_page_range+0x28a8/0x2f90
[  257.908297][ T9124]  ? __kasan_slab_alloc+0xb1/0xe0
[  257.913156][ T9124]  ? pfn_valid+0x1e0/0x1e0
[  257.917392][ T9124]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  257.922952][ T9124]  ? __rb_insert_augmented+0x5de/0x610
[  257.928248][ T9124]  copy_mm+0xc7e/0x13e0
[  257.932239][ T9124]  ? copy_signal+0x610/0x610
[  257.936662][ T9124]  ? __init_rwsem+0xfe/0x1d0
[  257.941088][ T9124]  ? copy_signal+0x4e3/0x610
[  257.945513][ T9124]  copy_process+0x1149/0x3290
[  257.950029][ T9124]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  257.955669][ T9124]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  257.960615][ T9124]  ? group_send_sig_info+0x1ba/0x460
[  257.965737][ T9124]  kernel_clone+0x21e/0x9e0
[  257.970080][ T9124]  ? create_io_thread+0x1e0/0x1e0
[  257.974937][ T9124]  __x64_sys_clone+0x23f/0x290
[  257.979535][ T9124]  ? __do_sys_vfork+0x130/0x130
[  257.984222][ T9124]  ? debug_smp_processor_id+0x17/0x20
[  257.989429][ T9124]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  257.995332][ T9124]  ? exit_to_user_mode_prepare+0x39/0xa0
[  258.000810][ T9124]  x64_sys_call+0x1b0/0x9a0
[  258.005137][ T9124]  do_syscall_64+0x3b/0xb0
[  258.009391][ T9124]  ? clear_bhb_loop+0x35/0x90
[  258.013904][ T9124]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  258.019634][ T9124] RIP: 0033:0x7f2878f39e79
[  258.023894][ T9124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.043332][ T9124] RSP: 002b:00007f2877bb6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  258.051569][ T9124] RAX: ffffffffffffffda RBX: 00007f28790d5f80 RCX: 00007f2878f39e79
[  258.059381][ T9124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  258.067193][ T9124] RBP: 00007f2877bb7090 R08: 0000000000000000 R09: 0000000000000000
[  258.075005][ T9124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  258.082821][ T9124] R13: 0000000000000000 R14: 00007f28790d5f80 R15: 00007ffe647d8c08
[  258.090636][ T9124]  </TASK>
[  258.093905][ T9130] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.100844][ T9130] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.114344][ T9130] device bridge0 left promiscuous mode
[  258.122017][ T9111] bridge0: port 3(veth0_vlan) entered blocking state
[  258.128559][ T9111] bridge0: port 3(veth0_vlan) entered forwarding state
[  258.135315][ T9111] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.142103][ T9111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.149206][ T9111] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.155959][ T9111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.171293][ T9111] device bridge0 entered promiscuous mode
[  258.188419][ T9128] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.195293][ T9128] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.202445][ T9128] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.209307][ T9128] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.218557][ T9128] device bridge0 entered promiscuous mode
[  258.249997][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  258.277117][ T9136] device sit0 left promiscuous mode
[  258.294676][ T9136] device sit0 entered promiscuous mode
[  258.592866][ T9155] bridge0: port 3(veth0_vlan) entered disabled state
[  258.601969][ T9155] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.610070][ T9155] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.623572][ T9157] FAULT_INJECTION: forcing a failure.
[  258.623572][ T9157] name failslab, interval 1, probability 0, space 0, times 0
[  258.764369][ T9155] device bridge0 left promiscuous mode
[  258.784764][ T9157] CPU: 1 PID: 9157 Comm: syz.4.2608 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  258.795876][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  258.805778][ T9157] Call Trace:
[  258.808889][ T9157]  <TASK>
[  258.811668][ T9157]  dump_stack_lvl+0x151/0x1c0
[  258.816182][ T9157]  ? io_uring_drop_tctx_refs+0x190/0x190
[  258.821654][ T9157]  dump_stack+0x15/0x20
[  258.825640][ T9157]  should_fail+0x3c6/0x510
[  258.829900][ T9157]  __should_failslab+0xa4/0xe0
[  258.834492][ T9157]  ? anon_vma_fork+0xf7/0x4e0
[  258.839010][ T9157]  should_failslab+0x9/0x20
[  258.843349][ T9157]  slab_pre_alloc_hook+0x37/0xd0
[  258.848125][ T9157]  ? anon_vma_fork+0xf7/0x4e0
[  258.852633][ T9157]  kmem_cache_alloc+0x44/0x200
[  258.857254][ T9157]  anon_vma_fork+0xf7/0x4e0
[  258.861606][ T9157]  ? anon_vma_name+0x43/0x70
[  258.866002][ T9157]  ? vm_area_dup+0x17a/0x230
[  258.870425][ T9157]  copy_mm+0xa3a/0x13e0
[  258.874426][ T9157]  ? copy_signal+0x610/0x610
[  258.878845][ T9157]  ? __init_rwsem+0xfe/0x1d0
[  258.883278][ T9157]  ? copy_signal+0x4e3/0x610
[  258.887698][ T9157]  copy_process+0x1149/0x3290
[  258.892214][ T9157]  ? __kasan_check_write+0x14/0x20
[  258.897179][ T9157]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  258.902117][ T9157]  ? vfs_write+0x9ec/0x1110
[  258.906451][ T9157]  kernel_clone+0x21e/0x9e0
[  258.910784][ T9157]  ? __kasan_check_write+0x14/0x20
[  258.915729][ T9157]  ? create_io_thread+0x1e0/0x1e0
[  258.920593][ T9157]  __x64_sys_clone+0x23f/0x290
[  258.925193][ T9157]  ? __do_sys_vfork+0x130/0x130
[  258.929878][ T9157]  ? debug_smp_processor_id+0x17/0x20
[  258.935085][ T9157]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  258.940993][ T9157]  ? exit_to_user_mode_prepare+0x39/0xa0
[  258.946460][ T9157]  x64_sys_call+0x1b0/0x9a0
[  258.950799][ T9157]  do_syscall_64+0x3b/0xb0
[  258.955046][ T9157]  ? clear_bhb_loop+0x35/0x90
[  258.959565][ T9157]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  258.965287][ T9157] RIP: 0033:0x7fc893175e79
[  258.969542][ T9157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.988987][ T9157] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  258.997227][ T9157] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  259.005039][ T9157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  259.012849][ T9157] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  259.020663][ T9157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  259.028472][ T9157] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  259.036291][ T9157]  </TASK>
[  259.104518][ T9159] bridge0: port 3(veth0_vlan) entered blocking state
[  259.111054][ T9159] bridge0: port 3(veth0_vlan) entered forwarding state
[  259.117822][ T9159] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.124606][ T9159] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.131722][ T9159] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.138587][ T9159] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.160876][ T9159] device bridge0 entered promiscuous mode
[  259.171377][ T9161] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.198757][ T9161] device bridge0 left promiscuous mode
[  261.048194][ T9165] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.085589][ T9165] device bridge0 left promiscuous mode
[  261.131836][ T9166] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.138831][ T9166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.186775][ T9166] device bridge0 entered promiscuous mode
[  261.194270][ T9170] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.201162][ T9170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.267479][   T99] udevd[99]: worker [1396] terminated by signal 33 (Unknown signal 33)
[  261.291127][ T9170] device bridge0 entered promiscuous mode
[  261.324664][   T99] udevd[99]: worker [1396] failed while handling '/devices/virtual/block/loop2'
[  261.340035][ T9181] device sit0 left promiscuous mode
[  261.364460][ T9182] device sit0 entered promiscuous mode
[  261.673142][ T9197] device pim6reg1 entered promiscuous mode
[  261.685790][ T9199] FAULT_INJECTION: forcing a failure.
[  261.685790][ T9199] name failslab, interval 1, probability 0, space 0, times 0
[  261.698929][ T9199] CPU: 0 PID: 9199 Comm: syz.0.2623 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  261.710035][ T9199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  261.719929][ T9199] Call Trace:
[  261.723052][ T9199]  <TASK>
[  261.725829][ T9199]  dump_stack_lvl+0x151/0x1c0
[  261.730344][ T9199]  ? io_uring_drop_tctx_refs+0x190/0x190
[  261.735810][ T9199]  ? avc_denied+0x1b0/0x1b0
[  261.740155][ T9199]  dump_stack+0x15/0x20
[  261.744146][ T9199]  should_fail+0x3c6/0x510
[  261.748398][ T9199]  __should_failslab+0xa4/0xe0
[  261.752998][ T9199]  ? vm_area_dup+0x26/0x230
[  261.757337][ T9199]  should_failslab+0x9/0x20
[  261.761678][ T9199]  slab_pre_alloc_hook+0x37/0xd0
[  261.766450][ T9199]  ? vm_area_dup+0x26/0x230
[  261.770793][ T9199]  kmem_cache_alloc+0x44/0x200
[  261.775428][ T9199]  vm_area_dup+0x26/0x230
[  261.779556][ T9199]  copy_mm+0x9a1/0x13e0
[  261.783568][ T9199]  ? copy_signal+0x610/0x610
[  261.788001][ T9199]  ? __init_rwsem+0xfe/0x1d0
[  261.792399][ T9199]  ? copy_signal+0x4e3/0x610
[  261.796827][ T9199]  copy_process+0x1149/0x3290
[  261.801341][ T9199]  ? __kasan_check_write+0x14/0x20
[  261.806293][ T9199]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  261.811234][ T9199]  ? vfs_write+0x9ec/0x1110
[  261.815577][ T9199]  kernel_clone+0x21e/0x9e0
[  261.819999][ T9199]  ? __kasan_check_write+0x14/0x20
[  261.824947][ T9199]  ? create_io_thread+0x1e0/0x1e0
[  261.829810][ T9199]  __x64_sys_clone+0x23f/0x290
[  261.834407][ T9199]  ? __do_sys_vfork+0x130/0x130
[  261.839097][ T9199]  ? debug_smp_processor_id+0x17/0x20
[  261.844302][ T9199]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  261.850251][ T9199]  ? exit_to_user_mode_prepare+0x39/0xa0
[  261.855675][ T9199]  x64_sys_call+0x1b0/0x9a0
[  261.860009][ T9199]  do_syscall_64+0x3b/0xb0
[  261.864351][ T9199]  ? clear_bhb_loop+0x35/0x90
[  261.868865][ T9199]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  261.874590][ T9199] RIP: 0033:0x7fb926837e79
[  261.878846][ T9199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.898291][ T9199] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  261.906530][ T9199] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  261.914341][ T9199] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  261.922156][ T9199] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  261.929962][ T9199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.937776][ T9199] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  261.945593][ T9199]  </TASK>
[  262.025778][ T9213] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.032918][ T9213] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.040214][ T9213] device bridge0 left promiscuous mode
[  262.047894][ T9211] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.058959][ T9211] device bridge0 left promiscuous mode
[  262.094787][  T562] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  262.102875][ T9213] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.109748][ T9213] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.116855][ T9213] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.123656][ T9213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.131903][ T9213] device bridge0 entered promiscuous mode
[  262.139795][ T9218] bridge0: port 3(veth0_vlan) entered disabled state
[  262.148907][ T9218] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.157166][ T9218] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.174811][ T9218] device bridge0 left promiscuous mode
[  262.375091][ T9217] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.382014][ T9217] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.459077][ T9217] device bridge0 entered promiscuous mode
[  262.492071][ T9221] bridge0: port 3(veth0_vlan) entered blocking state
[  262.498619][ T9221] bridge0: port 3(veth0_vlan) entered forwarding state
[  262.505367][ T9221] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.512153][ T9221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.519251][ T9221] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.526014][ T9221] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.543763][ T9221] device bridge0 entered promiscuous mode
[  262.656552][ T9235] device sit0 left promiscuous mode
[  262.668020][ T9238] FAULT_INJECTION: forcing a failure.
[  262.668020][ T9238] name failslab, interval 1, probability 0, space 0, times 0
[  262.708462][ T9238] CPU: 1 PID: 9238 Comm: syz.4.2637 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  262.719590][ T9238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  262.729481][ T9238] Call Trace:
[  262.732603][ T9238]  <TASK>
[  262.735384][ T9238]  dump_stack_lvl+0x151/0x1c0
[  262.739895][ T9238]  ? io_uring_drop_tctx_refs+0x190/0x190
[  262.745389][ T9238]  dump_stack+0x15/0x20
[  262.749354][ T9238]  should_fail+0x3c6/0x510
[  262.753609][ T9238]  __should_failslab+0xa4/0xe0
[  262.758213][ T9238]  ? vm_area_dup+0x26/0x230
[  262.762549][ T9238]  should_failslab+0x9/0x20
[  262.766888][ T9238]  slab_pre_alloc_hook+0x37/0xd0
[  262.771666][ T9238]  ? vm_area_dup+0x26/0x230
[  262.776005][ T9238]  kmem_cache_alloc+0x44/0x200
[  262.780603][ T9238]  vm_area_dup+0x26/0x230
[  262.784769][ T9238]  copy_mm+0x9a1/0x13e0
[  262.788765][ T9238]  ? copy_signal+0x610/0x610
[  262.793184][ T9238]  ? __init_rwsem+0xfe/0x1d0
[  262.797626][ T9238]  ? copy_signal+0x4e3/0x610
[  262.802037][ T9238]  copy_process+0x1149/0x3290
[  262.806550][ T9238]  ? __kasan_check_write+0x14/0x20
[  262.811503][ T9238]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  262.816446][ T9238]  ? vfs_write+0x9ec/0x1110
[  262.820789][ T9238]  kernel_clone+0x21e/0x9e0
[  262.825126][ T9238]  ? __kasan_check_write+0x14/0x20
[  262.830071][ T9238]  ? create_io_thread+0x1e0/0x1e0
[  262.834938][ T9238]  __x64_sys_clone+0x23f/0x290
[  262.839535][ T9238]  ? __do_sys_vfork+0x130/0x130
[  262.844222][ T9238]  ? debug_smp_processor_id+0x17/0x20
[  262.849425][ T9238]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  262.855341][ T9238]  ? exit_to_user_mode_prepare+0x39/0xa0
[  262.860798][ T9238]  x64_sys_call+0x1b0/0x9a0
[  262.865136][ T9238]  do_syscall_64+0x3b/0xb0
[  262.869389][ T9238]  ? clear_bhb_loop+0x35/0x90
[  262.873901][ T9238]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  262.879630][ T9238] RIP: 0033:0x7fc893175e79
[  262.883887][ T9238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.903325][ T9238] RSP: 002b:00007fc891df2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  262.911571][ T9238] RAX: ffffffffffffffda RBX: 00007fc893311f80 RCX: 00007fc893175e79
[  262.919381][ T9238] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  262.927199][ T9238] RBP: 00007fc891df3090 R08: 0000000000000000 R09: 0000000000000000
[  262.935004][ T9238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  262.942818][ T9238] R13: 0000000000000000 R14: 00007fc893311f80 R15: 00007fffe0c82c28
[  262.950808][ T9238]  </TASK>
[  262.995729][ T9235] device sit0 entered promiscuous mode
[  263.152056][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  263.160022][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  263.211280][ T9254] bridge0: port 3(veth0_to_batadv) entered disabled state
[  263.218324][ T9254] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.327851][ T9254] device bridge0 left promiscuous mode
[  263.398712][ T9258] bridge0: port 3(veth0_to_batadv) entered blocking state
[  263.405704][ T9258] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  263.412917][ T9258] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.419781][ T9258] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.467503][ T9258] device bridge0 entered promiscuous mode
[  263.567409][ T9267] bridge0: port 3(veth0_to_batadv) entered disabled state
[  263.576268][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.586482][ T9267] device bridge0 left promiscuous mode
[  263.684801][ T9270] bridge0: port 3(veth0_vlan) entered disabled state
[  263.692593][ T9270] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.701426][ T9270] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.758894][ T9270] device bridge0 left promiscuous mode
[  263.819457][ T9267] bridge0: port 3(veth0_to_batadv) entered blocking state
[  263.826721][ T9267] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  263.835348][ T9267] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.842339][ T9267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.854996][ T9267] device bridge0 entered promiscuous mode
[  263.885035][ T9271] bridge0: port 3(veth0_vlan) entered blocking state
[  263.891558][ T9271] bridge0: port 3(veth0_vlan) entered forwarding state
[  263.898442][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.905292][ T9271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.912439][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.919296][ T9271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.928150][ T9271] device bridge0 entered promiscuous mode
[  264.038591][ T9284] FAULT_INJECTION: forcing a failure.
[  264.038591][ T9284] name failslab, interval 1, probability 0, space 0, times 0
[  264.053694][ T9284] CPU: 0 PID: 9284 Comm: syz.2.2650 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  264.064912][ T9284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  264.074787][ T9284] Call Trace:
[  264.077913][ T9284]  <TASK>
[  264.080704][ T9284]  dump_stack_lvl+0x151/0x1c0
[  264.085203][ T9284]  ? io_uring_drop_tctx_refs+0x190/0x190
[  264.090759][ T9284]  dump_stack+0x15/0x20
[  264.094747][ T9284]  should_fail+0x3c6/0x510
[  264.099002][ T9284]  __should_failslab+0xa4/0xe0
[  264.103623][ T9284]  ? vm_area_dup+0x26/0x230
[  264.108027][ T9284]  should_failslab+0x9/0x20
[  264.112366][ T9284]  slab_pre_alloc_hook+0x37/0xd0
[  264.117141][ T9284]  ? vm_area_dup+0x26/0x230
[  264.121481][ T9284]  kmem_cache_alloc+0x44/0x200
[  264.126083][ T9284]  vm_area_dup+0x26/0x230
[  264.130249][ T9284]  copy_mm+0x9a1/0x13e0
[  264.134244][ T9284]  ? copy_signal+0x610/0x610
[  264.138666][ T9284]  ? __init_rwsem+0xfe/0x1d0
[  264.143094][ T9284]  ? copy_signal+0x4e3/0x610
[  264.147516][ T9284]  copy_process+0x1149/0x3290
[  264.152033][ T9284]  ? __kasan_check_write+0x14/0x20
[  264.156984][ T9284]  ? check_kill_permission+0x97/0x490
[  264.162188][ T9284]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  264.167129][ T9284]  ? group_send_sig_info+0x131/0x460
[  264.172259][ T9284]  kernel_clone+0x21e/0x9e0
[  264.176593][ T9284]  ? create_io_thread+0x1e0/0x1e0
[  264.181462][ T9284]  __x64_sys_clone+0x23f/0x290
[  264.186054][ T9284]  ? __do_sys_vfork+0x130/0x130
[  264.190743][ T9284]  ? debug_smp_processor_id+0x17/0x20
[  264.196033][ T9284]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  264.201940][ T9284]  ? exit_to_user_mode_prepare+0x39/0xa0
[  264.207402][ T9284]  x64_sys_call+0x1b0/0x9a0
[  264.211743][ T9284]  do_syscall_64+0x3b/0xb0
[  264.215997][ T9284]  ? clear_bhb_loop+0x35/0x90
[  264.220507][ T9284]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  264.226238][ T9284] RIP: 0033:0x7f509d8afe79
[  264.230492][ T9284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.249931][ T9284] RSP: 002b:00007f509c52cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  264.258176][ T9284] RAX: ffffffffffffffda RBX: 00007f509da4bf80 RCX: 00007f509d8afe79
[  264.265988][ T9284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  264.273798][ T9284] RBP: 00007f509c52d090 R08: 0000000000000000 R09: 0000000000000000
[  264.281609][ T9284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  264.289420][ T9284] R13: 0000000000000000 R14: 00007f509da4bf80 R15: 00007ffe6a799028
[  264.297245][ T9284]  </TASK>
[  264.353216][ T9296] device sit0 left promiscuous mode
[  264.533149][ T9298] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.598214][ T9298] device bridge0 left promiscuous mode
[  264.651868][ T9296] device sit0 entered promiscuous mode
[  264.810236][ T9299] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.817299][ T9299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.826980][ T9299] device bridge0 entered promiscuous mode
[  264.834655][ T9305] bridge0: port 3(veth0_to_batadv) entered disabled state
[  264.843199][ T9305] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.872928][ T9305] device bridge0 left promiscuous mode
[  264.923980][ T9306] bridge0: port 3(veth0_to_batadv) entered blocking state
[  264.930969][ T9306] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  264.938181][ T9306] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.945121][ T9306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.008770][ T9306] device bridge0 entered promiscuous mode
[  265.034845][ T9308] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.085021][ T9318] FAULT_INJECTION: forcing a failure.
[  265.085021][ T9318] name failslab, interval 1, probability 0, space 0, times 0
[  265.099722][ T9308] device bridge0 left promiscuous mode
[  265.138188][ T9318] CPU: 0 PID: 9318 Comm: syz.1.2662 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  265.145468][ T9313] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.149314][ T9318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  265.149329][ T9318] Call Trace:
[  265.149335][ T9318]  <TASK>
[  265.149343][ T9318]  dump_stack_lvl+0x151/0x1c0
[  265.156197][ T9313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.166071][ T9318]  ? io_uring_drop_tctx_refs+0x190/0x190
[  265.166106][ T9318]  dump_stack+0x15/0x20
[  265.192976][ T9318]  should_fail+0x3c6/0x510
[  265.197227][ T9318]  __should_failslab+0xa4/0xe0
[  265.201833][ T9318]  ? anon_vma_clone+0x9a/0x500
[  265.206432][ T9318]  should_failslab+0x9/0x20
[  265.210767][ T9318]  slab_pre_alloc_hook+0x37/0xd0
[  265.215538][ T9318]  ? anon_vma_clone+0x9a/0x500
[  265.220139][ T9318]  kmem_cache_alloc+0x44/0x200
[  265.224828][ T9318]  anon_vma_clone+0x9a/0x500
[  265.229253][ T9318]  anon_vma_fork+0x91/0x4e0
[  265.233592][ T9318]  ? anon_vma_name+0x43/0x70
[  265.238107][ T9318]  ? vm_area_dup+0x17a/0x230
[  265.242542][ T9318]  copy_mm+0xa3a/0x13e0
[  265.246540][ T9318]  ? copy_signal+0x610/0x610
[  265.250948][ T9318]  ? __init_rwsem+0xfe/0x1d0
[  265.255377][ T9318]  ? copy_signal+0x4e3/0x610
[  265.259827][ T9318]  copy_process+0x1149/0x3290
[  265.264326][ T9318]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  265.269964][ T9318]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  265.274904][ T9318]  ? group_send_sig_info+0x1ba/0x460
[  265.280028][ T9318]  kernel_clone+0x21e/0x9e0
[  265.284366][ T9318]  ? create_io_thread+0x1e0/0x1e0
[  265.289230][ T9318]  __x64_sys_clone+0x23f/0x290
[  265.293831][ T9318]  ? __do_sys_vfork+0x130/0x130
[  265.298515][ T9318]  ? debug_smp_processor_id+0x17/0x20
[  265.303720][ T9318]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  265.309633][ T9318]  ? exit_to_user_mode_prepare+0x39/0xa0
[  265.315186][ T9318]  x64_sys_call+0x1b0/0x9a0
[  265.319517][ T9318]  do_syscall_64+0x3b/0xb0
[  265.323766][ T9318]  ? clear_bhb_loop+0x35/0x90
[  265.328283][ T9318]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  265.334011][ T9318] RIP: 0033:0x7f895dd48e79
[  265.338265][ T9318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.357711][ T9318] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  265.365949][ T9318] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  265.373770][ T9318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  265.381579][ T9318] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  265.389383][ T9318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  265.397197][ T9318] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  265.405016][ T9318]  </TASK>
[  265.412190][ T9313] device bridge0 entered promiscuous mode
[  265.626907][ T9335] device wg2 entered promiscuous mode
[  266.250889][ T9342] bridge0: port 3(veth0_vlan) entered disabled state
[  266.257487][ T9342] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.264367][ T9342] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.338432][ T9342] device bridge0 left promiscuous mode
[  266.371330][ T9347] device sit0 left promiscuous mode
[  266.443800][ T9351] device sit0 entered promiscuous mode
[  266.689514][ T9355] bridge0: port 3(veth0_to_batadv) entered disabled state
[  266.698062][ T9355] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.709043][ T9355] device bridge0 left promiscuous mode
[  266.757734][ T9357] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.768365][ T9357] device bridge0 left promiscuous mode
[  266.817154][ T9358] bridge0: port 3(veth0_to_batadv) entered blocking state
[  266.824159][ T9358] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  266.831337][ T9358] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.838199][ T9358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.852568][ T9358] device bridge0 entered promiscuous mode
[  266.862377][ T9359] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.869280][ T9359] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.880436][ T9366] FAULT_INJECTION: forcing a failure.
[  266.880436][ T9366] name failslab, interval 1, probability 0, space 0, times 0
[  266.893732][ T9366] CPU: 0 PID: 9366 Comm: syz.0.2678 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  266.904835][ T9366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  266.914730][ T9366] Call Trace:
[  266.917860][ T9366]  <TASK>
[  266.920629][ T9366]  dump_stack_lvl+0x151/0x1c0
[  266.925140][ T9366]  ? io_uring_drop_tctx_refs+0x190/0x190
[  266.930613][ T9366]  dump_stack+0x15/0x20
[  266.934609][ T9366]  should_fail+0x3c6/0x510
[  266.938944][ T9366]  __should_failslab+0xa4/0xe0
[  266.943543][ T9366]  ? anon_vma_clone+0x9a/0x500
[  266.948239][ T9366]  should_failslab+0x9/0x20
[  266.952661][ T9366]  slab_pre_alloc_hook+0x37/0xd0
[  266.954708][ T9359] device bridge0 entered promiscuous mode
[  266.957434][ T9366]  ? anon_vma_clone+0x9a/0x500
[  266.957458][ T9366]  kmem_cache_alloc+0x44/0x200
[  266.972191][ T9366]  anon_vma_clone+0x9a/0x500
[  266.976616][ T9366]  anon_vma_fork+0x91/0x4e0
[  266.980954][ T9366]  ? anon_vma_name+0x43/0x70
[  266.985382][ T9366]  ? vm_area_dup+0x17a/0x230
[  266.989836][ T9366]  copy_mm+0xa3a/0x13e0
[  266.993810][ T9366]  ? copy_signal+0x610/0x610
[  266.998315][ T9366]  ? __init_rwsem+0xfe/0x1d0
[  267.002743][ T9366]  ? copy_signal+0x4e3/0x610
[  267.007171][ T9366]  copy_process+0x1149/0x3290
[  267.011686][ T9366]  ? send_signal+0x43a/0x590
[  267.016108][ T9366]  ? do_send_sig_info+0xfb/0x230
[  267.020968][ T9366]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  267.025912][ T9366]  ? group_send_sig_info+0x1ba/0x460
[  267.031034][ T9366]  ? __lock_task_sighand+0x100/0x100
[  267.036159][ T9366]  kernel_clone+0x21e/0x9e0
[  267.040498][ T9366]  ? create_io_thread+0x1e0/0x1e0
[  267.045372][ T9366]  __x64_sys_clone+0x23f/0x290
[  267.049964][ T9366]  ? __do_sys_vfork+0x130/0x130
[  267.054644][ T9366]  ? debug_smp_processor_id+0x17/0x20
[  267.059850][ T9366]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  267.065762][ T9366]  ? exit_to_user_mode_prepare+0x39/0xa0
[  267.071224][ T9366]  x64_sys_call+0x1b0/0x9a0
[  267.075562][ T9366]  do_syscall_64+0x3b/0xb0
[  267.079814][ T9366]  ? clear_bhb_loop+0x35/0x90
[  267.084329][ T9366]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  267.090052][ T9366] RIP: 0033:0x7fb926837e79
[  267.094308][ T9366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.113746][ T9366] RSP: 002b:00007fb9254b4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  267.121993][ T9366] RAX: ffffffffffffffda RBX: 00007fb9269d3f80 RCX: 00007fb926837e79
[  267.129889][ T9366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  267.137728][ T9366] RBP: 00007fb9254b5090 R08: 0000000000000000 R09: 0000000000000000
[  267.145515][ T9366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  267.153325][ T9366] R13: 0000000000000000 R14: 00007fb9269d3f80 R15: 00007ffcf51119d8
[  267.161237][ T9366]  </TASK>
[  267.232957][ T9374] device sit0 left promiscuous mode
[  267.253156][ T9382] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.261667][ T9382] device bridge0 left promiscuous mode
[  267.268806][ T9374] device sit0 entered promiscuous mode
[  267.378260][ T9382] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.385224][ T9382] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.395578][ T9393] syz.1.2686[9393] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.395648][ T9393] syz.1.2686[9393] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.402154][ T9382] device bridge0 entered promiscuous mode
[  267.641773][ T9405] FAULT_INJECTION: forcing a failure.
[  267.641773][ T9405] name failslab, interval 1, probability 0, space 0, times 0
[  267.688135][ T9405] CPU: 0 PID: 9405 Comm: syz.3.2690 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  267.699264][ T9405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  267.709153][ T9405] Call Trace:
[  267.712276][ T9405]  <TASK>
[  267.715052][ T9405]  dump_stack_lvl+0x151/0x1c0
[  267.719566][ T9405]  ? io_uring_drop_tctx_refs+0x190/0x190
[  267.725037][ T9405]  dump_stack+0x15/0x20
[  267.729025][ T9405]  should_fail+0x3c6/0x510
[  267.733281][ T9405]  __should_failslab+0xa4/0xe0
[  267.738080][ T9405]  ? vm_area_dup+0x26/0x230
[  267.742414][ T9405]  should_failslab+0x9/0x20
[  267.746753][ T9405]  slab_pre_alloc_hook+0x37/0xd0
[  267.751530][ T9405]  ? vm_area_dup+0x26/0x230
[  267.755866][ T9405]  kmem_cache_alloc+0x44/0x200
[  267.760471][ T9405]  vm_area_dup+0x26/0x230
[  267.764634][ T9405]  copy_mm+0x9a1/0x13e0
[  267.768639][ T9405]  ? copy_signal+0x610/0x610
[  267.773056][ T9405]  ? __init_rwsem+0xfe/0x1d0
[  267.777478][ T9405]  ? copy_signal+0x4e3/0x610
[  267.781908][ T9405]  copy_process+0x1149/0x3290
[  267.786417][ T9405]  ? __kasan_check_write+0x14/0x20
[  267.791457][ T9405]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  267.796395][ T9405]  ? vfs_write+0x9ec/0x1110
[  267.800742][ T9405]  kernel_clone+0x21e/0x9e0
[  267.805082][ T9405]  ? __kasan_check_write+0x14/0x20
[  267.810025][ T9405]  ? create_io_thread+0x1e0/0x1e0
[  267.814892][ T9405]  __x64_sys_clone+0x23f/0x290
[  267.819496][ T9405]  ? __do_sys_vfork+0x130/0x130
[  267.824177][ T9405]  ? debug_smp_processor_id+0x17/0x20
[  267.829384][ T9405]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  267.835289][ T9405]  ? exit_to_user_mode_prepare+0x39/0xa0
[  267.840754][ T9405]  x64_sys_call+0x1b0/0x9a0
[  267.845109][ T9405]  do_syscall_64+0x3b/0xb0
[  267.849343][ T9405]  ? clear_bhb_loop+0x35/0x90
[  267.853855][ T9405]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  267.859587][ T9405] RIP: 0033:0x7f2878f39e79
[  267.863839][ T9405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.883370][ T9405] RSP: 002b:00007f2877b95fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  267.891611][ T9405] RAX: ffffffffffffffda RBX: 00007f28790d6058 RCX: 00007f2878f39e79
[  267.899420][ T9405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  267.907241][ T9405] RBP: 00007f2877b96090 R08: 0000000000000000 R09: 0000000000000000
[  267.915046][ T9405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  267.922857][ T9405] R13: 0000000000000000 R14: 00007f28790d6058 R15: 00007ffe647d8c08
[  267.930674][ T9405]  </TASK>
[  268.085376][ T9411] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.114652][ T9411] device bridge0 left promiscuous mode
[  268.200113][ T9412] bridge0: port 3(veth0_vlan) entered blocking state
[  268.206733][ T9412] bridge0: port 3(veth0_vlan) entered forwarding state
[  268.213601][ T9412] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.220463][ T9412] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.227557][ T9412] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.234355][ T9412] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.282761][ T9412] device bridge0 entered promiscuous mode
[  268.291664][ T9415] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.298617][ T9415] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.305923][ T9415] device bridge0 entered promiscuous mode
[  268.312937][ T9431] bridge0: port 3(veth0_to_batadv) entered disabled state
[  268.319971][ T9431] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.338336][ T9431] device bridge0 left promiscuous mode
[  268.357724][ T9437] device sit0 left promiscuous mode
[  268.383660][ T9437] device sit0 entered promiscuous mode
[  268.562608][ T9431] bridge0: port 3(veth0_to_batadv) entered blocking state
[  268.569602][ T9431] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  268.576805][ T9431] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.583673][ T9431] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.598417][ T9431] device bridge0 entered promiscuous mode
[  268.665982][ T9450] FAULT_INJECTION: forcing a failure.
[  268.665982][ T9450] name failslab, interval 1, probability 0, space 0, times 0
[  268.755426][ T9450] CPU: 1 PID: 9450 Comm: syz.1.2704 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  268.766634][ T9450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  268.776533][ T9450] Call Trace:
[  268.779656][ T9450]  <TASK>
[  268.782428][ T9450]  dump_stack_lvl+0x151/0x1c0
[  268.786940][ T9450]  ? io_uring_drop_tctx_refs+0x190/0x190
[  268.792415][ T9450]  dump_stack+0x15/0x20
[  268.796492][ T9450]  should_fail+0x3c6/0x510
[  268.800744][ T9450]  __should_failslab+0xa4/0xe0
[  268.805342][ T9450]  ? anon_vma_fork+0xf7/0x4e0
[  268.809858][ T9450]  should_failslab+0x9/0x20
[  268.814194][ T9450]  slab_pre_alloc_hook+0x37/0xd0
[  268.818973][ T9450]  ? anon_vma_fork+0xf7/0x4e0
[  268.823481][ T9450]  kmem_cache_alloc+0x44/0x200
[  268.828088][ T9450]  anon_vma_fork+0xf7/0x4e0
[  268.832424][ T9450]  ? anon_vma_name+0x43/0x70
[  268.836847][ T9450]  ? vm_area_dup+0x17a/0x230
[  268.841284][ T9450]  copy_mm+0xa3a/0x13e0
[  268.845272][ T9450]  ? copy_signal+0x610/0x610
[  268.849693][ T9450]  ? __init_rwsem+0xfe/0x1d0
[  268.854125][ T9450]  ? copy_signal+0x4e3/0x610
[  268.858547][ T9450]  copy_process+0x1149/0x3290
[  268.863066][ T9450]  ? __kasan_check_write+0x14/0x20
[  268.868022][ T9450]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  268.872955][ T9450]  ? vfs_write+0x9ec/0x1110
[  268.877300][ T9450]  kernel_clone+0x21e/0x9e0
[  268.881674][ T9450]  ? __kasan_check_write+0x14/0x20
[  268.886590][ T9450]  ? create_io_thread+0x1e0/0x1e0
[  268.891463][ T9450]  __x64_sys_clone+0x23f/0x290
[  268.896039][ T9450]  ? __do_sys_vfork+0x130/0x130
[  268.900735][ T9450]  ? debug_smp_processor_id+0x17/0x20
[  268.905934][ T9450]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  268.911841][ T9450]  ? exit_to_user_mode_prepare+0x39/0xa0
[  268.917304][ T9450]  x64_sys_call+0x1b0/0x9a0
[  268.921644][ T9450]  do_syscall_64+0x3b/0xb0
[  268.925896][ T9450]  ? clear_bhb_loop+0x35/0x90
[  268.930419][ T9450]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  268.936135][ T9450] RIP: 0033:0x7f895dd48e79
[  268.940389][ T9450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.959831][ T9450] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  268.968108][ T9450] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  268.976179][ T9450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  268.983988][ T9450] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  268.991799][ T9450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.999611][ T9450] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  269.007427][ T9450]  </TASK>
[  269.010646][  T562] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.021074][ T9450] ------------[ cut here ]------------
[  269.026344][ T9450] refcount_t: underflow; use-after-free.
[  269.032154][ T9450] WARNING: CPU: 0 PID: 9450 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0
[  269.042481][ T9450] Modules linked in:
[  269.046202][ T9450] CPU: 0 PID: 9450 Comm: syz.1.2704 Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  269.175954][ T9464] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.184144][ T9464] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.197075][ T9450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  269.216595][ T9464] device bridge0 left promiscuous mode
[  269.229473][ T9450] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[  269.288297][ T9450] Code: 04 01 48 c7 c7 20 f1 a2 85 e8 94 29 dc fe 0f 0b eb 8b e8 3b f4 0a ff c6 05 a4 de c0 04 01 48 c7 c7 80 f1 a2 85 e8 78 29 dc fe <0f> 0b e9 6c ff ff ff e8 1c f4 0a ff c6 05 86 de c0 04 01 48 c7 c7
[  269.375711][ T9450] RSP: 0018:ffffc900009d7968 EFLAGS: 00010246
[  269.409478][ T9450] RAX: 4092652594422000 RBX: 0000000000000003 RCX: ffff8881d2a8e2c0
[  269.417310][ T9450] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  269.427222][ T9450] RBP: ffffc900009d7978 R08: ffffffff81579495 R09: fffff5200013ae55
[  269.435152][ T9450] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102407f239
[  269.448319][ T9450] R13: ffff8881203f91c8 R14: 0000000000000003 R15: ffff8881b8c01ac0
[  269.458552][ T9450] FS:  00007f895c9c66c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  269.467309][ T9450] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  269.480704][ T9464] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.487993][ T9464] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.496615][ T9464] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.503694][ T9464] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.514977][ T9450] CR2: 0000000100000000 CR3: 000000010fc6b000 CR4: 00000000003506a0
[  269.530928][ T9450] DR0: 0000000000000000 DR1: 0000000020000300 DR2: 0000000000000000
[  269.558139][ T9450] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  269.576166][ T9450] Call Trace:
[  269.579870][ T9450]  <TASK>
[  269.582622][ T9450]  ? show_regs+0x58/0x60
[  269.596890][ T9450]  ? __warn+0x160/0x2f0
[  269.603567][ T9464] device bridge0 entered promiscuous mode
[  269.621352][ T9450]  ? refcount_warn_saturate+0x158/0x1a0
[  269.626737][ T9450]  ? report_bug+0x3d9/0x5b0
[  269.639167][ T9450]  ? refcount_warn_saturate+0x158/0x1a0
[  269.647161][ T9474] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.649279][ T9450]  ? handle_bug+0x41/0x70
[  269.661663][ T9474] device bridge0 left promiscuous mode
[  269.668136][ T9450]  ? exc_invalid_op+0x1b/0x50
[  269.689252][ T9450]  ? asm_exc_invalid_op+0x1b/0x20
[  269.721616][ T9450]  ? __wake_up_klogd+0xd5/0x110
[  269.736916][ T9476] bridge0: port 3(veth0_to_batadv) entered disabled state
[  269.743923][ T9476] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.751418][ T9450]  ? refcount_warn_saturate+0x158/0x1a0
[  269.756879][ T9450]  ? refcount_warn_saturate+0x158/0x1a0
[  269.762432][ T9450]  vm_area_free_no_check+0x123/0x130
[  269.767542][ T9450]  copy_mm+0xefb/0x13e0
[  269.771665][ T9476] device bridge0 left promiscuous mode
[  269.777052][ T9450]  ? copy_signal+0x610/0x610
[  269.781488][ T9450]  ? __init_rwsem+0xfe/0x1d0
[  269.787347][ T9477] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.787360][ T9450]  ? copy_signal+0x4e3/0x610
[  269.794325][ T9477] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.798849][ T9450]  copy_process+0x1149/0x3290
[  269.810466][ T9477] device bridge0 entered promiscuous mode
[  269.817166][ T9450]  ? __kasan_check_write+0x14/0x20
[  269.823466][ T9479] device sit0 left promiscuous mode
[  269.823466][ T9450]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  269.838175][ T9450]  ? vfs_write+0x9ec/0x1110
[  269.842530][ T9450]  kernel_clone+0x21e/0x9e0
[  269.846851][ T9450]  ? __kasan_check_write+0x14/0x20
[  269.853635][ T9480] bridge0: port 3(veth0_to_batadv) entered blocking state
[  269.860604][ T9480] bridge0: port 3(veth0_to_batadv) entered forwarding state
[  269.867812][ T9480] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.874694][ T9480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.887162][ T9450]  ? create_io_thread+0x1e0/0x1e0
[  269.894600][ T9450]  __x64_sys_clone+0x23f/0x290
[  269.900159][ T9450]  ? __do_sys_vfork+0x130/0x130
[  269.905134][ T9480] device bridge0 entered promiscuous mode
[  269.910973][ T9450]  ? debug_smp_processor_id+0x17/0x20
[  269.916170][ T9450]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  269.924921][ T9481] device sit0 entered promiscuous mode
[  269.932308][ T9450]  ? exit_to_user_mode_prepare+0x39/0xa0
[  269.937896][ T9450]  x64_sys_call+0x1b0/0x9a0
[  269.942326][ T9450]  do_syscall_64+0x3b/0xb0
[  269.946618][ T9450]  ? clear_bhb_loop+0x35/0x90
[  269.951692][ T9450]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  269.957559][ T9450] RIP: 0033:0x7f895dd48e79
[  269.961931][ T9450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.981522][ T9450] RSP: 002b:00007f895c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  269.989825][ T9450] RAX: ffffffffffffffda RBX: 00007f895dee4f80 RCX: 00007f895dd48e79
[  269.997710][ T9450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  270.013227][ T9450] RBP: 00007f895c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  270.027775][ T9450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  270.041357][ T9450] R13: 0000000000000000 R14: 00007f895dee4f80 R15: 00007ffc79572a38
[  270.049857][ T9450]  </TASK>
[  270.052849][ T9450] ---[ end trace 21e81a12d8e59584 ]---
[  270.134321][ T8406] ==================================================================
[  270.142233][ T8406] BUG: KASAN: use-after-free in __rb_insert_augmented+0xa0/0x610
[  270.149768][ T8406] Read of size 8 at addr ffff8881c0000008 by task syz-executor/8406
[  270.157581][ T8406] 
[  270.159755][ T8406] CPU: 0 PID: 8406 Comm: syz-executor Tainted: G        W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  270.171122][ T8406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  270.181015][ T8406] Call Trace:
[  270.184142][ T8406]  <TASK>
[  270.186921][ T8406]  dump_stack_lvl+0x151/0x1c0
[  270.191446][ T8406]  ? io_uring_drop_tctx_refs+0x190/0x190
[  270.196896][ T8406]  ? panic+0x760/0x760
[  270.200804][ T8406]  print_address_description+0x87/0x3b0
[  270.206184][ T8406]  kasan_report+0x179/0x1c0
[  270.210523][ T8406]  ? __rb_insert_augmented+0xa0/0x610
[  270.215749][ T8406]  ? __rb_insert_augmented+0xa0/0x610
[  270.221025][ T8406]  __asan_report_load8_noabort+0x14/0x20
[  270.226491][ T8406]  __rb_insert_augmented+0xa0/0x610
[  270.231527][ T8406]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[  270.237777][ T8406]  vma_interval_tree_insert_after+0x2be/0x2d0
[  270.243770][ T8406]  copy_mm+0xba2/0x13e0
[  270.247760][ T8406]  ? copy_signal+0x610/0x610
[  270.252188][ T8406]  ? __init_rwsem+0xfe/0x1d0
[  270.256608][ T8406]  ? copy_signal+0x4e3/0x610
[  270.261038][ T8406]  copy_process+0x1149/0x3290
[  270.265553][ T8406]  ? __kasan_check_read+0x11/0x20
[  270.270445][ T8406]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  270.275357][ T8406]  ? vfs_read+0x64b/0xd40
[  270.279526][ T8406]  kernel_clone+0x21e/0x9e0
[  270.283871][ T8406]  ? create_io_thread+0x1e0/0x1e0
[  270.288726][ T8406]  ? debug_smp_processor_id+0x17/0x20
[  270.294104][ T8406]  __x64_sys_clone+0x23f/0x290
[  270.298705][ T8406]  ? __do_sys_vfork+0x130/0x130
[  270.303395][ T8406]  x64_sys_call+0x1b0/0x9a0
[  270.307729][ T8406]  do_syscall_64+0x3b/0xb0
[  270.311983][ T8406]  ? clear_bhb_loop+0x35/0x90
[  270.316495][ T8406]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  270.322231][ T8406] RIP: 0033:0x7f895dd3f6d3
[  270.326476][ T8406] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  270.345921][ T8406] RSP: 002b:00007ffc79572cb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  270.354164][ T8406] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f895dd3f6d3
[  270.361977][ T8406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  270.369787][ T8406] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.377684][ T8406] R10: 0000555555ea27d0 R11: 0000000000000246 R12: 0000000000000001
[  270.385494][ T8406] R13: 0000000000041f09 R14: 0000000000041936 R15: 00007ffc79572e40
[  270.393313][ T8406]  </TASK>
[  270.396266][ T8406] 
[  270.398429][ T8406] The buggy address belongs to the page:
[  270.403908][ T8406] page:ffffea0007000000 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1c0000
[  270.414220][ T8406] flags: 0x4000000000000000(zone=1)
[  270.419262][ T8406] raw: 4000000000000000 ffffea0006ff8008 ffffea0007008008 0000000000000000
[  270.427769][ T8406] raw: 0000000000000000 0000000000000008 00000000ffffff7f 0000000000000000
[  270.436179][ T8406] page dumped because: kasan: bad access detected
[  270.442441][ T8406] page_owner tracks the page as freed
[  270.447638][ T8406] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x100cc0(GFP_USER), pid 4784, ts 138687190231, free_ts 140571963054
[  270.461265][ T8406]  post_alloc_hook+0x1a3/0x1b0
[  270.465860][ T8406]  prep_new_page+0x1b/0x110
[  270.470201][ T8406]  get_page_from_freelist+0x3550/0x35d0
[  270.475583][ T8406]  __alloc_pages+0x27e/0x8f0
[  270.480009][ T8406]  __get_free_pages+0x10/0x30
[  270.484523][ T8406]  kasan_populate_vmalloc_pte+0x39/0x130
[  270.489991][ T8406]  __apply_to_page_range+0x8dd/0xbe0
[  270.495111][ T8406]  apply_to_page_range+0x3b/0x50
[  270.499885][ T8406]  kasan_populate_vmalloc+0x65/0x70
[  270.504920][ T8406]  alloc_vmap_area+0x192f/0x1a80
[  270.509801][ T8406]  __get_vm_area_node+0x158/0x360
[  270.514659][ T8406]  vmap+0xbb/0x280
[  270.518219][ T8406]  bpf_ringbuf_alloc+0x1a6/0x3d0
[  270.522992][ T8406]  ringbuf_map_alloc+0x202/0x320
[  270.527769][ T8406]  map_create+0x411/0x2050
[  270.532019][ T8406]  __sys_bpf+0x296/0x760
[  270.536101][ T8406] page last free stack trace:
[  270.540614][ T8406]  free_unref_page_prepare+0x7c8/0x7d0
[  270.545907][ T8406]  free_unref_page+0xe8/0x750
[  270.550426][ T8406]  __free_pages+0x61/0xf0
[  270.554587][ T8406]  free_pages+0x7c/0x90
[  270.558582][ T8406]  kasan_depopulate_vmalloc_pte+0x6a/0x90
[  270.564217][ T8406]  __apply_to_page_range+0x8dd/0xbe0
[  270.569338][ T8406]  apply_to_existing_page_range+0x38/0x50
[  270.574894][ T8406]  kasan_release_vmalloc+0x9a/0xb0
[  270.579841][ T8406]  __purge_vmap_area_lazy+0x154a/0x1690
[  270.585223][ T8406]  try_purge_vmap_area_lazy+0x38/0x50
[  270.590516][ T8406]  free_vmap_area_noflush+0x9df/0xa20
[  270.595728][ T8406]  remove_vm_area+0x1d9/0x200
[  270.600236][ T8406]  __vunmap+0x24b/0x8f0
[  270.604230][ T8406]  vunmap+0x46/0x60
[  270.607875][ T8406]  ringbuf_map_free+0x83/0x120
[  270.612477][ T8406]  map_create+0x1a3a/0x2050
[  270.616818][ T8406] 
[  270.618985][ T8406] Memory state around the buggy address:
[  270.624458][ T8406]  ffff8881bfffff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  270.632365][ T8406]  ffff8881bfffff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  270.640261][ T8406] >ffff8881c0000000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  270.648151][ T8406]                       ^
[  270.652321][ T8406]  ffff8881c0000080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  270.660214][ T8406]  ffff8881c0000100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  270.668111][ T8406] ==================================================================
[  270.676011][ T8406] Disabling lock debugging due to kernel taint
[  270.685231][ T8406] general protection fault, probably for non-canonical address 0xff1f1b1f1f1f1f1f: 0000 [#1] PREEMPT SMP KASAN
[  270.696759][ T8406] KASAN: maybe wild-memory-access in range [0xf8f8f8f8f8f8f8f8-0xf8f8f8f8f8f8f8ff]
[  270.705871][ T8406] CPU: 0 PID: 8406 Comm: syz-executor Tainted: G    B   W         5.15.156-syzkaller-00821-g29d153aabd54 #0
[  270.717153][ T8406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  270.727047][ T8406] RIP: 0010:__rb_insert_augmented+0xbf/0x610
[  270.732861][ T8406] Code: 00 74 08 48 89 df e8 60 e8 2a ff 48 89 d8 48 8b 1b 4c 39 eb 4c 89 7d a8 74 4b 48 85 db 0f 84 ff 00 00 00 49 89 df 49 c1 ef 03 <43> 80 3c 27 00 74 08 48 89 df e8 32 e8 2a ff f6 03 01 0f 85 e0 00
[  270.752304][ T8406] RSP: 0000:ffffc90000eaf8f8 EFLAGS: 00010a02
[  270.758205][ T8406] RAX: ffff8881c0000008 RBX: f8f8f8f8f8f8f8f8 RCX: ffff8881236d0000
[  270.766105][ T8406] RDX: 0000000000000000 RSI: 0000000000000292 RDI: 00000000ffffffff
[  270.773919][ T8406] RBP: ffffc90000eaf960 R08: ffffffff8141971b R09: 0000000000000003
[  270.781729][ T8406] R10: fffffbfff0e99c4c R11: dffffc0000000001 R12: dffffc0000000000
[  270.789541][ T8406] R13: ffff8881b8c01ac0 R14: 1ffff11038000001 R15: 1f1f1f1f1f1f1f1f
[  270.797352][ T8406] FS:  0000555555ea2500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  270.806118][ T8406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  270.812537][ T8406] CR2: 0000555555c884a8 CR3: 000000012583b000 CR4: 00000000003506b0
[  270.820355][ T8406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  270.828168][ T8406] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  270.836072][ T8406] Call Trace:
[  270.839208][ T8406]  <TASK>
[  270.841977][ T8406]  ? __die_body+0x62/0xb0
[  270.846141][ T8406]  ? die_addr+0x9f/0xd0
[  270.850133][ T8406]  ? exc_general_protection+0x311/0x4b0
[  270.855519][ T8406]  ? asm_exc_general_protection+0x27/0x30
[  270.861244][ T8406]  ? check_panic_on_warn+0x5b/0xb0
[  270.866191][ T8406]  ? __rb_insert_augmented+0xbf/0x610
[  270.871396][ T8406]  ? __rb_insert_augmented+0xa0/0x610
[  270.876604][ T8406]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[  270.882853][ T8406]  vma_interval_tree_insert_after+0x2be/0x2d0
[  270.888760][ T8406]  copy_mm+0xba2/0x13e0
[  270.892754][ T8406]  ? copy_signal+0x610/0x610
[  270.897172][ T8406]  ? __init_rwsem+0xfe/0x1d0
[  270.901603][ T8406]  ? copy_signal+0x4e3/0x610
[  270.906026][ T8406]  copy_process+0x1149/0x3290
[  270.910544][ T8406]  ? __kasan_check_read+0x11/0x20
[  270.915401][ T8406]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  270.920350][ T8406]  ? vfs_read+0x64b/0xd40
[  270.924514][ T8406]  kernel_clone+0x21e/0x9e0
[  270.928854][ T8406]  ? create_io_thread+0x1e0/0x1e0
[  270.933713][ T8406]  ? debug_smp_processor_id+0x17/0x20
[  270.938922][ T8406]  __x64_sys_clone+0x23f/0x290
[  270.943519][ T8406]  ? __do_sys_vfork+0x130/0x130
[  270.948648][ T8406]  x64_sys_call+0x1b0/0x9a0
[  270.952979][ T8406]  do_syscall_64+0x3b/0xb0
[  270.957231][ T8406]  ? clear_bhb_loop+0x35/0x90
[  270.961750][ T8406]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  270.967568][ T8406] RIP: 0033:0x7f895dd3f6d3
[  270.971815][ T8406] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  270.991254][ T8406] RSP: 002b:00007ffc79572cb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  270.999501][ T8406] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f895dd3f6d3
[  271.007312][ T8406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  271.015133][ T8406] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.022937][ T8406] R10: 0000555555ea27d0 R11: 0000000000000246 R12: 0000000000000001
[  271.030747][ T8406] R13: 0000000000041f09 R14: 0000000000041936 R15: 00007ffc79572e40
[  271.038569][ T8406]  </TASK>
[  271.041525][ T8406] Modules linked in:
[  271.045804][ T8406] ---[ end trace 21e81a12d8e59585 ]---
[  271.051625][ T8406] RIP: 0010:__rb_insert_augmented+0xbf/0x610
[  271.058240][ T8406] Code: 00 74 08 48 89 df e8 60 e8 2a ff 48 89 d8 48 8b 1b 4c 39 eb 4c 89 7d a8 74 4b 48 85 db 0f 84 ff 00 00 00 49 89 df 49 c1 ef 03 <43> 80 3c 27 00 74 08 48 89 df e8 32 e8 2a ff f6 03 01 0f 85 e0 00
[  271.077828][ T9484] device veth0_vlan left promiscuous mode
[  271.081863][ T8406] RSP: 0000:ffffc90000eaf8f8 EFLAGS: 00010a02
[  271.083806][ T9484] device veth0_vlan entered promiscuous mode
[  271.089702][ T8406] RAX: ffff8881c0000008 RBX: f8f8f8f8f8f8f8f8 RCX: ffff8881236d0000
[  271.104836][ T8406] RDX: 0000000000000000 RSI: 0000000000000292 RDI: 00000000ffffffff
[  271.112946][  T568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.112983][ T8406] RBP: ffffc90000eaf960 R08: ffffffff8141971b R09: 0000000000000003
[  271.121356][  T568] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.128612][ T8406] R10: fffffbfff0e99c4c R11: dffffc0000000001 R12: dffffc0000000000
[  271.135647][  T568] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.143468][ T8406] R13: ffff8881b8c01ac0 R14: 1ffff11038000001 R15: 1f1f1f1f1f1f1f1f
[  271.158203][ T8406] FS:  0000555555ea2500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  271.166912][ T8406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  271.173597][ T8406] CR2: 0000000020001400 CR3: 000000012583b000 CR4: 00000000003506b0
[  271.181476][ T8406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  271.189348][ T8406] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  271.197253][ T8406] Kernel panic - not syncing: Fatal exception
[  271.203330][ T8406] Kernel Offset: disabled
[  271.207458][ T8406] Rebooting in 86400 seconds..