last executing test programs: 2.346975479s ago: executing program 0 (id=266): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 2.038605074s ago: executing program 0 (id=273): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001300000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0xfffffffffffffdd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, 0x0, &(0x7f00000004c0)=""/180}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000013c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2}, 0x48) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000700)='cpu.stat\x00', 0x0, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) r7 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000600)=r7, 0x4) close(r5) setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x2f}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @exit={0x95, 0x0, 0xc00}], {0x95, 0x0, 0x7000}}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r9, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000180)=[0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000200), 0x0, 0x10, &(0x7f0000000780), &(0x7f0000000280), 0x8, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='timer_start\x00', r10}, 0x10) 1.134460288s ago: executing program 3 (id=304): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) sendmsg$sock(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 1.10053444s ago: executing program 3 (id=308): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x9, 0x1, 0x2, 0x5073, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x2000141a) ioctl$TUNSETOFFLOAD(r0, 0x8008743f, 0x2000000c) 1.093179351s ago: executing program 4 (id=309): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 1.026851586s ago: executing program 4 (id=311): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907081175f37538e486dd63"], 0xfdef) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 1.026521217s ago: executing program 4 (id=312): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907081175f37538e486dd63"], 0xfdef) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 987.31682ms ago: executing program 2 (id=314): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000580), 0x0}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000a0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fdd, 0x80, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r2, &(0x7f0000000180), 0x0}, 0x20) 660.866306ms ago: executing program 2 (id=316): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r3}, 0x10) write$cgroup_int(r2, &(0x7f0000000200), 0x43451) 633.731308ms ago: executing program 1 (id=317): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 633.344498ms ago: executing program 3 (id=318): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 632.790799ms ago: executing program 0 (id=319): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) sendmsg$sock(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 625.28712ms ago: executing program 2 (id=320): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000a0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fdd, 0x80, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r3, &(0x7f0000000180), 0x0}, 0x20) 572.707704ms ago: executing program 0 (id=321): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 572.027793ms ago: executing program 2 (id=322): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 563.028825ms ago: executing program 3 (id=323): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907081175f37538e486dd63"], 0xfdef) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 537.182486ms ago: executing program 2 (id=324): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 517.606468ms ago: executing program 4 (id=325): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f0000000340)=""/159}, 0x6e) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) close(0xffffffffffffffff) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="85000000970000003500000000000000850000002a0000009500000000000000f4670880271efa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa397fabd5f9810e81ae0b737126ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8320e13fecd45c0f8612c10b100000000b0d3712c7e93363af3c075ff1e23166a32d95433008000000000000051e1cc4c45d576090c4867a7b62a7e73a0c14e97dc30fd4b393e366c6386d5ec7209d031f40f3012e9576e51a7f578602f07785b92e544fc46c744ae6af3e4195cc037102124d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f9ab800f4104dbaba46aa43a815a1e5c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab7894de93d928cf95846be6277c04b48556c870814ec532b66a696a623cd8a4f8dc8dcba00b1b2d2747c45b0c52087b5efabf8496b9a951667d510ba0e3c4c00356ffebfb19a34268335648e1f844ce328c10752a42dca52fb98c1452b6518a6ef7297f7b3d0cd46dafc6ac5500f53e5309ec91d83cf4fbd775d9c07d8d591a4d8c60ff000000b78863e629b3b200000000000000000000000000008b00000000449c810d3174c87e080000003126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa80564e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac921a4fc6e625247510bc24e20ad88d3442a5d143c3047dd08e56a1b9764270c6ab800451b95e22f30a85f5681ca300000000af89a79b92a2c6743e478bd799415b6000f51168b71714bada12041752e2fcf95c1ced98fdc4f4bf2157b261380307d943b34c489734d55c4e15bbda5f5e31371c5330d920b71fbaaabd57ae73201b47f2c7e5e69a798f3c14f969fab1005e8ccedd9c46c3e39f949dd4c87ae724ef73e2abdb4485027139e9445f77e8dd3af90248ede241b408a320e069f6becd0b8405d24f0000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0xfffff002, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000}, 0x28) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x120, 0x0, &(0x7f0000001bc0)="b9ff03076844268cb89e14f008004be0ffff00124000638477fbac141416ac14140e08189f214d2f87e589fe6aab84501348f2325f1a39018604038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3290200000000000000078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c86a440aec4014caf28c0adc04308461789d46e7ffc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000df1fd21b33fe828e6918d376330c1e4ef0291cf9f37f0db9c100ba25570f12b51b5cc4c58e5419fd", 0x0, 0x21, 0x60000000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000ef000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="8500000061000000350000000000000085000000230000009500000000000000f4670880271e3542dfa8ba6287066c5197fabc5f7010e81ae0b737126ea6f7dc39cd340101000000000000e22ff5dde54704d25c79949c23e20100000000000000c09cc28de194f40800000000b0d3712c7e93366796c7224a0c2c0213af2ecdf3c075e3d800000104f4b1fc30dc914bc16543d4baa2bb755af3d576090c4867a7b6393e366c6386d5ec7209d031f40f3012e95752003b2f7846c744ae6af3c037102124d8eb000000000000000000000000a46aac3abe6c4d7f47ef6d02bad9dddacecf7eaa4a9779f8555ed6aea768c1f28221c110ed050000000ee282ab76ef93d96bc46a7c04b8c5324812d992a4f8dc6fcba00b1b2da951667d0276a0327b56c0ebfb19b3426887b6f1b6070e0ce1f844ce32a9988ca042dca52fbb8c1452b651ebf942f7297f7b66254c567b7983f60f2744419a2f238f173d0000003cf4fbd775d9c07d8d591a4dac60ff00a629b3b200000000000000000000000009001d004e41ff9b4d00e07ff771cea08bea2fa81fb4c4c43f74936f333e3ae44f7ddd2fb35d4c46392ae855531b1eaf40aee8c94fd812e40f14e519a264ff3c572eecd5f6ca98b55e78f8d94f57ed7e6a3ab5dd9a4adedbdf0e58f58eb2e83500000000000000934c92002eace9a8d6f3dd008acf8a5c0fb433678060ac0e201e401fb1711d41f45d90a1e19795c995ff7d0020ecccf41d81c8c510cf773171407191872d0e3e62dd578d590e62ff74d667477ac69a806d4552084a87f74fdfc117d4975576c102976c1ef70ceac9ff714bab1f59f8ebd67f2aca41706c147e3e0d3e557de0349c5ca80f10361bedc4832ae62a2b745ef6587710a82c2e27bacc81877b996a708c3a9235bdbec2cde0cfca78205439b4fd312c7106000000000000000000000000df83e1a6c37e26d8f98d7e9419275bc3bba633b47d00"/723], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0xfffff000, 0x14, 0x0, &(0x7f0000000880)="61df712bc884fed5722780b688a8", 0x0, 0x8000, 0x0, 0xfffffffffffffeca, 0x0, &(0x7f0000000000), &(0x7f0000000800)="ffe200004e379b19393a41afde6b0b1235c1278ebf59a5d4d697bc199e060b675b46d4ff37c7f91ceaa6790cd8570f080b0d2375918cd7dfcf26aa90dc6a5617be488475b892958512c8e814c24d7efc26f9f2512dec8c759773c42a2fca2735984613809a78eb", 0x0, 0x2}, 0x28) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb9d00180000000000000028060000280000000200000001"], 0x0, 0x42}, 0x20) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d) write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080)) 489.39169ms ago: executing program 1 (id=326): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000a0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fdd, 0x80, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, &(0x7f0000000180), 0x20000000}, 0x20) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r1, &(0x7f0000000180), 0x0}, 0x20) 489.207711ms ago: executing program 3 (id=327): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000580), 0x0}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000a0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fdd, 0x80, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r2, &(0x7f0000000180), 0x0}, 0x20) 444.787794ms ago: executing program 0 (id=328): syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) 444.172304ms ago: executing program 3 (id=329): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x9, 0x1, 0x2, 0x5073, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x2000141a) ioctl$TUNSETOFFLOAD(r0, 0x8008743f, 0x2000000c) 439.280834ms ago: executing program 2 (id=330): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001300000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0xfffffffffffffdd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, 0x0, &(0x7f00000004c0)=""/180}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000013c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2}, 0x48) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000700)='cpu.stat\x00', 0x0, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) r7 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000600)=r7, 0x4) close(r5) setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x2f}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @exit={0x95, 0x0, 0xc00}], {0x95, 0x0, 0x7000}}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r9, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000180)=[0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000200), 0x0, 0x10, &(0x7f0000000780), &(0x7f0000000280), 0x8, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='timer_start\x00', r10}, 0x10) 395.391528ms ago: executing program 1 (id=331): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r3}, 0x10) write$cgroup_int(r2, &(0x7f0000000200), 0x43451) 363.237431ms ago: executing program 4 (id=332): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) sendmsg$sock(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 340.026623ms ago: executing program 1 (id=333): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 328.756264ms ago: executing program 1 (id=334): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000a0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fdd, 0x80, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r3, &(0x7f0000000180), 0x0}, 0x20) 237.141301ms ago: executing program 1 (id=335): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907081175f37538e486dd63"], 0xfdef) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 21.297948ms ago: executing program 4 (id=336): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @multicast}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36) 0s ago: executing program 0 (id=337): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) kernel console output (not intermixed with test programs): [ 4.248835][ T99] udevd[99]: starting version 3.2.11 [ 4.314778][ T100] udevd[100]: starting eudev-3.2.11 [ 4.316075][ T99] udevd (99) used greatest stack depth: 22096 bytes left [ 5.052934][ T120] dbus-uuidgen (120) used greatest stack depth: 21984 bytes left [ 15.866879][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 15.866895][ T30] audit: type=1400 audit(1723075055.928:61): avc: denied { transition } for pid=235 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.876312][ T30] audit: type=1400 audit(1723075055.928:62): avc: denied { noatsecure } for pid=235 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.881005][ T30] audit: type=1400 audit(1723075055.938:63): avc: denied { write } for pid=235 comm="sh" path="pipe:[14363]" dev="pipefs" ino=14363 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 15.891148][ T30] audit: type=1400 audit(1723075055.938:64): avc: denied { rlimitinh } for pid=235 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.909594][ T30] audit: type=1400 audit(1723075055.938:65): avc: denied { siginh } for pid=235 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.15' (ED25519) to the list of known hosts. [ 25.964478][ T30] audit: type=1400 audit(1723075066.028:66): avc: denied { integrity } for pid=284 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 25.988769][ T30] audit: type=1400 audit(1723075066.048:67): avc: denied { mounton } for pid=284 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 25.990259][ T284] cgroup: Unknown subsys name 'net' [ 26.011504][ T30] audit: type=1400 audit(1723075066.048:68): avc: denied { mount } for pid=284 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 26.040332][ T30] audit: type=1400 audit(1723075066.078:69): avc: denied { unmount } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 26.040595][ T284] cgroup: Unknown subsys name 'devices' [ 26.211412][ T284] cgroup: Unknown subsys name 'hugetlb' [ 26.217031][ T284] cgroup: Unknown subsys name 'rlimit' [ 26.379409][ T30] audit: type=1400 audit(1723075066.448:70): avc: denied { setattr } for pid=284 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 26.402477][ T30] audit: type=1400 audit(1723075066.448:71): avc: denied { mounton } for pid=284 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 26.405226][ T287] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 26.427703][ T30] audit: type=1400 audit(1723075066.448:72): avc: denied { mount } for pid=284 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 26.459640][ T30] audit: type=1400 audit(1723075066.498:73): avc: denied { relabelto } for pid=287 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 26.485185][ T30] audit: type=1400 audit(1723075066.498:74): avc: denied { write } for pid=287 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 26.507392][ T284] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 26.511002][ T30] audit: type=1400 audit(1723075066.568:75): avc: denied { read } for pid=284 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 27.024245][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.031155][ T294] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.038451][ T294] device bridge_slave_0 entered promiscuous mode [ 27.046713][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.053956][ T294] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.061332][ T294] device bridge_slave_1 entered promiscuous mode [ 27.093823][ T296] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.100777][ T296] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.107847][ T296] device bridge_slave_0 entered promiscuous mode [ 27.115130][ T296] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.122018][ T296] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.129264][ T296] device bridge_slave_1 entered promiscuous mode [ 27.210819][ T297] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.217682][ T297] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.225400][ T297] device bridge_slave_0 entered promiscuous mode [ 27.233218][ T297] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.241982][ T297] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.249452][ T297] device bridge_slave_1 entered promiscuous mode [ 27.277618][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.284670][ T295] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.292564][ T295] device bridge_slave_0 entered promiscuous mode [ 27.309638][ T298] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.316783][ T298] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.326321][ T298] device bridge_slave_0 entered promiscuous mode [ 27.333326][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.340211][ T295] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.347829][ T295] device bridge_slave_1 entered promiscuous mode [ 27.364623][ T298] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.371589][ T298] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.378905][ T298] device bridge_slave_1 entered promiscuous mode [ 27.529148][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.536031][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.543370][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.550221][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.572948][ T297] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.579816][ T297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.587115][ T297] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.594354][ T297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.607124][ T296] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.616509][ T296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.624524][ T296] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.633237][ T296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.654523][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.663124][ T295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.670501][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.677381][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.699339][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.710157][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.717844][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.727831][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.735794][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.746347][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.757137][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.764514][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.775926][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.784776][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.829465][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.844488][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.856368][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.885779][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.894793][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.904219][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.914111][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.951338][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.960141][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.967626][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.977422][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.986985][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.994343][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.001692][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.010387][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 28.018796][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.027018][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 28.036106][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 28.043918][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.051858][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.060256][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.068272][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.078184][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 28.088195][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.096366][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.111194][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 28.123033][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 28.153245][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 28.165521][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.181032][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 28.197333][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.213845][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.224348][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.238903][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 28.250874][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 28.266527][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.280374][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.288895][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 28.303600][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 28.329841][ T295] device veth0_vlan entered promiscuous mode [ 28.337687][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 28.347926][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.356063][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 28.365456][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 28.376456][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 28.385101][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 28.397016][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 28.407492][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 28.415754][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 28.423479][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 28.437636][ T297] device veth0_vlan entered promiscuous mode [ 28.450413][ T294] device veth0_vlan entered promiscuous mode [ 28.457098][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 28.465129][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 28.472956][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 28.480589][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 28.488143][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 28.496348][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.504432][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 28.512543][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 28.520450][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 28.529194][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 28.545454][ T297] device veth1_macvtap entered promiscuous mode [ 28.554392][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.562780][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 28.570627][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 28.583189][ T296] device veth0_vlan entered promiscuous mode [ 28.595241][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 28.603679][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 28.612122][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 28.620357][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 28.628138][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 28.635469][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.643633][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 28.651842][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 28.664487][ T296] device veth1_macvtap entered promiscuous mode [ 28.676891][ T294] device veth1_macvtap entered promiscuous mode [ 28.685195][ T295] device veth1_macvtap entered promiscuous mode [ 28.692046][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.700934][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.709637][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.717736][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.727235][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.735626][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 28.743931][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 28.756530][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.765081][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.772119][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.781937][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 28.790406][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 28.802063][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.809704][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.817243][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.825542][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.833736][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 28.849178][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.857435][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.874364][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.883303][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.892007][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.901879][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.911247][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.919443][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.950651][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.958767][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.968512][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 28.979367][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.987329][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 28.995569][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 29.003823][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 29.012891][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.032670][ T298] device veth0_vlan entered promiscuous mode [ 29.058159][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.079485][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 29.088320][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.098907][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.107381][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.119562][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 29.126868][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 29.139280][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 29.148093][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.163657][ T298] device veth1_macvtap entered promiscuous mode [ 29.195953][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 29.205865][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.218091][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 29.248549][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.258842][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.288101][ C0] hrtimer: interrupt took 25815 ns [ 29.868758][ T340] device syzkaller0 entered promiscuous mode [ 29.974603][ T342] device syzkaller0 entered promiscuous mode [ 30.584790][ T373] device syzkaller0 entered promiscuous mode [ 31.056970][ T402] FAULT_INJECTION: forcing a failure. [ 31.056970][ T402] name failslab, interval 1, probability 0, space 0, times 1 [ 31.071456][ T402] CPU: 1 PID: 402 Comm: syz.4.25 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 31.081710][ T402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 31.095400][ T402] Call Trace: [ 31.100148][ T402] [ 31.103181][ T402] dump_stack_lvl+0x151/0x1b7 [ 31.110930][ T402] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.117485][ T402] dump_stack+0x15/0x17 [ 31.121914][ T402] should_fail+0x3c6/0x510 [ 31.126519][ T402] __should_failslab+0xa4/0xe0 [ 31.132891][ T402] ? vm_area_dup+0x26/0x230 [ 31.137937][ T402] should_failslab+0x9/0x20 [ 31.143394][ T402] slab_pre_alloc_hook+0x37/0xd0 [ 31.148865][ T402] ? vm_area_dup+0x26/0x230 [ 31.153807][ T402] kmem_cache_alloc+0x44/0x200 [ 31.159563][ T402] vm_area_dup+0x26/0x230 [ 31.164742][ T402] copy_mm+0x9a1/0x13e0 [ 31.170300][ T402] ? copy_signal+0x610/0x610 [ 31.177972][ T402] ? __init_rwsem+0xfe/0x1d0 [ 31.183222][ T402] ? copy_signal+0x4e3/0x610 [ 31.188745][ T402] copy_process+0x1149/0x3290 [ 31.195217][ T402] ? proc_fail_nth_write+0x20b/0x290 [ 31.202076][ T402] ? fsnotify_perm+0x6a/0x5d0 [ 31.209004][ T402] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 31.215377][ T402] ? vfs_write+0x9ec/0x1110 [ 31.220373][ T402] ? kmem_cache_free+0x116/0x2e0 [ 31.226877][ T402] kernel_clone+0x21e/0x9e0 [ 31.233587][ T402] ? file_end_write+0x1c0/0x1c0 [ 31.238460][ T402] ? create_io_thread+0x1e0/0x1e0 [ 31.245774][ T402] ? mutex_unlock+0xb2/0x260 [ 31.251811][ T402] ? __mutex_lock_slowpath+0x10/0x10 [ 31.257779][ T402] __x64_sys_clone+0x23f/0x290 [ 31.263225][ T402] ? __do_sys_vfork+0x130/0x130 [ 31.268230][ T402] ? ksys_write+0x260/0x2c0 [ 31.275234][ T402] ? debug_smp_processor_id+0x17/0x20 [ 31.282730][ T402] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 31.290836][ T402] ? exit_to_user_mode_prepare+0x39/0xa0 [ 31.296313][ T402] do_syscall_64+0x3d/0xb0 [ 31.301002][ T402] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.307344][ T402] RIP: 0033:0x7fbc24ac89f9 [ 31.311591][ T402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 31.332365][ T402] RSP: 002b:00007fbc23747fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 31.341578][ T402] RAX: ffffffffffffffda RBX: 00007fbc24c56f80 RCX: 00007fbc24ac89f9 [ 31.351843][ T402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 31.360091][ T402] RBP: 00007fbc23748090 R08: 0000000000000000 R09: 0000000000000000 [ 31.368180][ T402] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 31.377666][ T402] R13: 0000000000000001 R14: 00007fbc24c56f80 R15: 00007ffd194dc568 [ 31.385469][ T402] [ 31.421239][ T398] device syzkaller0 entered promiscuous mode [ 31.513852][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 31.513871][ T30] audit: type=1400 audit(1723075071.578:113): avc: denied { setopt } for pid=413 comm="syz.1.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 31.619873][ T425] FAULT_INJECTION: forcing a failure. [ 31.619873][ T425] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 31.635491][ T425] CPU: 1 PID: 425 Comm: syz.3.30 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 31.645619][ T425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 31.656484][ T425] Call Trace: [ 31.659958][ T425] [ 31.663249][ T425] dump_stack_lvl+0x151/0x1b7 [ 31.668928][ T425] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.675790][ T425] dump_stack+0x15/0x17 [ 31.680916][ T425] should_fail+0x3c6/0x510 [ 31.685552][ T425] should_fail_alloc_page+0x5a/0x80 [ 31.691711][ T425] prepare_alloc_pages+0x15c/0x700 [ 31.696733][ T425] ? __alloc_pages+0x8f0/0x8f0 [ 31.701990][ T425] ? __alloc_pages_bulk+0xe40/0xe40 [ 31.708337][ T425] __alloc_pages+0x18c/0x8f0 [ 31.713540][ T425] ? __x64_sys_bpf+0x7c/0x90 [ 31.718911][ T425] ? prep_new_page+0x110/0x110 [ 31.723510][ T425] ? __kasan_check_write+0x14/0x20 [ 31.728458][ T425] __get_free_pages+0x10/0x30 [ 31.735063][ T425] kasan_populate_vmalloc_pte+0x39/0x130 [ 31.741697][ T425] ? __apply_to_page_range+0x8ca/0xbe0 [ 31.752665][ T425] __apply_to_page_range+0x8dd/0xbe0 [ 31.760198][ T425] ? kasan_populate_vmalloc+0x70/0x70 [ 31.765815][ T425] ? kasan_populate_vmalloc+0x70/0x70 [ 31.772369][ T425] apply_to_page_range+0x3b/0x50 [ 31.777427][ T425] kasan_populate_vmalloc+0x65/0x70 [ 31.783086][ T425] alloc_vmap_area+0x192f/0x1a80 [ 31.788156][ T425] ? vm_map_ram+0xa90/0xa90 [ 31.792700][ T425] ? __kasan_kmalloc+0x9/0x10 [ 31.797358][ T425] ? kmem_cache_alloc_trace+0x115/0x210 [ 31.803627][ T425] __get_vm_area_node+0x158/0x360 [ 31.808652][ T425] __vmalloc_node_range+0xe2/0x8d0 [ 31.813709][ T425] ? sock_map_alloc+0x1f7/0x310 [ 31.818514][ T425] bpf_map_area_alloc+0xd9/0xf0 [ 31.823297][ T425] ? sock_map_alloc+0x1f7/0x310 [ 31.828144][ T425] sock_map_alloc+0x1f7/0x310 [ 31.832866][ T425] map_create+0x411/0x2050 [ 31.837087][ T425] __sys_bpf+0x296/0x760 [ 31.841249][ T425] ? fput_many+0x160/0x1b0 [ 31.845514][ T425] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 31.852118][ T425] ? debug_smp_processor_id+0x17/0x20 [ 31.857509][ T425] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 31.863709][ T425] __x64_sys_bpf+0x7c/0x90 [ 31.869170][ T425] do_syscall_64+0x3d/0xb0 [ 31.881015][ T425] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.887597][ T425] RIP: 0033:0x7f8fe897e9f9 [ 31.891956][ T425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 31.912165][ T425] RSP: 002b:00007f8fe75fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 31.920709][ T425] RAX: ffffffffffffffda RBX: 00007f8fe8b0cf80 RCX: 00007f8fe897e9f9 [ 31.929054][ T425] RDX: 0000000000000048 RSI: 0000000020000bc0 RDI: 0000000000000000 [ 31.936953][ T425] RBP: 00007f8fe75fe090 R08: 0000000000000000 R09: 0000000000000000 [ 31.945296][ T425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 31.953367][ T425] R13: 0000000000000000 R14: 00007f8fe8b0cf80 R15: 00007ffe1709dfd8 [ 31.961358][ T425] [ 32.232167][ T438] device syzkaller0 entered promiscuous mode [ 32.334464][ T447] device syzkaller0 entered promiscuous mode [ 32.368305][ T453] device syzkaller0 entered promiscuous mode [ 32.438791][ T460] device syzkaller0 entered promiscuous mode [ 32.733116][ T491] device syzkaller0 entered promiscuous mode [ 32.795371][ T498] device syzkaller0 entered promiscuous mode [ 32.846099][ T493] device syzkaller0 entered promiscuous mode [ 32.914802][ T509] FAULT_INJECTION: forcing a failure. [ 32.914802][ T509] name failslab, interval 1, probability 0, space 0, times 0 [ 32.927467][ T509] CPU: 1 PID: 509 Comm: syz.1.64 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 32.937096][ T509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 32.947015][ T509] Call Trace: [ 32.950244][ T509] [ 32.953208][ T509] dump_stack_lvl+0x151/0x1b7 [ 32.957792][ T509] ? io_uring_drop_tctx_refs+0x190/0x190 [ 32.963785][ T509] dump_stack+0x15/0x17 [ 32.969241][ T509] should_fail+0x3c6/0x510 [ 32.973679][ T509] __should_failslab+0xa4/0xe0 [ 32.978646][ T509] ? anon_vma_clone+0x9a/0x500 [ 32.983259][ T509] should_failslab+0x9/0x20 [ 32.988508][ T509] slab_pre_alloc_hook+0x37/0xd0 [ 32.993972][ T509] ? anon_vma_clone+0x9a/0x500 [ 32.998661][ T509] kmem_cache_alloc+0x44/0x200 [ 33.003641][ T509] anon_vma_clone+0x9a/0x500 [ 33.008035][ T509] anon_vma_fork+0x91/0x4e0 [ 33.012503][ T509] ? anon_vma_name+0x43/0x70 [ 33.017187][ T509] ? vm_area_dup+0x17a/0x230 [ 33.022326][ T509] copy_mm+0xa3a/0x13e0 [ 33.026305][ T509] ? copy_signal+0x610/0x610 [ 33.030728][ T509] ? __init_rwsem+0xfe/0x1d0 [ 33.035153][ T509] ? copy_signal+0x4e3/0x610 [ 33.040766][ T509] copy_process+0x1149/0x3290 [ 33.046258][ T509] ? proc_fail_nth_write+0x20b/0x290 [ 33.052333][ T509] ? fsnotify_perm+0x6a/0x5d0 [ 33.057397][ T509] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 33.063222][ T509] ? vfs_write+0x9ec/0x1110 [ 33.070606][ T509] ? kmem_cache_free+0x116/0x2e0 [ 33.075370][ T509] kernel_clone+0x21e/0x9e0 [ 33.079704][ T509] ? file_end_write+0x1c0/0x1c0 [ 33.085636][ T509] ? create_io_thread+0x1e0/0x1e0 [ 33.093251][ T509] ? mutex_unlock+0xb2/0x260 [ 33.097966][ T509] ? __mutex_lock_slowpath+0x10/0x10 [ 33.106397][ T509] __x64_sys_clone+0x23f/0x290 [ 33.115077][ T509] ? __do_sys_vfork+0x130/0x130 [ 33.122823][ T509] ? ksys_write+0x260/0x2c0 [ 33.130843][ T509] ? debug_smp_processor_id+0x17/0x20 [ 33.137955][ T509] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 33.147389][ T509] ? exit_to_user_mode_prepare+0x39/0xa0 [ 33.156832][ T509] do_syscall_64+0x3d/0xb0 [ 33.162003][ T509] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 33.170505][ T509] RIP: 0033:0x7f4dd320d9f9 [ 33.176129][ T509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 33.204619][ T509] RSP: 002b:00007f4dd1e8cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 33.215273][ T509] RAX: ffffffffffffffda RBX: 00007f4dd339bf80 RCX: 00007f4dd320d9f9 [ 33.225421][ T509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 33.233899][ T509] RBP: 00007f4dd1e8d090 R08: 0000000000000000 R09: 0000000000000000 [ 33.243485][ T509] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 33.251535][ T509] R13: 0000000000000001 R14: 00007f4dd339bf80 R15: 00007ffe079490b8 [ 33.260152][ T509] [ 33.406380][ T531] device syzkaller0 entered promiscuous mode [ 33.446954][ T533] device syzkaller0 entered promiscuous mode [ 33.488308][ T537] device syzkaller0 entered promiscuous mode [ 33.576223][ T541] device syzkaller0 entered promiscuous mode [ 33.716315][ T30] audit: type=1400 audit(1723075073.768:114): avc: denied { create } for pid=545 comm="syz.3.80" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 33.867298][ T574] device syzkaller0 entered promiscuous mode [ 33.944332][ T580] device syzkaller0 entered promiscuous mode [ 34.072403][ T583] device syzkaller0 entered promiscuous mode [ 34.142183][ T591] device syzkaller0 entered promiscuous mode [ 34.424157][ T625] device syzkaller0 entered promiscuous mode [ 34.462732][ T622] device syzkaller0 entered promiscuous mode [ 34.524839][ T631] device syzkaller0 entered promiscuous mode [ 34.653983][ T651] FAULT_INJECTION: forcing a failure. [ 34.653983][ T651] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 34.667444][ T651] CPU: 1 PID: 651 Comm: syz.2.124 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 34.676983][ T651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 34.688443][ T651] Call Trace: [ 34.691988][ T651] [ 34.694765][ T651] dump_stack_lvl+0x151/0x1b7 [ 34.700861][ T651] ? io_uring_drop_tctx_refs+0x190/0x190 [ 34.707178][ T651] dump_stack+0x15/0x17 [ 34.711477][ T651] should_fail+0x3c6/0x510 [ 34.715828][ T651] should_fail_alloc_page+0x5a/0x80 [ 34.722054][ T651] prepare_alloc_pages+0x15c/0x700 [ 34.730051][ T651] ? __alloc_pages+0x8f0/0x8f0 [ 34.735512][ T651] ? __alloc_pages_bulk+0xe40/0xe40 [ 34.741159][ T651] __alloc_pages+0x18c/0x8f0 [ 34.746711][ T651] ? __x64_sys_bpf+0x7c/0x90 [ 34.753727][ T651] ? prep_new_page+0x110/0x110 [ 34.758935][ T651] ? __kasan_check_write+0x14/0x20 [ 34.764297][ T651] __get_free_pages+0x10/0x30 [ 34.768745][ T651] kasan_populate_vmalloc_pte+0x39/0x130 [ 34.774836][ T651] ? __apply_to_page_range+0x8ca/0xbe0 [ 34.781595][ T651] __apply_to_page_range+0x8dd/0xbe0 [ 34.787454][ T651] ? kasan_populate_vmalloc+0x70/0x70 [ 34.793903][ T651] ? kasan_populate_vmalloc+0x70/0x70 [ 34.799277][ T651] apply_to_page_range+0x3b/0x50 [ 34.805449][ T651] kasan_populate_vmalloc+0x65/0x70 [ 34.810489][ T651] alloc_vmap_area+0x192f/0x1a80 [ 34.815875][ T651] ? vm_map_ram+0xa90/0xa90 [ 34.820200][ T651] ? __kasan_kmalloc+0x9/0x10 [ 34.824713][ T651] ? kmem_cache_alloc_trace+0x115/0x210 [ 34.830451][ T651] __get_vm_area_node+0x158/0x360 [ 34.835401][ T651] __vmalloc_node_range+0xe2/0x8d0 [ 34.840884][ T651] ? sock_map_alloc+0x1f7/0x310 [ 34.845738][ T651] bpf_map_area_alloc+0xd9/0xf0 [ 34.850634][ T651] ? sock_map_alloc+0x1f7/0x310 [ 34.856068][ T651] sock_map_alloc+0x1f7/0x310 [ 34.861442][ T651] map_create+0x411/0x2050 [ 34.866395][ T651] __sys_bpf+0x296/0x760 [ 34.872120][ T651] ? fput_many+0x160/0x1b0 [ 34.877135][ T651] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 34.883593][ T651] ? debug_smp_processor_id+0x17/0x20 [ 34.889370][ T651] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 34.897233][ T651] __x64_sys_bpf+0x7c/0x90 [ 34.902475][ T651] do_syscall_64+0x3d/0xb0 [ 34.907852][ T651] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.914022][ T651] RIP: 0033:0x7fa75e05c9f9 [ 34.918258][ T651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 34.942066][ T651] RSP: 002b:00007fa75ccdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 34.950458][ T651] RAX: ffffffffffffffda RBX: 00007fa75e1eaf80 RCX: 00007fa75e05c9f9 [ 34.958446][ T651] RDX: 0000000000000048 RSI: 0000000020000bc0 RDI: 0000000000000000 [ 34.967472][ T651] RBP: 00007fa75ccdc090 R08: 0000000000000000 R09: 0000000000000000 [ 34.975491][ T651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 34.983481][ T651] R13: 0000000000000000 R14: 00007fa75e1eaf80 R15: 00007ffc25999418 [ 34.991472][ T651] [ 35.144397][ T670] device syzkaller0 entered promiscuous mode [ 35.155775][ T678] FAULT_INJECTION: forcing a failure. [ 35.155775][ T678] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 35.176439][ T678] CPU: 0 PID: 678 Comm: syz.2.137 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 35.191766][ T678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 35.204530][ T678] Call Trace: [ 35.208340][ T678] [ 35.213679][ T678] dump_stack_lvl+0x151/0x1b7 [ 35.219817][ T678] ? io_uring_drop_tctx_refs+0x190/0x190 [ 35.228098][ T678] ? _raw_spin_lock+0xa4/0x1b0 [ 35.235281][ T678] ? _raw_spin_trylock_bh+0x190/0x190 [ 35.241357][ T678] ? arch_stack_walk+0xf3/0x140 [ 35.246896][ T678] dump_stack+0x15/0x17 [ 35.254297][ T678] should_fail+0x3c6/0x510 [ 35.261440][ T678] should_fail_alloc_page+0x5a/0x80 [ 35.267078][ T678] prepare_alloc_pages+0x15c/0x700 [ 35.272992][ T678] ? __kasan_check_write+0x14/0x20 [ 35.278494][ T678] ? __alloc_pages_bulk+0xe40/0xe40 [ 35.287496][ T678] ? copy_page_range+0x2d59/0x2f90 [ 35.292615][ T678] __alloc_pages+0x18c/0x8f0 [ 35.297692][ T678] ? prep_new_page+0x110/0x110 [ 35.302892][ T678] ? avc_has_perm_noaudit+0x2dd/0x430 [ 35.312542][ T678] new_slab+0x9a/0x4e0 [ 35.316968][ T678] ___slab_alloc+0x39e/0x830 [ 35.321653][ T678] ? vm_area_dup+0x26/0x230 [ 35.327962][ T678] ? vm_area_dup+0x26/0x230 [ 35.332555][ T678] __slab_alloc+0x4a/0x90 [ 35.337075][ T678] ? vm_area_dup+0x26/0x230 [ 35.341867][ T678] kmem_cache_alloc+0x134/0x200 [ 35.347653][ T678] vm_area_dup+0x26/0x230 [ 35.352362][ T678] copy_mm+0x9a1/0x13e0 [ 35.356710][ T678] ? copy_signal+0x610/0x610 [ 35.362030][ T678] ? __init_rwsem+0xfe/0x1d0 [ 35.366899][ T678] ? copy_signal+0x4e3/0x610 [ 35.371492][ T678] copy_process+0x1149/0x3290 [ 35.376273][ T678] ? proc_fail_nth_write+0x20b/0x290 [ 35.381929][ T678] ? fsnotify_perm+0x6a/0x5d0 [ 35.386502][ T678] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 35.392168][ T678] ? vfs_write+0x9ec/0x1110 [ 35.396604][ T678] ? kmem_cache_free+0x116/0x2e0 [ 35.401352][ T678] kernel_clone+0x21e/0x9e0 [ 35.405693][ T678] ? file_end_write+0x1c0/0x1c0 [ 35.410384][ T678] ? create_io_thread+0x1e0/0x1e0 [ 35.415325][ T678] ? mutex_unlock+0xb2/0x260 [ 35.419755][ T678] ? __mutex_lock_slowpath+0x10/0x10 [ 35.424875][ T678] __x64_sys_clone+0x23f/0x290 [ 35.429481][ T678] ? __do_sys_vfork+0x130/0x130 [ 35.434161][ T678] ? ksys_write+0x260/0x2c0 [ 35.438866][ T678] ? debug_smp_processor_id+0x17/0x20 [ 35.444142][ T678] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 35.450218][ T678] ? exit_to_user_mode_prepare+0x39/0xa0 [ 35.456090][ T678] do_syscall_64+0x3d/0xb0 [ 35.460633][ T678] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.466358][ T678] RIP: 0033:0x7fa75e05c9f9 [ 35.470614][ T678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 35.490858][ T678] RSP: 002b:00007fa75ccdbfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 35.499082][ T678] RAX: ffffffffffffffda RBX: 00007fa75e1eaf80 RCX: 00007fa75e05c9f9 [ 35.507018][ T678] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 35.514822][ T678] RBP: 00007fa75ccdc090 R08: 0000000000000000 R09: 0000000000000000 [ 35.522631][ T678] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 35.530444][ T678] R13: 0000000000000001 R14: 00007fa75e1eaf80 R15: 00007ffc25999418 [ 35.539126][ T678] [ 35.580803][ T689] device syzkaller0 entered promiscuous mode [ 35.935742][ T721] device syzkaller0 entered promiscuous mode [ 36.155282][ T743] device syzkaller0 entered promiscuous mode [ 36.479188][ T770] device syzkaller0 entered promiscuous mode [ 36.666457][ T789] device syzkaller0 entered promiscuous mode [ 36.784022][ T808] FAULT_INJECTION: forcing a failure. [ 36.784022][ T808] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 36.797951][ T808] CPU: 1 PID: 808 Comm: syz.3.191 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 36.808332][ T808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 36.818313][ T808] Call Trace: [ 36.821564][ T808] [ 36.825299][ T808] dump_stack_lvl+0x151/0x1b7 [ 36.831303][ T808] ? io_uring_drop_tctx_refs+0x190/0x190 [ 36.837557][ T808] dump_stack+0x15/0x17 [ 36.841721][ T808] should_fail+0x3c6/0x510 [ 36.846666][ T808] should_fail_alloc_page+0x5a/0x80 [ 36.852772][ T808] prepare_alloc_pages+0x15c/0x700 [ 36.858259][ T808] ? __alloc_pages+0x8f0/0x8f0 [ 36.862928][ T808] ? __alloc_pages_bulk+0xe40/0xe40 [ 36.869167][ T808] ? prep_new_page+0x110/0x110 [ 36.874190][ T808] __alloc_pages+0x18c/0x8f0 [ 36.879479][ T808] ? prep_new_page+0x110/0x110 [ 36.885928][ T808] ? __kasan_check_write+0x14/0x20 [ 36.891457][ T808] ? __pte_alloc_kernel+0x19b/0x1f0 [ 36.897035][ T808] __get_free_pages+0x10/0x30 [ 36.902457][ T808] kasan_populate_vmalloc_pte+0x39/0x130 [ 36.908542][ T808] ? __apply_to_page_range+0x8ca/0xbe0 [ 36.914615][ T808] __apply_to_page_range+0x8dd/0xbe0 [ 36.920424][ T808] ? kasan_populate_vmalloc+0x70/0x70 [ 36.925842][ T808] ? kasan_populate_vmalloc+0x70/0x70 [ 36.931203][ T808] apply_to_page_range+0x3b/0x50 [ 36.937432][ T808] kasan_populate_vmalloc+0x65/0x70 [ 36.942918][ T808] alloc_vmap_area+0x192f/0x1a80 [ 36.949258][ T808] ? vm_map_ram+0xa90/0xa90 [ 36.955072][ T808] ? __kasan_kmalloc+0x9/0x10 [ 36.960403][ T808] ? kmem_cache_alloc_trace+0x115/0x210 [ 36.967408][ T808] __get_vm_area_node+0x158/0x360 [ 36.973230][ T808] __vmalloc_node_range+0xe2/0x8d0 [ 36.978323][ T808] ? sock_map_alloc+0x1f7/0x310 [ 36.983243][ T808] bpf_map_area_alloc+0xd9/0xf0 [ 36.987928][ T808] ? sock_map_alloc+0x1f7/0x310 [ 36.992602][ T808] sock_map_alloc+0x1f7/0x310 [ 36.997724][ T808] map_create+0x411/0x2050 [ 37.002412][ T808] __sys_bpf+0x296/0x760 [ 37.007302][ T808] ? fput_many+0x160/0x1b0 [ 37.011543][ T808] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 37.017364][ T808] ? debug_smp_processor_id+0x17/0x20 [ 37.022973][ T808] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 37.028876][ T808] __x64_sys_bpf+0x7c/0x90 [ 37.034566][ T808] do_syscall_64+0x3d/0xb0 [ 37.040624][ T808] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.048711][ T808] RIP: 0033:0x7f8fe897e9f9 [ 37.057371][ T808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 37.087094][ T808] RSP: 002b:00007f8fe75fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 37.097798][ T808] RAX: ffffffffffffffda RBX: 00007f8fe8b0cf80 RCX: 00007f8fe897e9f9 [ 37.108675][ T808] RDX: 0000000000000048 RSI: 0000000020000bc0 RDI: 0000000000000000 [ 37.117225][ T808] RBP: 00007f8fe75fe090 R08: 0000000000000000 R09: 0000000000000000 [ 37.127524][ T808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 37.137254][ T808] R13: 0000000000000000 R14: 00007f8fe8b0cf80 R15: 00007ffe1709dfd8 [ 37.148514][ T808] [ 37.278001][ T821] device syzkaller0 entered promiscuous mode [ 37.381546][ T835] device syzkaller0 entered promiscuous mode [ 37.500128][ T852] FAULT_INJECTION: forcing a failure. [ 37.500128][ T852] name failslab, interval 1, probability 0, space 0, times 0 [ 37.517842][ T852] CPU: 1 PID: 852 Comm: syz.4.211 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 37.528013][ T852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 37.539501][ T852] Call Trace: [ 37.542709][ T852] [ 37.545488][ T852] dump_stack_lvl+0x151/0x1b7 [ 37.550015][ T852] ? io_uring_drop_tctx_refs+0x190/0x190 [ 37.555984][ T852] dump_stack+0x15/0x17 [ 37.560694][ T852] should_fail+0x3c6/0x510 [ 37.565765][ T852] __should_failslab+0xa4/0xe0 [ 37.570946][ T852] ? anon_vma_clone+0x9a/0x500 [ 37.576049][ T852] should_failslab+0x9/0x20 [ 37.580952][ T852] slab_pre_alloc_hook+0x37/0xd0 [ 37.585724][ T852] ? anon_vma_clone+0x9a/0x500 [ 37.592029][ T852] kmem_cache_alloc+0x44/0x200 [ 37.596823][ T852] anon_vma_clone+0x9a/0x500 [ 37.602391][ T852] anon_vma_fork+0x91/0x4e0 [ 37.606711][ T852] ? anon_vma_name+0x43/0x70 [ 37.611336][ T852] ? vm_area_dup+0x17a/0x230 [ 37.616526][ T852] copy_mm+0xa3a/0x13e0 [ 37.621136][ T852] ? copy_signal+0x610/0x610 [ 37.626242][ T852] ? __init_rwsem+0xfe/0x1d0 [ 37.630679][ T852] ? copy_signal+0x4e3/0x610 [ 37.635492][ T852] copy_process+0x1149/0x3290 [ 37.640355][ T852] ? proc_fail_nth_write+0x20b/0x290 [ 37.646927][ T852] ? fsnotify_perm+0x6a/0x5d0 [ 37.651591][ T852] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 37.657021][ T852] ? vfs_write+0x9ec/0x1110 [ 37.662392][ T852] ? kmem_cache_free+0x116/0x2e0 [ 37.669256][ T852] kernel_clone+0x21e/0x9e0 [ 37.673550][ T852] ? file_end_write+0x1c0/0x1c0 [ 37.678682][ T852] ? create_io_thread+0x1e0/0x1e0 [ 37.683879][ T852] ? mutex_unlock+0xb2/0x260 [ 37.688315][ T852] ? __mutex_lock_slowpath+0x10/0x10 [ 37.693444][ T852] __x64_sys_clone+0x23f/0x290 [ 37.699107][ T852] ? __do_sys_vfork+0x130/0x130 [ 37.704777][ T852] ? ksys_write+0x260/0x2c0 [ 37.709853][ T852] ? debug_smp_processor_id+0x17/0x20 [ 37.715224][ T852] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 37.721564][ T852] ? exit_to_user_mode_prepare+0x39/0xa0 [ 37.727117][ T852] do_syscall_64+0x3d/0xb0 [ 37.731450][ T852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.737446][ T852] RIP: 0033:0x7fbc24ac89f9 [ 37.743165][ T852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 37.765516][ T852] RSP: 002b:00007fbc23747fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 37.774998][ T852] RAX: ffffffffffffffda RBX: 00007fbc24c56f80 RCX: 00007fbc24ac89f9 [ 37.783320][ T852] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 37.791211][ T852] RBP: 00007fbc23748090 R08: 0000000000000000 R09: 0000000000000000 [ 37.799104][ T852] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 37.807102][ T852] R13: 0000000000000001 R14: 00007fbc24c56f80 R15: 00007ffd194dc568 [ 37.815015][ T852] [ 37.880702][ T868] device syzkaller0 entered promiscuous mode [ 37.981716][ T873] device syzkaller0 entered promiscuous mode [ 38.089727][ T896] device syzkaller0 entered promiscuous mode [ 38.226142][ T916] device syzkaller0 entered promiscuous mode [ 38.337003][ T932] FAULT_INJECTION: forcing a failure. [ 38.337003][ T932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 38.374038][ T932] CPU: 1 PID: 932 Comm: syz.4.243 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 38.384216][ T932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 38.395198][ T932] Call Trace: [ 38.400308][ T932] [ 38.403023][ T932] dump_stack_lvl+0x151/0x1b7 [ 38.409301][ T932] ? io_uring_drop_tctx_refs+0x190/0x190 [ 38.416312][ T932] dump_stack+0x15/0x17 [ 38.421975][ T932] should_fail+0x3c6/0x510 [ 38.425371][ T938] device syzkaller0 entered promiscuous mode [ 38.429808][ T932] should_fail_alloc_page+0x5a/0x80 [ 38.429844][ T932] prepare_alloc_pages+0x15c/0x700 [ 38.429864][ T932] ? __alloc_pages+0x8f0/0x8f0 [ 38.429885][ T932] ? __alloc_pages_bulk+0xe40/0xe40 [ 38.464153][ T932] __alloc_pages+0x18c/0x8f0 [ 38.469714][ T932] ? __x64_sys_bpf+0x7c/0x90 [ 38.475821][ T932] ? prep_new_page+0x110/0x110 [ 38.482749][ T932] ? __kasan_check_write+0x14/0x20 [ 38.490363][ T932] __get_free_pages+0x10/0x30 [ 38.496672][ T932] kasan_populate_vmalloc_pte+0x39/0x130 [ 38.503595][ T932] ? __apply_to_page_range+0x8ca/0xbe0 [ 38.509925][ T932] __apply_to_page_range+0x8dd/0xbe0 [ 38.517332][ T932] ? kasan_populate_vmalloc+0x70/0x70 [ 38.523590][ T932] ? kasan_populate_vmalloc+0x70/0x70 [ 38.529354][ T932] apply_to_page_range+0x3b/0x50 [ 38.535660][ T932] kasan_populate_vmalloc+0x65/0x70 [ 38.542516][ T932] alloc_vmap_area+0x192f/0x1a80 [ 38.549367][ T932] ? vm_map_ram+0xa90/0xa90 [ 38.555198][ T932] ? __kasan_kmalloc+0x9/0x10 [ 38.562314][ T932] ? kmem_cache_alloc_trace+0x115/0x210 [ 38.568671][ T932] __get_vm_area_node+0x158/0x360 [ 38.574601][ T932] __vmalloc_node_range+0xe2/0x8d0 [ 38.579710][ T932] ? sock_map_alloc+0x1f7/0x310 [ 38.586296][ T932] bpf_map_area_alloc+0xd9/0xf0 [ 38.592867][ T932] ? sock_map_alloc+0x1f7/0x310 [ 38.598066][ T932] sock_map_alloc+0x1f7/0x310 [ 38.603355][ T932] map_create+0x411/0x2050 [ 38.608136][ T932] __sys_bpf+0x296/0x760 [ 38.613169][ T932] ? fput_many+0x160/0x1b0 [ 38.617498][ T932] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 38.624544][ T932] ? debug_smp_processor_id+0x17/0x20 [ 38.630787][ T932] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 38.638691][ T932] __x64_sys_bpf+0x7c/0x90 [ 38.643184][ T932] do_syscall_64+0x3d/0xb0 [ 38.649333][ T932] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 38.656440][ T932] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 38.662668][ T932] RIP: 0033:0x7fbc24ac89f9 [ 38.667269][ T932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 38.692873][ T932] RSP: 002b:00007fbc23748038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 38.704884][ T932] RAX: ffffffffffffffda RBX: 00007fbc24c56f80 RCX: 00007fbc24ac89f9 [ 38.714552][ T932] RDX: 0000000000000048 RSI: 0000000020000bc0 RDI: 0000000000000000 [ 38.727110][ T932] RBP: 00007fbc23748090 R08: 0000000000000000 R09: 0000000000000000 [ 38.735641][ T932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 38.743702][ T932] R13: 0000000000000000 R14: 00007fbc24c56f80 R15: 00007ffd194dc568 [ 38.754032][ T932] [ 38.796219][ T951] device syzkaller0 entered promiscuous mode [ 38.861361][ T957] device syzkaller0 entered promiscuous mode [ 38.993600][ T976] FAULT_INJECTION: forcing a failure. [ 38.993600][ T976] name failslab, interval 1, probability 0, space 0, times 0 [ 39.010549][ T976] CPU: 0 PID: 976 Comm: syz.1.260 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 39.014432][ T974] device syzkaller0 entered promiscuous mode [ 39.021252][ T976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 39.021270][ T976] Call Trace: [ 39.021277][ T976] [ 39.021285][ T976] dump_stack_lvl+0x151/0x1b7 [ 39.021314][ T976] ? io_uring_drop_tctx_refs+0x190/0x190 [ 39.021337][ T976] dump_stack+0x15/0x17 [ 39.021355][ T976] should_fail+0x3c6/0x510 [ 39.072238][ T976] __should_failslab+0xa4/0xe0 [ 39.077288][ T976] ? anon_vma_fork+0x1df/0x4e0 [ 39.082430][ T976] should_failslab+0x9/0x20 [ 39.088175][ T976] slab_pre_alloc_hook+0x37/0xd0 [ 39.093853][ T976] ? anon_vma_fork+0x1df/0x4e0 [ 39.099398][ T976] kmem_cache_alloc+0x44/0x200 [ 39.104590][ T976] anon_vma_fork+0x1df/0x4e0 [ 39.109509][ T976] copy_mm+0xa3a/0x13e0 [ 39.114725][ T976] ? copy_signal+0x610/0x610 [ 39.119475][ T976] ? __init_rwsem+0xfe/0x1d0 [ 39.124512][ T976] ? copy_signal+0x4e3/0x610 [ 39.129474][ T976] copy_process+0x1149/0x3290 [ 39.135544][ T976] ? proc_fail_nth_write+0x20b/0x290 [ 39.141024][ T976] ? fsnotify_perm+0x6a/0x5d0 [ 39.147394][ T976] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.153277][ T976] ? vfs_write+0x9ec/0x1110 [ 39.159464][ T976] ? kmem_cache_free+0x116/0x2e0 [ 39.166386][ T976] kernel_clone+0x21e/0x9e0 [ 39.170774][ T976] ? file_end_write+0x1c0/0x1c0 [ 39.176020][ T976] ? create_io_thread+0x1e0/0x1e0 [ 39.181334][ T976] ? mutex_unlock+0xb2/0x260 [ 39.188106][ T976] ? __mutex_lock_slowpath+0x10/0x10 [ 39.193851][ T976] __x64_sys_clone+0x23f/0x290 [ 39.198901][ T976] ? __do_sys_vfork+0x130/0x130 [ 39.204017][ T976] ? ksys_write+0x260/0x2c0 [ 39.209979][ T976] ? debug_smp_processor_id+0x17/0x20 [ 39.218644][ T976] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 39.228486][ T976] ? exit_to_user_mode_prepare+0x39/0xa0 [ 39.234195][ T976] do_syscall_64+0x3d/0xb0 [ 39.238719][ T976] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.246097][ T976] RIP: 0033:0x7f4dd320d9f9 [ 39.252429][ T976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 39.278259][ T976] RSP: 002b:00007f4dd1e8cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 39.286586][ T976] RAX: ffffffffffffffda RBX: 00007f4dd339bf80 RCX: 00007f4dd320d9f9 [ 39.294393][ T976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 39.302809][ T976] RBP: 00007f4dd1e8d090 R08: 0000000000000000 R09: 0000000000000000 [ 39.311031][ T976] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 39.319355][ T976] R13: 0000000000000001 R14: 00007f4dd339bf80 R15: 00007ffe079490b8 [ 39.328964][ T976] [ 39.333283][ T976] ------------[ cut here ]------------ [ 39.386907][ T976] refcount_t: underflow; use-after-free. [ 39.406754][ T976] WARNING: CPU: 1 PID: 976 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0 [ 39.457022][ T976] Modules linked in: [ 39.462636][ T976] CPU: 1 PID: 976 Comm: syz.1.260 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 39.476859][ T976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 39.481429][ T990] device syzkaller0 entered promiscuous mode [ 39.490976][ T976] RIP: 0010:refcount_warn_saturate+0x158/0x1a0 [ 39.503844][ T976] Code: 04 01 48 c7 c7 c0 d7 a2 85 e8 f4 1e dc fe 0f 0b eb 8b e8 ab e8 0a ff c6 05 23 f2 c0 04 01 48 c7 c7 20 d8 a2 85 e8 d8 1e dc fe <0f> 0b e9 6c ff ff ff e8 8c e8 0a ff c6 05 05 f2 c0 04 01 48 c7 c7 [ 39.543492][ T976] RSP: 0018:ffffc90000b9f968 EFLAGS: 00010246 [ 39.566961][ T994] device syzkaller0 entered promiscuous mode [ 39.580619][ T976] RAX: 8d32f1a0bb29eb00 RBX: 0000000000000003 RCX: ffff8881199262c0 [ 39.594697][ T976] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 39.611096][ T976] RBP: ffffc90000b9f978 R08: ffffffff81576d35 R09: ffffed103ee265e8 [ 39.630398][ T976] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11021b81117 [ 39.644655][ T976] R13: ffff88810dc088b8 R14: 0000000000000003 R15: ffff888119a01749 [ 39.658023][ T976] FS: 00007f4dd1e8d6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 39.672270][ T976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.681578][ T976] CR2: 0000000000000000 CR3: 000000010cd22000 CR4: 00000000003506a0 [ 39.695011][ T976] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.707433][ T976] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.719474][ T976] Call Trace: [ 39.724287][ T976] [ 39.729158][ T976] ? show_regs+0x58/0x60 [ 39.738709][ T976] ? __warn+0x160/0x2f0 [ 39.748668][ T976] ? refcount_warn_saturate+0x158/0x1a0 [ 39.759932][ T976] ? report_bug+0x3d9/0x5b0 [ 39.764869][ T976] ? refcount_warn_saturate+0x158/0x1a0 [ 39.772999][ T976] ? handle_bug+0x41/0x70 [ 39.778223][ T976] ? exc_invalid_op+0x1b/0x50 [ 39.783393][ T976] ? asm_exc_invalid_op+0x1b/0x20 [ 39.793365][ T976] ? __wake_up_klogd+0xd5/0x110 [ 39.799215][ T976] ? refcount_warn_saturate+0x158/0x1a0 [ 39.810075][ T976] ? refcount_warn_saturate+0x158/0x1a0 [ 39.816550][ T976] vm_area_free_no_check+0x123/0x130 [ 39.824174][ T976] copy_mm+0xefb/0x13e0 [ 39.828644][ T1006] device syzkaller0 entered promiscuous mode [ 39.829189][ T976] ? copy_signal+0x610/0x610 [ 39.843469][ T976] ? __init_rwsem+0xfe/0x1d0 [ 39.848793][ T976] ? copy_signal+0x4e3/0x610 [ 39.864997][ T976] copy_process+0x1149/0x3290 [ 39.872971][ T976] ? proc_fail_nth_write+0x20b/0x290 [ 39.881696][ T976] ? fsnotify_perm+0x6a/0x5d0 [ 39.888531][ T976] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.894730][ T976] ? vfs_write+0x9ec/0x1110 [ 39.903795][ T976] ? kmem_cache_free+0x116/0x2e0 [ 39.909821][ T976] kernel_clone+0x21e/0x9e0 [ 39.914711][ T976] ? file_end_write+0x1c0/0x1c0 [ 39.925469][ T976] ? create_io_thread+0x1e0/0x1e0 [ 39.930610][ T976] ? mutex_unlock+0xb2/0x260 [ 39.935426][ T976] ? __mutex_lock_slowpath+0x10/0x10 [ 39.946354][ T976] __x64_sys_clone+0x23f/0x290 [ 39.959235][ T976] ? __do_sys_vfork+0x130/0x130 [ 39.965047][ T976] ? ksys_write+0x260/0x2c0 [ 39.973693][ T976] ? debug_smp_processor_id+0x17/0x20 [ 39.986995][ T976] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 40.046554][ T976] ? exit_to_user_mode_prepare+0x39/0xa0 [ 40.053914][ T976] do_syscall_64+0x3d/0xb0 [ 40.059556][ T976] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.066921][ T976] RIP: 0033:0x7f4dd320d9f9 [ 40.081334][ T1024] device syzkaller0 entered promiscuous mode [ 40.143486][ T976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 40.162755][ T1032] device syzkaller0 entered promiscuous mode [ 40.178031][ T976] RSP: 002b:00007f4dd1e8cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 40.205689][ T976] RAX: ffffffffffffffda RBX: 00007f4dd339bf80 RCX: 00007f4dd320d9f9 [ 40.218916][ T976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 40.232405][ T976] RBP: 00007f4dd1e8d090 R08: 0000000000000000 R09: 0000000000000000 [ 40.247966][ T976] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 40.258064][ T976] R13: 0000000000000001 R14: 00007f4dd339bf80 R15: 00007ffe079490b8 [ 40.274511][ T976] [ 40.277672][ T976] ---[ end trace 8b8cbb05e68ff24f ]--- [ 40.448055][ T1052] device syzkaller0 entered promiscuous mode [ 40.483479][ T1063] device syzkaller0 entered promiscuous mode [ 40.583489][ T1074] device syzkaller0 entered promiscuous mode [ 40.824886][ T1107] FAULT_INJECTION: forcing a failure. [ 40.824886][ T1107] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 40.826523][ T1103] device syzkaller0 entered promiscuous mode [ 40.851576][ T1107] CPU: 0 PID: 1107 Comm: syz.1.315 Tainted: G W 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 40.863590][ T1107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 40.875116][ T1107] Call Trace: [ 40.878805][ T1107] [ 40.882254][ T1107] dump_stack_lvl+0x151/0x1b7 [ 40.889183][ T1107] ? io_uring_drop_tctx_refs+0x190/0x190 [ 40.895053][ T1107] dump_stack+0x15/0x17 [ 40.899718][ T1107] should_fail+0x3c6/0x510 [ 40.904052][ T1107] should_fail_alloc_page+0x5a/0x80 [ 40.909699][ T1107] prepare_alloc_pages+0x15c/0x700 [ 40.915178][ T1107] ? __alloc_pages+0x8f0/0x8f0 [ 40.919934][ T1107] ? __alloc_pages_bulk+0xe40/0xe40 [ 40.925231][ T1107] __alloc_pages+0x18c/0x8f0 [ 40.931057][ T1107] ? prep_new_page+0x110/0x110 [ 40.939134][ T1107] ? __vmalloc_node_range+0x61a/0x8d0 [ 40.944718][ T1107] __vmalloc_node_range+0x482/0x8d0 [ 40.950779][ T1107] bpf_map_area_alloc+0xd9/0xf0 [ 40.957410][ T1107] ? sock_map_alloc+0x1f7/0x310 [ 40.963831][ T1107] sock_map_alloc+0x1f7/0x310 [ 40.968999][ T1107] map_create+0x411/0x2050 [ 40.976471][ T1107] __sys_bpf+0x296/0x760 [ 40.981137][ T1107] ? fput_many+0x160/0x1b0 [ 40.986334][ T1107] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 40.991838][ T1107] ? debug_smp_processor_id+0x17/0x20 [ 40.998639][ T1107] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 41.004890][ T1107] __x64_sys_bpf+0x7c/0x90 [ 41.010682][ T1107] do_syscall_64+0x3d/0xb0 [ 41.015437][ T1107] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.021525][ T1107] RIP: 0033:0x7f4dd320d9f9 [ 41.026273][ T1107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.047911][ T1107] RSP: 002b:00007f4dd1e8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 41.057043][ T1107] RAX: ffffffffffffffda RBX: 00007f4dd339bf80 RCX: 00007f4dd320d9f9 [ 41.065578][ T1107] RDX: 0000000000000048 RSI: 0000000020000bc0 RDI: 0000000000000000 [ 41.075680][ T1107] RBP: 00007f4dd1e8d090 R08: 0000000000000000 R09: 0000000000000000 [ 41.086873][ T1107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 41.098717][ T1107] R13: 0000000000000000 R14: 00007f4dd339bf80 R15: 00007ffe079490b8 [ 41.112784][ T1107] [ 41.220906][ T1113] device syzkaller0 entered promiscuous mode [ 41.310534][ T1136] FAULT_INJECTION: forcing a failure. [ 41.310534][ T1136] name failslab, interval 1, probability 0, space 0, times 0 [ 41.398718][ T1136] CPU: 0 PID: 1136 Comm: syz.0.328 Tainted: G W 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 41.413019][ T1136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 41.424232][ T1136] Call Trace: [ 41.428378][ T1136] [ 41.431412][ T1136] dump_stack_lvl+0x151/0x1b7 [ 41.437543][ T1136] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.445769][ T1136] dump_stack+0x15/0x17 [ 41.454202][ T1136] should_fail+0x3c6/0x510 [ 41.458784][ T1136] __should_failslab+0xa4/0xe0 [ 41.463629][ T1136] ? anon_vma_fork+0x1df/0x4e0 [ 41.469112][ T1136] should_failslab+0x9/0x20 [ 41.474456][ T1136] slab_pre_alloc_hook+0x37/0xd0 [ 41.479840][ T1136] ? anon_vma_fork+0x1df/0x4e0 [ 41.485548][ T1136] kmem_cache_alloc+0x44/0x200 [ 41.490608][ T1136] anon_vma_fork+0x1df/0x4e0 [ 41.498359][ T1136] copy_mm+0xa3a/0x13e0 [ 41.503244][ T1136] ? copy_signal+0x610/0x610 [ 41.507746][ T1136] ? __init_rwsem+0xfe/0x1d0 [ 41.515804][ T1136] ? copy_signal+0x4e3/0x610 [ 41.520502][ T1154] device syzkaller0 entered promiscuous mode [ 41.520964][ T1136] copy_process+0x1149/0x3290 [ 41.533909][ T1136] ? proc_fail_nth_write+0x20b/0x290 [ 41.541289][ T1136] ? fsnotify_perm+0x6a/0x5d0 [ 41.548322][ T1136] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 41.554718][ T1136] ? vfs_write+0x9ec/0x1110 [ 41.559928][ T1136] ? kmem_cache_free+0x116/0x2e0 [ 41.565582][ T1136] kernel_clone+0x21e/0x9e0 [ 41.572069][ T1136] ? file_end_write+0x1c0/0x1c0 [ 41.577991][ T1136] ? create_io_thread+0x1e0/0x1e0 [ 41.583048][ T1136] ? mutex_unlock+0xb2/0x260 [ 41.588255][ T1136] ? __mutex_lock_slowpath+0x10/0x10 [ 41.595696][ T1136] __x64_sys_clone+0x23f/0x290 [ 41.600740][ T1136] ? __do_sys_vfork+0x130/0x130 [ 41.607967][ T1136] ? ksys_write+0x260/0x2c0 [ 41.614593][ T1136] ? debug_smp_processor_id+0x17/0x20 [ 41.620545][ T1136] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 41.626963][ T1136] ? exit_to_user_mode_prepare+0x39/0xa0 [ 41.634106][ T1136] do_syscall_64+0x3d/0xb0 [ 41.639279][ T1136] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.645611][ T1136] RIP: 0033:0x7f5a716ca9f9 [ 41.654818][ T1136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.677749][ T1136] RSP: 002b:00007f5a70349fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 41.688135][ T1136] RAX: ffffffffffffffda RBX: 00007f5a71858f80 RCX: 00007f5a716ca9f9 [ 41.699765][ T1136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 41.710110][ T1136] RBP: 00007f5a7034a090 R08: 0000000000000000 R09: 0000000000000000 [ 41.724755][ T1136] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 41.733140][ T1136] R13: 0000000000000001 R14: 00007f5a71858f80 R15: 00007ffd4b2c5ec8 [ 41.751058][ T1136] [ 41.806984][ T294] BUG: unable to handle page fault for address: ffffed180000001f [ 41.815738][ T294] #PF: supervisor read access in kernel mode [ 41.824136][ T294] #PF: error_code(0x0000) - not-present page [ 41.830052][ T294] PGD 23fff2067 P4D 23fff2067 PUD 0 [ 41.836824][ T294] Oops: 0000 [#1] PREEMPT SMP KASAN [ 41.843014][ T294] CPU: 1 PID: 294 Comm: syz-executor Tainted: G W 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 41.857469][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 41.869512][ T294] RIP: 0010:__rb_insert_augmented+0x36b/0x610 [ 41.875877][ T294] Code: 49 89 5d 00 48 83 e3 fc 43 80 3c 26 00 74 08 4c 89 ff e8 d8 d1 2a ff 4d 89 2f 48 85 db 74 2a 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 16 d1 2a ff 48 8d 43 08 4c 39 7b [ 41.899486][ T294] RSP: 0018:ffffc900009d78f8 EFLAGS: 00010a02 [ 41.906482][ T294] RAX: 1ffff1180000001f RBX: ffff88c0000000e8 RCX: ffff88811cd793c0 [ 41.919746][ T294] RDX: 0000000000000000 RSI: ffff88810ccf74f8 RDI: ffff888120202788 [ 41.930250][ T294] RBP: ffffc900009d7960 R08: dffffc0000000000 R09: ffff88810ccf7500 [ 41.941846][ T294] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 41.951004][ T294] R13: ffff88810ccf74f8 R14: ffff88c0000000f8 R15: ffff888119a01748 [ 41.961010][ T294] FS: 00005555570af500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 41.972316][ T294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.979958][ T294] CR2: ffffed180000001f CR3: 00000001201f4000 CR4: 00000000003506a0 [ 41.989490][ T294] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.998447][ T294] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.007264][ T294] Call Trace: [ 42.010937][ T294] [ 42.013837][ T294] ? __die_body+0x62/0xb0 [ 42.018596][ T294] ? __die+0x7e/0x90 [ 42.022776][ T294] ? page_fault_oops+0x7f9/0xa90 [ 42.028404][ T294] ? __rb_insert_augmented+0x36b/0x610 [ 42.034997][ T294] ? kernelmode_fixup_or_oops+0x270/0x270 [ 42.043849][ T294] ? is_prefetch+0x47a/0x6d0 [ 42.050181][ T294] ? search_bpf_extables+0x26d/0x2c0 [ 42.057682][ T294] ? __rb_insert_augmented+0x36b/0x610 [ 42.063812][ T294] ? __rb_insert_augmented+0x36b/0x610 [ 42.070251][ T294] ? fixup_exception+0xbb/0x13c0 [ 42.075654][ T294] ? stack_trace_save+0x113/0x1c0 [ 42.080966][ T294] ? kernelmode_fixup_or_oops+0x21b/0x270 [ 42.090592][ T294] ? __bad_area_nosemaphore+0xcf/0x490 [ 42.096872][ T294] ? __kasan_slab_alloc+0xc3/0xe0 [ 42.102600][ T294] ? bad_area_nosemaphore+0x2d/0x40 [ 42.108921][ T294] ? do_kern_addr_fault+0x69/0x80 [ 42.114191][ T294] ? exc_page_fault+0x4eb/0x830 [ 42.119310][ T294] ? asm_exc_page_fault+0x27/0x30 [ 42.124716][ T294] ? __rb_insert_augmented+0x36b/0x610 [ 42.130326][ T294] ? __rb_insert_augmented+0x28f/0x610 [ 42.136387][ T294] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 42.143703][ T294] vma_interval_tree_insert_after+0x2be/0x2d0 [ 42.150037][ T294] copy_mm+0xba2/0x13e0 [ 42.155569][ T294] ? copy_signal+0x610/0x610 [ 42.160083][ T294] ? __init_rwsem+0xfe/0x1d0 [ 42.165340][ T294] ? copy_signal+0x4e3/0x610 [ 42.169850][ T294] copy_process+0x1149/0x3290 [ 42.177362][ T294] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 42.182711][ T294] kernel_clone+0x21e/0x9e0 [ 42.188705][ T294] ? create_io_thread+0x1e0/0x1e0 [ 42.194754][ T294] ? debug_smp_processor_id+0x17/0x20 [ 42.202327][ T294] __x64_sys_clone+0x23f/0x290 [ 42.210595][ T294] ? __do_sys_vfork+0x130/0x130 [ 42.216934][ T294] do_syscall_64+0x3d/0xb0 [ 42.222989][ T294] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.230704][ T294] RIP: 0033:0x7f5a716c1253 [ 42.237945][ T294] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 42.266784][ T294] RSP: 002b:00007ffd4b2c6148 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 42.280627][ T294] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5a716c1253 [ 42.289886][ T294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 42.302958][ T294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 42.315011][ T294] R10: 00005555570af7d0 R11: 0000000000000246 R12: 0000000000000001 [ 42.328524][ T294] R13: 000000000000a31a R14: 000000000000a145 R15: 00007ffd4b2c62d0 [ 42.337816][ T294] [ 42.342059][ T294] Modules linked in: [ 42.345979][ T294] CR2: ffffed180000001f [ 42.351567][ T294] ---[ end trace 8b8cbb05e68ff250 ]--- [ 42.357811][ T294] RIP: 0010:__rb_insert_augmented+0x36b/0x610 [ 42.364839][ T294] Code: 49 89 5d 00 48 83 e3 fc 43 80 3c 26 00 74 08 4c 89 ff e8 d8 d1 2a ff 4d 89 2f 48 85 db 74 2a 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 16 d1 2a ff 48 8d 43 08 4c 39 7b [ 42.387689][ T294] RSP: 0018:ffffc900009d78f8 EFLAGS: 00010a02 [ 42.394478][ T294] RAX: 1ffff1180000001f RBX: ffff88c0000000e8 RCX: ffff88811cd793c0 [ 42.402838][ T294] RDX: 0000000000000000 RSI: ffff88810ccf74f8 RDI: ffff888120202788 [ 42.414348][ T294] RBP: ffffc900009d7960 R08: dffffc0000000000 R09: ffff88810ccf7500 [ 42.424854][ T294] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 42.435569][ T294] R13: ffff88810ccf74f8 R14: ffff88c0000000f8 R15: ffff888119a01748 [ 42.443485][ T294] FS: 00005555570af500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 42.453595][ T294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.460368][ T294] CR2: ffffed180000001f CR3: 00000001201f4000 CR4: 00000000003506a0 [ 42.469494][ T294] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.478110][ T294] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.486741][ T294] Kernel panic - not syncing: Fatal exception [ 42.493175][ T294] Kernel Offset: disabled [ 42.498847][ T294] Rebooting in 86400 seconds..