aller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:32 executing program 3: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)="e3eb0e3d4da23da9bb10cf32f1cde878ecfc336226b52d1b41e990e8d98f5added93587f8015d2f72f5142558e1e45ed62b3b7b00f89f7390188ea52951a74c2b705305a7c78b5f13169943cf9d885d1d51312ff77d0b78e0388e680423cb6cd81b7f48782e4410ad47beaf68aada4b9efe569bfb5dd291d8ec96ddbdc048bdd82131ede44f44abb8f49f027807df4303bce544f516bc9e0237fc2c4677579c19ec6581f842de1c800ef853ac48698f3e457181e1279b4ce6b4399b343d4fa158816a22c") 14:13:32 executing program 3: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)="e3eb0e3d4da23da9bb10cf32f1cde878ecfc336226b52d1b41e990e8d98f5added93587f8015d2f72f5142558e1e45ed62b3b7b00f89f7390188ea52951a74c2b705305a7c78b5f13169943cf9d885d1d51312ff77d0b78e0388e680423cb6cd81b7f48782e4410ad47beaf68aada4b9efe569bfb5dd291d8ec96ddbdc048bdd82131ede44f44abb8f49f027807df4303bce544f516bc9e0237fc2c4677579c19ec6581f842de1c800ef853ac48698f3e457181e1279b4ce6b4399b343d4fa158816a22c") 14:13:32 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:32 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:32 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r1, &(0x7f00000001c0)=ANY=[], 0xfff5) close(r1) 14:13:32 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:32 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES32=r0], 0xffdd) 14:13:32 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:32 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES32=r0], 0xffdd) 14:13:32 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 14:13:32 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES32=r0], 0xffdd) [ 1904.548019][ T5742] FAULT_INJECTION: forcing a failure. [ 1904.548019][ T5742] name failslab, interval 1, probability 0, space 0, times 0 [ 1904.583743][ T5742] CPU: 1 PID: 5742 Comm: syz-executor.4 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 14:13:32 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1904.593822][ T5742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1904.603806][ T5742] Call Trace: [ 1904.606929][ T5742] [ 1904.609705][ T5742] dump_stack_lvl+0x151/0x1b7 [ 1904.614224][ T5742] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1904.619688][ T5742] dump_stack+0x15/0x17 [ 1904.623680][ T5742] should_fail+0x3c6/0x510 [ 1904.627939][ T5742] __should_failslab+0xa4/0xe0 [ 1904.632544][ T5742] ? dup_task_struct+0x53/0xc60 [ 1904.637306][ T5742] should_failslab+0x9/0x20 [ 1904.641648][ T5742] slab_pre_alloc_hook+0x37/0xd0 [ 1904.646419][ T5742] ? dup_task_struct+0x53/0xc60 [ 1904.651108][ T5742] kmem_cache_alloc+0x44/0x200 [ 1904.655796][ T5742] dup_task_struct+0x53/0xc60 [ 1904.660567][ T5742] ? __kasan_check_write+0x14/0x20 [ 1904.665515][ T5742] copy_process+0x5c4/0x3290 [ 1904.669942][ T5742] ? __kasan_check_write+0x14/0x20 [ 1904.674886][ T5742] ? proc_fail_nth_write+0x20b/0x290 [ 1904.680007][ T5742] ? selinux_file_permission+0x2c4/0x570 [ 1904.685477][ T5742] ? fsnotify_perm+0x6a/0x5d0 [ 1904.689992][ T5742] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1904.694943][ T5742] ? vfs_write+0x9ec/0x1110 [ 1904.699299][ T5742] kernel_clone+0x21e/0x9e0 [ 1904.703617][ T5742] ? file_end_write+0x1c0/0x1c0 [ 1904.708305][ T5742] ? create_io_thread+0x1e0/0x1e0 [ 1904.713255][ T5742] ? mutex_unlock+0xb2/0x260 [ 1904.717685][ T5742] ? __mutex_lock_slowpath+0x10/0x10 [ 1904.722799][ T5742] __x64_sys_clone+0x23f/0x290 [ 1904.727394][ T5742] ? __do_sys_vfork+0x130/0x130 [ 1904.732092][ T5742] ? ksys_write+0x260/0x2c0 [ 1904.736431][ T5742] ? debug_smp_processor_id+0x17/0x20 [ 1904.741627][ T5742] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1904.747527][ T5742] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1904.752994][ T5742] do_syscall_64+0x3d/0xb0 [ 1904.757249][ T5742] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1904.762978][ T5742] RIP: 0033:0x7f526caadda9 [ 1904.767230][ T5742] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1904.786671][ T5742] RSP: 002b:00007f526b82f078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:33 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 14:13:33 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) [ 1904.794915][ T5742] RAX: ffffffffffffffda RBX: 00007f526cbdbf80 RCX: 00007f526caadda9 [ 1904.802734][ T5742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1904.810798][ T5742] RBP: 00007f526b82f120 R08: 0000000000000000 R09: 0000000000000000 [ 1904.818611][ T5742] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1904.826422][ T5742] R13: 000000000000000b R14: 00007f526cbdbf80 R15: 00007ffd82b71b28 [ 1904.834237][ T5742] 14:13:33 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x4000000) [ 1904.887302][ T5750] FAULT_INJECTION: forcing a failure. [ 1904.887302][ T5750] name failslab, interval 1, probability 0, space 0, times 0 [ 1904.912918][ T5752] FAULT_INJECTION: forcing a failure. [ 1904.912918][ T5752] name failslab, interval 1, probability 0, space 0, times 0 [ 1904.917534][ T5750] CPU: 0 PID: 5750 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1904.935404][ T5750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1904.945300][ T5750] Call Trace: [ 1904.948426][ T5750] [ 1904.951196][ T5750] dump_stack_lvl+0x151/0x1b7 [ 1904.955712][ T5750] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1904.961182][ T5750] dump_stack+0x15/0x17 [ 1904.965174][ T5750] should_fail+0x3c6/0x510 [ 1904.969428][ T5750] __should_failslab+0xa4/0xe0 [ 1904.974024][ T5750] ? dup_task_struct+0x53/0xc60 [ 1904.978709][ T5750] should_failslab+0x9/0x20 [ 1904.983047][ T5750] slab_pre_alloc_hook+0x37/0xd0 [ 1904.987822][ T5750] ? dup_task_struct+0x53/0xc60 [ 1904.992509][ T5750] kmem_cache_alloc+0x44/0x200 [ 1904.997114][ T5750] dup_task_struct+0x53/0xc60 [ 1905.001624][ T5750] ? __kasan_check_write+0x14/0x20 [ 1905.006598][ T5750] copy_process+0x5c4/0x3290 [ 1905.011002][ T5750] ? __kasan_check_write+0x14/0x20 [ 1905.015960][ T5750] ? proc_fail_nth_write+0x20b/0x290 [ 1905.021075][ T5750] ? selinux_file_permission+0x2c4/0x570 [ 1905.026537][ T5750] ? fsnotify_perm+0x6a/0x5d0 [ 1905.031046][ T5750] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1905.035996][ T5750] ? vfs_write+0x9ec/0x1110 [ 1905.040337][ T5750] kernel_clone+0x21e/0x9e0 [ 1905.044674][ T5750] ? file_end_write+0x1c0/0x1c0 [ 1905.049364][ T5750] ? create_io_thread+0x1e0/0x1e0 [ 1905.054226][ T5750] ? mutex_unlock+0xb2/0x260 [ 1905.058646][ T5750] ? __mutex_lock_slowpath+0x10/0x10 [ 1905.063766][ T5750] __x64_sys_clone+0x23f/0x290 [ 1905.068376][ T5750] ? __do_sys_vfork+0x130/0x130 [ 1905.073054][ T5750] ? ksys_write+0x260/0x2c0 [ 1905.077395][ T5750] ? debug_smp_processor_id+0x17/0x20 [ 1905.082599][ T5750] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1905.088503][ T5750] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1905.093971][ T5750] do_syscall_64+0x3d/0xb0 [ 1905.098225][ T5750] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1905.103953][ T5750] RIP: 0033:0x7f895df3fda9 [ 1905.108206][ T5750] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1905.127647][ T5750] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:33 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:33 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1905.135979][ T5750] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1905.143794][ T5750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1905.151601][ T5750] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1905.159412][ T5750] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1905.167224][ T5750] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1905.175054][ T5750] [ 1905.193855][ T5752] CPU: 0 PID: 5752 Comm: syz-executor.4 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1905.203936][ T5752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1905.213832][ T5752] Call Trace: [ 1905.216954][ T5752] [ 1905.219733][ T5752] dump_stack_lvl+0x151/0x1b7 [ 1905.224245][ T5752] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1905.229805][ T5752] dump_stack+0x15/0x17 [ 1905.233795][ T5752] should_fail+0x3c6/0x510 [ 1905.238051][ T5752] __should_failslab+0xa4/0xe0 [ 1905.242646][ T5752] ? prepare_creds+0x2f/0x6a0 [ 1905.247164][ T5752] should_failslab+0x9/0x20 [ 1905.251506][ T5752] slab_pre_alloc_hook+0x37/0xd0 [ 1905.256281][ T5752] ? prepare_creds+0x2f/0x6a0 [ 1905.260784][ T5752] kmem_cache_alloc+0x44/0x200 [ 1905.265385][ T5752] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1905.270688][ T5752] prepare_creds+0x2f/0x6a0 [ 1905.275018][ T5752] copy_creds+0xf0/0x630 [ 1905.279100][ T5752] ? dup_task_struct+0x7e6/0xc60 [ 1905.283881][ T5752] copy_process+0x7c3/0x3290 [ 1905.288304][ T5752] ? __kasan_check_write+0x14/0x20 14:13:33 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) [ 1905.293770][ T5752] ? proc_fail_nth_write+0x20b/0x290 [ 1905.298900][ T5752] ? selinux_file_permission+0x2c4/0x570 [ 1905.304354][ T5752] ? fsnotify_perm+0x6a/0x5d0 [ 1905.308880][ T5752] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1905.313814][ T5752] ? vfs_write+0x9ec/0x1110 [ 1905.318159][ T5752] kernel_clone+0x21e/0x9e0 [ 1905.322506][ T5752] ? file_end_write+0x1c0/0x1c0 [ 1905.327268][ T5752] ? create_io_thread+0x1e0/0x1e0 [ 1905.332126][ T5752] ? mutex_unlock+0xb2/0x260 [ 1905.336593][ T5752] ? __mutex_lock_slowpath+0x10/0x10 [ 1905.341680][ T5752] __x64_sys_clone+0x23f/0x290 [ 1905.346272][ T5752] ? __do_sys_vfork+0x130/0x130 [ 1905.351059][ T5752] ? ksys_write+0x260/0x2c0 [ 1905.355386][ T5752] ? debug_smp_processor_id+0x17/0x20 [ 1905.360604][ T5752] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1905.366497][ T5752] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1905.371962][ T5752] do_syscall_64+0x3d/0xb0 [ 1905.376249][ T5752] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1905.381943][ T5752] RIP: 0033:0x7f526caadda9 [ 1905.386201][ T5752] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1905.405645][ T5752] RSP: 002b:00007f526b82f078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1905.413887][ T5752] RAX: ffffffffffffffda RBX: 00007f526cbdbf80 RCX: 00007f526caadda9 [ 1905.421695][ T5752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1905.429506][ T5752] RBP: 00007f526b82f120 R08: 0000000000000000 R09: 0000000000000000 14:13:33 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) [ 1905.437316][ T5752] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1905.445226][ T5752] R13: 000000000000000b R14: 00007f526cbdbf80 R15: 00007ffd82b71b28 [ 1905.453041][ T5752] [ 1905.459943][ T5764] FAULT_INJECTION: forcing a failure. [ 1905.459943][ T5764] name failslab, interval 1, probability 0, space 0, times 0 [ 1905.472524][ T5764] CPU: 0 PID: 5764 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1905.473408][ T5767] FAULT_INJECTION: forcing a failure. [ 1905.473408][ T5767] name failslab, interval 1, probability 0, space 0, times 0 [ 1905.482575][ T5764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1905.482594][ T5764] Call Trace: [ 1905.482601][ T5764] [ 1905.482609][ T5764] dump_stack_lvl+0x151/0x1b7 [ 1905.482635][ T5764] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1905.482654][ T5764] dump_stack+0x15/0x17 [ 1905.482669][ T5764] should_fail+0x3c6/0x510 [ 1905.529029][ T5764] __should_failslab+0xa4/0xe0 [ 1905.533619][ T5764] ? prepare_creds+0x2f/0x6a0 [ 1905.538129][ T5764] should_failslab+0x9/0x20 [ 1905.542471][ T5764] slab_pre_alloc_hook+0x37/0xd0 [ 1905.547244][ T5764] ? prepare_creds+0x2f/0x6a0 [ 1905.551752][ T5764] kmem_cache_alloc+0x44/0x200 [ 1905.556352][ T5764] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1905.561647][ T5764] prepare_creds+0x2f/0x6a0 [ 1905.566170][ T5764] copy_creds+0xf0/0x630 [ 1905.570240][ T5764] ? dup_task_struct+0x7e6/0xc60 [ 1905.575010][ T5764] copy_process+0x7c3/0x3290 [ 1905.579438][ T5764] ? __kasan_check_write+0x14/0x20 [ 1905.584385][ T5764] ? proc_fail_nth_write+0x20b/0x290 [ 1905.589507][ T5764] ? selinux_file_permission+0x2c4/0x570 [ 1905.594973][ T5764] ? fsnotify_perm+0x6a/0x5d0 [ 1905.599494][ T5764] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1905.604434][ T5764] ? vfs_write+0x9ec/0x1110 [ 1905.608772][ T5764] kernel_clone+0x21e/0x9e0 [ 1905.613110][ T5764] ? file_end_write+0x1c0/0x1c0 [ 1905.617800][ T5764] ? create_io_thread+0x1e0/0x1e0 [ 1905.622659][ T5764] ? mutex_unlock+0xb2/0x260 [ 1905.627094][ T5764] ? __mutex_lock_slowpath+0x10/0x10 [ 1905.632210][ T5764] __x64_sys_clone+0x23f/0x290 [ 1905.636806][ T5764] ? __do_sys_vfork+0x130/0x130 [ 1905.641495][ T5764] ? ksys_write+0x260/0x2c0 [ 1905.645834][ T5764] ? debug_smp_processor_id+0x17/0x20 [ 1905.651038][ T5764] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1905.656942][ T5764] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1905.662410][ T5764] do_syscall_64+0x3d/0xb0 [ 1905.666666][ T5764] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1905.672393][ T5764] RIP: 0033:0x7f895df3fda9 [ 1905.676643][ T5764] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1905.696088][ T5764] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1905.704329][ T5764] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1905.712139][ T5764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1905.719953][ T5764] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1905.727766][ T5764] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1905.735576][ T5764] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1905.743390][ T5764] [ 1905.747670][ T5767] CPU: 0 PID: 5767 Comm: syz-executor.4 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1905.757724][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1905.767616][ T5767] Call Trace: [ 1905.770742][ T5767] [ 1905.773520][ T5767] dump_stack_lvl+0x151/0x1b7 [ 1905.778031][ T5767] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1905.783502][ T5767] dump_stack+0x15/0x17 [ 1905.787492][ T5767] should_fail+0x3c6/0x510 [ 1905.791746][ T5767] __should_failslab+0xa4/0xe0 [ 1905.796344][ T5767] ? alloc_vmap_area+0x19e/0x1a80 [ 1905.801205][ T5767] should_failslab+0x9/0x20 [ 1905.805545][ T5767] slab_pre_alloc_hook+0x37/0xd0 [ 1905.810319][ T5767] ? alloc_vmap_area+0x19e/0x1a80 [ 1905.815178][ T5767] kmem_cache_alloc+0x44/0x200 [ 1905.819780][ T5767] alloc_vmap_area+0x19e/0x1a80 [ 1905.824480][ T5767] ? vm_map_ram+0xa90/0xa90 [ 1905.828806][ T5767] ? kmem_cache_alloc_trace+0x115/0x210 [ 1905.834219][ T5767] ? __get_vm_area_node+0x117/0x360 [ 1905.839231][ T5767] __get_vm_area_node+0x158/0x360 [ 1905.844084][ T5767] __vmalloc_node_range+0xe2/0x8d0 [ 1905.849034][ T5767] ? copy_process+0x5c4/0x3290 [ 1905.853635][ T5767] ? slab_post_alloc_hook+0x72/0x2c0 [ 1905.858749][ T5767] ? dup_task_struct+0x53/0xc60 [ 1905.863443][ T5767] ? dup_task_struct+0x53/0xc60 [ 1905.868122][ T5767] dup_task_struct+0x416/0xc60 [ 1905.872724][ T5767] ? copy_process+0x5c4/0x3290 [ 1905.877321][ T5767] ? __kasan_check_write+0x14/0x20 [ 1905.882271][ T5767] copy_process+0x5c4/0x3290 [ 1905.886696][ T5767] ? __kasan_check_write+0x14/0x20 [ 1905.891646][ T5767] ? proc_fail_nth_write+0x20b/0x290 [ 1905.896763][ T5767] ? selinux_file_permission+0x2c4/0x570 [ 1905.902232][ T5767] ? fsnotify_perm+0x6a/0x5d0 [ 1905.906746][ T5767] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1905.911695][ T5767] ? vfs_write+0x9ec/0x1110 [ 1905.916044][ T5767] kernel_clone+0x21e/0x9e0 [ 1905.920371][ T5767] ? file_end_write+0x1c0/0x1c0 [ 1905.925059][ T5767] ? create_io_thread+0x1e0/0x1e0 [ 1905.929918][ T5767] ? mutex_unlock+0xb2/0x260 [ 1905.934345][ T5767] ? __mutex_lock_slowpath+0x10/0x10 [ 1905.939474][ T5767] __x64_sys_clone+0x23f/0x290 [ 1905.944069][ T5767] ? __do_sys_vfork+0x130/0x130 [ 1905.948756][ T5767] ? ksys_write+0x260/0x2c0 [ 1905.953093][ T5767] ? debug_smp_processor_id+0x17/0x20 [ 1905.958311][ T5767] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1905.964209][ T5767] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1905.969673][ T5767] do_syscall_64+0x3d/0xb0 [ 1905.973924][ T5767] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1905.979654][ T5767] RIP: 0033:0x7f526caadda9 [ 1905.983905][ T5767] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1906.003344][ T5767] RSP: 002b:00007f526b82f078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1906.011591][ T5767] RAX: ffffffffffffffda RBX: 00007f526cbdbf80 RCX: 00007f526caadda9 [ 1906.019402][ T5767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1906.027214][ T5767] RBP: 00007f526b82f120 R08: 0000000000000000 R09: 0000000000000000 [ 1906.035112][ T5767] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 14:13:34 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e00)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x31e2577, '\x00', r1, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000fc0)='%pi6 \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000010c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000001040), &(0x7f0000001080)='%pI4 \x00'}, 0x20) r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', 0x0, 0x4000, r2}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000011c0), &(0x7f00000012c0)='%pi6 \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x16, 0x23, &(0x7f0000000ac0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @map_fd={0x18, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call, @ldst={0x1, 0x2, 0x2, 0x4, 0x7, 0x0, 0xffffffffffffffff}, @map_fd={0x18, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x86, &(0x7f0000000c80)=""/134, 0x41100, 0x4b, '\x00', r1, 0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000d80)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000dc0)={0x1, 0x3, 0xfffff001, 0x33c}, 0x10, 0xffffffffffffffff, r2, 0x6, &(0x7f0000001340)=[0xffffffffffffffff, r3, r4, r5, 0xffffffffffffffff, r6, r7, 0xffffffffffffffff, r8], &(0x7f0000001380)=[{0x4, 0x4, 0xe, 0x9}, {0x4, 0x2, 0x8}, {0x3, 0x1, 0x0, 0x9}, {0x1, 0x1, 0xd, 0xc}, {0x3, 0x4, 0x6, 0x5}, {0x8, 0x3, 0xc, 0xb}], 0x10, 0x99}, 0x90) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.events\x00', 0x0, 0x0) r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000500)={r9}, 0x8) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000740)=ANY=[@ANYRES64, @ANYBLOB="0000000008008032591d21a0a4000085000000aa00000018300000040000000000000000000000180000eddf3e0005000000b0080000060000008520000003000000180000002c06000000000000e1ce0000187ca0e4941b6f36570000060000000000008520000004000000000000000000020000ebce5a35e78b6edcfce0d61277f678994f1550ab9fa6d94f79ddc0e63e125ff594ccb03d72749f5cea59d770c755a13339900efd1a2d8df8c3d1392a66aaa6d7be36ba4434a4a5ea144d4a1368615bb2262818f92d2af5ac05f1e8ffff0000000095e547250097b2ab874c0dca4e31fe6216cd0f89dc4f46646f8d6050eec9de7e18f72f791874c5ebf119e77d401beb0c04da0d3cfd77d9a04a0199086a4bcb2dcd1c5b497db896a803000000767d51f983b5298c9b62b93bf915cb725dec688e06d761b524cd4b60b3b14d79a20846e64f19ebc1eced4aec3405f37d59986f3db13d3cc5440ae5dd3dc9c535bd51afe2548d753920d2997865d606846953dc0793a4bd5d79a46d45ab17c23e7e0cb5b0cb354200000000000022674a747879a29bfef5c82eb83086ca1630d32cfa58925858798b601a8a774b675e6f71f0b9cc1e8759ad43a11662908f038b9aebc044285d3e1c8c2d6493b80188f9d681c53c11c2da6cdb8fc1121838246e8b883f0c788ae2944761f1891dac80f725dbdd61a7f5085592c4ab7b8ede8f20cc2d943bdede056646aaf1cbf91c0b7956dbb2198129928c108fa3e40638c5e880000000eddb5b61d551352400cb8152457ab16dbd121cfef6e12c309d11625c247390a7cf6aced0a992762c41779a0934c8344010bb8528ab5b0d7157632dd903e6a310c851844a955e7e0cbc4d5dee1a43c1c3626882855b3d61e20449e112480ec188adf3cfb2daf9079e2224709190179541ed50e0abe6e04ee8b8e822ccc903c06e616e8d91f34ee01174078171a569beee92362759a44fa780c723393b39f3648b30ea535c933fdcccae7454b8c88b28d6d96d72016be35566524a9e7a2084b652"], &(0x7f0000000380)='GPL\x00', 0xb, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0xa, 0x1, 0x55e}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r10, 0x1, 0xffffffffffffffff]}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x0, 0x7, 0xe1ee, 0x0, 0xffffffffffffffff, 0x9, '\x00', r1, r10, 0x3, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r12, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:34 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1906.042926][ T5767] R13: 000000000000000b R14: 00007f526cbdbf80 R15: 00007ffd82b71b28 [ 1906.050738][ T5767] [ 1906.056428][ T5767] syz-executor.4: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 1906.078820][ T5767] CPU: 0 PID: 5767 Comm: syz-executor.4 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1906.089002][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1906.098897][ T5767] Call Trace: [ 1906.102016][ T5767] [ 1906.104795][ T5767] dump_stack_lvl+0x151/0x1b7 [ 1906.109318][ T5767] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1906.114783][ T5767] ? pr_cont_kernfs_name+0xf0/0x100 [ 1906.119818][ T5767] dump_stack+0x15/0x17 [ 1906.123798][ T5767] warn_alloc+0x21a/0x390 [ 1906.127966][ T5767] ? zone_watermark_ok_safe+0x270/0x270 [ 1906.133346][ T5767] ? __get_vm_area_node+0x16e/0x360 [ 1906.138380][ T5767] __vmalloc_node_range+0x2c1/0x8d0 [ 1906.143412][ T5767] ? slab_post_alloc_hook+0x72/0x2c0 [ 1906.148535][ T5767] ? dup_task_struct+0x53/0xc60 [ 1906.153224][ T5767] ? dup_task_struct+0x53/0xc60 [ 1906.158011][ T5767] dup_task_struct+0x416/0xc60 [ 1906.162597][ T5767] ? copy_process+0x5c4/0x3290 [ 1906.167197][ T5767] ? __kasan_check_write+0x14/0x20 [ 1906.172145][ T5767] copy_process+0x5c4/0x3290 [ 1906.176577][ T5767] ? __kasan_check_write+0x14/0x20 [ 1906.181516][ T5767] ? proc_fail_nth_write+0x20b/0x290 [ 1906.186647][ T5767] ? selinux_file_permission+0x2c4/0x570 [ 1906.192106][ T5767] ? fsnotify_perm+0x6a/0x5d0 [ 1906.196617][ T5767] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1906.201567][ T5767] ? vfs_write+0x9ec/0x1110 [ 1906.205908][ T5767] kernel_clone+0x21e/0x9e0 [ 1906.210243][ T5767] ? file_end_write+0x1c0/0x1c0 [ 1906.214940][ T5767] ? create_io_thread+0x1e0/0x1e0 [ 1906.219794][ T5767] ? mutex_unlock+0xb2/0x260 [ 1906.224219][ T5767] ? __mutex_lock_slowpath+0x10/0x10 [ 1906.229343][ T5767] __x64_sys_clone+0x23f/0x290 [ 1906.233950][ T5767] ? __do_sys_vfork+0x130/0x130 [ 1906.238625][ T5767] ? ksys_write+0x260/0x2c0 [ 1906.242965][ T5767] ? debug_smp_processor_id+0x17/0x20 [ 1906.248175][ T5767] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1906.254074][ T5767] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1906.259543][ T5767] do_syscall_64+0x3d/0xb0 [ 1906.263805][ T5767] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1906.269523][ T5767] RIP: 0033:0x7f526caadda9 [ 1906.273778][ T5767] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:34 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x5000000) 14:13:34 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) [ 1906.293217][ T5767] RSP: 002b:00007f526b82f078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1906.301471][ T5767] RAX: ffffffffffffffda RBX: 00007f526cbdbf80 RCX: 00007f526caadda9 [ 1906.309277][ T5767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1906.317091][ T5767] RBP: 00007f526b82f120 R08: 0000000000000000 R09: 0000000000000000 [ 1906.324908][ T5767] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1906.332711][ T5767] R13: 000000000000000b R14: 00007f526cbdbf80 R15: 00007ffd82b71b28 [ 1906.341482][ T5767] [ 1906.362615][ T5776] FAULT_INJECTION: forcing a failure. [ 1906.362615][ T5776] name failslab, interval 1, probability 0, space 0, times 0 [ 1906.371446][ T5767] Mem-Info: [ 1906.378099][ T5767] active_anon:40254 inactive_anon:90050 isolated_anon:0 [ 1906.378099][ T5767] active_file:8654 inactive_file:709 isolated_file:0 [ 1906.378099][ T5767] unevictable:0 dirty:1 writeback:0 [ 1906.378099][ T5767] slab_reclaimable:14269 slab_unreclaimable:70813 [ 1906.378099][ T5767] mapped:23791 shmem:12912 pagetables:746 bounce:0 [ 1906.378099][ T5767] kernel_misc_reclaimable:0 [ 1906.378099][ T5767] free:1439559 free_pcp:27088 free_cma:0 [ 1906.378113][ T5776] CPU: 0 PID: 5776 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1906.378140][ T5776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1906.378153][ T5776] Call Trace: [ 1906.419344][ T5776] [ 1906.419358][ T5776] dump_stack_lvl+0x151/0x1b7 [ 1906.419385][ T5776] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1906.419405][ T5776] dump_stack+0x15/0x17 [ 1906.419418][ T5776] should_fail+0x3c6/0x510 [ 1906.419439][ T5776] __should_failslab+0xa4/0xe0 [ 1906.419458][ T5776] ? alloc_vmap_area+0x19e/0x1a80 [ 1906.419476][ T5776] should_failslab+0x9/0x20 [ 1906.419492][ T5776] slab_pre_alloc_hook+0x37/0xd0 [ 1906.419513][ T5776] ? alloc_vmap_area+0x19e/0x1a80 [ 1906.419528][ T5776] kmem_cache_alloc+0x44/0x200 [ 1906.433939][ T5767] Node 0 active_anon:161016kB inactive_anon:360200kB active_file:34616kB inactive_file:2836kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:95164kB dirty:4kB writeback:0kB shmem:51648kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:7048kB pagetables:2984kB all_unreclaimable? no [ 1906.439448][ T5776] alloc_vmap_area+0x19e/0x1a80 [ 1906.439477][ T5776] ? vm_map_ram+0xa90/0xa90 [ 1906.439494][ T5776] ? kmem_cache_alloc_trace+0x115/0x210 [ 1906.443093][ T5767] DMA32 free:2946192kB min:62592kB low:78240kB high:93888kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2981436kB mlocked:0kB bounce:0kB free_pcp:29060kB local_pcp:14664kB free_cma:0kB [ 1906.445521][ T5776] ? __get_vm_area_node+0x117/0x360 [ 1906.450416][ T5767] lowmem_reserve[]: [ 1906.455590][ T5776] __get_vm_area_node+0x158/0x360 [ 1906.459754][ T5767] 0 [ 1906.463836][ T5776] __vmalloc_node_range+0xe2/0x8d0 [ 1906.468661][ T5767] 3941 [ 1906.473383][ T5776] ? copy_process+0x5c4/0x3290 [ 1906.479404][ T5767] 3941 [ 1906.482495][ T5776] ? slab_post_alloc_hook+0x72/0x2c0 [ 1906.482524][ T5776] ? dup_task_struct+0x53/0xc60 [ 1906.487758][ T5767] [ 1906.491958][ T5776] dup_task_struct+0x416/0xc60 [ 1906.491984][ T5776] ? copy_process+0x5c4/0x3290 [ 1906.522874][ T5767] Normal free:2811148kB min:84860kB low:106072kB high:127284kB reserved_highatomic:4096KB active_anon:161016kB inactive_anon:360400kB active_file:34616kB inactive_file:2836kB unevictable:0kB writepending:4kB present:5242880kB managed:4035848kB mlocked:0kB bounce:0kB free_pcp:79052kB local_pcp:48576kB free_cma:0kB [ 1906.527197][ T5776] ? __kasan_check_write+0x14/0x20 [ 1906.527222][ T5776] copy_process+0x5c4/0x3290 [ 1906.531762][ T5767] lowmem_reserve[]: [ 1906.536922][ T5776] ? __kasan_check_write+0x14/0x20 [ 1906.536944][ T5776] ? proc_fail_nth_write+0x20b/0x290 [ 1906.564491][ T5767] 0 [ 1906.569209][ T5776] ? selinux_file_permission+0x2c4/0x570 [ 1906.569236][ T5776] ? fsnotify_perm+0x6a/0x5d0 [ 1906.573077][ T5767] 0 [ 1906.577707][ T5776] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1906.577732][ T5776] ? vfs_write+0x9ec/0x1110 [ 1906.577750][ T5776] kernel_clone+0x21e/0x9e0 [ 1906.577765][ T5776] ? file_end_write+0x1c0/0x1c0 [ 1906.580376][ T5767] 0 [ 1906.584998][ T5776] ? create_io_thread+0x1e0/0x1e0 [ 1906.585021][ T5776] ? mutex_unlock+0xb2/0x260 [ 1906.587830][ T5767] [ 1906.592201][ T5776] ? __mutex_lock_slowpath+0x10/0x10 [ 1906.592227][ T5776] __x64_sys_clone+0x23f/0x290 [ 1906.594860][ T5767] DMA32: [ 1906.599928][ T5776] ? __do_sys_vfork+0x130/0x130 [ 1906.599948][ T5776] ? ksys_write+0x260/0x2c0 [ 1906.599966][ T5776] ? debug_smp_processor_id+0x17/0x20 [ 1906.599984][ T5776] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1906.605084][ T5767] 24*4kB [ 1906.606783][ T5776] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1906.606809][ T5776] do_syscall_64+0x3d/0xb0 [ 1906.611636][ T5767] (UM) 14:13:35 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) [ 1906.615984][ T5776] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1906.645544][ T5767] 18*8kB [ 1906.650180][ T5776] RIP: 0033:0x7f895df3fda9 [ 1906.650200][ T5776] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1906.650217][ T5776] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 [ 1906.654830][ T5767] (UM) [ 1906.658252][ T5776] ORIG_RAX: 0000000000000038 [ 1906.658262][ T5776] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1906.658274][ T5776] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1906.658286][ T5776] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1906.658297][ T5776] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1906.663658][ T5767] 6*16kB [ 1906.668318][ T5776] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1906.668338][ T5776] [ 1906.853073][ T5767] (UM) 10*32kB (UM) 6*64kB (UM) 7*128kB (UM) 9*256kB (UM) 8*512kB (UM) 7*1024kB (UM) 5*2048kB (UM) 713*4096kB (UM) = 2946192kB [ 1906.866394][ T5767] Normal: 6819*4kB (UME) 4814*8kB (UME) 5741*16kB (UME) 4154*32kB (UME) 2726*64kB (UMEH) 1897*128kB (UMEH) 1000*256kB (UMH) 702*512kB (UMH) 549*1024kB (UMEH) 112*2048kB (UMH) 170*4096kB (U) = 2811148kB [ 1906.866794][ T5780] FAULT_INJECTION: forcing a failure. [ 1906.866794][ T5780] name failslab, interval 1, probability 0, space 0, times 0 [ 1906.898646][ T5780] CPU: 1 PID: 5780 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1906.899490][ T5767] 27006 total pagecache pages [ 1906.908699][ T5780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1906.908711][ T5780] Call Trace: [ 1906.908717][ T5780] [ 1906.908723][ T5780] dump_stack_lvl+0x151/0x1b7 [ 1906.908746][ T5780] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1906.908766][ T5780] dump_stack+0x15/0x17 [ 1906.908779][ T5780] should_fail+0x3c6/0x510 [ 1906.947232][ T5780] __should_failslab+0xa4/0xe0 [ 1906.951829][ T5780] should_failslab+0x9/0x20 [ 1906.956190][ T5780] slab_pre_alloc_hook+0x37/0xd0 [ 1906.960945][ T5780] __kmalloc+0x6d/0x270 [ 1906.964935][ T5780] ? security_prepare_creds+0x4d/0x140 [ 1906.970315][ T5780] security_prepare_creds+0x4d/0x140 [ 1906.975436][ T5780] prepare_creds+0x472/0x6a0 [ 1906.979861][ T5780] copy_creds+0xf0/0x630 [ 1906.983945][ T5780] ? dup_task_struct+0x7e6/0xc60 [ 1906.988717][ T5780] copy_process+0x7c3/0x3290 [ 1906.993157][ T5780] ? __kasan_check_write+0x14/0x20 [ 1906.998209][ T5780] ? proc_fail_nth_write+0x20b/0x290 [ 1907.003325][ T5780] ? selinux_file_permission+0x2c4/0x570 [ 1907.008792][ T5780] ? fsnotify_perm+0x6a/0x5d0 [ 1907.013310][ T5780] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1907.018249][ T5780] ? vfs_write+0x9ec/0x1110 [ 1907.022587][ T5780] kernel_clone+0x21e/0x9e0 [ 1907.026926][ T5780] ? file_end_write+0x1c0/0x1c0 [ 1907.031613][ T5780] ? create_io_thread+0x1e0/0x1e0 [ 1907.036475][ T5780] ? mutex_unlock+0xb2/0x260 [ 1907.041077][ T5780] ? __mutex_lock_slowpath+0x10/0x10 [ 1907.046196][ T5780] __x64_sys_clone+0x23f/0x290 [ 1907.050883][ T5780] ? __do_sys_vfork+0x130/0x130 [ 1907.055569][ T5780] ? ksys_write+0x260/0x2c0 [ 1907.059917][ T5780] ? debug_smp_processor_id+0x17/0x20 [ 1907.065121][ T5780] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1907.071017][ T5780] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1907.076486][ T5780] do_syscall_64+0x3d/0xb0 [ 1907.080739][ T5780] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1907.086466][ T5780] RIP: 0033:0x7f895df3fda9 [ 1907.090722][ T5780] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1907.110161][ T5780] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1907.118407][ T5780] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1907.126227][ T5780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1907.134030][ T5780] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1907.141844][ T5780] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1907.149654][ T5780] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1907.157472][ T5780] [ 1907.161054][ T5767] 5274 pages in swap cache 14:13:35 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 14:13:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e00)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x31e2577, '\x00', r1, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000fc0)='%pi6 \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000010c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000001040), &(0x7f0000001080)='%pI4 \x00'}, 0x20) r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', 0x0, 0x4000, r2}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000011c0), &(0x7f00000012c0)='%pi6 \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x16, 0x23, &(0x7f0000000ac0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @map_fd={0x18, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call, @ldst={0x1, 0x2, 0x2, 0x4, 0x7, 0x0, 0xffffffffffffffff}, @map_fd={0x18, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x86, &(0x7f0000000c80)=""/134, 0x41100, 0x4b, '\x00', r1, 0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000d80)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000dc0)={0x1, 0x3, 0xfffff001, 0x33c}, 0x10, 0xffffffffffffffff, r2, 0x6, &(0x7f0000001340)=[0xffffffffffffffff, r3, r4, r5, 0xffffffffffffffff, r6, r7, 0xffffffffffffffff, r8], &(0x7f0000001380)=[{0x4, 0x4, 0xe, 0x9}, {0x4, 0x2, 0x8}, {0x3, 0x1, 0x0, 0x9}, {0x1, 0x1, 0xd, 0xc}, {0x3, 0x4, 0x6, 0x5}, {0x8, 0x3, 0xc, 0xb}], 0x10, 0x99}, 0x90) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.events\x00', 0x0, 0x0) r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000500)={r9}, 0x8) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000740)=ANY=[@ANYRES64, @ANYBLOB="0000000008008032591d21a0a4000085000000aa00000018300000040000000000000000000000180000eddf3e0005000000b0080000060000008520000003000000180000002c06000000000000e1ce0000187ca0e4941b6f36570000060000000000008520000004000000000000000000020000ebce5a35e78b6edcfce0d61277f678994f1550ab9fa6d94f79ddc0e63e125ff594ccb03d72749f5cea59d770c755a13339900efd1a2d8df8c3d1392a66aaa6d7be36ba4434a4a5ea144d4a1368615bb2262818f92d2af5ac05f1e8ffff0000000095e547250097b2ab874c0dca4e31fe6216cd0f89dc4f46646f8d6050eec9de7e18f72f791874c5ebf119e77d401beb0c04da0d3cfd77d9a04a0199086a4bcb2dcd1c5b497db896a803000000767d51f983b5298c9b62b93bf915cb725dec688e06d761b524cd4b60b3b14d79a20846e64f19ebc1eced4aec3405f37d59986f3db13d3cc5440ae5dd3dc9c535bd51afe2548d753920d2997865d606846953dc0793a4bd5d79a46d45ab17c23e7e0cb5b0cb354200000000000022674a747879a29bfef5c82eb83086ca1630d32cfa58925858798b601a8a774b675e6f71f0b9cc1e8759ad43a11662908f038b9aebc044285d3e1c8c2d6493b80188f9d681c53c11c2da6cdb8fc1121838246e8b883f0c788ae2944761f1891dac80f725dbdd61a7f5085592c4ab7b8ede8f20cc2d943bdede056646aaf1cbf91c0b7956dbb2198129928c108fa3e40638c5e880000000eddb5b61d551352400cb8152457ab16dbd121cfef6e12c309d11625c247390a7cf6aced0a992762c41779a0934c8344010bb8528ab5b0d7157632dd903e6a310c851844a955e7e0cbc4d5dee1a43c1c3626882855b3d61e20449e112480ec188adf3cfb2daf9079e2224709190179541ed50e0abe6e04ee8b8e822ccc903c06e616e8d91f34ee01174078171a569beee92362759a44fa780c723393b39f3648b30ea535c933fdcccae7454b8c88b28d6d96d72016be35566524a9e7a2084b652"], &(0x7f0000000380)='GPL\x00', 0xb, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0xa, 0x1, 0x55e}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r10, 0x1, 0xffffffffffffffff]}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x0, 0x7, 0xe1ee, 0x0, 0xffffffffffffffff, 0x9, '\x00', r1, r10, 0x3, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r12, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)}, 0x10) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e00)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x31e2577, '\x00', r1, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48) (async) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x48) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{}, &(0x7f0000000f00), &(0x7f0000000fc0)='%pi6 \x00'}, 0x20) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000010c0)={{0x1}, &(0x7f0000001040), &(0x7f0000001080)='%pI4 \x00'}, 0x20) (async) bpf$OBJ_GET_MAP(0x7, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', 0x0, 0x4000, r2}, 0x18) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{}, &(0x7f00000011c0), &(0x7f00000012c0)='%pi6 \x00'}, 0x20) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x16, 0x23, &(0x7f0000000ac0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @map_fd={0x18, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call, @ldst={0x1, 0x2, 0x2, 0x4, 0x7, 0x0, 0xffffffffffffffff}, @map_fd={0x18, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x86, &(0x7f0000000c80)=""/134, 0x41100, 0x4b, '\x00', r1, 0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000d80)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000dc0)={0x1, 0x3, 0xfffff001, 0x33c}, 0x10, 0xffffffffffffffff, r2, 0x6, &(0x7f0000001340)=[0xffffffffffffffff, r3, r4, r5, 0xffffffffffffffff, r6, r7, 0xffffffffffffffff, r8], &(0x7f0000001380)=[{0x4, 0x4, 0xe, 0x9}, {0x4, 0x2, 0x8}, {0x3, 0x1, 0x0, 0x9}, {0x1, 0x1, 0xd, 0xc}, {0x3, 0x4, 0x6, 0x5}, {0x8, 0x3, 0xc, 0xb}], 0x10, 0x99}, 0x90) (async) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.events\x00', 0x0, 0x0) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000500)={r9}, 0x8) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000740)=ANY=[@ANYRES64, @ANYBLOB="0000000008008032591d21a0a4000085000000aa00000018300000040000000000000000000000180000eddf3e0005000000b0080000060000008520000003000000180000002c06000000000000e1ce0000187ca0e4941b6f36570000060000000000008520000004000000000000000000020000ebce5a35e78b6edcfce0d61277f678994f1550ab9fa6d94f79ddc0e63e125ff594ccb03d72749f5cea59d770c755a13339900efd1a2d8df8c3d1392a66aaa6d7be36ba4434a4a5ea144d4a1368615bb2262818f92d2af5ac05f1e8ffff0000000095e547250097b2ab874c0dca4e31fe6216cd0f89dc4f46646f8d6050eec9de7e18f72f791874c5ebf119e77d401beb0c04da0d3cfd77d9a04a0199086a4bcb2dcd1c5b497db896a803000000767d51f983b5298c9b62b93bf915cb725dec688e06d761b524cd4b60b3b14d79a20846e64f19ebc1eced4aec3405f37d59986f3db13d3cc5440ae5dd3dc9c535bd51afe2548d753920d2997865d606846953dc0793a4bd5d79a46d45ab17c23e7e0cb5b0cb354200000000000022674a747879a29bfef5c82eb83086ca1630d32cfa58925858798b601a8a774b675e6f71f0b9cc1e8759ad43a11662908f038b9aebc044285d3e1c8c2d6493b80188f9d681c53c11c2da6cdb8fc1121838246e8b883f0c788ae2944761f1891dac80f725dbdd61a7f5085592c4ab7b8ede8f20cc2d943bdede056646aaf1cbf91c0b7956dbb2198129928c108fa3e40638c5e880000000eddb5b61d551352400cb8152457ab16dbd121cfef6e12c309d11625c247390a7cf6aced0a992762c41779a0934c8344010bb8528ab5b0d7157632dd903e6a310c851844a955e7e0cbc4d5dee1a43c1c3626882855b3d61e20449e112480ec188adf3cfb2daf9079e2224709190179541ed50e0abe6e04ee8b8e822ccc903c06e616e8d91f34ee01174078171a569beee92362759a44fa780c723393b39f3648b30ea535c933fdcccae7454b8c88b28d6d96d72016be35566524a9e7a2084b652"], &(0x7f0000000380)='GPL\x00', 0xb, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0xa, 0x1, 0x55e}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r10, 0x1, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x0, 0x7, 0xe1ee, 0x0, 0xffffffffffffffff, 0x9, '\x00', r1, r10, 0x3, 0x3}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) (async) recvmsg(r12, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) sendmsg$tipc(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async) 14:13:35 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1907.165763][ T5767] Swap cache stats: add 34289, delete 29015, find 84572/86856 [ 1907.173209][ T5767] Free swap = 102808kB [ 1907.177309][ T5767] Total swap = 124996kB [ 1907.184543][ T5767] 2097051 pages RAM [ 1907.189533][ T5782] FAULT_INJECTION: forcing a failure. [ 1907.189533][ T5782] name failslab, interval 1, probability 0, space 0, times 0 14:13:35 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x6000000) [ 1907.216738][ T5767] 0 pages HighMem/MovableOnly [ 1907.222327][ T5767] 342730 pages reserved [ 1907.226378][ T5767] 0 pages cma reserved [ 1907.227316][ T5782] CPU: 0 PID: 5782 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1907.240273][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1907.250173][ T5782] Call Trace: [ 1907.253304][ T5782] [ 1907.256069][ T5782] dump_stack_lvl+0x151/0x1b7 [ 1907.260583][ T5782] ? io_uring_drop_tctx_refs+0x190/0x190 14:13:35 executing program 4: syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8000002, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.266051][ T5782] dump_stack+0x15/0x17 [ 1907.270039][ T5782] should_fail+0x3c6/0x510 [ 1907.274385][ T5782] __should_failslab+0xa4/0xe0 [ 1907.278983][ T5782] should_failslab+0x9/0x20 [ 1907.283372][ T5782] slab_pre_alloc_hook+0x37/0xd0 [ 1907.288093][ T5782] kmem_cache_alloc_trace+0x48/0x210 [ 1907.293386][ T5782] ? alloc_fdtable+0xaf/0x2a0 [ 1907.297902][ T5782] alloc_fdtable+0xaf/0x2a0 [ 1907.302243][ T5782] dup_fd+0x759/0xb00 [ 1907.306068][ T5782] ? avc_has_perm+0x16f/0x260 [ 1907.310576][ T5782] copy_files+0xe6/0x200 14:13:35 executing program 4: syz_clone(0x8000007, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.314651][ T5782] ? perf_event_attrs+0x30/0x30 [ 1907.319339][ T5782] ? dup_task_struct+0xc60/0xc60 [ 1907.324116][ T5782] ? security_task_alloc+0xf9/0x130 [ 1907.329143][ T5782] copy_process+0x1080/0x3290 [ 1907.334356][ T5782] ? proc_fail_nth_write+0x20b/0x290 [ 1907.339477][ T5782] ? fsnotify_perm+0x6a/0x5d0 [ 1907.343998][ T5782] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1907.348933][ T5782] ? vfs_write+0x9ec/0x1110 [ 1907.353278][ T5782] kernel_clone+0x21e/0x9e0 [ 1907.357617][ T5782] ? file_end_write+0x1c0/0x1c0 [ 1907.362300][ T5782] ? create_io_thread+0x1e0/0x1e0 [ 1907.367162][ T5782] ? mutex_unlock+0xb2/0x260 [ 1907.371587][ T5782] ? __mutex_lock_slowpath+0x10/0x10 [ 1907.376712][ T5782] __x64_sys_clone+0x23f/0x290 [ 1907.381307][ T5782] ? __do_sys_vfork+0x130/0x130 [ 1907.386004][ T5782] ? ksys_write+0x260/0x2c0 [ 1907.390335][ T5782] ? debug_smp_processor_id+0x17/0x20 [ 1907.395542][ T5782] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1907.401442][ T5782] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1907.406925][ T5782] do_syscall_64+0x3d/0xb0 [ 1907.411165][ T5782] entry_SYSCALL_64_after_hwframe+0x61/0xcb 14:13:35 executing program 4: syz_clone(0x8000008, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8000009, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.416893][ T5782] RIP: 0033:0x7f895df3fda9 [ 1907.421151][ T5782] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1907.440686][ T5782] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1907.448924][ T5782] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1907.456840][ T5782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:35 executing program 4: syz_clone(0x8000011, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8000070, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) 14:13:35 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:35 executing program 4: syz_clone(0x8000700, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.464643][ T5782] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1907.472454][ T5782] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1907.480262][ T5782] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1907.488179][ T5782] 14:13:35 executing program 4: syz_clone(0x8000900, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8001100, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8001f00, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.528039][ T5828] FAULT_INJECTION: forcing a failure. [ 1907.528039][ T5828] name failslab, interval 1, probability 0, space 0, times 0 [ 1907.553277][ T5828] CPU: 0 PID: 5828 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1907.563349][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1907.573256][ T5828] Call Trace: 14:13:35 executing program 4: syz_clone(0x8002000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0x8007000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.576370][ T5828] [ 1907.579149][ T5828] dump_stack_lvl+0x151/0x1b7 [ 1907.583669][ T5828] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1907.589127][ T5828] dump_stack+0x15/0x17 [ 1907.593120][ T5828] should_fail+0x3c6/0x510 [ 1907.597376][ T5828] __should_failslab+0xa4/0xe0 [ 1907.601976][ T5828] should_failslab+0x9/0x20 [ 1907.606314][ T5828] slab_pre_alloc_hook+0x37/0xd0 [ 1907.611090][ T5828] __kmalloc+0x6d/0x270 [ 1907.615176][ T5828] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1907.620392][ T5828] __vmalloc_node_range+0x2d6/0x8d0 14:13:35 executing program 4: syz_clone(0xb000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:35 executing program 4: syz_clone(0xc000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1907.625420][ T5828] ? dup_task_struct+0x53/0xc60 [ 1907.630104][ T5828] ? dup_task_struct+0x53/0xc60 [ 1907.634793][ T5828] dup_task_struct+0x416/0xc60 [ 1907.639388][ T5828] ? copy_process+0x5c4/0x3290 [ 1907.643985][ T5828] ? __kasan_check_write+0x14/0x20 [ 1907.648949][ T5828] copy_process+0x5c4/0x3290 [ 1907.653369][ T5828] ? __kasan_check_write+0x14/0x20 [ 1907.658315][ T5828] ? proc_fail_nth_write+0x20b/0x290 [ 1907.663430][ T5828] ? selinux_file_permission+0x2c4/0x570 [ 1907.668897][ T5828] ? fsnotify_perm+0x6a/0x5d0 [ 1907.673418][ T5828] ? pidfd_show_fdinfo+0x2b0/0x2b0 14:13:36 executing program 4: syz_clone(0x1f000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0xd1c41a00, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x2, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x7, 0x0, 0x0, 0x0) [ 1907.678363][ T5828] ? vfs_write+0x9ec/0x1110 [ 1907.682706][ T5828] kernel_clone+0x21e/0x9e0 [ 1907.687041][ T5828] ? file_end_write+0x1c0/0x1c0 [ 1907.691762][ T5828] ? create_io_thread+0x1e0/0x1e0 [ 1907.696587][ T5828] ? mutex_unlock+0xb2/0x260 [ 1907.701018][ T5828] ? __mutex_lock_slowpath+0x10/0x10 [ 1907.706140][ T5828] __x64_sys_clone+0x23f/0x290 [ 1907.710754][ T5828] ? __do_sys_vfork+0x130/0x130 [ 1907.715423][ T5828] ? ksys_write+0x260/0x2c0 [ 1907.719766][ T5828] ? debug_smp_processor_id+0x17/0x20 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x8, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x9, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x11, 0x0, 0x0, 0x0) [ 1907.724970][ T5828] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1907.730902][ T5828] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1907.736340][ T5828] do_syscall_64+0x3d/0xb0 [ 1907.740596][ T5828] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1907.746410][ T5828] RIP: 0033:0x7f895df3fda9 [ 1907.750660][ T5828] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1907.770197][ T5828] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x70, 0x0, 0x0, 0x0) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x700, 0x0, 0x0, 0x0) 14:13:36 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 14:13:36 executing program 4: syz_clone(0x8000000, 0x0, 0x900, 0x0, 0x0, 0x0) [ 1907.778532][ T5828] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1907.786341][ T5828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1907.794156][ T5828] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1907.801963][ T5828] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1907.809772][ T5828] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1907.817592][ T5828] [ 1907.849347][ T5868] FAULT_INJECTION: forcing a failure. [ 1907.849347][ T5868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1907.862867][ T5868] CPU: 1 PID: 5868 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1907.872926][ T5868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1907.882820][ T5868] Call Trace: [ 1907.886031][ T5868] [ 1907.888807][ T5868] dump_stack_lvl+0x151/0x1b7 [ 1907.893321][ T5868] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1907.898789][ T5868] ? __stack_depot_save+0x34/0x470 [ 1907.903735][ T5868] ? __kasan_slab_alloc+0x63/0xe0 [ 1907.908596][ T5868] dump_stack+0x15/0x17 [ 1907.912587][ T5868] should_fail+0x3c6/0x510 [ 1907.916845][ T5868] should_fail_alloc_page+0x5a/0x80 [ 1907.921878][ T5868] prepare_alloc_pages+0x15c/0x700 [ 1907.926823][ T5868] ? __alloc_pages_bulk+0xe40/0xe40 [ 1907.931856][ T5868] __alloc_pages+0x18c/0x8f0 [ 1907.936285][ T5868] ? prep_new_page+0x110/0x110 [ 1907.940884][ T5868] ? __kasan_kmalloc+0x9/0x10 [ 1907.945396][ T5868] ? __kmalloc+0x13a/0x270 [ 1907.949650][ T5868] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1907.954855][ T5868] __vmalloc_node_range+0x482/0x8d0 [ 1907.959893][ T5868] dup_task_struct+0x416/0xc60 [ 1907.964492][ T5868] ? copy_process+0x5c4/0x3290 [ 1907.969096][ T5868] ? __kasan_check_write+0x14/0x20 [ 1907.974043][ T5868] copy_process+0x5c4/0x3290 [ 1907.978467][ T5868] ? __kasan_check_write+0x14/0x20 [ 1907.983499][ T5868] ? proc_fail_nth_write+0x20b/0x290 [ 1907.988621][ T5868] ? selinux_file_permission+0x2c4/0x570 [ 1907.994095][ T5868] ? fsnotify_perm+0x6a/0x5d0 [ 1907.998606][ T5868] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1908.003548][ T5868] ? vfs_write+0x9ec/0x1110 [ 1908.007888][ T5868] kernel_clone+0x21e/0x9e0 [ 1908.012228][ T5868] ? file_end_write+0x1c0/0x1c0 [ 1908.016915][ T5868] ? create_io_thread+0x1e0/0x1e0 [ 1908.021782][ T5868] ? mutex_unlock+0xb2/0x260 [ 1908.026201][ T5868] ? __mutex_lock_slowpath+0x10/0x10 [ 1908.031324][ T5868] __x64_sys_clone+0x23f/0x290 [ 1908.035931][ T5868] ? __do_sys_vfork+0x130/0x130 [ 1908.040609][ T5868] ? ksys_write+0x260/0x2c0 [ 1908.044949][ T5868] ? debug_smp_processor_id+0x17/0x20 [ 1908.050155][ T5868] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1908.056060][ T5868] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1908.061614][ T5868] do_syscall_64+0x3d/0xb0 [ 1908.065866][ T5868] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1908.071609][ T5868] RIP: 0033:0x7f895df3fda9 [ 1908.075849][ T5868] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1908.096432][ T5868] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1908.104670][ T5868] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1908.112480][ T5868] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1908.120291][ T5868] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1908.128185][ T5868] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1908.135995][ T5868] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1908.143811][ T5868] 14:13:43 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e00)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x31e2577, '\x00', r1, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000fc0)='%pi6 \x00'}, 0x20) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000010c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000001040), &(0x7f0000001080)='%pI4 \x00'}, 0x20) (async, rerun: 32) r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', 0x0, 0x4000, r2}, 0x18) (rerun: 32) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000011c0), &(0x7f00000012c0)='%pi6 \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x16, 0x23, &(0x7f0000000ac0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @map_fd={0x18, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call, @ldst={0x1, 0x2, 0x2, 0x4, 0x7, 0x0, 0xffffffffffffffff}, @map_fd={0x18, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x86, &(0x7f0000000c80)=""/134, 0x41100, 0x4b, '\x00', r1, 0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000d80)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000dc0)={0x1, 0x3, 0xfffff001, 0x33c}, 0x10, 0xffffffffffffffff, r2, 0x6, &(0x7f0000001340)=[0xffffffffffffffff, r3, r4, r5, 0xffffffffffffffff, r6, r7, 0xffffffffffffffff, r8], &(0x7f0000001380)=[{0x4, 0x4, 0xe, 0x9}, {0x4, 0x2, 0x8}, {0x3, 0x1, 0x0, 0x9}, {0x1, 0x1, 0xd, 0xc}, {0x3, 0x4, 0x6, 0x5}, {0x8, 0x3, 0xc, 0xb}], 0x10, 0x99}, 0x90) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.events\x00', 0x0, 0x0) r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000500)={r9}, 0x8) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000740)=ANY=[@ANYRES64, @ANYBLOB="0000000008008032591d21a0a4000085000000aa00000018300000040000000000000000000000180000eddf3e0005000000b0080000060000008520000003000000180000002c06000000000000e1ce0000187ca0e4941b6f36570000060000000000008520000004000000000000000000020000ebce5a35e78b6edcfce0d61277f678994f1550ab9fa6d94f79ddc0e63e125ff594ccb03d72749f5cea59d770c755a13339900efd1a2d8df8c3d1392a66aaa6d7be36ba4434a4a5ea144d4a1368615bb2262818f92d2af5ac05f1e8ffff0000000095e547250097b2ab874c0dca4e31fe6216cd0f89dc4f46646f8d6050eec9de7e18f72f791874c5ebf119e77d401beb0c04da0d3cfd77d9a04a0199086a4bcb2dcd1c5b497db896a803000000767d51f983b5298c9b62b93bf915cb725dec688e06d761b524cd4b60b3b14d79a20846e64f19ebc1eced4aec3405f37d59986f3db13d3cc5440ae5dd3dc9c535bd51afe2548d753920d2997865d606846953dc0793a4bd5d79a46d45ab17c23e7e0cb5b0cb354200000000000022674a747879a29bfef5c82eb83086ca1630d32cfa58925858798b601a8a774b675e6f71f0b9cc1e8759ad43a11662908f038b9aebc044285d3e1c8c2d6493b80188f9d681c53c11c2da6cdb8fc1121838246e8b883f0c788ae2944761f1891dac80f725dbdd61a7f5085592c4ab7b8ede8f20cc2d943bdede056646aaf1cbf91c0b7956dbb2198129928c108fa3e40638c5e880000000eddb5b61d551352400cb8152457ab16dbd121cfef6e12c309d11625c247390a7cf6aced0a992762c41779a0934c8344010bb8528ab5b0d7157632dd903e6a310c851844a955e7e0cbc4d5dee1a43c1c3626882855b3d61e20449e112480ec188adf3cfb2daf9079e2224709190179541ed50e0abe6e04ee8b8e822ccc903c06e616e8d91f34ee01174078171a569beee92362759a44fa780c723393b39f3648b30ea535c933fdcccae7454b8c88b28d6d96d72016be35566524a9e7a2084b652"], &(0x7f0000000380)='GPL\x00', 0xb, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0xa, 0x1, 0x55e}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r10, 0x1, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x0, 0x7, 0xe1ee, 0x0, 0xffffffffffffffff, 0x9, '\x00', r1, r10, 0x3, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10) (async, rerun: 32) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r12, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async, rerun: 32) sendmsg$tipc(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (rerun: 32) 14:13:43 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:43 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x7000000) 14:13:43 executing program 4: syz_clone(0x8000000, 0x0, 0x1100, 0x0, 0x0, 0x0) 14:13:43 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) [ 1915.511831][ T5884] FAULT_INJECTION: forcing a failure. [ 1915.511831][ T5884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1915.530359][ T5884] CPU: 0 PID: 5884 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1915.540527][ T5884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1915.550430][ T5884] Call Trace: [ 1915.553558][ T5884] [ 1915.556317][ T5884] dump_stack_lvl+0x151/0x1b7 [ 1915.560833][ T5884] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1915.566302][ T5884] ? __stack_depot_save+0x34/0x470 [ 1915.571249][ T5884] dump_stack+0x15/0x17 [ 1915.575239][ T5884] should_fail+0x3c6/0x510 [ 1915.579494][ T5884] should_fail_alloc_page+0x5a/0x80 [ 1915.584526][ T5884] prepare_alloc_pages+0x15c/0x700 [ 1915.589474][ T5884] ? __alloc_pages+0x8f0/0x8f0 [ 1915.594075][ T5884] ? __alloc_pages_bulk+0xe40/0xe40 [ 1915.599108][ T5884] __alloc_pages+0x18c/0x8f0 [ 1915.603533][ T5884] ? prep_new_page+0x110/0x110 [ 1915.608760][ T5884] ? __kasan_kmalloc+0x9/0x10 [ 1915.613255][ T5884] ? __kmalloc+0x13a/0x270 [ 1915.617506][ T5884] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1915.622730][ T5884] __vmalloc_node_range+0x482/0x8d0 [ 1915.627749][ T5884] dup_task_struct+0x416/0xc60 [ 1915.632350][ T5884] ? copy_process+0x5c4/0x3290 [ 1915.636962][ T5884] ? __kasan_check_write+0x14/0x20 [ 1915.641897][ T5884] copy_process+0x5c4/0x3290 [ 1915.646324][ T5884] ? __kasan_check_write+0x14/0x20 [ 1915.651271][ T5884] ? proc_fail_nth_write+0x20b/0x290 [ 1915.656389][ T5884] ? selinux_file_permission+0x2c4/0x570 [ 1915.661868][ T5884] ? fsnotify_perm+0x6a/0x5d0 [ 1915.666380][ T5884] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1915.671342][ T5884] ? vfs_write+0x9ec/0x1110 [ 1915.675676][ T5884] kernel_clone+0x21e/0x9e0 [ 1915.680002][ T5884] ? file_end_write+0x1c0/0x1c0 [ 1915.684686][ T5884] ? create_io_thread+0x1e0/0x1e0 [ 1915.689543][ T5884] ? mutex_unlock+0xb2/0x260 [ 1915.693971][ T5884] ? __mutex_lock_slowpath+0x10/0x10 [ 1915.699094][ T5884] __x64_sys_clone+0x23f/0x290 [ 1915.703715][ T5884] ? __do_sys_vfork+0x130/0x130 [ 1915.708377][ T5884] ? ksys_write+0x260/0x2c0 [ 1915.712721][ T5884] ? debug_smp_processor_id+0x17/0x20 [ 1915.717925][ T5884] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1915.723827][ T5884] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1915.729297][ T5884] do_syscall_64+0x3d/0xb0 [ 1915.733549][ T5884] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1915.739277][ T5884] RIP: 0033:0x7f895df3fda9 [ 1915.743533][ T5884] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1915.762974][ T5884] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1915.771218][ T5884] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1915.779027][ T5884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1915.787125][ T5884] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1915.794912][ T5884] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1915.802723][ T5884] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x1f00, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x2000, 0x0, 0x0, 0x0) 14:13:44 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) [ 1915.810539][ T5884] 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x7000, 0x0, 0x0, 0x0) [ 1915.866913][ T5898] FAULT_INJECTION: forcing a failure. [ 1915.866913][ T5898] name failslab, interval 1, probability 0, space 0, times 0 [ 1915.883702][ T5898] CPU: 1 PID: 5898 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1915.893768][ T5898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1915.903660][ T5898] Call Trace: [ 1915.906782][ T5898] [ 1915.909560][ T5898] dump_stack_lvl+0x151/0x1b7 [ 1915.914099][ T5898] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1915.919543][ T5898] dump_stack+0x15/0x17 [ 1915.923535][ T5898] should_fail+0x3c6/0x510 [ 1915.927787][ T5898] __should_failslab+0xa4/0xe0 [ 1915.932387][ T5898] ? copy_sighand+0x54/0x250 [ 1915.936813][ T5898] should_failslab+0x9/0x20 [ 1915.941154][ T5898] slab_pre_alloc_hook+0x37/0xd0 [ 1915.945925][ T5898] ? copy_sighand+0x54/0x250 [ 1915.950351][ T5898] kmem_cache_alloc+0x44/0x200 [ 1915.954955][ T5898] copy_sighand+0x54/0x250 [ 1915.959208][ T5898] copy_process+0x10d6/0x3290 [ 1915.963720][ T5898] ? proc_fail_nth_write+0x20b/0x290 [ 1915.968842][ T5898] ? fsnotify_perm+0x6a/0x5d0 [ 1915.973352][ T5898] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1915.978303][ T5898] ? vfs_write+0x9ec/0x1110 [ 1915.982641][ T5898] kernel_clone+0x21e/0x9e0 [ 1915.986982][ T5898] ? file_end_write+0x1c0/0x1c0 [ 1915.991666][ T5898] ? create_io_thread+0x1e0/0x1e0 [ 1915.996526][ T5898] ? mutex_unlock+0xb2/0x260 [ 1916.000953][ T5898] ? __mutex_lock_slowpath+0x10/0x10 [ 1916.006076][ T5898] __x64_sys_clone+0x23f/0x290 [ 1916.010852][ T5898] ? __do_sys_vfork+0x130/0x130 [ 1916.015533][ T5898] ? ksys_write+0x260/0x2c0 [ 1916.019875][ T5898] ? debug_smp_processor_id+0x17/0x20 [ 1916.025081][ T5898] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1916.030985][ T5898] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1916.036456][ T5898] do_syscall_64+0x3d/0xb0 [ 1916.040704][ T5898] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1916.046432][ T5898] RIP: 0033:0x7f895df3fda9 [ 1916.050690][ T5898] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1916.070153][ T5898] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1916.078374][ T5898] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1916.086185][ T5898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1916.093994][ T5898] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1916.101805][ T5898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1916.109617][ T5898] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 14:13:44 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:44 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x10fff, 0x0, 0x0, 0x0) [ 1916.117435][ T5898] 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x20010, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x20200, 0x0, 0x0, 0x0) [ 1916.159273][ T5904] FAULT_INJECTION: forcing a failure. [ 1916.159273][ T5904] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1916.176501][ T5904] CPU: 1 PID: 5904 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1916.186580][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1916.196559][ T5904] Call Trace: [ 1916.199688][ T5904] [ 1916.202460][ T5904] dump_stack_lvl+0x151/0x1b7 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x80000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x101000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x700000, 0x0, 0x0, 0x0) [ 1916.206976][ T5904] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1916.212443][ T5904] ? __stack_depot_save+0x34/0x470 [ 1916.217392][ T5904] dump_stack+0x15/0x17 [ 1916.221383][ T5904] should_fail+0x3c6/0x510 [ 1916.225641][ T5904] should_fail_alloc_page+0x5a/0x80 [ 1916.230668][ T5904] prepare_alloc_pages+0x15c/0x700 [ 1916.235619][ T5904] ? __alloc_pages+0x8f0/0x8f0 [ 1916.240220][ T5904] ? __alloc_pages_bulk+0xe40/0xe40 [ 1916.245256][ T5904] __alloc_pages+0x18c/0x8f0 [ 1916.249765][ T5904] ? prep_new_page+0x110/0x110 [ 1916.254385][ T5904] ? __kasan_kmalloc+0x9/0x10 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0xf0ff1f, 0x0, 0x0, 0x0) [ 1916.258881][ T5904] ? __kmalloc+0x13a/0x270 [ 1916.263130][ T5904] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1916.268340][ T5904] __vmalloc_node_range+0x482/0x8d0 [ 1916.273371][ T5904] dup_task_struct+0x416/0xc60 [ 1916.277964][ T5904] ? copy_process+0x5c4/0x3290 [ 1916.282567][ T5904] ? __kasan_check_write+0x14/0x20 [ 1916.287514][ T5904] copy_process+0x5c4/0x3290 [ 1916.291940][ T5904] ? __kasan_check_write+0x14/0x20 [ 1916.296898][ T5904] ? proc_fail_nth_write+0x20b/0x290 [ 1916.302017][ T5904] ? selinux_file_permission+0x2c4/0x570 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x1000000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x2000000, 0x0, 0x0, 0x0) [ 1916.307478][ T5904] ? fsnotify_perm+0x6a/0x5d0 [ 1916.311988][ T5904] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1916.316934][ T5904] ? vfs_write+0x9ec/0x1110 [ 1916.321279][ T5904] kernel_clone+0x21e/0x9e0 [ 1916.325622][ T5904] ? file_end_write+0x1c0/0x1c0 [ 1916.330308][ T5904] ? create_io_thread+0x1e0/0x1e0 [ 1916.335181][ T5904] ? mutex_unlock+0xb2/0x260 [ 1916.339614][ T5904] ? __mutex_lock_slowpath+0x10/0x10 [ 1916.344716][ T5904] __x64_sys_clone+0x23f/0x290 [ 1916.349314][ T5904] ? __do_sys_vfork+0x130/0x130 [ 1916.354174][ T5904] ? ksys_write+0x260/0x2c0 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x7000000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x8000000, 0x0, 0x0, 0x0) [ 1916.358522][ T5904] ? debug_smp_processor_id+0x17/0x20 [ 1916.363813][ T5904] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1916.369714][ T5904] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1916.375181][ T5904] do_syscall_64+0x3d/0xb0 [ 1916.379433][ T5904] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1916.385245][ T5904] RIP: 0033:0x7f895df3fda9 [ 1916.389504][ T5904] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x9000000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x10000200, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x11000000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x1f000000, 0x0, 0x0, 0x0) 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x1ffff000, 0x0, 0x0, 0x0) 14:13:44 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) [ 1916.408943][ T5904] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1916.417184][ T5904] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1916.425001][ T5904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1916.432808][ T5904] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1916.440625][ T5904] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1916.448432][ T5904] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1916.456250][ T5904] 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x20000000, 0x0, 0x0, 0x0) 14:13:44 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x8000000) 14:13:44 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1916.488594][ T5938] FAULT_INJECTION: forcing a failure. [ 1916.488594][ T5938] name failslab, interval 1, probability 0, space 0, times 0 [ 1916.510319][ T5938] CPU: 1 PID: 5938 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1916.520398][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1916.530291][ T5938] Call Trace: [ 1916.533409][ T5938] [ 1916.536191][ T5938] dump_stack_lvl+0x151/0x1b7 [ 1916.540725][ T5938] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1916.546167][ T5938] ? slab_post_alloc_hook+0x53/0x2c0 [ 1916.551292][ T5938] ? kernel_clone+0x21e/0x9e0 [ 1916.555803][ T5938] ? do_syscall_64+0x3d/0xb0 [ 1916.560230][ T5938] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1916.566133][ T5938] dump_stack+0x15/0x17 [ 1916.570123][ T5938] should_fail+0x3c6/0x510 [ 1916.574374][ T5938] __should_failslab+0xa4/0xe0 [ 1916.578979][ T5938] ? copy_mm+0x192/0x13e0 [ 1916.583144][ T5938] should_failslab+0x9/0x20 14:13:44 executing program 4: syz_clone(0x8000000, 0x0, 0x3cc802a0, 0x0, 0x0, 0x0) [ 1916.587484][ T5938] slab_pre_alloc_hook+0x37/0xd0 [ 1916.592258][ T5938] ? copy_mm+0x192/0x13e0 [ 1916.596422][ T5938] kmem_cache_alloc+0x44/0x200 [ 1916.601024][ T5938] copy_mm+0x192/0x13e0 [ 1916.605019][ T5938] ? _raw_spin_lock+0xa4/0x1b0 [ 1916.609619][ T5938] ? copy_signal+0x610/0x610 [ 1916.614044][ T5938] ? __kasan_check_write+0x14/0x20 [ 1916.618991][ T5938] ? __init_rwsem+0xd6/0x1c0 [ 1916.623418][ T5938] ? copy_signal+0x4e3/0x610 [ 1916.627843][ T5938] copy_process+0x1149/0x3290 [ 1916.632362][ T5938] ? proc_fail_nth_write+0x20b/0x290 [ 1916.637576][ T5938] ? fsnotify_perm+0x6a/0x5d0 [ 1916.642088][ T5938] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1916.647036][ T5938] ? vfs_write+0x9ec/0x1110 [ 1916.651379][ T5938] kernel_clone+0x21e/0x9e0 [ 1916.655718][ T5938] ? file_end_write+0x1c0/0x1c0 [ 1916.660403][ T5938] ? create_io_thread+0x1e0/0x1e0 [ 1916.665262][ T5938] ? mutex_unlock+0xb2/0x260 [ 1916.669690][ T5938] ? __mutex_lock_slowpath+0x10/0x10 [ 1916.674809][ T5938] __x64_sys_clone+0x23f/0x290 [ 1916.679410][ T5938] ? __do_sys_vfork+0x130/0x130 [ 1916.684095][ T5938] ? ksys_write+0x260/0x2c0 [ 1916.688446][ T5938] ? debug_smp_processor_id+0x17/0x20 [ 1916.693643][ T5938] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1916.699549][ T5938] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1916.705017][ T5938] do_syscall_64+0x3d/0xb0 [ 1916.709274][ T5938] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1916.715342][ T5938] RIP: 0033:0x7f895df3fda9 [ 1916.719613][ T5938] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xa0028de8, 0x0, 0x0, 0x0) 14:13:45 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="6c3abe16", @ANYRES32=r1, @ANYBLOB="00000000000000005562c0fffcffffff5353000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) close(r6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x9, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000001c000000000101000002a10100f0ffffff183300000000000000000000000000004d00b600fcffffff1837000001000000000000000000000095000400000000002081564c2bc6c8377e60", @ANYRESHEX=r5], 0x0, 0x800, 0x3, &(0x7f00000004c0)=""/3, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x2, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6], 0x0, 0x10, 0x8001}, 0x90) openat$cgroup_ro(r6, &(0x7f0000000600)='memory.events\x00', 0x0, 0x0) r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4010, r3}, 0x18) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_ext={0x1c, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10000}, [@generic={0xfe, 0xa, 0x2, 0x80, 0x7fffffff}, @map_fd={0x18, 0xa, 0x1, 0x0, r0}]}, &(0x7f0000000300)='syzkaller\x00', 0x26, 0x36, &(0x7f0000000340)=""/54, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x5, 0xc, 0x8, 0x80000000}, 0x10, 0x20dc6, r7, 0x8, &(0x7f0000000480)=[r1], &(0x7f00000004c0)=[{0x5, 0x3, 0xa, 0x5}, {0x4, 0x4, 0x3, 0x3}, {0x0, 0x5, 0x8, 0xb}, {0x3, 0x2, 0x8, 0x2}, {0x2, 0x1, 0x3, 0xc}, {0x4, 0x3, 0x1, 0x5}, {0x5, 0x5, 0xa, 0x6}, {0x1, 0x5, 0x0, 0x9}], 0x10, 0x10001}, 0x90) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r8, &(0x7f0000000740)='blkio.bfq.empty_time\x00', 0x0, 0x0) 14:13:45 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) [ 1916.739044][ T5938] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1916.747278][ T5938] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1916.755089][ T5938] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1916.762900][ T5938] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1916.770723][ T5938] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1916.778609][ T5938] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1916.786441][ T5938] 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xa002c83c, 0x0, 0x0, 0x0) [ 1916.811027][ T5954] FAULT_INJECTION: forcing a failure. [ 1916.811027][ T5954] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1916.825964][ T5954] CPU: 0 PID: 5954 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1916.836029][ T5954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1916.845922][ T5954] Call Trace: [ 1916.849043][ T5954] [ 1916.851820][ T5954] dump_stack_lvl+0x151/0x1b7 [ 1916.856335][ T5954] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1916.861801][ T5954] ? __stack_depot_save+0x34/0x470 [ 1916.866751][ T5954] dump_stack+0x15/0x17 [ 1916.870754][ T5954] should_fail+0x3c6/0x510 [ 1916.874994][ T5954] should_fail_alloc_page+0x5a/0x80 [ 1916.880029][ T5954] prepare_alloc_pages+0x15c/0x700 [ 1916.885061][ T5954] ? __alloc_pages+0x8f0/0x8f0 [ 1916.889661][ T5954] ? __alloc_pages_bulk+0xe40/0xe40 [ 1916.894782][ T5954] __alloc_pages+0x18c/0x8f0 [ 1916.899208][ T5954] ? prep_new_page+0x110/0x110 [ 1916.903812][ T5954] ? __kasan_kmalloc+0x9/0x10 [ 1916.908324][ T5954] ? __kmalloc+0x13a/0x270 [ 1916.912576][ T5954] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1916.917785][ T5954] __vmalloc_node_range+0x482/0x8d0 [ 1916.922819][ T5954] dup_task_struct+0x416/0xc60 [ 1916.927422][ T5954] ? copy_process+0x5c4/0x3290 [ 1916.932106][ T5954] ? __kasan_check_write+0x14/0x20 [ 1916.937050][ T5954] copy_process+0x5c4/0x3290 [ 1916.941480][ T5954] ? __kasan_check_write+0x14/0x20 [ 1916.946695][ T5954] ? proc_fail_nth_write+0x20b/0x290 [ 1916.951803][ T5954] ? selinux_file_permission+0x2c4/0x570 [ 1916.957274][ T5954] ? fsnotify_perm+0x6a/0x5d0 [ 1916.961789][ T5954] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1916.966738][ T5954] ? vfs_write+0x9ec/0x1110 [ 1916.971077][ T5954] kernel_clone+0x21e/0x9e0 [ 1916.975414][ T5954] ? file_end_write+0x1c0/0x1c0 [ 1916.980102][ T5954] ? create_io_thread+0x1e0/0x1e0 [ 1916.984960][ T5954] ? mutex_unlock+0xb2/0x260 [ 1916.989389][ T5954] ? __mutex_lock_slowpath+0x10/0x10 [ 1916.994507][ T5954] __x64_sys_clone+0x23f/0x290 [ 1917.000325][ T5954] ? __do_sys_vfork+0x130/0x130 [ 1917.005012][ T5954] ? ksys_write+0x260/0x2c0 [ 1917.009351][ T5954] ? debug_smp_processor_id+0x17/0x20 [ 1917.014557][ T5954] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1917.020461][ T5954] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1917.025929][ T5954] do_syscall_64+0x3d/0xb0 [ 1917.030180][ T5954] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1917.035922][ T5954] RIP: 0033:0x7f895df3fda9 [ 1917.040249][ T5954] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xe88d02a0, 0x0, 0x0, 0x0) 14:13:45 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:45 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) [ 1917.059690][ T5954] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1917.068029][ T5954] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1917.075860][ T5954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1917.083670][ T5954] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1917.091467][ T5954] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1917.099624][ T5954] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1917.107440][ T5954] [ 1917.137400][ T5960] FAULT_INJECTION: forcing a failure. [ 1917.137400][ T5960] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1917.151275][ T5960] CPU: 1 PID: 5960 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1917.161339][ T5960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1917.171749][ T5960] Call Trace: [ 1917.174874][ T5960] [ 1917.177652][ T5960] dump_stack_lvl+0x151/0x1b7 [ 1917.182165][ T5960] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1917.187633][ T5960] ? __stack_depot_save+0x34/0x470 [ 1917.192581][ T5960] dump_stack+0x15/0x17 [ 1917.196576][ T5960] should_fail+0x3c6/0x510 [ 1917.200825][ T5960] should_fail_alloc_page+0x5a/0x80 [ 1917.205947][ T5960] prepare_alloc_pages+0x15c/0x700 [ 1917.210817][ T5960] ? __alloc_pages+0x8f0/0x8f0 [ 1917.215407][ T5960] ? __alloc_pages_bulk+0xe40/0xe40 [ 1917.220442][ T5960] __alloc_pages+0x18c/0x8f0 [ 1917.225412][ T5960] ? prep_new_page+0x110/0x110 [ 1917.229989][ T5960] ? __kasan_kmalloc+0x9/0x10 [ 1917.234686][ T5960] ? __kmalloc+0x13a/0x270 [ 1917.238928][ T5960] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1917.244135][ T5960] __vmalloc_node_range+0x482/0x8d0 [ 1917.250734][ T5960] dup_task_struct+0x416/0xc60 [ 1917.255591][ T5960] ? copy_process+0x5c4/0x3290 [ 1917.260192][ T5960] ? __kasan_check_write+0x14/0x20 [ 1917.265142][ T5960] copy_process+0x5c4/0x3290 [ 1917.269566][ T5960] ? __kasan_check_write+0x14/0x20 [ 1917.274511][ T5960] ? proc_fail_nth_write+0x20b/0x290 [ 1917.279642][ T5960] ? selinux_file_permission+0x2c4/0x570 [ 1917.285275][ T5960] ? fsnotify_perm+0x6a/0x5d0 [ 1917.289788][ T5960] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1917.294750][ T5960] ? vfs_write+0x9ec/0x1110 [ 1917.299075][ T5960] kernel_clone+0x21e/0x9e0 [ 1917.303417][ T5960] ? file_end_write+0x1c0/0x1c0 [ 1917.308289][ T5960] ? create_io_thread+0x1e0/0x1e0 [ 1917.313148][ T5960] ? mutex_unlock+0xb2/0x260 [ 1917.317580][ T5960] ? __mutex_lock_slowpath+0x10/0x10 [ 1917.322695][ T5960] __x64_sys_clone+0x23f/0x290 [ 1917.327382][ T5960] ? __do_sys_vfork+0x130/0x130 [ 1917.332152][ T5960] ? ksys_write+0x260/0x2c0 [ 1917.336581][ T5960] ? debug_smp_processor_id+0x17/0x20 [ 1917.341810][ T5960] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1917.347689][ T5960] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1917.353159][ T5960] do_syscall_64+0x3d/0xb0 [ 1917.357410][ T5960] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1917.363137][ T5960] RIP: 0033:0x7f895df3fda9 [ 1917.367393][ T5960] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0) 14:13:45 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xfbffffff, 0x0, 0x0, 0x0) [ 1917.386831][ T5960] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1917.395077][ T5960] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1917.402892][ T5960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1917.410704][ T5960] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1917.418524][ T5960] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1917.426324][ T5960] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1917.434248][ T5960] 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xff0f0100, 0x0, 0x0, 0x0) 14:13:45 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x18000000) 14:13:45 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1917.469763][ T5970] FAULT_INJECTION: forcing a failure. [ 1917.469763][ T5970] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1917.502905][ T5970] CPU: 1 PID: 5970 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xfffffff5, 0x0, 0x0, 0x0) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0xfffffffb, 0x0, 0x0, 0x0) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x1b0b41f000, 0x0, 0x0, 0x0) [ 1917.513000][ T5970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1917.522979][ T5970] Call Trace: [ 1917.526095][ T5970] [ 1917.528872][ T5970] dump_stack_lvl+0x151/0x1b7 [ 1917.533388][ T5970] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1917.538857][ T5970] ? stack_trace_save+0x113/0x1c0 [ 1917.543815][ T5970] ? stack_trace_snprint+0xf0/0xf0 [ 1917.548774][ T5970] ? stack_trace_snprint+0xf0/0xf0 [ 1917.553707][ T5970] dump_stack+0x15/0x17 [ 1917.557700][ T5970] should_fail+0x3c6/0x510 [ 1917.561955][ T5970] should_fail_alloc_page+0x5a/0x80 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x29fd153c0000, 0x0, 0x0, 0x0) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x3c15fd290000, 0x0, 0x0, 0x0) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x553a2920d000, 0x0, 0x0, 0x0) [ 1917.566996][ T5970] prepare_alloc_pages+0x15c/0x700 [ 1917.571939][ T5970] ? __alloc_pages_bulk+0xe40/0xe40 [ 1917.576980][ T5970] ? __kasan_check_write+0x14/0x20 [ 1917.581929][ T5970] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 1917.587644][ T5970] __alloc_pages+0x18c/0x8f0 [ 1917.592072][ T5970] ? prep_new_page+0x110/0x110 [ 1917.596674][ T5970] ? pcpu_alloc+0xda0/0x13e0 [ 1917.601102][ T5970] __get_free_pages+0x10/0x30 [ 1917.605612][ T5970] pgd_alloc+0x21/0x2c0 [ 1917.609605][ T5970] mm_init+0x5c7/0x970 [ 1917.613511][ T5970] copy_mm+0x1e3/0x13e0 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x1000000000000, 0x0, 0x0, 0x0) 14:13:45 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="6c3abe16", @ANYRES32=r1, @ANYBLOB="00000000000000005562c0fffcffffff5353000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) (async) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="6c3abe16", @ANYRES32=r1, @ANYBLOB="00000000000000005562c0fffcffffff5353000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) close(r6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x9, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000001c000000000101000002a10100f0ffffff183300000000000000000000000000004d00b600fcffffff1837000001000000000000000000000095000400000000002081564c2bc6c8377e60", @ANYRESHEX=r5], 0x0, 0x800, 0x3, &(0x7f00000004c0)=""/3, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x2, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6], 0x0, 0x10, 0x8001}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x9, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000001c000000000101000002a10100f0ffffff183300000000000000000000000000004d00b600fcffffff1837000001000000000000000000000095000400000000002081564c2bc6c8377e60", @ANYRESHEX=r5], 0x0, 0x800, 0x3, &(0x7f00000004c0)=""/3, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x2, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6], 0x0, 0x10, 0x8001}, 0x90) openat$cgroup_ro(r6, &(0x7f0000000600)='memory.events\x00', 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4010, r3}, 0x18) (async) r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4010, r3}, 0x18) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_ext={0x1c, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10000}, [@generic={0xfe, 0xa, 0x2, 0x80, 0x7fffffff}, @map_fd={0x18, 0xa, 0x1, 0x0, r0}]}, &(0x7f0000000300)='syzkaller\x00', 0x26, 0x36, &(0x7f0000000340)=""/54, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x5, 0xc, 0x8, 0x80000000}, 0x10, 0x20dc6, r7, 0x8, &(0x7f0000000480)=[r1], &(0x7f00000004c0)=[{0x5, 0x3, 0xa, 0x5}, {0x4, 0x4, 0x3, 0x3}, {0x0, 0x5, 0x8, 0xb}, {0x3, 0x2, 0x8, 0x2}, {0x2, 0x1, 0x3, 0xc}, {0x4, 0x3, 0x1, 0x5}, {0x5, 0x5, 0xa, 0x6}, {0x1, 0x5, 0x0, 0x9}], 0x10, 0x10001}, 0x90) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0) (async) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r8, &(0x7f0000000740)='blkio.bfq.empty_time\x00', 0x0, 0x0) 14:13:45 executing program 4: syz_clone(0x8000000, 0x0, 0x2001000000000, 0x0, 0x0, 0x0) [ 1917.617589][ T5970] ? _raw_spin_lock+0xa4/0x1b0 [ 1917.622184][ T5970] ? copy_signal+0x610/0x610 [ 1917.626627][ T5970] ? __kasan_check_write+0x14/0x20 [ 1917.631560][ T5970] ? __init_rwsem+0xd6/0x1c0 [ 1917.635988][ T5970] ? copy_signal+0x4e3/0x610 [ 1917.640413][ T5970] copy_process+0x1149/0x3290 [ 1917.644950][ T5970] ? proc_fail_nth_write+0x20b/0x290 [ 1917.650051][ T5970] ? fsnotify_perm+0x6a/0x5d0 [ 1917.654559][ T5970] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1917.659505][ T5970] ? vfs_write+0x9ec/0x1110 [ 1917.663852][ T5970] kernel_clone+0x21e/0x9e0 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x2020000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x8000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x10100000000000, 0x0, 0x0, 0x0) [ 1917.668277][ T5970] ? file_end_write+0x1c0/0x1c0 [ 1917.672969][ T5970] ? create_io_thread+0x1e0/0x1e0 [ 1917.678094][ T5970] ? mutex_unlock+0xb2/0x260 [ 1917.682526][ T5970] ? __mutex_lock_slowpath+0x10/0x10 [ 1917.687647][ T5970] __x64_sys_clone+0x23f/0x290 [ 1917.692330][ T5970] ? __do_sys_vfork+0x130/0x130 [ 1917.697013][ T5970] ? ksys_write+0x260/0x2c0 [ 1917.701360][ T5970] ? debug_smp_processor_id+0x17/0x20 [ 1917.706841][ T5970] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1917.713074][ T5970] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1917.718542][ T5970] do_syscall_64+0x3d/0xb0 [ 1917.722899][ T5970] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1917.728617][ T5970] RIP: 0033:0x7f895df3fda9 [ 1917.732871][ T5970] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1917.752314][ T5970] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1917.760559][ T5970] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x70000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xd020293a550000, 0x0, 0x0, 0x0) [ 1917.768378][ T5970] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1917.776195][ T5970] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1917.784003][ T5970] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1917.791805][ T5970] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1917.799625][ T5970] 14:13:46 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1917.829160][ T6007] FAULT_INJECTION: forcing a failure. [ 1917.829160][ T6007] name failslab, interval 1, probability 0, space 0, times 0 [ 1917.858837][ T6007] CPU: 0 PID: 6007 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1917.868917][ T6007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1917.878815][ T6007] Call Trace: [ 1917.881939][ T6007] [ 1917.884716][ T6007] dump_stack_lvl+0x151/0x1b7 [ 1917.889670][ T6007] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1917.895128][ T6007] ? avc_denied+0x1b0/0x1b0 [ 1917.899470][ T6007] dump_stack+0x15/0x17 [ 1917.903464][ T6007] should_fail+0x3c6/0x510 [ 1917.907742][ T6007] __should_failslab+0xa4/0xe0 [ 1917.912314][ T6007] ? vm_area_dup+0x26/0x230 [ 1917.916652][ T6007] should_failslab+0x9/0x20 [ 1917.920995][ T6007] slab_pre_alloc_hook+0x37/0xd0 [ 1917.925764][ T6007] ? vm_area_dup+0x26/0x230 [ 1917.930103][ T6007] kmem_cache_alloc+0x44/0x200 [ 1917.934707][ T6007] vm_area_dup+0x26/0x230 [ 1917.938868][ T6007] copy_mm+0x9a1/0x13e0 [ 1917.942861][ T6007] ? copy_signal+0x610/0x610 [ 1917.947386][ T6007] ? __init_rwsem+0xd6/0x1c0 [ 1917.951894][ T6007] ? copy_signal+0x4e3/0x610 [ 1917.956323][ T6007] copy_process+0x1149/0x3290 [ 1917.960837][ T6007] ? proc_fail_nth_write+0x20b/0x290 [ 1917.965956][ T6007] ? fsnotify_perm+0x6a/0x5d0 [ 1917.970469][ T6007] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1917.975590][ T6007] ? vfs_write+0x9ec/0x1110 [ 1917.979953][ T6007] kernel_clone+0x21e/0x9e0 [ 1917.984267][ T6007] ? file_end_write+0x1c0/0x1c0 [ 1917.988956][ T6007] ? create_io_thread+0x1e0/0x1e0 [ 1917.993816][ T6007] ? mutex_unlock+0xb2/0x260 [ 1917.998242][ T6007] ? __mutex_lock_slowpath+0x10/0x10 [ 1918.003366][ T6007] __x64_sys_clone+0x23f/0x290 [ 1918.007963][ T6007] ? __do_sys_vfork+0x130/0x130 [ 1918.012648][ T6007] ? ksys_write+0x260/0x2c0 [ 1918.016992][ T6007] ? debug_smp_processor_id+0x17/0x20 [ 1918.022195][ T6007] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1918.028115][ T6007] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1918.033568][ T6007] do_syscall_64+0x3d/0xb0 [ 1918.037819][ T6007] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1918.043550][ T6007] RIP: 0033:0x7f895df3fda9 [ 1918.047804][ T6007] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1918.067330][ T6007] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xf0410b1b000000, 0x0, 0x0, 0x0) 14:13:46 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xf0ff1f00000000, 0x0, 0x0, 0x0) [ 1918.075575][ T6007] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1918.083384][ T6007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1918.091285][ T6007] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1918.099095][ T6007] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1918.106906][ T6007] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1918.114722][ T6007] 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x100000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x200000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x700000000000000, 0x0, 0x0, 0x0) [ 1918.147568][ T6016] FAULT_INJECTION: forcing a failure. [ 1918.147568][ T6016] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.164374][ T6016] CPU: 0 PID: 6016 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1918.174448][ T6016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1918.184344][ T6016] Call Trace: [ 1918.187474][ T6016] [ 1918.190241][ T6016] dump_stack_lvl+0x151/0x1b7 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x800000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x900000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x1100000000000000, 0x0, 0x0, 0x0) [ 1918.194755][ T6016] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1918.200223][ T6016] ? vmap_pages_range_noflush+0x7d5/0x800 [ 1918.205784][ T6016] dump_stack+0x15/0x17 [ 1918.209770][ T6016] should_fail+0x3c6/0x510 [ 1918.214026][ T6016] __should_failslab+0xa4/0xe0 [ 1918.218626][ T6016] ? prepare_creds+0x2f/0x6a0 [ 1918.223226][ T6016] should_failslab+0x9/0x20 [ 1918.227569][ T6016] slab_pre_alloc_hook+0x37/0xd0 [ 1918.232339][ T6016] ? prepare_creds+0x2f/0x6a0 [ 1918.236859][ T6016] kmem_cache_alloc+0x44/0x200 [ 1918.241454][ T6016] ? _raw_spin_lock_irqsave+0xf9/0x210 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x1f00000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0x3cc802a0ffffffff, 0x0, 0x0, 0x0) [ 1918.246749][ T6016] prepare_creds+0x2f/0x6a0 [ 1918.251086][ T6016] copy_creds+0xf0/0x630 [ 1918.255165][ T6016] ? dup_task_struct+0x7e6/0xc60 [ 1918.259940][ T6016] copy_process+0x7c3/0x3290 [ 1918.264371][ T6016] ? __kasan_check_write+0x14/0x20 [ 1918.269311][ T6016] ? proc_fail_nth_write+0x20b/0x290 [ 1918.274435][ T6016] ? selinux_file_permission+0x2c4/0x570 [ 1918.279984][ T6016] ? fsnotify_perm+0x6a/0x5d0 [ 1918.284503][ T6016] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1918.289448][ T6016] ? vfs_write+0x9ec/0x1110 [ 1918.293792][ T6016] kernel_clone+0x21e/0x9e0 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xe88d02a0ffffffff, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xf5ffffff00000000, 0x0, 0x0, 0x0) [ 1918.298127][ T6016] ? file_end_write+0x1c0/0x1c0 [ 1918.302819][ T6016] ? create_io_thread+0x1e0/0x1e0 [ 1918.307765][ T6016] ? mutex_unlock+0xb2/0x260 [ 1918.312190][ T6016] ? __mutex_lock_slowpath+0x10/0x10 [ 1918.317310][ T6016] __x64_sys_clone+0x23f/0x290 [ 1918.322082][ T6016] ? __do_sys_vfork+0x130/0x130 [ 1918.326770][ T6016] ? ksys_write+0x260/0x2c0 [ 1918.331112][ T6016] ? debug_smp_processor_id+0x17/0x20 [ 1918.336315][ T6016] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1918.342327][ T6016] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1918.347793][ T6016] do_syscall_64+0x3d/0xb0 [ 1918.352044][ T6016] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1918.357772][ T6016] RIP: 0033:0x7f895df3fda9 [ 1918.362028][ T6016] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1918.381560][ T6016] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1918.389791][ T6016] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:13:46 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x20000000) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xfbffffff00000000, 0x0, 0x0, 0x0) 14:13:46 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 14:13:46 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1918.397603][ T6016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1918.405420][ T6016] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1918.413229][ T6016] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1918.421038][ T6016] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1918.428852][ T6016] 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xff0f010000000000, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xffffffffa0028de8, 0x0, 0x0, 0x0) 14:13:46 executing program 4: syz_clone(0x8000000, 0x0, 0xffffffffa002c83c, 0x0, 0x0, 0x0) [ 1918.466356][ T6048] FAULT_INJECTION: forcing a failure. [ 1918.466356][ T6048] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.479193][ T6048] CPU: 1 PID: 6048 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1918.489264][ T6048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1918.499154][ T6048] Call Trace: [ 1918.502277][ T6048] [ 1918.505051][ T6048] dump_stack_lvl+0x151/0x1b7 [ 1918.509572][ T6048] ? io_uring_drop_tctx_refs+0x190/0x190 14:13:46 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="6c3abe16", @ANYRES32=r1, @ANYBLOB="00000000000000005562c0fffcffffff5353000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) (async) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="6c3abe16", @ANYRES32=r1, @ANYBLOB="00000000000000005562c0fffcffffff5353000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)) (async) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) close(r6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x9, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000001c000000000101000002a10100f0ffffff183300000000000000000000000000004d00b600fcffffff1837000001000000000000000000000095000400000000002081564c2bc6c8377e60", @ANYRESHEX=r5], 0x0, 0x800, 0x3, &(0x7f00000004c0)=""/3, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x2, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6], 0x0, 0x10, 0x8001}, 0x90) openat$cgroup_ro(r6, &(0x7f0000000600)='memory.events\x00', 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4010, r3}, 0x18) (async) r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4010, r3}, 0x18) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_ext={0x1c, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10000}, [@generic={0xfe, 0xa, 0x2, 0x80, 0x7fffffff}, @map_fd={0x18, 0xa, 0x1, 0x0, r0}]}, &(0x7f0000000300)='syzkaller\x00', 0x26, 0x36, &(0x7f0000000340)=""/54, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x5, 0xc, 0x8, 0x80000000}, 0x10, 0x20dc6, r7, 0x8, &(0x7f0000000480)=[r1], &(0x7f00000004c0)=[{0x5, 0x3, 0xa, 0x5}, {0x4, 0x4, 0x3, 0x3}, {0x0, 0x5, 0x8, 0xb}, {0x3, 0x2, 0x8, 0x2}, {0x2, 0x1, 0x3, 0xc}, {0x4, 0x3, 0x1, 0x5}, {0x5, 0x5, 0xa, 0x6}, {0x1, 0x5, 0x0, 0x9}], 0x10, 0x10001}, 0x90) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r8, &(0x7f0000000740)='blkio.bfq.empty_time\x00', 0x0, 0x0) (async) openat$cgroup_ro(r8, &(0x7f0000000740)='blkio.bfq.empty_time\x00', 0x0, 0x0) [ 1918.515041][ T6048] dump_stack+0x15/0x17 [ 1918.519025][ T6048] should_fail+0x3c6/0x510 [ 1918.523280][ T6048] __should_failslab+0xa4/0xe0 [ 1918.527887][ T6048] ? anon_vma_fork+0xf7/0x4e0 [ 1918.532392][ T6048] should_failslab+0x9/0x20 [ 1918.536733][ T6048] slab_pre_alloc_hook+0x37/0xd0 [ 1918.541514][ T6048] ? anon_vma_fork+0xf7/0x4e0 [ 1918.546016][ T6048] kmem_cache_alloc+0x44/0x200 [ 1918.550621][ T6048] anon_vma_fork+0xf7/0x4e0 [ 1918.554969][ T6048] ? anon_vma_name+0x4c/0x70 [ 1918.559383][ T6048] ? vm_area_dup+0x17a/0x230 14:13:46 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x94, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x1e, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x94, 0x94, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xea}}, @enum={0x10, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xcc}, {0xd, 0x1}, {0x10, 0x3f}, {0x0, 0x2}]}, @union={0xa, 0x1, 0x0, 0x5, 0x1, 0x8000, [{0x0, 0x2, 0x2}]}, @var={0xf, 0x0, 0x0, 0xe, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x23, 0x0, 0x1a, 0x2}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x4, [{0xa, 0x1, 0x24aa}]}]}, {0x0, [0x7f, 0x61]}}, &(0x7f0000000480)=""/220, 0xb0, 0xdc, 0x1, 0x1}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000004000000000018010000202070250000000000202020630af8ff00000000bda106000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7e5ffffff00000085000000050000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x9, &(0x7f0000002740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, [@generic={0xd2, 0x5, 0xe, 0x3, 0x4}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @tail_call, @ldst={0x1, 0x0, 0x1, 0x3, 0x0, 0xc, 0x8}, @ldst={0x1, 0x1, 0x3, 0x6, 0xc, 0xffffffffffffffe0, 0xfffffffffffffff0}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2c, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1}, 0x90) r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x23}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2}, 0x90) r7 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x4110e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200000, 0x0, 0x0, 0x3, 0x10000, 0x20}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x8) r8 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r9, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) sendmsg$unix(r6, &(0x7f0000000a80)={&(0x7f0000000780)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000001500)="33edba817e4af0c6339314be737317b2a6008b9cd658b146ebc8d1fa9b21089c79e9a19cf7c13828c5485a28359c011f212dce746a4937c546867cde06309570001272d3cca2b5dcece9a9aba1a3567950d9d06fd840a4e6fc36f66cde3386ae301d1111be7707f1a0627057c79072ac26fc3bbbaadd25ea3bf9fd034d1246c6de59ca9612cea25c2931c97bb1267263110d4f408c07e3886fc2c079e93cbeeb2d20e1656cc6e188ce84b175971c51f9bbf4f0bf5798b30cd99b7f0f895923cb50890625cf57bd7831b9f0c7f6d89899e1247774531d709dfe2cfc3757fc33e6da064244cf85cc0363f1d23515d70e638cd952d3e9dadd035e161eaba5ffb21585cb1a7ec31b0ec5d918ea2c9c16142090db90d972f1dbfc500b8bafadcfb58bbe14dd6647f914c85ebcb7737eef7cae3ee70793e9a8017350e42e2df1cce3c7aefe6ba14690d7ac281da4575411de84141c1088ddf359eb3ca1d1a21b7cb6b4a7f7869f74f8cacd599e585e13b2d7435cc87a7f8c170bfd2d073337b8e2000f9e79dbec383381fadac20b6d260b7b702da5f5f4b01ca3a3f95e92905662d9fa690d0806ffbbbaf68c1323a0869e1a7099d0c59db9a6e006c5a8520314d129c06e608195d668d6ea6cd847fa0fa2573179076b338021dccbf9e24a84913c4d7ac1d192742698e7647bbb4372cb328460115338091ac6465dcef4f68b79ec7e394cc2acb786ce5378520787f80e81de019400959700f614951c278c702dd54e70e232ee9c2a06e4875caf201433ffaea4fdbc6299dfd55030bd4f82d596fc3e11ec99518070b30539679314ab1733aeeb2a7c76c7a228ea142d9589c367934d1271cf9e8fd2ceba8c7f505f4415332f5db432945df7263eb6962a99f4801b4e502cfd647241c43fd045882f68d3b902213d6cee463570f8c78056a1119dbb7b7b829f79c19766f9908da2093334acdb2ad4397ce046a3a2b62c828002d40d4d4a8dabe18314c098806935ff1a93867d4fbcaa1c2c72fc5312e369db940c5668358a439e7d01227e05fdc35efcaa04a05f8710121e7c092056263c352dae8a1eb280f3b9a5d0fc4f15e27f6a8ea7cbe5392e3c8204503ada2c13d2171052324c2f8b9a2564efbe6f464f0def8349c56e309559a742ba9aa4e2b459e6781066e588ab3f01311eabd9b3228f8497aca45fcbeb3e6d3b5a4db66350863fb9abc94833b644fb39e3b0edc42d17c125d97bb4deee02a81080aecb0a980bff0c14cbbeed719298dc560bee9c724e9d18e4fcc98d3733914d1a42378fb474b62135b681b120a90e34d70d1c21e525aef5237c408f98932857b4f15135315e4525b0eb6182215ad9f1d91171fb5585e093b4ab50aa12082a6d9a1fbdc6889c6cb8fd94961bc89896545ff3f62ed4eed6029f88c695db80384e9aa4c677638f54b45e83fe096c8f1711da3600ac6a4addbccbc8fab8824690734bb00214be34837e5fd08b5499afd2596c272446055acd26b2aa63c636f6cda685cb896828999181bf963f300127cecedaa2fe209ef7cbb2aa95c7f7dce3491bf76509a7a8181afe832adeac8e97f6f309aec5096bd77f4e3a8acbdc344bdcfb30f8460aecb988effb28ec9611dc9fd217653627bab81f320bc270bcaad32c78b2a63cacecf4233414230db62689b40101207c9f23c920cd54e3a1ab2d9770b05dc22149b66ee91589718eb15f3723fb266e7ed18591a25b59e04816b5b6b7d11717c70726ef7a61af03fc7da7777a6c32d9f0034fb805407200b6d388b7dfccc458bb7785750074bd1a0449355541cfb49435531a6dc389613aadd343e96f5eb47cec2c2eea4cb1c91913876363c9a533e4316b49bd4e1705dd1f48feb5db4455c03907afe1efda7c1bdfee09d474cec903d0872c86953c855ff5c74114454ad7faf8255cd324793dc94748ea96881918467beb2712a7c2c969640ce9109b472de3dad9db82e8d18087b9567659afcbba9f3e9617db3cd1b46a5881efb81e596dbb47ea81a0313099f14b1bfcab044b248b5a5e3c718bd0d874eef9f593c50e4fb884cc266382cb979d1658f028d154614b864e617894c2913d4f7cb30747a3aaf17916dc859eb72617cdb9a84e930edd06b43a56c3075e5d799034b139c595ae6a69a57805d93bf7f3b1d77c96ecb6d9e179a09d336b23f0feaa9cdc5eacf6c006c967b25f927474c2bdcf2e1cda4870267842b20f7e015d1ac326908ed164c5f1aab908b6764cab9bf9e8e0950a3b384cee0ef686e38f6243b1bb6e41230f738f7b3416813bf4bf8468615658252080d7a7636f398ff0423782ca8e7b09d4ca1b5b3920aa91069255bdfebbbb6a086e522ae033a9a99a7be34df04d430034964408662fa95dfc67f49a5aa8bd86f9fc6cdbe6e24c53dbc660e828fe45c7fcb02d330277576f0ffbb7207c90eb87cebc15c1efa3a5b1bd56627a4aa3cc24014ca8557308e96790eb7dd4605953da5f09e01933cffcb8aa7996d4788dd4c745b519b2a12e7af71c816b2fb7bd653ac7b52a098d6e98d32e1e999fdf6eed464978fb2b2f0f8649f4957faf09d4ff59d2653ed84ff855bbeb54bcd87386e5edf160382d9f312c702d0459976b9d0afa033eb5f5fa710ef6e84c626e829fbf62ce93f3c37383f7faa1aa668ce610b011d8a3a8e395a1da0a9c2f6d57ac4ac6b7da9d6d04d64dbbeb590955bfe52d58203db9fb87a5f76fc197e4b29dbcb497ffbfc8a85ad9c1238326b65bd257c5c212c93867cb35edc5e5e25b5cbbdb6eee085ef4f59138b906c690a50ea8d3be875fe0432c195b141e19397860c3098d2c33b4b297ee9d728c7731440fb9f0a45298dea18a3e6d4f45ba1cfa43ffc41978ac471b50ca9ad4002c519bc5b1d024911febd10f78ee12ba4ad0907064244b82748a7f39f730f0f0646acb35f190083f41a894ff4a8ca8a449da32e4fb63111ba303c4df55b4d4970ce103227681c119f4caf715728363388bcea7958d48a463a0a96da85a6dff4a49eedbfd39eb198b763bb00c9460a6ef1bea9f54036944bda7d1df6c1095f5344e7f5fec3d85c8240f270016afb6e6ccbd4973cd7b5074febce62e64b4905b6dbb6d32de9a7e51bed2380cb6b65060a4b2e56967164099e9d18558b39be2b729baa566c4be1234940f88369b58017249f708c827d8374ec75c29fb9e653a06a625ab8e355e7fc4f735a107dc7722471b26f21592000734a4872e22aaf16e16ac412210959da782a071a9b4f736ace627dcf3b184edb016ec8ed0180511ef4581c94687b1ecf510d251309f41299ad6a1aebacd4580945c2c418e50ea7352760f343457074555b6eb7bace4dd1224b08d418678d89a0356885fa9e4a9b6a1fd5b540d39d64c4baedf2a55d47735c906d37868877bdca7d960d5ef37db3ca3e7efe4b0694e5ed7689e900d10b7bc09ebb020a23b385fc46bb616705f2eb5e0e357f9c1a30a38195a6f02fb9c245e259f525507cfa1603a3eb38d662bcf2a3a475a455c4cf64e27f1abc2752e3c493dbcc1c5e913be7009d9eb6eacf53a72a6bc5da3015e880d068f6f04162482445da9c83d095e2cf11217c4b7fe4a61b63845ca42dd4de7eac5c9466dc095eedfdf33fc8e9d7ecc700c968aff659e462ff0b3adb881015a58ab3875ccd1fd3160260e5ebb42a64bbb7a22438704c88ddf9b274dd3f3ca873624e7f50be3198e57c298302b2e7756cb5fcd633396fdae78e625dddedd4b2aa8bf95767331b85c97c85c482ce57e9efb97ce2269aa8fcba826ba6a3e449d780be4e71a086aef8168e44830c9179565b26ff30ca254ec656c91a0f79224c4b2ba21dd5f810d85d2b218196f25a0573053dc7dfa1970a3f6915e70e8413105098d79c6b5ef3d72c030d0296345e4b0505f93e4987ca1e23ed23f720a4025d55044392ee8136fc2a4f158727aa716ced9d882054c56337ad9139fca653570e8f8ab43d1eafcc3b500b117ddf7afab44642883ae9bccc67331d09708eea1f5613ddfa4a0a5123501f647a13aaab581a9d991a773959fc770626c67cd330a4a7804ca807157e58ee140b026b74e3fe885ca8e6bc96e232e8d0afc6e6eda523cc315fe4eff3f0ce78d345b5f0e01d0906239dabfab23478c36ca4cdd4a258eb4966a930b6a1f5309ecb8667ec768250c8a1d0d681129a9585462d4def37c64211edbbb695b6eb88632fe8a1d1ee17d0afc5fb510a93d0966b63c73af736e7d5f77a37c02bca850ede7d9bf9731e951c8ace1b166da9ba42619af6417bf0d13af330f28c73174a58d599e47bdef92ad7c5e3514b0ef4458739d7885d5b06c3b4a2106f333f20747f257d8feb2f2206d05124832e9f75e502893df3af9712253fca1928c192e7011fb03bd6e8c59ced7b4b4d247b8900f520870739d04ffddac130ab6df211677abc34ab4bf152f0a3d68766917e14429562fef9778f5f0f92b8dd0708f58b1372eb91c6de9306afd78d109342195d8ffa4aa2dbc240f0cc783d1ebbae5133477f544be97f15a3b066834ff52e4b64ff2231b96cc548dcb9b5bef93c042f45d1c0cc2e6ac246c0f1fabdb78ea3a89cc8e04b635aae5affafdbec934a51e4a871d6ec1c34e04cff89f53fbfd723b4a242553dfb990ff7902702eee41b7c69881e20593a78193ac478925a915e57f1cd4d4c992f2c630e7b482b7722e1856f2107151de4550909e44d50d927b75e2702e0b77ebe8e8376f9b3351720e9fc2f99ee79cc3e8c3af645db607044c012570b2ab12f339d5fce19799f3ac05f90b75a1a37e15ac62cc0f7ea7f37aede239e56d6caa259c5e548a7b647a256121ade8cc41ec0b30a1ae56eca0a56ff2f8f33ef47efea2eaec04f11e0cf3d90fe9d9c13beb34a6a1745e5fbac1482dab7c6158a9d33f66a72afebe8d4650e039cad2560e3581055b47f30bdb0b83e1b9212b0b63804b99cde31a9347625c6ff077383ac8d97692ea9109f4b0cb8d20020f65c96ecea9a58c0f2b4ff58653ea66917ea66a772e3f981f0ec7e2277cb80c4e20d7c22a3a5af67c608728abab4384d04fda8b8d5afb907de34ec9328cb4d1e428003019d7081ab9ff040cc1358436f7779f187ff95fc5a8806959ecfcfe54bf059c94430db5724cda6f7270663a1475c957e558396c928192ec73441651e119aafbbafa171c8d32377c7cb9f11580e1162becb55e01fe9b1047aae96a8d6e940ba5471c6980ea6b9b2078409d47027e1222af0579016059795dc0f5c0a7ac56a26ad08ef3a4193f785e3c66d552e38b9d78d054978a1b67402ec9cbaec64a51ac16806465709cd43ce40406995451497add43923a6707b6148590bf3465a4120d11396d84a34e0fa015bb349c78dbe8239a416412683d7e6a66555dbb533c4b47ce988e93c50cecadd9623d160f784f437df4ceed21061ae96fa7d487242dbf591c698f4390a5762cdd4c88fbc15af02eaf1d9fdb9a561f88f8a460bd33f772419cc46b5fb2efc52282d987db3eb61a58877f9ad6b53706f822f9971a7b2093919d2bafea2c32c269476e2bb64569380cba6c0cd85c6c1dd07c52894c6c8a6351453664a147ea350bab7bfc5b782c308daa8ce3df514399cff8d77f45ea4827efc4cec2f8b3d65c3a10f7b3a2c5a1b7cc430e4fa3a007e64ff60530e0c2351c700be57b7a34e870f1bb9244f00fe8f73a78586c6f96124b2a2985a9768b4c45886e5c413525540ba832918399434e7dd349fc6d132618ad6e5ad7046148f53c41cc6d80cab9923c3df7aca63df51d0ea155", 0x1000}, {&(0x7f0000000800)="ef0cfff788e5e61ed031a35ba7fe3f68ba0521ae30d20343789c65f922f5df222d21ae6adda8d9a8fed0bfb99d7ec74568aa826e7e7ff84a23c57618ac13f3abf7d1fd8c04a9563fe88dd6f21ab1baf5cc31978d21cea4da9e4c6f6e1c2a85aa7ba916113379fadf882992383cd44415f2156c22dd3e880e836401026ac42fc466f06a9f649878fab03832cd22ed9999529e1e", 0x93}, {&(0x7f0000000980)="3dba595f117fd41d9b2f8b35696b30d23e62cbb1f64560a44c485dc0447d79cff8b79ca4fcd15ea3f39c8194c1ec5901ae6ca36922f078095f673774d542957fcd686828522b459af1e7a4d7f0122d65910baac1ac5645d493b5122005", 0x5d}, {&(0x7f00000006c0)="d26a06c35b6d8846c92521ba6a8a30c349e3fc8f7e3a7019ab819e3938a76f70", 0x20}, {&(0x7f00000008c0)="ef0668e78aa976328f7a82703cc2c42611455283e7f359fa01903083e614e9c4dc3a4b866e0d45b13aa7b8b7e47fd7ef42bf66b837d053e6e89edbfce71a07", 0x3f}], 0x5, 0x0, 0x0, 0x200040c0}, 0x40000881) recvmsg$unix(r10, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)=ANY=[@ANYRESDEC=r9, @ANYRES8, @ANYRES16, @ANYRES16=r7, @ANYRES32, @ANYRES32, @ANYRES8=r2, @ANYRESDEC, @ANYRES8, @ANYBLOB="00000000000000c6aef3747208a56ea1ecd990672b4ec7f7929ecac656ef9c85d1d07689adae4c1009bcc55d24b1f9a559531f14dc5c4d1ccad45e4f980cce9efedd160abfedf9623ecdec24ff0b3d84550f59da56a0c7a6ac12c7607d2cc231f254916e09c3e2ff19ab9c17d0011dce7902e8c025e376decbafd0859ed601ee8d44ac904672b16e79f61aa8ce0dcaded63e005a18e94a4c8e62bff6080079ddd3e096fb0f37966a7bbc4089b262bb404a54bf59106453d77afc6a0aed945d", @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX=r3, @ANYRESDEC=r11], 0xb8}, 0x40002000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r6, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0, 0x0], 0x0, 0x8f, &(0x7f00000002c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xe2, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x1, 0x16, &(0x7f0000002640)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095db17fa9aee9400000000000000185900000800000000000000000000005d04f4fefcffffff18000000060d0000f6660000040000000000000002000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000000029e46a258f5c284b494fc0f0c93dc1a4d8c20fa9e329021753e7b8a839775cdf0e6a"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0xa7, &(0x7f0000000c40)=""/167, 0x41000, 0x40, '\x00', r12, 0x1a, r9, 0x8, &(0x7f0000000b40)={0x6}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x7, &(0x7f0000000d40)=[r8, r9, r9, 0xffffffffffffffff], &(0x7f0000000b80)=[{0x0, 0x4, 0xb, 0xb}, {0x3, 0x1, 0xb}, {0x1, 0x5, 0x6, 0xb}, {0x1, 0x1, 0x1, 0xb}, {0x3, 0x4, 0x5}, {0x2, 0x4, 0x7, 0x1}, {0x0, 0x5, 0x1f, 0x2}], 0x10, 0x3}, 0x90) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000680), 0x8) r15 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x3, 0x0, 0xcfd, 0x802, 0xffffffffffffffff, 0x43c8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0x5}, 0x48) r16 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0x13, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, {}, {}, [@map_idx={0x18, 0x0, 0x5, 0x0, 0x4}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0xb8, 0xd5, &(0x7f0000000500)=""/213, 0x40f00, 0x20, '\x00', r12, 0x18, r5, 0x8, &(0x7f0000000600)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0xd, 0x9, 0x44f7}, 0x10, r13, r4, 0x4, &(0x7f00000007c0)=[r14, 0xffffffffffffffff, r3, r15, r16], &(0x7f0000000800)=[{0x5, 0x2, 0x6, 0x1337abf97682a554}, {0x1, 0x3, 0xb, 0x3}, {0x3, 0x4000001, 0xc, 0x6}, {0x6, 0x2, 0x7, 0xc}], 0x10, 0x1f}, 0x90) r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r17, 0x40082406, &(0x7f0000000040)='}\x00') perf_event_open$cgroup(&(0x7f0000000600)={0x0, 0x80, 0x99, 0x5, 0x3, 0x9, 0x0, 0x7fff, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x2, 0x1, 0x1, 0xffffffff, 0x5, 0xfff9, 0x0, 0x8000, 0x0, 0x80}, r17, 0x7, 0xffffffffffffffff, 0xf) r18 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@o_path={&(0x7f0000000640)='./file0\x00', 0x0, 0x10}, 0x18) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0}, 0x38) r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x1, 0x8}, 0xc) r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000003000000000000000600000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000c3000000bf0900000000000055a7bb294e94444e099d0c4e0dad720901000000000095000000000000008520000002000000bf91000000000000b7020000000000008500000084000000b700"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0xa1, '\x00', r0, 0x1d, r2, 0x8, &(0x7f00000005c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000600)={0x5, 0x1, 0x688}, 0x10, r13, r17, 0x4, &(0x7f0000000780)=[r18, 0xffffffffffffffff, r19, r20], &(0x7f00000007c0)=[{0x1, 0x5, 0xb, 0xc}, {0x5, 0x4, 0x1, 0x8}, {0x3, 0x1, 0x8, 0x6}, {0x1, 0x3, 0x9, 0x4}], 0x10, 0x3}, 0x90) r21 = syz_clone(0x12000000, 0x0, 0xfffffffffffffcd2, 0x0, 0x0, 0x0) sendmsg$unix(r5, &(0x7f0000000f80)={&(0x7f00000010c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000001140)="b9e7c5173f0b822f59ca93ff6796298841850f95fff117faac94b2886abacb722b909bb7521256eb70ea99789d8ee4898a5be4ac921c5c6f7b105a2749f38d276420568b81fa4dd4fdc5", 0x4a}, {&(0x7f0000000b00)="1b0610d3b62c3a4c3d9ebf2b813a7b", 0xf}, {&(0x7f00000011c0)="437693d8c6fc5e1633ec68ffbd29ee09552df43bd348e1e89f2dd4260587fe47b66669b8cc9bcbe0214961d6a69ec8cf864d84f6a5eb55be192b3cd726b8829c152f6b50a8228cac7a55b54415d776fc57ec6b24680296a720ca16b2fd420b0f9a23d7bc73427192f57b2d144df33a74f1f1bc0d38bd178b78fc7ee97336b27fd6a1f8ce8a28898ca73cf693f9b07fa85c7fa72337554085cc7ba2271e27ae8323de0e1c73e0bbb311d0ca9eeacfcc4e4722c4fa639b8f24e29d15141ef51259fab017bda2c6", 0xc6}, {&(0x7f0000000c00)="4f87a82eeb6c297b306467b4954a1087", 0x10}, {&(0x7f00000012c0)="548fba1a4cda9b7304cb679d76c08e9c4131cb24cd6f25ca129f473c6e569ae0528b29dd4c1bc6a72ef7278d5d3c06082745152ac5e8281aa5a3569e6c13bedaaee04bfbbcbd7805ac048d7a9d9cbc604eaed693f4439862d7ea6ac63b5f73dc30da1ade9babb98c48f516a67a75b9f72556918954b42a323c9e1c4b3f2974da6a82bb0bce8fccf44888b33ecb7f9bbd1734b77121f23db0d699f5b0ff18b6051edd7e838238d158b656b1b13c83f970324c549ba6476155c586d5d72245ccddda244d8232486176807fa9c12ee8f3682fb3de7a55b85a5cc59e74f6", 0xdc}, {&(0x7f00000013c0)="896331542819c4d1d969b9e31dc3628647704784b539c52483903018e693c97a4179045e3dff20c0c96a81644abf7536588995b472997d18af12653e696dfce43185cbf416ddb5343d091e21779639e99947e9b4b21fd12a5ca61f0f213af1ee8f73e21187555683e06db7fa420e56ad37773cc4d58617a22497c860fdf5adf6e3aa423bfdf8149a24e3d1373fc3015455eb4ce12ab152d7f4d88593d6d1fcaf3561e51dd4ffe78cf12f9ab45038a7283204598c1139c3ca9f3c2971526ca0a6a145167b6ed78aab0a4ca17916fa61", 0xcf}, {&(0x7f0000002500)="e7ad05d1072e77440c15cadc795a2028b5e96acb129809785133502dd789e2b55021a56e9e6dca781727ca8c449af0aa3ac3799e2d75ce9f37316a7115ad1d7c9ea6451ad6d2099681445b1a414cfa7d23c65b573293aeab19bcbf228a5d74f1f9acbbbda644f71eab0731c6629d54803719d751a89a8c8fce185039379ace00511a3b38a2af97d898420415ab4e088e5942af63368fcd2259271f71c2991d7adf0c8cb7", 0xa4}], 0x7, &(0x7f0000000d00)=[@cred={{0x1c, 0x1, 0x2, {r21, 0xee00}}}], 0x20, 0x20000004}, 0x20004000) [ 1918.563813][ T6048] copy_mm+0xa3a/0x13e0 [ 1918.567827][ T6048] ? copy_signal+0x610/0x610 [ 1918.572230][ T6048] ? __init_rwsem+0xd6/0x1c0 [ 1918.576657][ T6048] ? copy_signal+0x4e3/0x610 [ 1918.581086][ T6048] copy_process+0x1149/0x3290 [ 1918.585598][ T6048] ? proc_fail_nth_write+0x20b/0x290 [ 1918.590719][ T6048] ? fsnotify_perm+0x6a/0x5d0 [ 1918.595230][ T6048] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1918.600178][ T6048] ? vfs_write+0x9ec/0x1110 [ 1918.604519][ T6048] kernel_clone+0x21e/0x9e0 [ 1918.608856][ T6048] ? file_end_write+0x1c0/0x1c0 [ 1918.613543][ T6048] ? create_io_thread+0x1e0/0x1e0 [ 1918.618405][ T6048] ? mutex_unlock+0xb2/0x260 [ 1918.622831][ T6048] ? __mutex_lock_slowpath+0x10/0x10 [ 1918.627949][ T6048] __x64_sys_clone+0x23f/0x290 [ 1918.632549][ T6048] ? __do_sys_vfork+0x130/0x130 [ 1918.637234][ T6048] ? ksys_write+0x260/0x2c0 [ 1918.641578][ T6048] ? debug_smp_processor_id+0x17/0x20 [ 1918.646782][ T6048] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1918.652690][ T6048] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1918.658158][ T6048] do_syscall_64+0x3d/0xb0 [ 1918.662410][ T6048] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1918.668139][ T6048] RIP: 0033:0x7f895df3fda9 [ 1918.672397][ T6048] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1918.691835][ T6048] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1918.700073][ T6048] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1918.707887][ T6048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:47 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) [ 1918.716475][ T6048] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1918.724287][ T6048] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1918.732967][ T6048] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1918.740783][ T6048] [ 1918.768368][ T6066] FAULT_INJECTION: forcing a failure. [ 1918.768368][ T6066] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.781267][ T6066] CPU: 0 PID: 6066 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1918.791333][ T6066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1918.801224][ T6066] Call Trace: [ 1918.804351][ T6066] [ 1918.807647][ T6066] dump_stack_lvl+0x151/0x1b7 [ 1918.812160][ T6066] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1918.817718][ T6066] dump_stack+0x15/0x17 [ 1918.821706][ T6066] should_fail+0x3c6/0x510 [ 1918.825964][ T6066] __should_failslab+0xa4/0xe0 [ 1918.830572][ T6066] ? anon_vma_fork+0x1df/0x4e0 [ 1918.835159][ T6066] should_failslab+0x9/0x20 [ 1918.839514][ T6066] slab_pre_alloc_hook+0x37/0xd0 [ 1918.844709][ T6066] ? anon_vma_fork+0x1df/0x4e0 [ 1918.849317][ T6066] kmem_cache_alloc+0x44/0x200 [ 1918.853909][ T6066] anon_vma_fork+0x1df/0x4e0 [ 1918.858334][ T6066] copy_mm+0xa3a/0x13e0 [ 1918.862853][ T6066] ? copy_signal+0x610/0x610 [ 1918.867272][ T6066] ? __init_rwsem+0xd6/0x1c0 [ 1918.871719][ T6066] ? copy_signal+0x4e3/0x610 [ 1918.876135][ T6066] copy_process+0x1149/0x3290 [ 1918.880641][ T6066] ? proc_fail_nth_write+0x20b/0x290 [ 1918.885760][ T6066] ? fsnotify_perm+0x6a/0x5d0 [ 1918.890273][ T6066] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1918.895221][ T6066] ? vfs_write+0x9ec/0x1110 [ 1918.899571][ T6066] kernel_clone+0x21e/0x9e0 [ 1918.903903][ T6066] ? file_end_write+0x1c0/0x1c0 [ 1918.908589][ T6066] ? create_io_thread+0x1e0/0x1e0 [ 1918.913459][ T6066] ? mutex_unlock+0xb2/0x260 [ 1918.917879][ T6066] ? __mutex_lock_slowpath+0x10/0x10 [ 1918.922997][ T6066] __x64_sys_clone+0x23f/0x290 [ 1918.927599][ T6066] ? __do_sys_vfork+0x130/0x130 [ 1918.932369][ T6066] ? ksys_write+0x260/0x2c0 [ 1918.936709][ T6066] ? debug_smp_processor_id+0x17/0x20 [ 1918.941914][ T6066] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1918.947816][ T6066] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1918.953736][ T6066] do_syscall_64+0x3d/0xb0 [ 1918.957978][ T6066] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1918.963797][ T6066] RIP: 0033:0x7f895df3fda9 [ 1918.968041][ T6066] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1918.988000][ T6066] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1918.996246][ T6066] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1919.004068][ T6066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:47 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:47 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) [ 1919.011893][ T6066] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1919.019945][ T6066] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1919.027757][ T6066] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1919.035569][ T6066] [ 1919.063440][ T6068] FAULT_INJECTION: forcing a failure. [ 1919.063440][ T6068] name failslab, interval 1, probability 0, space 0, times 0 [ 1919.087421][ T6068] CPU: 1 PID: 6068 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1919.097495][ T6068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1919.107397][ T6068] Call Trace: [ 1919.110515][ T6068] [ 1919.113293][ T6068] dump_stack_lvl+0x151/0x1b7 [ 1919.117809][ T6068] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1919.123364][ T6068] dump_stack+0x15/0x17 [ 1919.127353][ T6068] should_fail+0x3c6/0x510 [ 1919.131607][ T6068] __should_failslab+0xa4/0xe0 [ 1919.136220][ T6068] should_failslab+0x9/0x20 [ 1919.140543][ T6068] slab_pre_alloc_hook+0x37/0xd0 [ 1919.145321][ T6068] kmem_cache_alloc_trace+0x48/0x210 [ 1919.150441][ T6068] ? alloc_fdtable+0xaf/0x2a0 [ 1919.154954][ T6068] alloc_fdtable+0xaf/0x2a0 [ 1919.159296][ T6068] dup_fd+0x759/0xb00 [ 1919.163109][ T6068] ? avc_has_perm+0x16f/0x260 [ 1919.169449][ T6068] copy_files+0xe6/0x200 [ 1919.173533][ T6068] ? perf_event_attrs+0x30/0x30 [ 1919.178212][ T6068] ? dup_task_struct+0xc60/0xc60 [ 1919.182985][ T6068] ? security_task_alloc+0xf9/0x130 [ 1919.188021][ T6068] copy_process+0x1080/0x3290 [ 1919.192536][ T6068] ? proc_fail_nth_write+0x20b/0x290 [ 1919.197655][ T6068] ? fsnotify_perm+0x6a/0x5d0 [ 1919.202173][ T6068] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1919.207114][ T6068] ? vfs_write+0x9ec/0x1110 [ 1919.211473][ T6068] kernel_clone+0x21e/0x9e0 [ 1919.215792][ T6068] ? file_end_write+0x1c0/0x1c0 [ 1919.220482][ T6068] ? create_io_thread+0x1e0/0x1e0 [ 1919.225347][ T6068] ? mutex_unlock+0xb2/0x260 [ 1919.229768][ T6068] ? __mutex_lock_slowpath+0x10/0x10 [ 1919.234889][ T6068] __x64_sys_clone+0x23f/0x290 [ 1919.239591][ T6068] ? __do_sys_vfork+0x130/0x130 [ 1919.244261][ T6068] ? ksys_write+0x260/0x2c0 [ 1919.248603][ T6068] ? debug_smp_processor_id+0x17/0x20 [ 1919.253808][ T6068] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1919.259712][ T6068] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1919.265183][ T6068] do_syscall_64+0x3d/0xb0 [ 1919.269447][ T6068] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1919.275175][ T6068] RIP: 0033:0x7f895df3fda9 [ 1919.279850][ T6068] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1919.299291][ T6068] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:47 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x40000000) 14:13:47 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) [ 1919.307829][ T6068] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1919.315638][ T6068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1919.323451][ T6068] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1919.331264][ T6068] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1919.339092][ T6068] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1919.346888][ T6068] [ 1919.367549][ T6076] FAULT_INJECTION: forcing a failure. [ 1919.367549][ T6076] name failslab, interval 1, probability 0, space 0, times 0 [ 1919.383576][ T6076] CPU: 1 PID: 6076 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1919.393642][ T6076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1919.403539][ T6076] Call Trace: [ 1919.406659][ T6076] [ 1919.409439][ T6076] dump_stack_lvl+0x151/0x1b7 14:13:47 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:47 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000002b8f63fb9500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000180)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xa}], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', r2, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xa, 0x87f3, 0x8000}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000540)=[{0x2, 0x5, 0xe, 0xb}, {0x5, 0x3, 0x1, 0x1}, {0x3, 0x5, 0xa, 0x4}, {0x4, 0x4, 0xc, 0x3}, {0x1, 0x5, 0x8, 0x8}, {0x1, 0x3, 0xd, 0xb}], 0x10, 0x54}, 0x90) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) [ 1919.413955][ T6076] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1919.419599][ T6076] dump_stack+0x15/0x17 [ 1919.423589][ T6076] should_fail+0x3c6/0x510 [ 1919.427845][ T6076] __should_failslab+0xa4/0xe0 [ 1919.432444][ T6076] should_failslab+0x9/0x20 [ 1919.436787][ T6076] slab_pre_alloc_hook+0x37/0xd0 [ 1919.441643][ T6076] __kmalloc+0x6d/0x270 [ 1919.445651][ T6076] ? kvmalloc_node+0x1f0/0x4d0 [ 1919.450498][ T6076] kvmalloc_node+0x1f0/0x4d0 [ 1919.455034][ T6076] ? vm_mmap+0xb0/0xb0 [ 1919.458999][ T6076] ? __kasan_kmalloc+0x9/0x10 [ 1919.463514][ T6076] ? kmem_cache_alloc_trace+0x115/0x210 [ 1919.468892][ T6076] ? alloc_fdtable+0xaf/0x2a0 [ 1919.473411][ T6076] alloc_fdtable+0x163/0x2a0 [ 1919.477837][ T6076] dup_fd+0x759/0xb00 [ 1919.481648][ T6076] ? avc_has_perm+0x16f/0x260 [ 1919.486273][ T6076] copy_files+0xe6/0x200 [ 1919.490340][ T6076] ? perf_event_attrs+0x30/0x30 [ 1919.495029][ T6076] ? dup_task_struct+0xc60/0xc60 [ 1919.499900][ T6076] ? security_task_alloc+0xf9/0x130 [ 1919.505095][ T6076] copy_process+0x1080/0x3290 [ 1919.509616][ T6076] ? proc_fail_nth_write+0x20b/0x290 [ 1919.514733][ T6076] ? fsnotify_perm+0x6a/0x5d0 [ 1919.519516][ T6076] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1919.524451][ T6076] ? vfs_write+0x9ec/0x1110 [ 1919.528796][ T6076] kernel_clone+0x21e/0x9e0 [ 1919.533149][ T6076] ? file_end_write+0x1c0/0x1c0 [ 1919.537819][ T6076] ? create_io_thread+0x1e0/0x1e0 [ 1919.542682][ T6076] ? mutex_unlock+0xb2/0x260 [ 1919.547108][ T6076] ? __mutex_lock_slowpath+0x10/0x10 [ 1919.552228][ T6076] __x64_sys_clone+0x23f/0x290 [ 1919.556827][ T6076] ? __do_sys_vfork+0x130/0x130 [ 1919.561518][ T6076] ? ksys_write+0x260/0x2c0 [ 1919.565856][ T6076] ? debug_smp_processor_id+0x17/0x20 [ 1919.571059][ T6076] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1919.576965][ T6076] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1919.582430][ T6076] do_syscall_64+0x3d/0xb0 [ 1919.586686][ T6076] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1919.592413][ T6076] RIP: 0033:0x7f895df3fda9 [ 1919.596661][ T6076] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:48 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x94, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x1e, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x94, 0x94, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xea}}, @enum={0x10, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xcc}, {0xd, 0x1}, {0x10, 0x3f}, {0x0, 0x2}]}, @union={0xa, 0x1, 0x0, 0x5, 0x1, 0x8000, [{0x0, 0x2, 0x2}]}, @var={0xf, 0x0, 0x0, 0xe, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x23, 0x0, 0x1a, 0x2}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x4, [{0xa, 0x1, 0x24aa}]}]}, {0x0, [0x7f, 0x61]}}, &(0x7f0000000480)=""/220, 0xb0, 0xdc, 0x1, 0x1}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000004000000000018010000202070250000000000202020630af8ff00000000bda106000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7e5ffffff00000085000000050000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x9, &(0x7f0000002740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, [@generic={0xd2, 0x5, 0xe, 0x3, 0x4}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @tail_call, @ldst={0x1, 0x0, 0x1, 0x3, 0x0, 0xc, 0x8}, @ldst={0x1, 0x1, 0x3, 0x6, 0xc, 0xffffffffffffffe0, 0xfffffffffffffff0}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2c, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1}, 0x90) (async, rerun: 64) r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) (async, rerun: 32) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x23}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2}, 0x90) (async, rerun: 32) r7 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x4110e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200000, 0x0, 0x0, 0x3, 0x10000, 0x20}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x8) (async) r8 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) (async) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) (async) ioctl$SIOCSIFHWADDR(r9, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) sendmsg$unix(r6, &(0x7f0000000a80)={&(0x7f0000000780)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000001500)="33edba817e4af0c6339314be737317b2a6008b9cd658b146ebc8d1fa9b21089c79e9a19cf7c13828c5485a28359c011f212dce746a4937c546867cde06309570001272d3cca2b5dcece9a9aba1a3567950d9d06fd840a4e6fc36f66cde3386ae301d1111be7707f1a0627057c79072ac26fc3bbbaadd25ea3bf9fd034d1246c6de59ca9612cea25c2931c97bb1267263110d4f408c07e3886fc2c079e93cbeeb2d20e1656cc6e188ce84b175971c51f9bbf4f0bf5798b30cd99b7f0f895923cb50890625cf57bd7831b9f0c7f6d89899e1247774531d709dfe2cfc3757fc33e6da064244cf85cc0363f1d23515d70e638cd952d3e9dadd035e161eaba5ffb21585cb1a7ec31b0ec5d918ea2c9c16142090db90d972f1dbfc500b8bafadcfb58bbe14dd6647f914c85ebcb7737eef7cae3ee70793e9a8017350e42e2df1cce3c7aefe6ba14690d7ac281da4575411de84141c1088ddf359eb3ca1d1a21b7cb6b4a7f7869f74f8cacd599e585e13b2d7435cc87a7f8c170bfd2d073337b8e2000f9e79dbec383381fadac20b6d260b7b702da5f5f4b01ca3a3f95e92905662d9fa690d0806ffbbbaf68c1323a0869e1a7099d0c59db9a6e006c5a8520314d129c06e608195d668d6ea6cd847fa0fa2573179076b338021dccbf9e24a84913c4d7ac1d192742698e7647bbb4372cb328460115338091ac6465dcef4f68b79ec7e394cc2acb786ce5378520787f80e81de019400959700f614951c278c702dd54e70e232ee9c2a06e4875caf201433ffaea4fdbc6299dfd55030bd4f82d596fc3e11ec99518070b30539679314ab1733aeeb2a7c76c7a228ea142d9589c367934d1271cf9e8fd2ceba8c7f505f4415332f5db432945df7263eb6962a99f4801b4e502cfd647241c43fd045882f68d3b902213d6cee463570f8c78056a1119dbb7b7b829f79c19766f9908da2093334acdb2ad4397ce046a3a2b62c828002d40d4d4a8dabe18314c098806935ff1a93867d4fbcaa1c2c72fc5312e369db940c5668358a439e7d01227e05fdc35efcaa04a05f8710121e7c092056263c352dae8a1eb280f3b9a5d0fc4f15e27f6a8ea7cbe5392e3c8204503ada2c13d2171052324c2f8b9a2564efbe6f464f0def8349c56e309559a742ba9aa4e2b459e6781066e588ab3f01311eabd9b3228f8497aca45fcbeb3e6d3b5a4db66350863fb9abc94833b644fb39e3b0edc42d17c125d97bb4deee02a81080aecb0a980bff0c14cbbeed719298dc560bee9c724e9d18e4fcc98d3733914d1a42378fb474b62135b681b120a90e34d70d1c21e525aef5237c408f98932857b4f15135315e4525b0eb6182215ad9f1d91171fb5585e093b4ab50aa12082a6d9a1fbdc6889c6cb8fd94961bc89896545ff3f62ed4eed6029f88c695db80384e9aa4c677638f54b45e83fe096c8f1711da3600ac6a4addbccbc8fab8824690734bb00214be34837e5fd08b5499afd2596c272446055acd26b2aa63c636f6cda685cb896828999181bf963f300127cecedaa2fe209ef7cbb2aa95c7f7dce3491bf76509a7a8181afe832adeac8e97f6f309aec5096bd77f4e3a8acbdc344bdcfb30f8460aecb988effb28ec9611dc9fd217653627bab81f320bc270bcaad32c78b2a63cacecf4233414230db62689b40101207c9f23c920cd54e3a1ab2d9770b05dc22149b66ee91589718eb15f3723fb266e7ed18591a25b59e04816b5b6b7d11717c70726ef7a61af03fc7da7777a6c32d9f0034fb805407200b6d388b7dfccc458bb7785750074bd1a0449355541cfb49435531a6dc389613aadd343e96f5eb47cec2c2eea4cb1c91913876363c9a533e4316b49bd4e1705dd1f48feb5db4455c03907afe1efda7c1bdfee09d474cec903d0872c86953c855ff5c74114454ad7faf8255cd324793dc94748ea96881918467beb2712a7c2c969640ce9109b472de3dad9db82e8d18087b9567659afcbba9f3e9617db3cd1b46a5881efb81e596dbb47ea81a0313099f14b1bfcab044b248b5a5e3c718bd0d874eef9f593c50e4fb884cc266382cb979d1658f028d154614b864e617894c2913d4f7cb30747a3aaf17916dc859eb72617cdb9a84e930edd06b43a56c3075e5d799034b139c595ae6a69a57805d93bf7f3b1d77c96ecb6d9e179a09d336b23f0feaa9cdc5eacf6c006c967b25f927474c2bdcf2e1cda4870267842b20f7e015d1ac326908ed164c5f1aab908b6764cab9bf9e8e0950a3b384cee0ef686e38f6243b1bb6e41230f738f7b3416813bf4bf8468615658252080d7a7636f398ff0423782ca8e7b09d4ca1b5b3920aa91069255bdfebbbb6a086e522ae033a9a99a7be34df04d430034964408662fa95dfc67f49a5aa8bd86f9fc6cdbe6e24c53dbc660e828fe45c7fcb02d330277576f0ffbb7207c90eb87cebc15c1efa3a5b1bd56627a4aa3cc24014ca8557308e96790eb7dd4605953da5f09e01933cffcb8aa7996d4788dd4c745b519b2a12e7af71c816b2fb7bd653ac7b52a098d6e98d32e1e999fdf6eed464978fb2b2f0f8649f4957faf09d4ff59d2653ed84ff855bbeb54bcd87386e5edf160382d9f312c702d0459976b9d0afa033eb5f5fa710ef6e84c626e829fbf62ce93f3c37383f7faa1aa668ce610b011d8a3a8e395a1da0a9c2f6d57ac4ac6b7da9d6d04d64dbbeb590955bfe52d58203db9fb87a5f76fc197e4b29dbcb497ffbfc8a85ad9c1238326b65bd257c5c212c93867cb35edc5e5e25b5cbbdb6eee085ef4f59138b906c690a50ea8d3be875fe0432c195b141e19397860c3098d2c33b4b297ee9d728c7731440fb9f0a45298dea18a3e6d4f45ba1cfa43ffc41978ac471b50ca9ad4002c519bc5b1d024911febd10f78ee12ba4ad0907064244b82748a7f39f730f0f0646acb35f190083f41a894ff4a8ca8a449da32e4fb63111ba303c4df55b4d4970ce103227681c119f4caf715728363388bcea7958d48a463a0a96da85a6dff4a49eedbfd39eb198b763bb00c9460a6ef1bea9f54036944bda7d1df6c1095f5344e7f5fec3d85c8240f270016afb6e6ccbd4973cd7b5074febce62e64b4905b6dbb6d32de9a7e51bed2380cb6b65060a4b2e56967164099e9d18558b39be2b729baa566c4be1234940f88369b58017249f708c827d8374ec75c29fb9e653a06a625ab8e355e7fc4f735a107dc7722471b26f21592000734a4872e22aaf16e16ac412210959da782a071a9b4f736ace627dcf3b184edb016ec8ed0180511ef4581c94687b1ecf510d251309f41299ad6a1aebacd4580945c2c418e50ea7352760f343457074555b6eb7bace4dd1224b08d418678d89a0356885fa9e4a9b6a1fd5b540d39d64c4baedf2a55d47735c906d37868877bdca7d960d5ef37db3ca3e7efe4b0694e5ed7689e900d10b7bc09ebb020a23b385fc46bb616705f2eb5e0e357f9c1a30a38195a6f02fb9c245e259f525507cfa1603a3eb38d662bcf2a3a475a455c4cf64e27f1abc2752e3c493dbcc1c5e913be7009d9eb6eacf53a72a6bc5da3015e880d068f6f04162482445da9c83d095e2cf11217c4b7fe4a61b63845ca42dd4de7eac5c9466dc095eedfdf33fc8e9d7ecc700c968aff659e462ff0b3adb881015a58ab3875ccd1fd3160260e5ebb42a64bbb7a22438704c88ddf9b274dd3f3ca873624e7f50be3198e57c298302b2e7756cb5fcd633396fdae78e625dddedd4b2aa8bf95767331b85c97c85c482ce57e9efb97ce2269aa8fcba826ba6a3e449d780be4e71a086aef8168e44830c9179565b26ff30ca254ec656c91a0f79224c4b2ba21dd5f810d85d2b218196f25a0573053dc7dfa1970a3f6915e70e8413105098d79c6b5ef3d72c030d0296345e4b0505f93e4987ca1e23ed23f720a4025d55044392ee8136fc2a4f158727aa716ced9d882054c56337ad9139fca653570e8f8ab43d1eafcc3b500b117ddf7afab44642883ae9bccc67331d09708eea1f5613ddfa4a0a5123501f647a13aaab581a9d991a773959fc770626c67cd330a4a7804ca807157e58ee140b026b74e3fe885ca8e6bc96e232e8d0afc6e6eda523cc315fe4eff3f0ce78d345b5f0e01d0906239dabfab23478c36ca4cdd4a258eb4966a930b6a1f5309ecb8667ec768250c8a1d0d681129a9585462d4def37c64211edbbb695b6eb88632fe8a1d1ee17d0afc5fb510a93d0966b63c73af736e7d5f77a37c02bca850ede7d9bf9731e951c8ace1b166da9ba42619af6417bf0d13af330f28c73174a58d599e47bdef92ad7c5e3514b0ef4458739d7885d5b06c3b4a2106f333f20747f257d8feb2f2206d05124832e9f75e502893df3af9712253fca1928c192e7011fb03bd6e8c59ced7b4b4d247b8900f520870739d04ffddac130ab6df211677abc34ab4bf152f0a3d68766917e14429562fef9778f5f0f92b8dd0708f58b1372eb91c6de9306afd78d109342195d8ffa4aa2dbc240f0cc783d1ebbae5133477f544be97f15a3b066834ff52e4b64ff2231b96cc548dcb9b5bef93c042f45d1c0cc2e6ac246c0f1fabdb78ea3a89cc8e04b635aae5affafdbec934a51e4a871d6ec1c34e04cff89f53fbfd723b4a242553dfb990ff7902702eee41b7c69881e20593a78193ac478925a915e57f1cd4d4c992f2c630e7b482b7722e1856f2107151de4550909e44d50d927b75e2702e0b77ebe8e8376f9b3351720e9fc2f99ee79cc3e8c3af645db607044c012570b2ab12f339d5fce19799f3ac05f90b75a1a37e15ac62cc0f7ea7f37aede239e56d6caa259c5e548a7b647a256121ade8cc41ec0b30a1ae56eca0a56ff2f8f33ef47efea2eaec04f11e0cf3d90fe9d9c13beb34a6a1745e5fbac1482dab7c6158a9d33f66a72afebe8d4650e039cad2560e3581055b47f30bdb0b83e1b9212b0b63804b99cde31a9347625c6ff077383ac8d97692ea9109f4b0cb8d20020f65c96ecea9a58c0f2b4ff58653ea66917ea66a772e3f981f0ec7e2277cb80c4e20d7c22a3a5af67c608728abab4384d04fda8b8d5afb907de34ec9328cb4d1e428003019d7081ab9ff040cc1358436f7779f187ff95fc5a8806959ecfcfe54bf059c94430db5724cda6f7270663a1475c957e558396c928192ec73441651e119aafbbafa171c8d32377c7cb9f11580e1162becb55e01fe9b1047aae96a8d6e940ba5471c6980ea6b9b2078409d47027e1222af0579016059795dc0f5c0a7ac56a26ad08ef3a4193f785e3c66d552e38b9d78d054978a1b67402ec9cbaec64a51ac16806465709cd43ce40406995451497add43923a6707b6148590bf3465a4120d11396d84a34e0fa015bb349c78dbe8239a416412683d7e6a66555dbb533c4b47ce988e93c50cecadd9623d160f784f437df4ceed21061ae96fa7d487242dbf591c698f4390a5762cdd4c88fbc15af02eaf1d9fdb9a561f88f8a460bd33f772419cc46b5fb2efc52282d987db3eb61a58877f9ad6b53706f822f9971a7b2093919d2bafea2c32c269476e2bb64569380cba6c0cd85c6c1dd07c52894c6c8a6351453664a147ea350bab7bfc5b782c308daa8ce3df514399cff8d77f45ea4827efc4cec2f8b3d65c3a10f7b3a2c5a1b7cc430e4fa3a007e64ff60530e0c2351c700be57b7a34e870f1bb9244f00fe8f73a78586c6f96124b2a2985a9768b4c45886e5c413525540ba832918399434e7dd349fc6d132618ad6e5ad7046148f53c41cc6d80cab9923c3df7aca63df51d0ea155", 0x1000}, {&(0x7f0000000800)="ef0cfff788e5e61ed031a35ba7fe3f68ba0521ae30d20343789c65f922f5df222d21ae6adda8d9a8fed0bfb99d7ec74568aa826e7e7ff84a23c57618ac13f3abf7d1fd8c04a9563fe88dd6f21ab1baf5cc31978d21cea4da9e4c6f6e1c2a85aa7ba916113379fadf882992383cd44415f2156c22dd3e880e836401026ac42fc466f06a9f649878fab03832cd22ed9999529e1e", 0x93}, {&(0x7f0000000980)="3dba595f117fd41d9b2f8b35696b30d23e62cbb1f64560a44c485dc0447d79cff8b79ca4fcd15ea3f39c8194c1ec5901ae6ca36922f078095f673774d542957fcd686828522b459af1e7a4d7f0122d65910baac1ac5645d493b5122005", 0x5d}, {&(0x7f00000006c0)="d26a06c35b6d8846c92521ba6a8a30c349e3fc8f7e3a7019ab819e3938a76f70", 0x20}, {&(0x7f00000008c0)="ef0668e78aa976328f7a82703cc2c42611455283e7f359fa01903083e614e9c4dc3a4b866e0d45b13aa7b8b7e47fd7ef42bf66b837d053e6e89edbfce71a07", 0x3f}], 0x5, 0x0, 0x0, 0x200040c0}, 0x40000881) (async, rerun: 64) recvmsg$unix(r10, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)=ANY=[@ANYRESDEC=r9, @ANYRES8, @ANYRES16, @ANYRES16=r7, @ANYRES32, @ANYRES32, @ANYRES8=r2, @ANYRESDEC, @ANYRES8, @ANYBLOB="00000000000000c6aef3747208a56ea1ecd990672b4ec7f7929ecac656ef9c85d1d07689adae4c1009bcc55d24b1f9a559531f14dc5c4d1ccad45e4f980cce9efedd160abfedf9623ecdec24ff0b3d84550f59da56a0c7a6ac12c7607d2cc231f254916e09c3e2ff19ab9c17d0011dce7902e8c025e376decbafd0859ed601ee8d44ac904672b16e79f61aa8ce0dcaded63e005a18e94a4c8e62bff6080079ddd3e096fb0f37966a7bbc4089b262bb404a54bf59106453d77afc6a0aed945d", @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX=r3, @ANYRESDEC=r11], 0xb8}, 0x40002000) (rerun: 64) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r6, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0, 0x0], 0x0, 0x8f, &(0x7f00000002c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xe2, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x1, 0x16, &(0x7f0000002640)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095db17fa9aee9400000000000000185900000800000000000000000000005d04f4fefcffffff18000000060d0000f6660000040000000000000002000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000000029e46a258f5c284b494fc0f0c93dc1a4d8c20fa9e329021753e7b8a839775cdf0e6a"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0xa7, &(0x7f0000000c40)=""/167, 0x41000, 0x40, '\x00', r12, 0x1a, r9, 0x8, &(0x7f0000000b40)={0x6}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x7, &(0x7f0000000d40)=[r8, r9, r9, 0xffffffffffffffff], &(0x7f0000000b80)=[{0x0, 0x4, 0xb, 0xb}, {0x3, 0x1, 0xb}, {0x1, 0x5, 0x6, 0xb}, {0x1, 0x1, 0x1, 0xb}, {0x3, 0x4, 0x5}, {0x2, 0x4, 0x7, 0x1}, {0x0, 0x5, 0x1f, 0x2}], 0x10, 0x3}, 0x90) (async) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000680), 0x8) r15 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x3, 0x0, 0xcfd, 0x802, 0xffffffffffffffff, 0x43c8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0x5}, 0x48) (async) r16 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0x13, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, {}, {}, [@map_idx={0x18, 0x0, 0x5, 0x0, 0x4}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0xb8, 0xd5, &(0x7f0000000500)=""/213, 0x40f00, 0x20, '\x00', r12, 0x18, r5, 0x8, &(0x7f0000000600)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0xd, 0x9, 0x44f7}, 0x10, r13, r4, 0x4, &(0x7f00000007c0)=[r14, 0xffffffffffffffff, r3, r15, r16], &(0x7f0000000800)=[{0x5, 0x2, 0x6, 0x1337abf97682a554}, {0x1, 0x3, 0xb, 0x3}, {0x3, 0x4000001, 0xc, 0x6}, {0x6, 0x2, 0x7, 0xc}], 0x10, 0x1f}, 0x90) (async) r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r17, 0x40082406, &(0x7f0000000040)='}\x00') (async) perf_event_open$cgroup(&(0x7f0000000600)={0x0, 0x80, 0x99, 0x5, 0x3, 0x9, 0x0, 0x7fff, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x2, 0x1, 0x1, 0xffffffff, 0x5, 0xfff9, 0x0, 0x8000, 0x0, 0x80}, r17, 0x7, 0xffffffffffffffff, 0xf) (async) r18 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@o_path={&(0x7f0000000640)='./file0\x00', 0x0, 0x10}, 0x18) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0}, 0x38) (async, rerun: 32) r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x1, 0x8}, 0xc) (rerun: 32) r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000003000000000000000600000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000c3000000bf0900000000000055a7bb294e94444e099d0c4e0dad720901000000000095000000000000008520000002000000bf91000000000000b7020000000000008500000084000000b700"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0xa1, '\x00', r0, 0x1d, r2, 0x8, &(0x7f00000005c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000600)={0x5, 0x1, 0x688}, 0x10, r13, r17, 0x4, &(0x7f0000000780)=[r18, 0xffffffffffffffff, r19, r20], &(0x7f00000007c0)=[{0x1, 0x5, 0xb, 0xc}, {0x5, 0x4, 0x1, 0x8}, {0x3, 0x1, 0x8, 0x6}, {0x1, 0x3, 0x9, 0x4}], 0x10, 0x3}, 0x90) (async) r21 = syz_clone(0x12000000, 0x0, 0xfffffffffffffcd2, 0x0, 0x0, 0x0) sendmsg$unix(r5, &(0x7f0000000f80)={&(0x7f00000010c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000001140)="b9e7c5173f0b822f59ca93ff6796298841850f95fff117faac94b2886abacb722b909bb7521256eb70ea99789d8ee4898a5be4ac921c5c6f7b105a2749f38d276420568b81fa4dd4fdc5", 0x4a}, {&(0x7f0000000b00)="1b0610d3b62c3a4c3d9ebf2b813a7b", 0xf}, {&(0x7f00000011c0)="437693d8c6fc5e1633ec68ffbd29ee09552df43bd348e1e89f2dd4260587fe47b66669b8cc9bcbe0214961d6a69ec8cf864d84f6a5eb55be192b3cd726b8829c152f6b50a8228cac7a55b54415d776fc57ec6b24680296a720ca16b2fd420b0f9a23d7bc73427192f57b2d144df33a74f1f1bc0d38bd178b78fc7ee97336b27fd6a1f8ce8a28898ca73cf693f9b07fa85c7fa72337554085cc7ba2271e27ae8323de0e1c73e0bbb311d0ca9eeacfcc4e4722c4fa639b8f24e29d15141ef51259fab017bda2c6", 0xc6}, {&(0x7f0000000c00)="4f87a82eeb6c297b306467b4954a1087", 0x10}, {&(0x7f00000012c0)="548fba1a4cda9b7304cb679d76c08e9c4131cb24cd6f25ca129f473c6e569ae0528b29dd4c1bc6a72ef7278d5d3c06082745152ac5e8281aa5a3569e6c13bedaaee04bfbbcbd7805ac048d7a9d9cbc604eaed693f4439862d7ea6ac63b5f73dc30da1ade9babb98c48f516a67a75b9f72556918954b42a323c9e1c4b3f2974da6a82bb0bce8fccf44888b33ecb7f9bbd1734b77121f23db0d699f5b0ff18b6051edd7e838238d158b656b1b13c83f970324c549ba6476155c586d5d72245ccddda244d8232486176807fa9c12ee8f3682fb3de7a55b85a5cc59e74f6", 0xdc}, {&(0x7f00000013c0)="896331542819c4d1d969b9e31dc3628647704784b539c52483903018e693c97a4179045e3dff20c0c96a81644abf7536588995b472997d18af12653e696dfce43185cbf416ddb5343d091e21779639e99947e9b4b21fd12a5ca61f0f213af1ee8f73e21187555683e06db7fa420e56ad37773cc4d58617a22497c860fdf5adf6e3aa423bfdf8149a24e3d1373fc3015455eb4ce12ab152d7f4d88593d6d1fcaf3561e51dd4ffe78cf12f9ab45038a7283204598c1139c3ca9f3c2971526ca0a6a145167b6ed78aab0a4ca17916fa61", 0xcf}, {&(0x7f0000002500)="e7ad05d1072e77440c15cadc795a2028b5e96acb129809785133502dd789e2b55021a56e9e6dca781727ca8c449af0aa3ac3799e2d75ce9f37316a7115ad1d7c9ea6451ad6d2099681445b1a414cfa7d23c65b573293aeab19bcbf228a5d74f1f9acbbbda644f71eab0731c6629d54803719d751a89a8c8fce185039379ace00511a3b38a2af97d898420415ab4e088e5942af63368fcd2259271f71c2991d7adf0c8cb7", 0xa4}], 0x7, &(0x7f0000000d00)=[@cred={{0x1c, 0x1, 0x2, {r21, 0xee00}}}], 0x20, 0x20000004}, 0x20004000) 14:13:48 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) [ 1919.616101][ T6076] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1919.624346][ T6076] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1919.632153][ T6076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1919.639967][ T6076] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1919.647787][ T6076] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1919.655590][ T6076] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1919.663405][ T6076] [ 1919.704199][ T6084] FAULT_INJECTION: forcing a failure. [ 1919.704199][ T6084] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1919.717421][ T6084] CPU: 0 PID: 6084 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1919.727477][ T6084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1919.737380][ T6084] Call Trace: [ 1919.740494][ T6084] [ 1919.743278][ T6084] dump_stack_lvl+0x151/0x1b7 [ 1919.747873][ T6084] ? io_uring_drop_tctx_refs+0x190/0x190 14:13:48 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x94, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x1e, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x94, 0x94, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xea}}, @enum={0x10, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xcc}, {0xd, 0x1}, {0x10, 0x3f}, {0x0, 0x2}]}, @union={0xa, 0x1, 0x0, 0x5, 0x1, 0x8000, [{0x0, 0x2, 0x2}]}, @var={0xf, 0x0, 0x0, 0xe, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x23, 0x0, 0x1a, 0x2}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x4, [{0xa, 0x1, 0x24aa}]}]}, {0x0, [0x7f, 0x61]}}, &(0x7f0000000480)=""/220, 0xb0, 0xdc, 0x1, 0x1}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000004000000000018010000202070250000000000202020630af8ff00000000bda106000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7e5ffffff00000085000000050000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x9, &(0x7f0000002740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, [@generic={0xd2, 0x5, 0xe, 0x3, 0x4}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @tail_call, @ldst={0x1, 0x0, 0x1, 0x3, 0x0, 0xc, 0x8}, @ldst={0x1, 0x1, 0x3, 0x6, 0xc, 0xffffffffffffffe0, 0xfffffffffffffff0}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2c, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1}, 0x90) (async) r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x23}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2}, 0x90) r7 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x4110e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200000, 0x0, 0x0, 0x3, 0x10000, 0x20}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x8) (async) r8 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) (async) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r9) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) (async) ioctl$SIOCSIFHWADDR(r9, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) sendmsg$unix(r6, &(0x7f0000000a80)={&(0x7f0000000780)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000001500)="33edba817e4af0c6339314be737317b2a6008b9cd658b146ebc8d1fa9b21089c79e9a19cf7c13828c5485a28359c011f212dce746a4937c546867cde06309570001272d3cca2b5dcece9a9aba1a3567950d9d06fd840a4e6fc36f66cde3386ae301d1111be7707f1a0627057c79072ac26fc3bbbaadd25ea3bf9fd034d1246c6de59ca9612cea25c2931c97bb1267263110d4f408c07e3886fc2c079e93cbeeb2d20e1656cc6e188ce84b175971c51f9bbf4f0bf5798b30cd99b7f0f895923cb50890625cf57bd7831b9f0c7f6d89899e1247774531d709dfe2cfc3757fc33e6da064244cf85cc0363f1d23515d70e638cd952d3e9dadd035e161eaba5ffb21585cb1a7ec31b0ec5d918ea2c9c16142090db90d972f1dbfc500b8bafadcfb58bbe14dd6647f914c85ebcb7737eef7cae3ee70793e9a8017350e42e2df1cce3c7aefe6ba14690d7ac281da4575411de84141c1088ddf359eb3ca1d1a21b7cb6b4a7f7869f74f8cacd599e585e13b2d7435cc87a7f8c170bfd2d073337b8e2000f9e79dbec383381fadac20b6d260b7b702da5f5f4b01ca3a3f95e92905662d9fa690d0806ffbbbaf68c1323a0869e1a7099d0c59db9a6e006c5a8520314d129c06e608195d668d6ea6cd847fa0fa2573179076b338021dccbf9e24a84913c4d7ac1d192742698e7647bbb4372cb328460115338091ac6465dcef4f68b79ec7e394cc2acb786ce5378520787f80e81de019400959700f614951c278c702dd54e70e232ee9c2a06e4875caf201433ffaea4fdbc6299dfd55030bd4f82d596fc3e11ec99518070b30539679314ab1733aeeb2a7c76c7a228ea142d9589c367934d1271cf9e8fd2ceba8c7f505f4415332f5db432945df7263eb6962a99f4801b4e502cfd647241c43fd045882f68d3b902213d6cee463570f8c78056a1119dbb7b7b829f79c19766f9908da2093334acdb2ad4397ce046a3a2b62c828002d40d4d4a8dabe18314c098806935ff1a93867d4fbcaa1c2c72fc5312e369db940c5668358a439e7d01227e05fdc35efcaa04a05f8710121e7c092056263c352dae8a1eb280f3b9a5d0fc4f15e27f6a8ea7cbe5392e3c8204503ada2c13d2171052324c2f8b9a2564efbe6f464f0def8349c56e309559a742ba9aa4e2b459e6781066e588ab3f01311eabd9b3228f8497aca45fcbeb3e6d3b5a4db66350863fb9abc94833b644fb39e3b0edc42d17c125d97bb4deee02a81080aecb0a980bff0c14cbbeed719298dc560bee9c724e9d18e4fcc98d3733914d1a42378fb474b62135b681b120a90e34d70d1c21e525aef5237c408f98932857b4f15135315e4525b0eb6182215ad9f1d91171fb5585e093b4ab50aa12082a6d9a1fbdc6889c6cb8fd94961bc89896545ff3f62ed4eed6029f88c695db80384e9aa4c677638f54b45e83fe096c8f1711da3600ac6a4addbccbc8fab8824690734bb00214be34837e5fd08b5499afd2596c272446055acd26b2aa63c636f6cda685cb896828999181bf963f300127cecedaa2fe209ef7cbb2aa95c7f7dce3491bf76509a7a8181afe832adeac8e97f6f309aec5096bd77f4e3a8acbdc344bdcfb30f8460aecb988effb28ec9611dc9fd217653627bab81f320bc270bcaad32c78b2a63cacecf4233414230db62689b40101207c9f23c920cd54e3a1ab2d9770b05dc22149b66ee91589718eb15f3723fb266e7ed18591a25b59e04816b5b6b7d11717c70726ef7a61af03fc7da7777a6c32d9f0034fb805407200b6d388b7dfccc458bb7785750074bd1a0449355541cfb49435531a6dc389613aadd343e96f5eb47cec2c2eea4cb1c91913876363c9a533e4316b49bd4e1705dd1f48feb5db4455c03907afe1efda7c1bdfee09d474cec903d0872c86953c855ff5c74114454ad7faf8255cd324793dc94748ea96881918467beb2712a7c2c969640ce9109b472de3dad9db82e8d18087b9567659afcbba9f3e9617db3cd1b46a5881efb81e596dbb47ea81a0313099f14b1bfcab044b248b5a5e3c718bd0d874eef9f593c50e4fb884cc266382cb979d1658f028d154614b864e617894c2913d4f7cb30747a3aaf17916dc859eb72617cdb9a84e930edd06b43a56c3075e5d799034b139c595ae6a69a57805d93bf7f3b1d77c96ecb6d9e179a09d336b23f0feaa9cdc5eacf6c006c967b25f927474c2bdcf2e1cda4870267842b20f7e015d1ac326908ed164c5f1aab908b6764cab9bf9e8e0950a3b384cee0ef686e38f6243b1bb6e41230f738f7b3416813bf4bf8468615658252080d7a7636f398ff0423782ca8e7b09d4ca1b5b3920aa91069255bdfebbbb6a086e522ae033a9a99a7be34df04d430034964408662fa95dfc67f49a5aa8bd86f9fc6cdbe6e24c53dbc660e828fe45c7fcb02d330277576f0ffbb7207c90eb87cebc15c1efa3a5b1bd56627a4aa3cc24014ca8557308e96790eb7dd4605953da5f09e01933cffcb8aa7996d4788dd4c745b519b2a12e7af71c816b2fb7bd653ac7b52a098d6e98d32e1e999fdf6eed464978fb2b2f0f8649f4957faf09d4ff59d2653ed84ff855bbeb54bcd87386e5edf160382d9f312c702d0459976b9d0afa033eb5f5fa710ef6e84c626e829fbf62ce93f3c37383f7faa1aa668ce610b011d8a3a8e395a1da0a9c2f6d57ac4ac6b7da9d6d04d64dbbeb590955bfe52d58203db9fb87a5f76fc197e4b29dbcb497ffbfc8a85ad9c1238326b65bd257c5c212c93867cb35edc5e5e25b5cbbdb6eee085ef4f59138b906c690a50ea8d3be875fe0432c195b141e19397860c3098d2c33b4b297ee9d728c7731440fb9f0a45298dea18a3e6d4f45ba1cfa43ffc41978ac471b50ca9ad4002c519bc5b1d024911febd10f78ee12ba4ad0907064244b82748a7f39f730f0f0646acb35f190083f41a894ff4a8ca8a449da32e4fb63111ba303c4df55b4d4970ce103227681c119f4caf715728363388bcea7958d48a463a0a96da85a6dff4a49eedbfd39eb198b763bb00c9460a6ef1bea9f54036944bda7d1df6c1095f5344e7f5fec3d85c8240f270016afb6e6ccbd4973cd7b5074febce62e64b4905b6dbb6d32de9a7e51bed2380cb6b65060a4b2e56967164099e9d18558b39be2b729baa566c4be1234940f88369b58017249f708c827d8374ec75c29fb9e653a06a625ab8e355e7fc4f735a107dc7722471b26f21592000734a4872e22aaf16e16ac412210959da782a071a9b4f736ace627dcf3b184edb016ec8ed0180511ef4581c94687b1ecf510d251309f41299ad6a1aebacd4580945c2c418e50ea7352760f343457074555b6eb7bace4dd1224b08d418678d89a0356885fa9e4a9b6a1fd5b540d39d64c4baedf2a55d47735c906d37868877bdca7d960d5ef37db3ca3e7efe4b0694e5ed7689e900d10b7bc09ebb020a23b385fc46bb616705f2eb5e0e357f9c1a30a38195a6f02fb9c245e259f525507cfa1603a3eb38d662bcf2a3a475a455c4cf64e27f1abc2752e3c493dbcc1c5e913be7009d9eb6eacf53a72a6bc5da3015e880d068f6f04162482445da9c83d095e2cf11217c4b7fe4a61b63845ca42dd4de7eac5c9466dc095eedfdf33fc8e9d7ecc700c968aff659e462ff0b3adb881015a58ab3875ccd1fd3160260e5ebb42a64bbb7a22438704c88ddf9b274dd3f3ca873624e7f50be3198e57c298302b2e7756cb5fcd633396fdae78e625dddedd4b2aa8bf95767331b85c97c85c482ce57e9efb97ce2269aa8fcba826ba6a3e449d780be4e71a086aef8168e44830c9179565b26ff30ca254ec656c91a0f79224c4b2ba21dd5f810d85d2b218196f25a0573053dc7dfa1970a3f6915e70e8413105098d79c6b5ef3d72c030d0296345e4b0505f93e4987ca1e23ed23f720a4025d55044392ee8136fc2a4f158727aa716ced9d882054c56337ad9139fca653570e8f8ab43d1eafcc3b500b117ddf7afab44642883ae9bccc67331d09708eea1f5613ddfa4a0a5123501f647a13aaab581a9d991a773959fc770626c67cd330a4a7804ca807157e58ee140b026b74e3fe885ca8e6bc96e232e8d0afc6e6eda523cc315fe4eff3f0ce78d345b5f0e01d0906239dabfab23478c36ca4cdd4a258eb4966a930b6a1f5309ecb8667ec768250c8a1d0d681129a9585462d4def37c64211edbbb695b6eb88632fe8a1d1ee17d0afc5fb510a93d0966b63c73af736e7d5f77a37c02bca850ede7d9bf9731e951c8ace1b166da9ba42619af6417bf0d13af330f28c73174a58d599e47bdef92ad7c5e3514b0ef4458739d7885d5b06c3b4a2106f333f20747f257d8feb2f2206d05124832e9f75e502893df3af9712253fca1928c192e7011fb03bd6e8c59ced7b4b4d247b8900f520870739d04ffddac130ab6df211677abc34ab4bf152f0a3d68766917e14429562fef9778f5f0f92b8dd0708f58b1372eb91c6de9306afd78d109342195d8ffa4aa2dbc240f0cc783d1ebbae5133477f544be97f15a3b066834ff52e4b64ff2231b96cc548dcb9b5bef93c042f45d1c0cc2e6ac246c0f1fabdb78ea3a89cc8e04b635aae5affafdbec934a51e4a871d6ec1c34e04cff89f53fbfd723b4a242553dfb990ff7902702eee41b7c69881e20593a78193ac478925a915e57f1cd4d4c992f2c630e7b482b7722e1856f2107151de4550909e44d50d927b75e2702e0b77ebe8e8376f9b3351720e9fc2f99ee79cc3e8c3af645db607044c012570b2ab12f339d5fce19799f3ac05f90b75a1a37e15ac62cc0f7ea7f37aede239e56d6caa259c5e548a7b647a256121ade8cc41ec0b30a1ae56eca0a56ff2f8f33ef47efea2eaec04f11e0cf3d90fe9d9c13beb34a6a1745e5fbac1482dab7c6158a9d33f66a72afebe8d4650e039cad2560e3581055b47f30bdb0b83e1b9212b0b63804b99cde31a9347625c6ff077383ac8d97692ea9109f4b0cb8d20020f65c96ecea9a58c0f2b4ff58653ea66917ea66a772e3f981f0ec7e2277cb80c4e20d7c22a3a5af67c608728abab4384d04fda8b8d5afb907de34ec9328cb4d1e428003019d7081ab9ff040cc1358436f7779f187ff95fc5a8806959ecfcfe54bf059c94430db5724cda6f7270663a1475c957e558396c928192ec73441651e119aafbbafa171c8d32377c7cb9f11580e1162becb55e01fe9b1047aae96a8d6e940ba5471c6980ea6b9b2078409d47027e1222af0579016059795dc0f5c0a7ac56a26ad08ef3a4193f785e3c66d552e38b9d78d054978a1b67402ec9cbaec64a51ac16806465709cd43ce40406995451497add43923a6707b6148590bf3465a4120d11396d84a34e0fa015bb349c78dbe8239a416412683d7e6a66555dbb533c4b47ce988e93c50cecadd9623d160f784f437df4ceed21061ae96fa7d487242dbf591c698f4390a5762cdd4c88fbc15af02eaf1d9fdb9a561f88f8a460bd33f772419cc46b5fb2efc52282d987db3eb61a58877f9ad6b53706f822f9971a7b2093919d2bafea2c32c269476e2bb64569380cba6c0cd85c6c1dd07c52894c6c8a6351453664a147ea350bab7bfc5b782c308daa8ce3df514399cff8d77f45ea4827efc4cec2f8b3d65c3a10f7b3a2c5a1b7cc430e4fa3a007e64ff60530e0c2351c700be57b7a34e870f1bb9244f00fe8f73a78586c6f96124b2a2985a9768b4c45886e5c413525540ba832918399434e7dd349fc6d132618ad6e5ad7046148f53c41cc6d80cab9923c3df7aca63df51d0ea155", 0x1000}, {&(0x7f0000000800)="ef0cfff788e5e61ed031a35ba7fe3f68ba0521ae30d20343789c65f922f5df222d21ae6adda8d9a8fed0bfb99d7ec74568aa826e7e7ff84a23c57618ac13f3abf7d1fd8c04a9563fe88dd6f21ab1baf5cc31978d21cea4da9e4c6f6e1c2a85aa7ba916113379fadf882992383cd44415f2156c22dd3e880e836401026ac42fc466f06a9f649878fab03832cd22ed9999529e1e", 0x93}, {&(0x7f0000000980)="3dba595f117fd41d9b2f8b35696b30d23e62cbb1f64560a44c485dc0447d79cff8b79ca4fcd15ea3f39c8194c1ec5901ae6ca36922f078095f673774d542957fcd686828522b459af1e7a4d7f0122d65910baac1ac5645d493b5122005", 0x5d}, {&(0x7f00000006c0)="d26a06c35b6d8846c92521ba6a8a30c349e3fc8f7e3a7019ab819e3938a76f70", 0x20}, {&(0x7f00000008c0)="ef0668e78aa976328f7a82703cc2c42611455283e7f359fa01903083e614e9c4dc3a4b866e0d45b13aa7b8b7e47fd7ef42bf66b837d053e6e89edbfce71a07", 0x3f}], 0x5, 0x0, 0x0, 0x200040c0}, 0x40000881) (async) recvmsg$unix(r10, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)=ANY=[@ANYRESDEC=r9, @ANYRES8, @ANYRES16, @ANYRES16=r7, @ANYRES32, @ANYRES32, @ANYRES8=r2, @ANYRESDEC, @ANYRES8, @ANYBLOB="00000000000000c6aef3747208a56ea1ecd990672b4ec7f7929ecac656ef9c85d1d07689adae4c1009bcc55d24b1f9a559531f14dc5c4d1ccad45e4f980cce9efedd160abfedf9623ecdec24ff0b3d84550f59da56a0c7a6ac12c7607d2cc231f254916e09c3e2ff19ab9c17d0011dce7902e8c025e376decbafd0859ed601ee8d44ac904672b16e79f61aa8ce0dcaded63e005a18e94a4c8e62bff6080079ddd3e096fb0f37966a7bbc4089b262bb404a54bf59106453d77afc6a0aed945d", @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX=r3, @ANYRESDEC=r11], 0xb8}, 0x40002000) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r6, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0, 0x0], 0x0, 0x8f, &(0x7f00000002c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xe2, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x1, 0x16, &(0x7f0000002640)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095db17fa9aee9400000000000000185900000800000000000000000000005d04f4fefcffffff18000000060d0000f6660000040000000000000002000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000000029e46a258f5c284b494fc0f0c93dc1a4d8c20fa9e329021753e7b8a839775cdf0e6a"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0xa7, &(0x7f0000000c40)=""/167, 0x41000, 0x40, '\x00', r12, 0x1a, r9, 0x8, &(0x7f0000000b40)={0x6}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x7, &(0x7f0000000d40)=[r8, r9, r9, 0xffffffffffffffff], &(0x7f0000000b80)=[{0x0, 0x4, 0xb, 0xb}, {0x3, 0x1, 0xb}, {0x1, 0x5, 0x6, 0xb}, {0x1, 0x1, 0x1, 0xb}, {0x3, 0x4, 0x5}, {0x2, 0x4, 0x7, 0x1}, {0x0, 0x5, 0x1f, 0x2}], 0x10, 0x3}, 0x90) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000680), 0x8) (async) r15 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x3, 0x0, 0xcfd, 0x802, 0xffffffffffffffff, 0x43c8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0x5}, 0x48) (async) r16 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0x13, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, {}, {}, [@map_idx={0x18, 0x0, 0x5, 0x0, 0x4}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0xb8, 0xd5, &(0x7f0000000500)=""/213, 0x40f00, 0x20, '\x00', r12, 0x18, r5, 0x8, &(0x7f0000000600)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0xd, 0x9, 0x44f7}, 0x10, r13, r4, 0x4, &(0x7f00000007c0)=[r14, 0xffffffffffffffff, r3, r15, r16], &(0x7f0000000800)=[{0x5, 0x2, 0x6, 0x1337abf97682a554}, {0x1, 0x3, 0xb, 0x3}, {0x3, 0x4000001, 0xc, 0x6}, {0x6, 0x2, 0x7, 0xc}], 0x10, 0x1f}, 0x90) (async) r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r17, 0x40082406, &(0x7f0000000040)='}\x00') (async) perf_event_open$cgroup(&(0x7f0000000600)={0x0, 0x80, 0x99, 0x5, 0x3, 0x9, 0x0, 0x7fff, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x2, 0x1, 0x1, 0xffffffff, 0x5, 0xfff9, 0x0, 0x8000, 0x0, 0x80}, r17, 0x7, 0xffffffffffffffff, 0xf) r18 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@o_path={&(0x7f0000000640)='./file0\x00', 0x0, 0x10}, 0x18) (async) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0}, 0x38) r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x1, 0x8}, 0xc) (async) r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000003000000000000000600000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000c3000000bf0900000000000055a7bb294e94444e099d0c4e0dad720901000000000095000000000000008520000002000000bf91000000000000b7020000000000008500000084000000b700"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0xa1, '\x00', r0, 0x1d, r2, 0x8, &(0x7f00000005c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000600)={0x5, 0x1, 0x688}, 0x10, r13, r17, 0x4, &(0x7f0000000780)=[r18, 0xffffffffffffffff, r19, r20], &(0x7f00000007c0)=[{0x1, 0x5, 0xb, 0xc}, {0x5, 0x4, 0x1, 0x8}, {0x3, 0x1, 0x8, 0x6}, {0x1, 0x3, 0x9, 0x4}], 0x10, 0x3}, 0x90) (async) r21 = syz_clone(0x12000000, 0x0, 0xfffffffffffffcd2, 0x0, 0x0, 0x0) sendmsg$unix(r5, &(0x7f0000000f80)={&(0x7f00000010c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000001140)="b9e7c5173f0b822f59ca93ff6796298841850f95fff117faac94b2886abacb722b909bb7521256eb70ea99789d8ee4898a5be4ac921c5c6f7b105a2749f38d276420568b81fa4dd4fdc5", 0x4a}, {&(0x7f0000000b00)="1b0610d3b62c3a4c3d9ebf2b813a7b", 0xf}, {&(0x7f00000011c0)="437693d8c6fc5e1633ec68ffbd29ee09552df43bd348e1e89f2dd4260587fe47b66669b8cc9bcbe0214961d6a69ec8cf864d84f6a5eb55be192b3cd726b8829c152f6b50a8228cac7a55b54415d776fc57ec6b24680296a720ca16b2fd420b0f9a23d7bc73427192f57b2d144df33a74f1f1bc0d38bd178b78fc7ee97336b27fd6a1f8ce8a28898ca73cf693f9b07fa85c7fa72337554085cc7ba2271e27ae8323de0e1c73e0bbb311d0ca9eeacfcc4e4722c4fa639b8f24e29d15141ef51259fab017bda2c6", 0xc6}, {&(0x7f0000000c00)="4f87a82eeb6c297b306467b4954a1087", 0x10}, {&(0x7f00000012c0)="548fba1a4cda9b7304cb679d76c08e9c4131cb24cd6f25ca129f473c6e569ae0528b29dd4c1bc6a72ef7278d5d3c06082745152ac5e8281aa5a3569e6c13bedaaee04bfbbcbd7805ac048d7a9d9cbc604eaed693f4439862d7ea6ac63b5f73dc30da1ade9babb98c48f516a67a75b9f72556918954b42a323c9e1c4b3f2974da6a82bb0bce8fccf44888b33ecb7f9bbd1734b77121f23db0d699f5b0ff18b6051edd7e838238d158b656b1b13c83f970324c549ba6476155c586d5d72245ccddda244d8232486176807fa9c12ee8f3682fb3de7a55b85a5cc59e74f6", 0xdc}, {&(0x7f00000013c0)="896331542819c4d1d969b9e31dc3628647704784b539c52483903018e693c97a4179045e3dff20c0c96a81644abf7536588995b472997d18af12653e696dfce43185cbf416ddb5343d091e21779639e99947e9b4b21fd12a5ca61f0f213af1ee8f73e21187555683e06db7fa420e56ad37773cc4d58617a22497c860fdf5adf6e3aa423bfdf8149a24e3d1373fc3015455eb4ce12ab152d7f4d88593d6d1fcaf3561e51dd4ffe78cf12f9ab45038a7283204598c1139c3ca9f3c2971526ca0a6a145167b6ed78aab0a4ca17916fa61", 0xcf}, {&(0x7f0000002500)="e7ad05d1072e77440c15cadc795a2028b5e96acb129809785133502dd789e2b55021a56e9e6dca781727ca8c449af0aa3ac3799e2d75ce9f37316a7115ad1d7c9ea6451ad6d2099681445b1a414cfa7d23c65b573293aeab19bcbf228a5d74f1f9acbbbda644f71eab0731c6629d54803719d751a89a8c8fce185039379ace00511a3b38a2af97d898420415ab4e088e5942af63368fcd2259271f71c2991d7adf0c8cb7", 0xa4}], 0x7, &(0x7f0000000d00)=[@cred={{0x1c, 0x1, 0x2, {r21, 0xee00}}}], 0x20, 0x20000004}, 0x20004000) [ 1919.753347][ T6084] dump_stack+0x15/0x17 [ 1919.757422][ T6084] should_fail+0x3c6/0x510 [ 1919.761850][ T6084] should_fail_alloc_page+0x5a/0x80 [ 1919.766887][ T6084] prepare_alloc_pages+0x15c/0x700 [ 1919.771833][ T6084] ? __alloc_pages_bulk+0xe40/0xe40 [ 1919.776866][ T6084] __alloc_pages+0x18c/0x8f0 [ 1919.781305][ T6084] ? prep_new_page+0x110/0x110 [ 1919.785893][ T6084] ? __alloc_pages+0x27e/0x8f0 [ 1919.790495][ T6084] ? __kasan_check_write+0x14/0x20 [ 1919.795437][ T6084] ? _raw_spin_lock+0xa4/0x1b0 [ 1919.800040][ T6084] pte_alloc_one+0x73/0x1b0 [ 1919.804375][ T6084] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1919.809413][ T6084] ? __pmd_alloc+0x48d/0x550 [ 1919.813836][ T6084] __pte_alloc+0x86/0x350 [ 1919.818012][ T6084] ? __pud_alloc+0x260/0x260 [ 1919.822515][ T6084] ? __pud_alloc+0x213/0x260 [ 1919.826942][ T6084] ? free_pgtables+0x280/0x280 [ 1919.831543][ T6084] ? do_handle_mm_fault+0x2330/0x2330 [ 1919.836761][ T6084] ? __stack_depot_save+0x34/0x470 [ 1919.841695][ T6084] ? anon_vma_clone+0x9a/0x500 [ 1919.846298][ T6084] copy_page_range+0x28a8/0x2f90 [ 1919.851081][ T6084] ? __kasan_slab_alloc+0xb1/0xe0 [ 1919.855945][ T6084] ? slab_post_alloc_hook+0x53/0x2c0 [ 1919.861053][ T6084] ? kernel_clone+0x21e/0x9e0 [ 1919.865564][ T6084] ? do_syscall_64+0x3d/0xb0 [ 1919.870006][ T6084] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1919.875904][ T6084] ? pfn_valid+0x1e0/0x1e0 [ 1919.880146][ T6084] ? rwsem_write_trylock+0x15b/0x290 [ 1919.885277][ T6084] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1919.891522][ T6084] copy_mm+0xc7e/0x13e0 [ 1919.895513][ T6084] ? copy_signal+0x610/0x610 [ 1919.899937][ T6084] ? __init_rwsem+0xd6/0x1c0 [ 1919.904365][ T6084] ? copy_signal+0x4e3/0x610 [ 1919.908792][ T6084] copy_process+0x1149/0x3290 [ 1919.913303][ T6084] ? proc_fail_nth_write+0x20b/0x290 [ 1919.918422][ T6084] ? fsnotify_perm+0x6a/0x5d0 [ 1919.922938][ T6084] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1919.927887][ T6084] ? vfs_write+0x9ec/0x1110 [ 1919.932226][ T6084] kernel_clone+0x21e/0x9e0 [ 1919.936565][ T6084] ? file_end_write+0x1c0/0x1c0 [ 1919.941339][ T6084] ? create_io_thread+0x1e0/0x1e0 [ 1919.946197][ T6084] ? mutex_unlock+0xb2/0x260 [ 1919.950621][ T6084] ? __mutex_lock_slowpath+0x10/0x10 [ 1919.955756][ T6084] __x64_sys_clone+0x23f/0x290 [ 1919.960347][ T6084] ? __do_sys_vfork+0x130/0x130 [ 1919.965031][ T6084] ? ksys_write+0x260/0x2c0 [ 1919.969373][ T6084] ? debug_smp_processor_id+0x17/0x20 [ 1919.974579][ T6084] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1919.980485][ T6084] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1919.985947][ T6084] do_syscall_64+0x3d/0xb0 [ 1919.990205][ T6084] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1919.995943][ T6084] RIP: 0033:0x7f895df3fda9 [ 1920.000183][ T6084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1920.019639][ T6084] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1920.027872][ T6084] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1920.035779][ T6084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1920.043673][ T6084] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:48 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 14:13:48 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x0, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1920.051476][ T6084] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1920.059285][ T6084] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1920.067097][ T6084] [ 1920.088654][ T6102] FAULT_INJECTION: forcing a failure. [ 1920.088654][ T6102] name failslab, interval 1, probability 0, space 0, times 0 [ 1920.101214][ T6102] CPU: 1 PID: 6102 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1920.111264][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1920.121158][ T6102] Call Trace: [ 1920.124287][ T6102] [ 1920.127060][ T6102] dump_stack_lvl+0x151/0x1b7 [ 1920.131574][ T6102] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1920.137042][ T6102] ? __kasan_check_write+0x14/0x20 [ 1920.142001][ T6102] ? _raw_spin_lock+0xa4/0x1b0 [ 1920.146592][ T6102] ? _raw_spin_trylock_bh+0x190/0x190 [ 1920.151804][ T6102] dump_stack+0x15/0x17 [ 1920.155792][ T6102] should_fail+0x3c6/0x510 [ 1920.160046][ T6102] __should_failslab+0xa4/0xe0 [ 1920.164643][ T6102] ? copy_fs_struct+0x4e/0x230 [ 1920.169242][ T6102] should_failslab+0x9/0x20 [ 1920.173581][ T6102] slab_pre_alloc_hook+0x37/0xd0 [ 1920.178355][ T6102] ? copy_fs_struct+0x4e/0x230 [ 1920.182954][ T6102] kmem_cache_alloc+0x44/0x200 [ 1920.187562][ T6102] copy_fs_struct+0x4e/0x230 [ 1920.191999][ T6102] copy_fs+0x71/0x140 [ 1920.195812][ T6102] copy_process+0x10ab/0x3290 [ 1920.200322][ T6102] ? proc_fail_nth_write+0x20b/0x290 14:13:48 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0xa002a7d8) [ 1920.205442][ T6102] ? fsnotify_perm+0x6a/0x5d0 [ 1920.209956][ T6102] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1920.214902][ T6102] ? vfs_write+0x9ec/0x1110 [ 1920.219242][ T6102] kernel_clone+0x21e/0x9e0 [ 1920.223575][ T6102] ? file_end_write+0x1c0/0x1c0 [ 1920.228271][ T6102] ? create_io_thread+0x1e0/0x1e0 [ 1920.233122][ T6102] ? mutex_unlock+0xb2/0x260 [ 1920.237647][ T6102] ? __mutex_lock_slowpath+0x10/0x10 [ 1920.242756][ T6102] __x64_sys_clone+0x23f/0x290 [ 1920.247354][ T6102] ? __do_sys_vfork+0x130/0x130 [ 1920.252041][ T6102] ? ksys_write+0x260/0x2c0 [ 1920.256383][ T6102] ? debug_smp_processor_id+0x17/0x20 [ 1920.261600][ T6102] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1920.267579][ T6102] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1920.273051][ T6102] do_syscall_64+0x3d/0xb0 [ 1920.277304][ T6102] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1920.283028][ T6102] RIP: 0033:0x7f895df3fda9 [ 1920.287287][ T6102] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1920.306724][ T6102] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1920.314972][ T6102] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1920.322964][ T6102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1920.331043][ T6102] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1920.338948][ T6102] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1920.346833][ T6102] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 14:13:48 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) [ 1920.354664][ T6102] [ 1920.377531][ T6110] FAULT_INJECTION: forcing a failure. [ 1920.377531][ T6110] name failslab, interval 1, probability 0, space 0, times 0 [ 1920.390172][ T6110] CPU: 1 PID: 6110 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1920.400236][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1920.410127][ T6110] Call Trace: [ 1920.413249][ T6110] [ 1920.416027][ T6110] dump_stack_lvl+0x151/0x1b7 [ 1920.420538][ T6110] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1920.426006][ T6110] dump_stack+0x15/0x17 [ 1920.430005][ T6110] should_fail+0x3c6/0x510 [ 1920.434253][ T6110] __should_failslab+0xa4/0xe0 [ 1920.438851][ T6110] ? copy_signal+0x55/0x610 [ 1920.443191][ T6110] should_failslab+0x9/0x20 [ 1920.447535][ T6110] slab_pre_alloc_hook+0x37/0xd0 [ 1920.452304][ T6110] ? copy_signal+0x55/0x610 [ 1920.456647][ T6110] kmem_cache_alloc+0x44/0x200 [ 1920.461251][ T6110] copy_signal+0x55/0x610 [ 1920.465410][ T6110] copy_process+0x1101/0x3290 [ 1920.469925][ T6110] ? proc_fail_nth_write+0x20b/0x290 [ 1920.475055][ T6110] ? fsnotify_perm+0x6a/0x5d0 [ 1920.479562][ T6110] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1920.484511][ T6110] ? vfs_write+0x9ec/0x1110 [ 1920.488851][ T6110] kernel_clone+0x21e/0x9e0 [ 1920.493186][ T6110] ? file_end_write+0x1c0/0x1c0 [ 1920.497871][ T6110] ? create_io_thread+0x1e0/0x1e0 [ 1920.502737][ T6110] ? mutex_unlock+0xb2/0x260 [ 1920.507158][ T6110] ? __mutex_lock_slowpath+0x10/0x10 [ 1920.512365][ T6110] __x64_sys_clone+0x23f/0x290 [ 1920.517053][ T6110] ? __do_sys_vfork+0x130/0x130 [ 1920.521752][ T6110] ? ksys_write+0x260/0x2c0 [ 1920.526083][ T6110] ? debug_smp_processor_id+0x17/0x20 [ 1920.531380][ T6110] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1920.537283][ T6110] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1920.542751][ T6110] do_syscall_64+0x3d/0xb0 [ 1920.547183][ T6110] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1920.552912][ T6110] RIP: 0033:0x7f895df3fda9 [ 1920.557281][ T6110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1920.576777][ T6110] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1920.585025][ T6110] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1920.592834][ T6110] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1920.600647][ T6110] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:48 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x0, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:48 executing program 4: r0 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x20, 0xbe, 0xff, 0x6, 0x0, 0x72, 0x4000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x4, @perf_config_ext={0x1, 0x7fff}, 0x80, 0xe95, 0x5, 0x2, 0x6, 0x4, 0x99dd, 0x0, 0x1, 0x0, 0x7}, 0x0, 0x9, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x8, 0x7f, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xb, 0x4, @perf_config_ext={0xbbd, 0x4e}, 0x8000, 0x80, 0x81, 0x9, 0x100000001, 0x8000, 0x4, 0x0, 0xfff, 0x0, 0x3}, r0, 0x7, r1, 0x0) r2 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x1f, 0x1, 0x1, 0x0, 0x2, 0x80010, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0xc}, 0x18000, 0x5, 0x10001, 0x0, 0x1, 0x4, 0xff7f, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0xe) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x4, 0x8, 0x1, 0x1, 0x0, 0x5, 0x800, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x42, 0x4, @perf_bp, 0x85, 0x8000000000000001, 0x401, 0x6, 0x633, 0x9, 0x6, 0x0, 0x4, 0x0, 0x1}, r2, 0x7, r3, 0x1) 14:13:48 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000002b8f63fb9500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000180)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xa}], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', r2, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xa, 0x87f3, 0x8000}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000540)=[{0x2, 0x5, 0xe, 0xb}, {0x5, 0x3, 0x1, 0x1}, {0x3, 0x5, 0xa, 0x4}, {0x4, 0x4, 0xc, 0x3}, {0x1, 0x5, 0x8, 0x8}, {0x1, 0x3, 0xd, 0xb}], 0x10, 0x54}, 0x90) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:48 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) [ 1920.608458][ T6110] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1920.616702][ T6110] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1920.625140][ T6110] [ 1920.678021][ T6117] FAULT_INJECTION: forcing a failure. [ 1920.678021][ T6117] name failslab, interval 1, probability 0, space 0, times 0 [ 1920.691144][ T6117] CPU: 1 PID: 6117 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1920.701230][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1920.711192][ T6117] Call Trace: [ 1920.714311][ T6117] [ 1920.717090][ T6117] dump_stack_lvl+0x151/0x1b7 [ 1920.721605][ T6117] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1920.727080][ T6117] dump_stack+0x15/0x17 [ 1920.731058][ T6117] should_fail+0x3c6/0x510 [ 1920.735313][ T6117] __should_failslab+0xa4/0xe0 [ 1920.739911][ T6117] ? copy_signal+0x55/0x610 [ 1920.744255][ T6117] should_failslab+0x9/0x20 [ 1920.748591][ T6117] slab_pre_alloc_hook+0x37/0xd0 [ 1920.753365][ T6117] ? copy_signal+0x55/0x610 [ 1920.757702][ T6117] kmem_cache_alloc+0x44/0x200 [ 1920.762305][ T6117] copy_signal+0x55/0x610 [ 1920.766470][ T6117] copy_process+0x1101/0x3290 [ 1920.771597][ T6117] ? proc_fail_nth_write+0x20b/0x290 [ 1920.776717][ T6117] ? fsnotify_perm+0x6a/0x5d0 [ 1920.781235][ T6117] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1920.786193][ T6117] ? vfs_write+0x9ec/0x1110 [ 1920.790531][ T6117] kernel_clone+0x21e/0x9e0 [ 1920.794849][ T6117] ? file_end_write+0x1c0/0x1c0 [ 1920.799539][ T6117] ? create_io_thread+0x1e0/0x1e0 [ 1920.804401][ T6117] ? mutex_unlock+0xb2/0x260 [ 1920.808831][ T6117] ? __mutex_lock_slowpath+0x10/0x10 [ 1920.813966][ T6117] __x64_sys_clone+0x23f/0x290 [ 1920.818545][ T6117] ? __do_sys_vfork+0x130/0x130 [ 1920.823232][ T6117] ? ksys_write+0x260/0x2c0 [ 1920.827571][ T6117] ? debug_smp_processor_id+0x17/0x20 [ 1920.832779][ T6117] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1920.838683][ T6117] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1920.844163][ T6117] do_syscall_64+0x3d/0xb0 [ 1920.848418][ T6117] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1920.854131][ T6117] RIP: 0033:0x7f895df3fda9 [ 1920.858386][ T6117] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:49 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) [ 1920.877917][ T6117] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1920.886156][ T6117] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1920.893968][ T6117] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1920.901786][ T6117] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1920.909590][ T6117] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1920.917407][ T6117] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1920.925219][ T6117] 14:13:49 executing program 4: syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r0 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x20, 0xbe, 0xff, 0x6, 0x0, 0x72, 0x4000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x4, @perf_config_ext={0x1, 0x7fff}, 0x80, 0xe95, 0x5, 0x2, 0x6, 0x4, 0x99dd, 0x0, 0x1, 0x0, 0x7}, 0x0, 0x9, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x8, 0x7f, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xb, 0x4, @perf_config_ext={0xbbd, 0x4e}, 0x8000, 0x80, 0x81, 0x9, 0x100000001, 0x8000, 0x4, 0x0, 0xfff, 0x0, 0x3}, r0, 0x7, r1, 0x0) (async) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x8, 0x7f, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xb, 0x4, @perf_config_ext={0xbbd, 0x4e}, 0x8000, 0x80, 0x81, 0x9, 0x100000001, 0x8000, 0x4, 0x0, 0xfff, 0x0, 0x3}, r0, 0x7, r1, 0x0) r2 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x1f, 0x1, 0x1, 0x0, 0x2, 0x80010, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0xc}, 0x18000, 0x5, 0x10001, 0x0, 0x1, 0x4, 0xff7f, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0xe) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x4, 0x8, 0x1, 0x1, 0x0, 0x5, 0x800, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x42, 0x4, @perf_bp, 0x85, 0x8000000000000001, 0x401, 0x6, 0x633, 0x9, 0x6, 0x0, 0x4, 0x0, 0x1}, r2, 0x7, r3, 0x1) 14:13:49 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x0, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1920.949980][ T6122] FAULT_INJECTION: forcing a failure. [ 1920.949980][ T6122] name failslab, interval 1, probability 0, space 0, times 0 [ 1920.982032][ T6122] CPU: 0 PID: 6122 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1920.992371][ T6122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1921.002268][ T6122] Call Trace: [ 1921.005389][ T6122] [ 1921.008166][ T6122] dump_stack_lvl+0x151/0x1b7 [ 1921.012681][ T6122] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1921.018237][ T6122] dump_stack+0x15/0x17 [ 1921.022227][ T6122] should_fail+0x3c6/0x510 [ 1921.026480][ T6122] __should_failslab+0xa4/0xe0 [ 1921.031082][ T6122] ? anon_vma_clone+0x9a/0x500 [ 1921.035677][ T6122] should_failslab+0x9/0x20 [ 1921.040026][ T6122] slab_pre_alloc_hook+0x37/0xd0 [ 1921.044792][ T6122] ? anon_vma_clone+0x9a/0x500 [ 1921.049391][ T6122] kmem_cache_alloc+0x44/0x200 [ 1921.053996][ T6122] anon_vma_clone+0x9a/0x500 [ 1921.058424][ T6122] anon_vma_fork+0x91/0x4e0 [ 1921.062757][ T6122] ? anon_vma_name+0x4c/0x70 [ 1921.067186][ T6122] ? vm_area_dup+0x17a/0x230 [ 1921.071621][ T6122] copy_mm+0xa3a/0x13e0 [ 1921.075696][ T6122] ? copy_signal+0x610/0x610 [ 1921.080118][ T6122] ? __init_rwsem+0xd6/0x1c0 [ 1921.084543][ T6122] ? copy_signal+0x4e3/0x610 [ 1921.088976][ T6122] copy_process+0x1149/0x3290 [ 1921.093486][ T6122] ? proc_fail_nth_write+0x20b/0x290 [ 1921.098605][ T6122] ? fsnotify_perm+0x6a/0x5d0 [ 1921.103117][ T6122] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1921.108066][ T6122] ? vfs_write+0x9ec/0x1110 [ 1921.112418][ T6122] kernel_clone+0x21e/0x9e0 [ 1921.116744][ T6122] ? file_end_write+0x1c0/0x1c0 [ 1921.121433][ T6122] ? create_io_thread+0x1e0/0x1e0 [ 1921.126378][ T6122] ? mutex_unlock+0xb2/0x260 [ 1921.130804][ T6122] ? __mutex_lock_slowpath+0x10/0x10 [ 1921.135936][ T6122] __x64_sys_clone+0x23f/0x290 [ 1921.140531][ T6122] ? __do_sys_vfork+0x130/0x130 [ 1921.145206][ T6122] ? ksys_write+0x260/0x2c0 [ 1921.149548][ T6122] ? debug_smp_processor_id+0x17/0x20 [ 1921.154752][ T6122] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1921.160678][ T6122] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1921.166124][ T6122] do_syscall_64+0x3d/0xb0 [ 1921.170385][ T6122] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1921.176105][ T6122] RIP: 0033:0x7f895df3fda9 [ 1921.180360][ T6122] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:49 executing program 4: r0 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x20, 0xbe, 0xff, 0x6, 0x0, 0x72, 0x4000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x4, @perf_config_ext={0x1, 0x7fff}, 0x80, 0xe95, 0x5, 0x2, 0x6, 0x4, 0x99dd, 0x0, 0x1, 0x0, 0x7}, 0x0, 0x9, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x8, 0x7f, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xb, 0x4, @perf_config_ext={0xbbd, 0x4e}, 0x8000, 0x80, 0x81, 0x9, 0x100000001, 0x8000, 0x4, 0x0, 0xfff, 0x0, 0x3}, r0, 0x7, r1, 0x0) (async, rerun: 64) r2 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64) r3 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x1f, 0x1, 0x1, 0x0, 0x2, 0x80010, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0xc}, 0x18000, 0x5, 0x10001, 0x0, 0x1, 0x4, 0xff7f, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0xe) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x4, 0x8, 0x1, 0x1, 0x0, 0x5, 0x800, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x42, 0x4, @perf_bp, 0x85, 0x8000000000000001, 0x401, 0x6, 0x633, 0x9, 0x6, 0x0, 0x4, 0x0, 0x1}, r2, 0x7, r3, 0x1) 14:13:49 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0xd8a702a0) [ 1921.199891][ T6122] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1921.208131][ T6122] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1921.215944][ T6122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1921.223753][ T6122] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1921.231565][ T6122] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1921.239377][ T6122] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1921.247192][ T6122] 14:13:49 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x0, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:49 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) [ 1921.388009][ T6144] FAULT_INJECTION: forcing a failure. [ 1921.388009][ T6144] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1921.407030][ T6144] CPU: 0 PID: 6144 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1921.417106][ T6144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1921.426997][ T6144] Call Trace: [ 1921.430128][ T6144] [ 1921.432902][ T6144] dump_stack_lvl+0x151/0x1b7 [ 1921.437417][ T6144] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1921.442885][ T6144] ? stack_trace_save+0x113/0x1c0 [ 1921.447745][ T6144] ? stack_trace_snprint+0xf0/0xf0 [ 1921.452690][ T6144] ? stack_trace_snprint+0xf0/0xf0 [ 1921.457642][ T6144] dump_stack+0x15/0x17 [ 1921.461629][ T6144] should_fail+0x3c6/0x510 [ 1921.465883][ T6144] should_fail_alloc_page+0x5a/0x80 [ 1921.470916][ T6144] prepare_alloc_pages+0x15c/0x700 [ 1921.475955][ T6144] ? __alloc_pages_bulk+0xe40/0xe40 [ 1921.480988][ T6144] ? __kasan_check_write+0x14/0x20 14:13:49 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x0, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1921.485930][ T6144] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 1921.491660][ T6144] __alloc_pages+0x18c/0x8f0 [ 1921.496095][ T6144] ? prep_new_page+0x110/0x110 [ 1921.500686][ T6144] ? pcpu_alloc+0xda0/0x13e0 [ 1921.505116][ T6144] __get_free_pages+0x10/0x30 [ 1921.509639][ T6144] pgd_alloc+0x21/0x2c0 [ 1921.513620][ T6144] mm_init+0x5c7/0x970 [ 1921.517523][ T6144] copy_mm+0x1e3/0x13e0 [ 1921.521519][ T6144] ? _raw_spin_lock+0xa4/0x1b0 [ 1921.526224][ T6144] ? copy_signal+0x610/0x610 [ 1921.530643][ T6144] ? __kasan_check_write+0x14/0x20 [ 1921.535588][ T6144] ? __init_rwsem+0xd6/0x1c0 [ 1921.540014][ T6144] ? copy_signal+0x4e3/0x610 [ 1921.544443][ T6144] copy_process+0x1149/0x3290 [ 1921.548954][ T6144] ? proc_fail_nth_write+0x20b/0x290 [ 1921.554080][ T6144] ? fsnotify_perm+0x6a/0x5d0 [ 1921.558595][ T6144] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1921.563541][ T6144] ? vfs_write+0x9ec/0x1110 [ 1921.567894][ T6144] kernel_clone+0x21e/0x9e0 [ 1921.572269][ T6144] ? file_end_write+0x1c0/0x1c0 [ 1921.576900][ T6144] ? create_io_thread+0x1e0/0x1e0 [ 1921.581762][ T6144] ? mutex_unlock+0xb2/0x260 [ 1921.586186][ T6144] ? __mutex_lock_slowpath+0x10/0x10 [ 1921.591314][ T6144] __x64_sys_clone+0x23f/0x290 [ 1921.595907][ T6144] ? __do_sys_vfork+0x130/0x130 [ 1921.600602][ T6144] ? ksys_write+0x260/0x2c0 [ 1921.604936][ T6144] ? debug_smp_processor_id+0x17/0x20 [ 1921.610225][ T6144] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1921.616131][ T6144] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1921.621600][ T6144] do_syscall_64+0x3d/0xb0 [ 1921.625850][ T6144] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1921.631575][ T6144] RIP: 0033:0x7f895df3fda9 [ 1921.635833][ T6144] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1921.655271][ T6144] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1921.663518][ T6144] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1921.671339][ T6144] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1921.679147][ T6144] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:50 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 14:13:50 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000002b8f63fb9500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000180)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xa}], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', r2, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xa, 0x87f3, 0x8000}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000540)=[{0x2, 0x5, 0xe, 0xb}, {0x5, 0x3, 0x1, 0x1}, {0x3, 0x5, 0xa, 0x4}, {0x4, 0x4, 0xc, 0x3}, {0x1, 0x5, 0x8, 0x8}, {0x1, 0x3, 0xd, 0xb}], 0x10, 0x54}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000180)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xa}], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', r2, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xa, 0x87f3, 0x8000}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000540)=[{0x2, 0x5, 0xe, 0xb}, {0x5, 0x3, 0x1, 0x1}, {0x3, 0x5, 0xa, 0x4}, {0x4, 0x4, 0xc, 0x3}, {0x1, 0x5, 0x8, 0x8}, {0x1, 0x3, 0xd, 0xb}], 0x10, 0x54}, 0x90) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) [ 1921.686950][ T6144] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1921.694763][ T6144] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1921.702578][ T6144] 14:13:50 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x0, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1921.740697][ T6148] FAULT_INJECTION: forcing a failure. [ 1921.740697][ T6148] name failslab, interval 1, probability 0, space 0, times 0 [ 1921.769847][ T6148] CPU: 0 PID: 6148 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1921.779926][ T6148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1921.789822][ T6148] Call Trace: [ 1921.792952][ T6148] [ 1921.795723][ T6148] dump_stack_lvl+0x151/0x1b7 [ 1921.800233][ T6148] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1921.805700][ T6148] ? __alloc_pages+0x27e/0x8f0 [ 1921.810302][ T6148] dump_stack+0x15/0x17 [ 1921.814299][ T6148] should_fail+0x3c6/0x510 [ 1921.818548][ T6148] __should_failslab+0xa4/0xe0 [ 1921.823146][ T6148] ? vm_area_dup+0x26/0x230 [ 1921.827572][ T6148] should_failslab+0x9/0x20 [ 1921.831914][ T6148] slab_pre_alloc_hook+0x37/0xd0 [ 1921.836687][ T6148] ? vm_area_dup+0x26/0x230 [ 1921.841024][ T6148] kmem_cache_alloc+0x44/0x200 [ 1921.845626][ T6148] vm_area_dup+0x26/0x230 [ 1921.849794][ T6148] copy_mm+0x9a1/0x13e0 [ 1921.853790][ T6148] ? copy_signal+0x610/0x610 [ 1921.858210][ T6148] ? __init_rwsem+0xd6/0x1c0 [ 1921.862640][ T6148] ? copy_signal+0x4e3/0x610 [ 1921.867067][ T6148] copy_process+0x1149/0x3290 [ 1921.871581][ T6148] ? proc_fail_nth_write+0x20b/0x290 [ 1921.876699][ T6148] ? fsnotify_perm+0x6a/0x5d0 [ 1921.881209][ T6148] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1921.886255][ T6148] ? vfs_write+0x9ec/0x1110 [ 1921.890623][ T6148] kernel_clone+0x21e/0x9e0 [ 1921.894923][ T6148] ? file_end_write+0x1c0/0x1c0 [ 1921.899608][ T6148] ? create_io_thread+0x1e0/0x1e0 [ 1921.904462][ T6148] ? mutex_unlock+0xb2/0x260 [ 1921.908893][ T6148] ? __mutex_lock_slowpath+0x10/0x10 [ 1921.914012][ T6148] __x64_sys_clone+0x23f/0x290 [ 1921.918614][ T6148] ? __do_sys_vfork+0x130/0x130 [ 1921.923300][ T6148] ? ksys_write+0x260/0x2c0 [ 1921.927639][ T6148] ? debug_smp_processor_id+0x17/0x20 [ 1921.932848][ T6148] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1921.938747][ T6148] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1921.944214][ T6148] do_syscall_64+0x3d/0xb0 [ 1921.948467][ T6148] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1921.954197][ T6148] RIP: 0033:0x7f895df3fda9 [ 1921.958461][ T6148] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1921.978152][ T6148] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1921.986397][ T6148] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1921.994206][ T6148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1922.002019][ T6148] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1922.009830][ T6148] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1922.017652][ T6148] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1922.025459][ T6148] 14:13:50 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0x0, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:50 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0xf5ffffff) 14:13:50 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) [ 1922.138167][ T6158] FAULT_INJECTION: forcing a failure. [ 1922.138167][ T6158] name failslab, interval 1, probability 0, space 0, times 0 [ 1922.183693][ T6158] CPU: 1 PID: 6158 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1922.193878][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1922.203861][ T6158] Call Trace: [ 1922.206986][ T6158] [ 1922.209759][ T6158] dump_stack_lvl+0x151/0x1b7 [ 1922.214276][ T6158] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1922.219743][ T6158] dump_stack+0x15/0x17 [ 1922.223734][ T6158] should_fail+0x3c6/0x510 [ 1922.227985][ T6158] __should_failslab+0xa4/0xe0 [ 1922.232587][ T6158] ? anon_vma_clone+0x9a/0x500 [ 1922.237189][ T6158] should_failslab+0x9/0x20 [ 1922.241524][ T6158] slab_pre_alloc_hook+0x37/0xd0 [ 1922.246301][ T6158] ? anon_vma_clone+0x9a/0x500 [ 1922.250901][ T6158] kmem_cache_alloc+0x44/0x200 [ 1922.255501][ T6158] anon_vma_clone+0x9a/0x500 [ 1922.259927][ T6158] anon_vma_fork+0x91/0x4e0 [ 1922.264267][ T6158] ? anon_vma_name+0x4c/0x70 [ 1922.268699][ T6158] ? vm_area_dup+0x17a/0x230 [ 1922.273119][ T6158] copy_mm+0xa3a/0x13e0 [ 1922.277115][ T6158] ? copy_signal+0x610/0x610 [ 1922.281537][ T6158] ? __init_rwsem+0xd6/0x1c0 [ 1922.285963][ T6158] ? copy_signal+0x4e3/0x610 [ 1922.290391][ T6158] copy_process+0x1149/0x3290 [ 1922.294910][ T6158] ? proc_fail_nth_write+0x20b/0x290 [ 1922.300023][ T6158] ? fsnotify_perm+0x6a/0x5d0 [ 1922.304538][ T6158] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1922.309485][ T6158] ? vfs_write+0x9ec/0x1110 [ 1922.313827][ T6158] kernel_clone+0x21e/0x9e0 [ 1922.318163][ T6158] ? file_end_write+0x1c0/0x1c0 [ 1922.323034][ T6158] ? create_io_thread+0x1e0/0x1e0 [ 1922.327901][ T6158] ? mutex_unlock+0xb2/0x260 [ 1922.332321][ T6158] ? __mutex_lock_slowpath+0x10/0x10 [ 1922.337442][ T6158] __x64_sys_clone+0x23f/0x290 [ 1922.342040][ T6158] ? __do_sys_vfork+0x130/0x130 [ 1922.346731][ T6158] ? ksys_write+0x260/0x2c0 [ 1922.351066][ T6158] ? debug_smp_processor_id+0x17/0x20 [ 1922.356274][ T6158] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1922.362174][ T6158] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1922.367647][ T6158] do_syscall_64+0x3d/0xb0 [ 1922.371895][ T6158] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1922.377633][ T6158] RIP: 0033:0x7f895df3fda9 [ 1922.381903][ T6158] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1922.401411][ T6158] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1922.409651][ T6158] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1922.417462][ T6158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1922.425275][ T6158] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:50 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002880)={0xffffffffffffffff, 0xe0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000025c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, &(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002640)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000002680)=[{}], 0x8, 0x10, &(0x7f00000026c0), &(0x7f0000002700), 0x8, 0xda, 0x8, 0x8, &(0x7f0000002740)}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='hrtimer_start\x00', r1}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000003c0)='+[+&^-\x00') bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xb5, &(0x7f0000000180)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002540)={r1, 0x0, 0x1000, 0x11, &(0x7f0000000440)="2519e3107fb804c75de459dbb413564bd09dc818e5aac62fc705cc0352c4ffbcb37b8a0afc86c58c6bb24930f0546bd0d35941544ae019c437639564b0a8af212c86192445c7b4c70808a336f7608a90786760dee26b22fe1eaae8b79b2f9f26253ace756f8f2b7d713876256f2f703042940dd5e9b7d01a81b08f088e59ea3e7ec77391d7638f1e61ca49cd5869a0ec74d534aba503676a10628dc999eed3aa20568a0ef0a3ab35ec85651dc912a2bf48e56ef11a19c01336c9d0e74160e538dd1b9cce63055d3f6d5688d3c17cbbe60a39d5a1c47b9a22bc04469e2085ddee707c7882740aa485a228e3266216b9eff1976df7f603ba404f38c72a17eb3a5adcc945fa6b645f292d2cc958fe154b26e9e6c02e45794c336bb3df9259e820845858be1c5145ee3d953c99afe076602d9d16ae9edbf4168842a73b0c56960b9beb39d718662fd02423cff023ecc04b4a7b398537220f9a3a79422be7d940d3ea6a3c914d8b637dd5eb2ba948569b2e4958c06979d68a5f1ac6652db619a3955bf9fea238a0297460cda48300335a9a7b06e0b15102354d0cff18a57d2c1388ffdb460d10cf917375db4a1d5fc366e0d1cf8a2fb3361cd812922c33355d0b36df1b11fed7d251c8b3d995ef17db2df7f4ad72a9b8663df89b6a1cef5ee37627cec692a93947b2e8f4933f8809f5f2379d9a5f5e8b72645e2a7b0784c45c5a511df440471cd05ca91a4a5987ca6616f4923a409d8d0bc3352ceebb2c9a1ab64e2443cd6536a4888d997854fabf9f0c12370ec1fdd76c3e4b80b917fce1dd9ebe8ccc7364d929dacb36a3c6abc15f5d88ef78141f9643c1f0fadadf157ce10b0c70635e4904ef26d6f71ed21edffa308ca388335576f8519344dbb72ffc0d5657e1c4e3cb66009c16cbcd10961e0a857368b43a52ec18b9edacc3630833a9e27bc7021f05f719b6fd5614a34f9ddeb6a400663b24ef7bf2909220c301b98f638c050c9dff9f42619a4a4b0952a265cd3b787428e7e88fa36b4964689e7d71c56c76bc2004811bf65b5a65b3ea48c783629ba3fb3e4f3cae1df857200922f8c89d58f3246e4e2f1d9a4aafe0244dd6fe1a9903623261359170dfe31a41c82b4c4fd1add60f01926803a283768fed16d59d585d186f2ab13eab499dbef21a447dfa82b4864471e210c3eda89c3d5ef7978db0233a6a5bdce41b1b6e6bf0c3ac9ab864b9bd0f8afba3eb1e26a43813922c31f656238c8f7e3c5941abfe6577c71ab5e4fc464fa7bce68f2881746610736d83f5f77281a65b16255972081decb416205fa28c52b91be9de107bb386f5f3f42cf60088572707b3f07699408a29ddb1a10f3df889b053f8c87bbeca0c5855bdace5c67617d629a27c61af78bf6b46fa28357716608711040339ede769d1d80b4172566e7206b669025b720a30165b4f833ee2b00c0ee0b023f9437580cd88d89a6ce222d7a46b082f2c76e21681580cde35ab013a05b3fe444975d2321cf52241fc44578f763e8b036ebf72d572643da463eb0652b6dd99333e8925c8e70d7c1a94e21312b6d6413a3ff42c609ab948b481f06a563bb786fe6575f53656d9a02cf2a4564b1a4e30d0d9da523e52c9e05074c4bc5a31170bd5d296a5be0483da52c3a6f91ebbe50766483f7d5643ae32fa50685c4cab80264cc9201eca7c4a3d059874c122967a0ce3b8ef91306800006490554a8c464ddeaa0f49b71f84596a552942926f8101e63ca333edc619aead9f71c891dc17723f6d49714697caf1b962dd6fca037941feb0c79cf61b12b353d343925b668bbdb4c017fec1a80fcc0050ea79079f8701714244bc452e0f3015dea60ae1c21a0605527a35c8857b4f9485525d92eacaa81e48a9b21350a3e16299fd1c48d8aa6c9ae56921a9bb9df6c7d9475f2a558f65fa928a5f9248c0b0aad40eb9516142d3708bea1f19793798d3e2b8e423cc8ccc2766e180b6bd61a32872d9c9b358de8252d35350694054286639ad8d33e70b70c355739088c002827e5c064aea6b01cca9f50fe57ddc4eda3be21e8ad3b7298f9c42bb3410e1771702a1bf56834c1d39662a0a5c28a4c39432f6bbb4e1d90b83a720560dae2fe79f0e4e5170913a2c68900ebe1899fd3a8732a297e34a37382e9799e0528e324ce011190469c2831f631f0f2c7b23ec0e07e049d4cbe9826d3eae2b595788ea86c06e0f8de203b7f37fc9ed010ec99d83cdddfaa41d22b8ebbc826702f3f534cb7577c9fc68be19fbceac5836911ce528af23d5f06c8f4f8f146ff5587452c017ed7905bbf86b38364089f3d6ffe05fd0994b17b63191f6cd4a039d02cc369bd24477098db91f287f8a1171dbb4b2d3b384e424b6305829966986c093c626dca491ccca24b4e0eac4a4a301de985970cd7e9d133f195da0424206e8ea3b461796978fbcd389e00e6eaf8d01b7b06b67ba1743f44615a29d9b4e0940055c9a7a6ea3e4a6ba780e13f1165879b6fbcbb3b2c1f2d2f44b8e4d1f34cfd94e3c6eddab6c81820bf32ff5b85e7a60b9fe1d0b7c89e6aa8dc68b58fe2b47d7ffbdab8bed0f6c709f1e5830d04be9bd7411760d44f0169751205285b9d9bc6d20eed5e34c306c4ec336f9392a2b2accd9488bbf2585d85539c66c385afa7f73f52dac2f987c8366684bd21a0d43d486f31a1c618d173d637fc398f23aa882cdb01b2eef90e677f22298f3abfcd39d7dd3ca52b2ea67c9c9661fa3e9d19ed3ba24ef0556b4161de141fe090396314fefe23d81c3d36b6b142a4e096f4fbf372e6171e119217853abcc917b9f74b2cef10803b57eb06a7947a1f6556cdb96156f826e6dcc0ae38a1dbefa6e8020ed225c906e9deea3d5dd9234ee5f1983b56bcb0a3fbbce35301ef81cdfb69019c929debfcc18bcb8e64fa00cdeaa598454a13695cadf94227f2ba5001012a9916456513427616e201f05272481f863b4776b40cb23405ead523e6707e35a7eee4ae87a85baec0f6a7fd203320d6d3267c2c40a1f677bd7a0369eddbefb498b9b790aabef181aba3679c6573252ce3f59bb6e2dde7c04a222fb26cb46827a8b72039583db79b9b1bd6ee01c0f4450de687f3a9f71c8ff1d286231c63225389fb87df6094b40d42e06d7eb0d4ed04e98170526a76335fd98b04c70270c968740b0d8b30d2e41d1b1b26c9009dc5d8748ea7750d0bd3f9f88c227730601c01fd5f7ec08f12334412150ef07404e162404eaa7adb522b64b41806fa0014614d823be27b64a6463b0894dd3445e127980f8d320b1131a06e3ae5347a32229edec1908125558e600329aac667472bba3aeadf79aa45baecea2cf1205c6c09f3394ea7a0cf1223b97d7f31f9f2433b396307ab2bd2437b6f498977cec01ddf762022590e2237e093c73f86186e12ca34a5447b7e3510a689aa407caa2e965768a839f8b4379e33f55894992389278eb980833642f71b672b15d06e12abda352087d7b09934c13e8fc8824a300b76a8d9e5d939a37f1eb36f76f6caa893e535920ea5bdbeb8c19c17f978bb0eeb0efeaa489c1e832a664295c3161972a5eb2a2d009831c87f5239b0ff18aef8cf0d926a5aaf173caa72ce0298bf5376ed0493f571aba36399690f2a47a1eacec83ca50508427e3f65618bb457dd101a07e10ef8e19f4aba111ba17d0859318cd8f45197e5ac7b01e81d7c654cd3d7d3684326c2923ce9b19f735ca4bbd45a4ef97faaeff4c189fe6d8fb61f7660d243d9841126a264a43db9ce303cfb0507ecb8c0ebca1bb87793218b848e9d096778c2ce23cb6f3e5ac0e348531ca09c427cfc90ee66eee3717f783450680b3379cd0a09a5b4617f67d4daaf7715ec0c785b42eefb1c03be53dce9d6b7b64d4295b42dd7666d629f90da4e3e00450b2a5e670e070a6286044174a196a96c621b986d6b9f772642ffbc57eb682dde20deed078476df6f3af7103562766ec9a2d19ec215222fe5e44636f6ad4f36db45791cd227c1f198df031bf5ce1fac5f03d2a6b1d139060d7903400960384598cf7303e91aa5b6e76d6036bfc72cff9b75847bb8cd39005395452b4b810a50c07751d2c8577d248902e0d7548cf19eb168c3eb444f1dd0f86230b4056303d5e1180b3e0689cabbb9263fa6af5efb6eae67e049822edb6fca9bbc499cf8affb97b837cfdecfee785eb64eb80506ae254d49a1ccaee9069417a5968430819bfdcde73d2d7c10453308cc0c9b3a18461eb09f63cb487922552b3e5ccc8614da7a8ef5d35b03c6e81c0ba1ee1dc5faf4c7ba9587d47d0d656fb29c8eb87902d59bf1f0fb3f2194fa58f7a98942b363529333be9ef198d1c9a76746eb9044f6a106375bfd11aa48bdfc15cf2df9a60550bebdc21021a0c76d63f04e9cb1d4c76a2795c7bed181c0dfd34e9997967a6fa2de18aee8f5a9c444d2b77faf28b60200ddfeb4148d3ac65f935b02ac71c5be5f0cf97fdac8cfdceb629634a64470cd8c1be6534392a380f412e94ae0601966eec83dbe382545f798b39d4870e9c7cb007876f7a97d22767073456716be31ba7515386b801b3811e6b10a8baff057885352d12193f0c61e93e688e93f94e1c047ab642eb9710700216be56d704a5508587319c5a750741964ec70e3b5efee11996907986d5c2dc1eab37b3a0cbef10e5e016856e804d11debcc5ea60e0e30bd534d97357ab8493b3abeba67015e1d62da688f4036fa4477dcd5ab15aac87a2bbe575379f1b13f71af2b6ea5500847e415a5b9d820773fa7d1dffa049001637b60c699b1602c4d2137f6264e55ef71e29d810ef79be08a20a3b40dae9fd49b3c70da80c042e6926ce64587a139931f14f52a52728cbcf091ce84419950ac028069eb2fb90a0563ec86f19bec8ae9d051bc7797b0c2114ffbae70210d8f20b0e4ba9bedfb73623a5b86d4088a82523f3c1b358c9a4e4872a5367fb3eb62f48d492714bba50ce84fd3ff8c58b99d34f7f5a638c37f6cc00ac1bbda9215042fa94076f6eafa0f298f5f792f782d3d42e88e0d31114f683c1c1c3a4969c9f211b59f339b5b1a2386edd7b20371e52a4e8fccab2124d452e6d88e7e338ac7024b7653718b07e30b7f7376ccf81407d230dd44a63d4d26c4f588279daacd5cc315f33cabd03b41bcad749507946c78cd0914391762c784f091b1377a3fafaf910952d475c13f9de924b253d81afae94ee4db3c32a8367dd1ed2f50590c04b5aaefa87fc3a2fc62943d846df5ced2ee5b35637cb80fb2de8a8bc643cfd59b2382f559732fc52670b66be584ce65ffd0363532b1c2a94ff288ae2899fee1e6a50c58109e3904b567531e156e07dca46a2fe3c219650d780f37b07933f6d8c73929b69be6bdd3f6fba4a2b793855923030edbeaa9b8edfe947721a00fc2ce968edb6f0d5da3459c915a904df2cd44d509ba499a18e214bcef0ae99571ce4afcb17a1c0ed7681f5fde4569f6f9fa53a0fb015743ced68b40bf438f98d8633debc9f7b04276adadd5aa72f2b772db18e4da0bb424414e143713468dcb6061563a6a76fdc66776ae98324d49ccebe624a6b10dae6c2d3cf50166883d9c9f398330a5b1b91089938612283f116ede8bc7a164bde2c3ce158d8b1cd9d3d5563defc362efcea0c43341c112fac7bd0e49e623e11304e7e7042ebcc261309c9938cc148fb4c161b38c437992d92b1b1edf868310481b6d05b88b77422453afd3e25975f50632642bf484b67204abad003592c55222fa08486e4594b91ce49e6613b656a233bfb0a54596e961f6a18d26d3db5", &(0x7f0000001440)=""/17, 0xeec, 0x0, 0x1000, 0x9a, &(0x7f0000001480)="4628120380e3782b12d9db9c9d74acd94fe16f499e67201a5003b8ebc9e503bb2d49c68b51aaaa7bac5c1855fd8c2ef1207eb5b191cd04e5fb7beed3de68f0ef1bc44d2d6ebb14357ec992e5a9a24557d73e34b64a906ba6198ab72fb2925d83b1f60eba90c7401edb844e81ce5fba469874d8b02d69f0db6c6e0bce71db7390c795914647ab11f6f9e40cf37ba5e78ecfaaa68907bf3f7c836fad6c1b4bc0f273de995b4fa65d95db843bca5e7238464a433b55364800da45bb2c15b80088b641ae44c3e0fe09b30a8a4fe1b7fa8c1a592b537d12a79af2c3ba763410dcaef6cd5c0b658577c7d280d84c64b24f2795ccc03868cd77661735e859962102f4b8c08ca805570f1a8d42d589732f8ef3b4d6106eb502bc040e7be95acf18a408eb46dc5502e408268cf88f727235f55e3c10bf7af6781054450a8b455fc8188d2b1d09e7a36781a3df195445047ce3481dc46815e9d1085da357ca97839343f9613b86094c570b7de2270e889c855201fc29ec06bfd004032e87908f43bac8ed407a7731772c32915bb549c9b3fd9d52a14156e231028af025d73d56405b585beda432504ef8e326b7e76cf3d240b7197f54be4aa936366931652c9aa44d383b2bdf7d4d9671c7509912a7deaf06ceed7073bcc490a10c3aea0be23b1d7ef550eff956628279fdb4de26dfcca6e18bad9294309b1d95d3f637156ca47377bb19bb228e0833b4e3929fdc6c828729d2b3e2b129beac870ee07516f949acb9698c32da6e70bf1929ffc456c7517a1ad2740c4473317831848cac7151da04417fdbbf77752a9d31731ba89f782165cae1eafb68d39b75b411332c121753f2a1503c8e45d66c96cc49336f7d326735f8401c4943abcfa7b47726cee5dff95281890d2f45ef7758697a80b08a9fe68dd0e8b90dbe3028c34431178cd7a41ca71bee8d6d668f8351ed17c06eef6a2200e3a0af332cd8e89bdf64893f429f9ba6649d3bcb756378da70775545b6b4ae6904077fd4a0b72e7b0062a3bc071e764f8a7a5fb50504030c3bb30334cf17d5b7c265831f999fe06941b979374ed34ce7f1a17d20712d8bebc3f269d2bb513603e5b00263fe5de43f7bb5bed85b08813a88b189f490f5ec9eab90c1ea0065db01a64583e65e2deb8266b41bc37fccfb6157c9c8426850d8b6eff8570d85bdb58c546814a87fafddf715988b5091f90f4367be99ab8710d9f385cf9e75029c8a82809505129fb48c6e53d158af59d7027fd9002b632699adb3afda041f5d58522f47e0c51defc0e5ef68bec08a3bd0ffaea55d13d717a5d38f44e81031e01ca9998a640b51d67c7855594bba173887edb643dd02eab935253fa75d46b14dca3b21f8669a64b77b2249df74a5dcd545f86831f248f94bd22e5aad91bd5806d0d174eddd1ba00ce73605972bd8da712558300f1e532751eaeed84c687161a341a68c9f0b20d2debcd7c2212d24cffe56f5833c21dce1e04cf45607cc4ed18039b788097621fcb155858eaae67bcdcd3c8259f6f6357c3cc0af65801a9241a34b73dced045c5d72046e6e8ae62f6c792a312d486d23363688e292dba83867bc148138151ba14bd545bd60016545b46e4b4843eb0dc7df800f73a6975395ae76aa521d524e0c70d65711de383c867571385c93ae229f3c92195d1763846760035d36ca9090587caab21b88a077142248330f4beac7f351284212459f8dba384a9fbce5f65f26469589ddd9b7ce2b2c91471cbdab0596e0542fd48cc36024307cbcd3c851ea00062a7395738cc51d95fd2378ed627a4b82309039241c5799c74494253cd1bf5180003a86cd3dd6a8b3003fe80a2adbd69635579647397772da84adbffa8bbbf67c990ec8f4b8aa8956eff6894202682c2700b462c141ad1a4ae5a3f345bf7916cf1c1c29f11ff952e015ef33647e6b25cd8bfeef3261f3b8ebbdaf2d16dd4bd022941bc85e479980936f3e4e09ea9e103140c1e368f1c350451a4a4dee886ff3250c6c92da5ab216147b720ca9e61b9075c1af0e01d6904a0b3327c5b0fbc3ca1feb6f1173b0eed4f95912a09e89293be08d83a5a0573fed16bfd3b690e0efd99205b5b16516f73c14104c1f95e522c34ce0433d8db3bced8884e376639d702285a03a1e3c4a84eb60007b6b782665c117acfe03da5c9cf7feb2a6bd03516ecc21fea8e5926fd76ed24e324a6819d3aa0bb6257a2e2a8487f67d3c61e071c4408e1258a075bcde5348207c16f0edd3b5414ec869768576038f27c06a76201d09380f37b9f9ec19888c6f3ed3036413a168b90af57659915bf522bb7bd26f9f3d038a62c0115f85c2b741b3326938b92db16f8871cf2a966a01cd27c6587f0c9ac187c64f8e4e6d911e819da343e5beec30e5bcd212f5edf4b960ee4ffaae427803792f1d98e706fcc33664540d1d1ffa01a8ce02ec1be855910ddb4bb6b92a7411254ae4a7069cf45c620716a29da7ce5aa2795b49b9aca6b3bf626a71e4f2939aa4f12175ca3a315ec1e17724863dadb59ffe5281c1b2e4eebe3745fb097fe26ccac786a45270bf3f32c1f2a7ca44bff46410ed85202a10b8720b1741c8401a409494fe32fc55b0183d9afa0ce607a494bde6e464d6e10fcf04f34567dbeddadfb5e43cf53ba20b01b3a0aecdf16b9f39c8485cd65086e1cd20957aa5c2b693a1a240d8334c01445b350ac6a6ae4635735b20aaf988d160466400aebe252e36c6c0377d297ab4ed5af7566ac9c0ab339b75e987903c69b776c175e363bdfc8d084c0faef10c47ce0aa99353ce65d310040169617e8ba0f2ba73647a3259ee418e1d702c4a869c7cc5d05ce43554c95cb5d209b2d66b57e20ea6b0f69f1190ccdbc73554b6fccfc12126cb0b508c74685449b2f3f80614466485869272e8515d9925b071027096ab3e015fd5ce25455f6ff06f68dee33f877e12e851d297a4d7c5a91576047c5d3e200591a0fd638c8dfa83d122b2eeeade35fbb3fd987c098c45cfdc232fe8c141104b6f6c6bcd9d0486ddb9be989232a1bda870a3ff3bbd8d9ee1aedaccaebf5930ff6bfe94796cc149c61c6e02b7d3f7c29796eb376aeed448cbfc9667d8dc1980c37af19b91da70858e29ad029f7e43151a62cc8be6c9e442d32fe374aac5f627b4957948775f64471342850882673df0c52566c26da2d79a67c17bc1044e57336ea6ceb3ec869fb0178e4057e1f19d49ed97b46341ef8be37b22980143fc7563ac49f4dc5dfec0b297994849a3f089221076c5b9930577e184674adbff03d87cc8da94b092e2520567279d8debc527b9194c158ef89a5685b9d4176e7bd89bea85298aee7a65fe793f055e2fb12210fe826f0284f0f62631eca547ecec1f48a01672d883d52abe2b43215de4e2cdafff47906a75ebaf09ce4e635d10085172d37f9a186e44fab1f2aecf33fbf6be78cb3b17acc7d493ac56ddc54f6a5867eb355d91a2d13e0f83922eb0616c48e7ab1d7408e2cc886bb92569ca1fe9a5ab7ff7b5c82fbef78603ad8b2f0534fa8c9316bd2f3a3cfe0a000687eb75d10ac7c372fa8bcb1508a31532bb12bb03926495bc341d64f3e1224c60e894b8ba0bce4b95a05860750f758a01cd03b3d56bfb7237d88fadb1d8ea070dc1468b559071fa33b663442a8da409794be6e5d67bf1bd4be0430ced9ed37170759472232a688bf815fd816958544f288f6cab82c55de6419a7cc99c7f4640c5af93bb5aff734437c98dc08ff9584b70e4df9d4d013283ce26a8e5c0d432c3e3dcb524cd7a8d0cb05f1c5f8fbb4b1ef93eb642415090d085bbd06caf121bc05b0825d4b05835de7d5cdc151053628e302800773d55369ce7e95a291fdbca54526e52df492e89f8f78ce174b0698df297de2862b11c4669276759c86a7b8425e45b66fbb3f354bd9381bbc3b3a9c054c723f6ee2ca5018a5a08e5c33603ddebe12f517994e0ace5583625b8f5cd51a7db89969758394fe366f76de3473ff3b85d30b0775e9a612327cc51d724113c321b50474e0ebdcd62c0581c26b2cd643f713bc6a8ea25d3242cf1aef6f8733e8488feb5ec5314c7b1798fca61c358e438cb4b276eee7f3bc0938b8e58269b40f9d85ff7dd5f4b899555ad8f475395713ad0d72fbb9d51d9ae4ca9ba5878a327372a0b79421093a24725fd74ab582911d0d8ce5624bd19eb7a56af46bfe6141195ff60665585d2693360ed5f6105077a937ad570ec635c9ed6b35ac2deff4999f69874cc37c117dd893f88f7575f5f735c40fa3c386b038e1ae8c17fc70c652d77d3b48f61f2726b1ff9aa2e8297465617328c726146949037e7ecabb70145876f1a9190bec17c8cca596019f24161877711a6a97f3d04b846982f272bdace42a1438c36e472eb2d78e056068ed62f1143b907c61958d580405d4c23312f56e297fb83f6ca3a4eba8f594956a1d81bc09e6d1db770f821605d52d1ef3f7139e3e505cffffdd9eaf272992338403111a24dbb1eea4c6ed146bc4bb9f2bad4f89fea85b7bd06368e0f258e8fb6a8f74b1497adbf7d9c6c781f9a5c237fde03ad793a5f4479d8ea1b002c15d278e33f2d55d744931cc154f817a0fdeeadef5b5d52ea785a73bdee95e06cfd5c4083b3320c7dd24d999ab14f238ee85ce78612ab7e6d9bf63d7d88fcd314d5b92e2fda2725897ff9883fb92750e97bd6bf3ed6f9d5863f3203afb67d3178204216cb92cc9adade6d71daec4a7483563ad5c95ccf541e5539085b9c846de0aef1f791a75ff327fda988ead8c6a8c1fa9b19b9379783d967b0f5f2be5a60db49430f59350d41c4c64dfc8aabe73312c67e024c6f29c39b2803b40faa4704c655bfb5367e65f14015b6465d983b0d193febfb5d516d43bd9d026cf8093b33061468dfa487393810254c5fa72b0ab33b173c86af1b35d09c9663abd0b1342a982927854237e7e5458587b2685826dc93b8a32b9e7e7f272e363b717c0cde8d6c4e8c360184cc9723c1a715100ec8442d16b8b4b826db6a37894b90a92e5497498c5c073fb0237b573bf11bfb9674772ac31c791544ecbc25e9e54e0d12225bb0d7db37c445508d505baf1f670c5454e4d2e22116152cc2334eaaa433f1cad4b30b4e913529cf2c94199172745f2b9e56a22eb904f7d4d6c6db8c0a7a5c44e6a16b281eb1008daeb666d9113c874e9148c8f4fa109fbc7d5c55560bbd0637b18d73df7144adf6a1d441d283f113628e9df57cea8f04c10635cd4c9bb949c6b3ed704579d18c63b0fdc4641cc4ce897c9053389a0ffa6ad033931c179af6e5990d856dde5ecadbd43eb94ed4a3f212927c6a1966f67c1acdeb1485858c534a9976b6f1e45cb020cce24d2088df4d539bd92540470af923b71cdb7eae4c9f1eedd2bdcc60ac043a7317f607e8fd214deff36c0b3b0bed295ddb9bb5ca061696a18cfc3cffb84399c300b906a7a3052ac2589f84ca9321983a06abce6d0dfdedc152401266d54822aa9581e74556821559bc0ff2d5a4e0a83dc78b560ffa71333f7410d15d942b1d5d55c063ccc3a2ac2e62772b67f5abd613ede86989c8bab8c7b28bdec08ddc3a975bcac630f8087bba08c848a9cd140115f60d4a2d1f7681433d8fed0e91eff7e803de55367380f187ad8989ffb068103d18adba57da1f2e65c5d36392cf1c3c2e968090a7c2812af8608c88ba4d888d77fc416e5e7eebf7d8e73b1f4fe55c6e5be2a15be31dc76063d861b14e35c9f4de6ae5b918911b815aaf4105e5ce443234dd693a26d9565359050f437b7ce2d5d70a7b", &(0x7f0000002480)="324be6191bf24e72f3d26fe3634e1e222cf22a593028da7e376ac8f93c2a82b481939711e5d5864f5fb9bcfcaec1df7cd5411ad70af5cb8cb1b25933e1129073aa195ee519173285c75cff79b9a652a56fe95d039089e6a180e843473b0e70dfe6fd5d053daff0ad4639266e9d08d1961c0f9d9995adf4d5b99f6de5066ef922c3dc2fc556597dd29d40962e887fbf8c4a14d8e56b49f10566c5", 0x0, 0x0, 0x76}, 0x50) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0x40, 0xff, 0x0, 0x0, 0x79c9, 0x800, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x208, 0x3, 0x12, 0x5, 0x0, 0xfffffffe, 0x81, 0x0, 0xbcbd, 0x0, 0x10001}, 0x0, 0x2, 0xffffffffffffffff, 0xa) 14:13:50 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) [ 1922.433085][ T6158] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1922.441854][ T6158] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1922.449853][ T6158] 14:13:50 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0x0, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1922.487456][ T6164] FAULT_INJECTION: forcing a failure. [ 1922.487456][ T6164] name failslab, interval 1, probability 0, space 0, times 0 [ 1922.544993][ T6164] CPU: 1 PID: 6164 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1922.555089][ T6164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1922.565091][ T6164] Call Trace: [ 1922.568192][ T6164] [ 1922.570970][ T6164] dump_stack_lvl+0x151/0x1b7 [ 1922.575492][ T6164] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1922.580961][ T6164] dump_stack+0x15/0x17 [ 1922.584947][ T6164] should_fail+0x3c6/0x510 [ 1922.589200][ T6164] __should_failslab+0xa4/0xe0 [ 1922.593900][ T6164] ? anon_vma_fork+0x1df/0x4e0 [ 1922.598497][ T6164] should_failslab+0x9/0x20 [ 1922.602820][ T6164] slab_pre_alloc_hook+0x37/0xd0 [ 1922.607769][ T6164] ? anon_vma_fork+0x1df/0x4e0 [ 1922.612450][ T6164] kmem_cache_alloc+0x44/0x200 [ 1922.617052][ T6164] anon_vma_fork+0x1df/0x4e0 [ 1922.621493][ T6164] copy_mm+0xa3a/0x13e0 [ 1922.625485][ T6164] ? copy_signal+0x610/0x610 [ 1922.629902][ T6164] ? __init_rwsem+0xd6/0x1c0 [ 1922.634327][ T6164] ? copy_signal+0x4e3/0x610 [ 1922.638763][ T6164] copy_process+0x1149/0x3290 [ 1922.643266][ T6164] ? proc_fail_nth_write+0x20b/0x290 [ 1922.648384][ T6164] ? fsnotify_perm+0x6a/0x5d0 [ 1922.652900][ T6164] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1922.657844][ T6164] ? vfs_write+0x9ec/0x1110 [ 1922.662184][ T6164] kernel_clone+0x21e/0x9e0 [ 1922.666871][ T6164] ? file_end_write+0x1c0/0x1c0 [ 1922.671580][ T6164] ? create_io_thread+0x1e0/0x1e0 [ 1922.676512][ T6164] ? mutex_unlock+0xb2/0x260 [ 1922.682236][ T6164] ? __mutex_lock_slowpath+0x10/0x10 [ 1922.687357][ T6164] __x64_sys_clone+0x23f/0x290 [ 1922.693262][ T6164] ? __do_sys_vfork+0x130/0x130 [ 1922.697946][ T6164] ? ksys_write+0x260/0x2c0 [ 1922.702314][ T6164] ? debug_smp_processor_id+0x17/0x20 [ 1922.708197][ T6164] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1922.714267][ T6164] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1922.719842][ T6164] do_syscall_64+0x3d/0xb0 [ 1922.724089][ T6164] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1922.729814][ T6164] RIP: 0033:0x7f895df3fda9 [ 1922.736446][ T6164] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1922.756569][ T6164] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1922.765168][ T6164] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1922.773153][ T6164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1922.780963][ T6164] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:51 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002880)={0xffffffffffffffff, 0xe0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000025c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, &(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002640)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000002680)=[{}], 0x8, 0x10, &(0x7f00000026c0), &(0x7f0000002700), 0x8, 0xda, 0x8, 0x8, &(0x7f0000002740)}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='hrtimer_start\x00', r1}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000003c0)='+[+&^-\x00') bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xb5, &(0x7f0000000180)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002540)={r1, 0x0, 0x1000, 0x11, &(0x7f0000000440)="2519e3107fb804c75de459dbb413564bd09dc818e5aac62fc705cc0352c4ffbcb37b8a0afc86c58c6bb24930f0546bd0d35941544ae019c437639564b0a8af212c86192445c7b4c70808a336f7608a90786760dee26b22fe1eaae8b79b2f9f26253ace756f8f2b7d713876256f2f703042940dd5e9b7d01a81b08f088e59ea3e7ec77391d7638f1e61ca49cd5869a0ec74d534aba503676a10628dc999eed3aa20568a0ef0a3ab35ec85651dc912a2bf48e56ef11a19c01336c9d0e74160e538dd1b9cce63055d3f6d5688d3c17cbbe60a39d5a1c47b9a22bc04469e2085ddee707c7882740aa485a228e3266216b9eff1976df7f603ba404f38c72a17eb3a5adcc945fa6b645f292d2cc958fe154b26e9e6c02e45794c336bb3df9259e820845858be1c5145ee3d953c99afe076602d9d16ae9edbf4168842a73b0c56960b9beb39d718662fd02423cff023ecc04b4a7b398537220f9a3a79422be7d940d3ea6a3c914d8b637dd5eb2ba948569b2e4958c06979d68a5f1ac6652db619a3955bf9fea238a0297460cda48300335a9a7b06e0b15102354d0cff18a57d2c1388ffdb460d10cf917375db4a1d5fc366e0d1cf8a2fb3361cd812922c33355d0b36df1b11fed7d251c8b3d995ef17db2df7f4ad72a9b8663df89b6a1cef5ee37627cec692a93947b2e8f4933f8809f5f2379d9a5f5e8b72645e2a7b0784c45c5a511df440471cd05ca91a4a5987ca6616f4923a409d8d0bc3352ceebb2c9a1ab64e2443cd6536a4888d997854fabf9f0c12370ec1fdd76c3e4b80b917fce1dd9ebe8ccc7364d929dacb36a3c6abc15f5d88ef78141f9643c1f0fadadf157ce10b0c70635e4904ef26d6f71ed21edffa308ca388335576f8519344dbb72ffc0d5657e1c4e3cb66009c16cbcd10961e0a857368b43a52ec18b9edacc3630833a9e27bc7021f05f719b6fd5614a34f9ddeb6a400663b24ef7bf2909220c301b98f638c050c9dff9f42619a4a4b0952a265cd3b787428e7e88fa36b4964689e7d71c56c76bc2004811bf65b5a65b3ea48c783629ba3fb3e4f3cae1df857200922f8c89d58f3246e4e2f1d9a4aafe0244dd6fe1a9903623261359170dfe31a41c82b4c4fd1add60f01926803a283768fed16d59d585d186f2ab13eab499dbef21a447dfa82b4864471e210c3eda89c3d5ef7978db0233a6a5bdce41b1b6e6bf0c3ac9ab864b9bd0f8afba3eb1e26a43813922c31f656238c8f7e3c5941abfe6577c71ab5e4fc464fa7bce68f2881746610736d83f5f77281a65b16255972081decb416205fa28c52b91be9de107bb386f5f3f42cf60088572707b3f07699408a29ddb1a10f3df889b053f8c87bbeca0c5855bdace5c67617d629a27c61af78bf6b46fa28357716608711040339ede769d1d80b4172566e7206b669025b720a30165b4f833ee2b00c0ee0b023f9437580cd88d89a6ce222d7a46b082f2c76e21681580cde35ab013a05b3fe444975d2321cf52241fc44578f763e8b036ebf72d572643da463eb0652b6dd99333e8925c8e70d7c1a94e21312b6d6413a3ff42c609ab948b481f06a563bb786fe6575f53656d9a02cf2a4564b1a4e30d0d9da523e52c9e05074c4bc5a31170bd5d296a5be0483da52c3a6f91ebbe50766483f7d5643ae32fa50685c4cab80264cc9201eca7c4a3d059874c122967a0ce3b8ef91306800006490554a8c464ddeaa0f49b71f84596a552942926f8101e63ca333edc619aead9f71c891dc17723f6d49714697caf1b962dd6fca037941feb0c79cf61b12b353d343925b668bbdb4c017fec1a80fcc0050ea79079f8701714244bc452e0f3015dea60ae1c21a0605527a35c8857b4f9485525d92eacaa81e48a9b21350a3e16299fd1c48d8aa6c9ae56921a9bb9df6c7d9475f2a558f65fa928a5f9248c0b0aad40eb9516142d3708bea1f19793798d3e2b8e423cc8ccc2766e180b6bd61a32872d9c9b358de8252d35350694054286639ad8d33e70b70c355739088c002827e5c064aea6b01cca9f50fe57ddc4eda3be21e8ad3b7298f9c42bb3410e1771702a1bf56834c1d39662a0a5c28a4c39432f6bbb4e1d90b83a720560dae2fe79f0e4e5170913a2c68900ebe1899fd3a8732a297e34a37382e9799e0528e324ce011190469c2831f631f0f2c7b23ec0e07e049d4cbe9826d3eae2b595788ea86c06e0f8de203b7f37fc9ed010ec99d83cdddfaa41d22b8ebbc826702f3f534cb7577c9fc68be19fbceac5836911ce528af23d5f06c8f4f8f146ff5587452c017ed7905bbf86b38364089f3d6ffe05fd0994b17b63191f6cd4a039d02cc369bd24477098db91f287f8a1171dbb4b2d3b384e424b6305829966986c093c626dca491ccca24b4e0eac4a4a301de985970cd7e9d133f195da0424206e8ea3b461796978fbcd389e00e6eaf8d01b7b06b67ba1743f44615a29d9b4e0940055c9a7a6ea3e4a6ba780e13f1165879b6fbcbb3b2c1f2d2f44b8e4d1f34cfd94e3c6eddab6c81820bf32ff5b85e7a60b9fe1d0b7c89e6aa8dc68b58fe2b47d7ffbdab8bed0f6c709f1e5830d04be9bd7411760d44f0169751205285b9d9bc6d20eed5e34c306c4ec336f9392a2b2accd9488bbf2585d85539c66c385afa7f73f52dac2f987c8366684bd21a0d43d486f31a1c618d173d637fc398f23aa882cdb01b2eef90e677f22298f3abfcd39d7dd3ca52b2ea67c9c9661fa3e9d19ed3ba24ef0556b4161de141fe090396314fefe23d81c3d36b6b142a4e096f4fbf372e6171e119217853abcc917b9f74b2cef10803b57eb06a7947a1f6556cdb96156f826e6dcc0ae38a1dbefa6e8020ed225c906e9deea3d5dd9234ee5f1983b56bcb0a3fbbce35301ef81cdfb69019c929debfcc18bcb8e64fa00cdeaa598454a13695cadf94227f2ba5001012a9916456513427616e201f05272481f863b4776b40cb23405ead523e6707e35a7eee4ae87a85baec0f6a7fd203320d6d3267c2c40a1f677bd7a0369eddbefb498b9b790aabef181aba3679c6573252ce3f59bb6e2dde7c04a222fb26cb46827a8b72039583db79b9b1bd6ee01c0f4450de687f3a9f71c8ff1d286231c63225389fb87df6094b40d42e06d7eb0d4ed04e98170526a76335fd98b04c70270c968740b0d8b30d2e41d1b1b26c9009dc5d8748ea7750d0bd3f9f88c227730601c01fd5f7ec08f12334412150ef07404e162404eaa7adb522b64b41806fa0014614d823be27b64a6463b0894dd3445e127980f8d320b1131a06e3ae5347a32229edec1908125558e600329aac667472bba3aeadf79aa45baecea2cf1205c6c09f3394ea7a0cf1223b97d7f31f9f2433b396307ab2bd2437b6f498977cec01ddf762022590e2237e093c73f86186e12ca34a5447b7e3510a689aa407caa2e965768a839f8b4379e33f55894992389278eb980833642f71b672b15d06e12abda352087d7b09934c13e8fc8824a300b76a8d9e5d939a37f1eb36f76f6caa893e535920ea5bdbeb8c19c17f978bb0eeb0efeaa489c1e832a664295c3161972a5eb2a2d009831c87f5239b0ff18aef8cf0d926a5aaf173caa72ce0298bf5376ed0493f571aba36399690f2a47a1eacec83ca50508427e3f65618bb457dd101a07e10ef8e19f4aba111ba17d0859318cd8f45197e5ac7b01e81d7c654cd3d7d3684326c2923ce9b19f735ca4bbd45a4ef97faaeff4c189fe6d8fb61f7660d243d9841126a264a43db9ce303cfb0507ecb8c0ebca1bb87793218b848e9d096778c2ce23cb6f3e5ac0e348531ca09c427cfc90ee66eee3717f783450680b3379cd0a09a5b4617f67d4daaf7715ec0c785b42eefb1c03be53dce9d6b7b64d4295b42dd7666d629f90da4e3e00450b2a5e670e070a6286044174a196a96c621b986d6b9f772642ffbc57eb682dde20deed078476df6f3af7103562766ec9a2d19ec215222fe5e44636f6ad4f36db45791cd227c1f198df031bf5ce1fac5f03d2a6b1d139060d7903400960384598cf7303e91aa5b6e76d6036bfc72cff9b75847bb8cd39005395452b4b810a50c07751d2c8577d248902e0d7548cf19eb168c3eb444f1dd0f86230b4056303d5e1180b3e0689cabbb9263fa6af5efb6eae67e049822edb6fca9bbc499cf8affb97b837cfdecfee785eb64eb80506ae254d49a1ccaee9069417a5968430819bfdcde73d2d7c10453308cc0c9b3a18461eb09f63cb487922552b3e5ccc8614da7a8ef5d35b03c6e81c0ba1ee1dc5faf4c7ba9587d47d0d656fb29c8eb87902d59bf1f0fb3f2194fa58f7a98942b363529333be9ef198d1c9a76746eb9044f6a106375bfd11aa48bdfc15cf2df9a60550bebdc21021a0c76d63f04e9cb1d4c76a2795c7bed181c0dfd34e9997967a6fa2de18aee8f5a9c444d2b77faf28b60200ddfeb4148d3ac65f935b02ac71c5be5f0cf97fdac8cfdceb629634a64470cd8c1be6534392a380f412e94ae0601966eec83dbe382545f798b39d4870e9c7cb007876f7a97d22767073456716be31ba7515386b801b3811e6b10a8baff057885352d12193f0c61e93e688e93f94e1c047ab642eb9710700216be56d704a5508587319c5a750741964ec70e3b5efee11996907986d5c2dc1eab37b3a0cbef10e5e016856e804d11debcc5ea60e0e30bd534d97357ab8493b3abeba67015e1d62da688f4036fa4477dcd5ab15aac87a2bbe575379f1b13f71af2b6ea5500847e415a5b9d820773fa7d1dffa049001637b60c699b1602c4d2137f6264e55ef71e29d810ef79be08a20a3b40dae9fd49b3c70da80c042e6926ce64587a139931f14f52a52728cbcf091ce84419950ac028069eb2fb90a0563ec86f19bec8ae9d051bc7797b0c2114ffbae70210d8f20b0e4ba9bedfb73623a5b86d4088a82523f3c1b358c9a4e4872a5367fb3eb62f48d492714bba50ce84fd3ff8c58b99d34f7f5a638c37f6cc00ac1bbda9215042fa94076f6eafa0f298f5f792f782d3d42e88e0d31114f683c1c1c3a4969c9f211b59f339b5b1a2386edd7b20371e52a4e8fccab2124d452e6d88e7e338ac7024b7653718b07e30b7f7376ccf81407d230dd44a63d4d26c4f588279daacd5cc315f33cabd03b41bcad749507946c78cd0914391762c784f091b1377a3fafaf910952d475c13f9de924b253d81afae94ee4db3c32a8367dd1ed2f50590c04b5aaefa87fc3a2fc62943d846df5ced2ee5b35637cb80fb2de8a8bc643cfd59b2382f559732fc52670b66be584ce65ffd0363532b1c2a94ff288ae2899fee1e6a50c58109e3904b567531e156e07dca46a2fe3c219650d780f37b07933f6d8c73929b69be6bdd3f6fba4a2b793855923030edbeaa9b8edfe947721a00fc2ce968edb6f0d5da3459c915a904df2cd44d509ba499a18e214bcef0ae99571ce4afcb17a1c0ed7681f5fde4569f6f9fa53a0fb015743ced68b40bf438f98d8633debc9f7b04276adadd5aa72f2b772db18e4da0bb424414e143713468dcb6061563a6a76fdc66776ae98324d49ccebe624a6b10dae6c2d3cf50166883d9c9f398330a5b1b91089938612283f116ede8bc7a164bde2c3ce158d8b1cd9d3d5563defc362efcea0c43341c112fac7bd0e49e623e11304e7e7042ebcc261309c9938cc148fb4c161b38c437992d92b1b1edf868310481b6d05b88b77422453afd3e25975f50632642bf484b67204abad003592c55222fa08486e4594b91ce49e6613b656a233bfb0a54596e961f6a18d26d3db5", &(0x7f0000001440)=""/17, 0xeec, 0x0, 0x1000, 0x9a, &(0x7f0000001480)="4628120380e3782b12d9db9c9d74acd94fe16f499e67201a5003b8ebc9e503bb2d49c68b51aaaa7bac5c1855fd8c2ef1207eb5b191cd04e5fb7beed3de68f0ef1bc44d2d6ebb14357ec992e5a9a24557d73e34b64a906ba6198ab72fb2925d83b1f60eba90c7401edb844e81ce5fba469874d8b02d69f0db6c6e0bce71db7390c795914647ab11f6f9e40cf37ba5e78ecfaaa68907bf3f7c836fad6c1b4bc0f273de995b4fa65d95db843bca5e7238464a433b55364800da45bb2c15b80088b641ae44c3e0fe09b30a8a4fe1b7fa8c1a592b537d12a79af2c3ba763410dcaef6cd5c0b658577c7d280d84c64b24f2795ccc03868cd77661735e859962102f4b8c08ca805570f1a8d42d589732f8ef3b4d6106eb502bc040e7be95acf18a408eb46dc5502e408268cf88f727235f55e3c10bf7af6781054450a8b455fc8188d2b1d09e7a36781a3df195445047ce3481dc46815e9d1085da357ca97839343f9613b86094c570b7de2270e889c855201fc29ec06bfd004032e87908f43bac8ed407a7731772c32915bb549c9b3fd9d52a14156e231028af025d73d56405b585beda432504ef8e326b7e76cf3d240b7197f54be4aa936366931652c9aa44d383b2bdf7d4d9671c7509912a7deaf06ceed7073bcc490a10c3aea0be23b1d7ef550eff956628279fdb4de26dfcca6e18bad9294309b1d95d3f637156ca47377bb19bb228e0833b4e3929fdc6c828729d2b3e2b129beac870ee07516f949acb9698c32da6e70bf1929ffc456c7517a1ad2740c4473317831848cac7151da04417fdbbf77752a9d31731ba89f782165cae1eafb68d39b75b411332c121753f2a1503c8e45d66c96cc49336f7d326735f8401c4943abcfa7b47726cee5dff95281890d2f45ef7758697a80b08a9fe68dd0e8b90dbe3028c34431178cd7a41ca71bee8d6d668f8351ed17c06eef6a2200e3a0af332cd8e89bdf64893f429f9ba6649d3bcb756378da70775545b6b4ae6904077fd4a0b72e7b0062a3bc071e764f8a7a5fb50504030c3bb30334cf17d5b7c265831f999fe06941b979374ed34ce7f1a17d20712d8bebc3f269d2bb513603e5b00263fe5de43f7bb5bed85b08813a88b189f490f5ec9eab90c1ea0065db01a64583e65e2deb8266b41bc37fccfb6157c9c8426850d8b6eff8570d85bdb58c546814a87fafddf715988b5091f90f4367be99ab8710d9f385cf9e75029c8a82809505129fb48c6e53d158af59d7027fd9002b632699adb3afda041f5d58522f47e0c51defc0e5ef68bec08a3bd0ffaea55d13d717a5d38f44e81031e01ca9998a640b51d67c7855594bba173887edb643dd02eab935253fa75d46b14dca3b21f8669a64b77b2249df74a5dcd545f86831f248f94bd22e5aad91bd5806d0d174eddd1ba00ce73605972bd8da712558300f1e532751eaeed84c687161a341a68c9f0b20d2debcd7c2212d24cffe56f5833c21dce1e04cf45607cc4ed18039b788097621fcb155858eaae67bcdcd3c8259f6f6357c3cc0af65801a9241a34b73dced045c5d72046e6e8ae62f6c792a312d486d23363688e292dba83867bc148138151ba14bd545bd60016545b46e4b4843eb0dc7df800f73a6975395ae76aa521d524e0c70d65711de383c867571385c93ae229f3c92195d1763846760035d36ca9090587caab21b88a077142248330f4beac7f351284212459f8dba384a9fbce5f65f26469589ddd9b7ce2b2c91471cbdab0596e0542fd48cc36024307cbcd3c851ea00062a7395738cc51d95fd2378ed627a4b82309039241c5799c74494253cd1bf5180003a86cd3dd6a8b3003fe80a2adbd69635579647397772da84adbffa8bbbf67c990ec8f4b8aa8956eff6894202682c2700b462c141ad1a4ae5a3f345bf7916cf1c1c29f11ff952e015ef33647e6b25cd8bfeef3261f3b8ebbdaf2d16dd4bd022941bc85e479980936f3e4e09ea9e103140c1e368f1c350451a4a4dee886ff3250c6c92da5ab216147b720ca9e61b9075c1af0e01d6904a0b3327c5b0fbc3ca1feb6f1173b0eed4f95912a09e89293be08d83a5a0573fed16bfd3b690e0efd99205b5b16516f73c14104c1f95e522c34ce0433d8db3bced8884e376639d702285a03a1e3c4a84eb60007b6b782665c117acfe03da5c9cf7feb2a6bd03516ecc21fea8e5926fd76ed24e324a6819d3aa0bb6257a2e2a8487f67d3c61e071c4408e1258a075bcde5348207c16f0edd3b5414ec869768576038f27c06a76201d09380f37b9f9ec19888c6f3ed3036413a168b90af57659915bf522bb7bd26f9f3d038a62c0115f85c2b741b3326938b92db16f8871cf2a966a01cd27c6587f0c9ac187c64f8e4e6d911e819da343e5beec30e5bcd212f5edf4b960ee4ffaae427803792f1d98e706fcc33664540d1d1ffa01a8ce02ec1be855910ddb4bb6b92a7411254ae4a7069cf45c620716a29da7ce5aa2795b49b9aca6b3bf626a71e4f2939aa4f12175ca3a315ec1e17724863dadb59ffe5281c1b2e4eebe3745fb097fe26ccac786a45270bf3f32c1f2a7ca44bff46410ed85202a10b8720b1741c8401a409494fe32fc55b0183d9afa0ce607a494bde6e464d6e10fcf04f34567dbeddadfb5e43cf53ba20b01b3a0aecdf16b9f39c8485cd65086e1cd20957aa5c2b693a1a240d8334c01445b350ac6a6ae4635735b20aaf988d160466400aebe252e36c6c0377d297ab4ed5af7566ac9c0ab339b75e987903c69b776c175e363bdfc8d084c0faef10c47ce0aa99353ce65d310040169617e8ba0f2ba73647a3259ee418e1d702c4a869c7cc5d05ce43554c95cb5d209b2d66b57e20ea6b0f69f1190ccdbc73554b6fccfc12126cb0b508c74685449b2f3f80614466485869272e8515d9925b071027096ab3e015fd5ce25455f6ff06f68dee33f877e12e851d297a4d7c5a91576047c5d3e200591a0fd638c8dfa83d122b2eeeade35fbb3fd987c098c45cfdc232fe8c141104b6f6c6bcd9d0486ddb9be989232a1bda870a3ff3bbd8d9ee1aedaccaebf5930ff6bfe94796cc149c61c6e02b7d3f7c29796eb376aeed448cbfc9667d8dc1980c37af19b91da70858e29ad029f7e43151a62cc8be6c9e442d32fe374aac5f627b4957948775f64471342850882673df0c52566c26da2d79a67c17bc1044e57336ea6ceb3ec869fb0178e4057e1f19d49ed97b46341ef8be37b22980143fc7563ac49f4dc5dfec0b297994849a3f089221076c5b9930577e184674adbff03d87cc8da94b092e2520567279d8debc527b9194c158ef89a5685b9d4176e7bd89bea85298aee7a65fe793f055e2fb12210fe826f0284f0f62631eca547ecec1f48a01672d883d52abe2b43215de4e2cdafff47906a75ebaf09ce4e635d10085172d37f9a186e44fab1f2aecf33fbf6be78cb3b17acc7d493ac56ddc54f6a5867eb355d91a2d13e0f83922eb0616c48e7ab1d7408e2cc886bb92569ca1fe9a5ab7ff7b5c82fbef78603ad8b2f0534fa8c9316bd2f3a3cfe0a000687eb75d10ac7c372fa8bcb1508a31532bb12bb03926495bc341d64f3e1224c60e894b8ba0bce4b95a05860750f758a01cd03b3d56bfb7237d88fadb1d8ea070dc1468b559071fa33b663442a8da409794be6e5d67bf1bd4be0430ced9ed37170759472232a688bf815fd816958544f288f6cab82c55de6419a7cc99c7f4640c5af93bb5aff734437c98dc08ff9584b70e4df9d4d013283ce26a8e5c0d432c3e3dcb524cd7a8d0cb05f1c5f8fbb4b1ef93eb642415090d085bbd06caf121bc05b0825d4b05835de7d5cdc151053628e302800773d55369ce7e95a291fdbca54526e52df492e89f8f78ce174b0698df297de2862b11c4669276759c86a7b8425e45b66fbb3f354bd9381bbc3b3a9c054c723f6ee2ca5018a5a08e5c33603ddebe12f517994e0ace5583625b8f5cd51a7db89969758394fe366f76de3473ff3b85d30b0775e9a612327cc51d724113c321b50474e0ebdcd62c0581c26b2cd643f713bc6a8ea25d3242cf1aef6f8733e8488feb5ec5314c7b1798fca61c358e438cb4b276eee7f3bc0938b8e58269b40f9d85ff7dd5f4b899555ad8f475395713ad0d72fbb9d51d9ae4ca9ba5878a327372a0b79421093a24725fd74ab582911d0d8ce5624bd19eb7a56af46bfe6141195ff60665585d2693360ed5f6105077a937ad570ec635c9ed6b35ac2deff4999f69874cc37c117dd893f88f7575f5f735c40fa3c386b038e1ae8c17fc70c652d77d3b48f61f2726b1ff9aa2e8297465617328c726146949037e7ecabb70145876f1a9190bec17c8cca596019f24161877711a6a97f3d04b846982f272bdace42a1438c36e472eb2d78e056068ed62f1143b907c61958d580405d4c23312f56e297fb83f6ca3a4eba8f594956a1d81bc09e6d1db770f821605d52d1ef3f7139e3e505cffffdd9eaf272992338403111a24dbb1eea4c6ed146bc4bb9f2bad4f89fea85b7bd06368e0f258e8fb6a8f74b1497adbf7d9c6c781f9a5c237fde03ad793a5f4479d8ea1b002c15d278e33f2d55d744931cc154f817a0fdeeadef5b5d52ea785a73bdee95e06cfd5c4083b3320c7dd24d999ab14f238ee85ce78612ab7e6d9bf63d7d88fcd314d5b92e2fda2725897ff9883fb92750e97bd6bf3ed6f9d5863f3203afb67d3178204216cb92cc9adade6d71daec4a7483563ad5c95ccf541e5539085b9c846de0aef1f791a75ff327fda988ead8c6a8c1fa9b19b9379783d967b0f5f2be5a60db49430f59350d41c4c64dfc8aabe73312c67e024c6f29c39b2803b40faa4704c655bfb5367e65f14015b6465d983b0d193febfb5d516d43bd9d026cf8093b33061468dfa487393810254c5fa72b0ab33b173c86af1b35d09c9663abd0b1342a982927854237e7e5458587b2685826dc93b8a32b9e7e7f272e363b717c0cde8d6c4e8c360184cc9723c1a715100ec8442d16b8b4b826db6a37894b90a92e5497498c5c073fb0237b573bf11bfb9674772ac31c791544ecbc25e9e54e0d12225bb0d7db37c445508d505baf1f670c5454e4d2e22116152cc2334eaaa433f1cad4b30b4e913529cf2c94199172745f2b9e56a22eb904f7d4d6c6db8c0a7a5c44e6a16b281eb1008daeb666d9113c874e9148c8f4fa109fbc7d5c55560bbd0637b18d73df7144adf6a1d441d283f113628e9df57cea8f04c10635cd4c9bb949c6b3ed704579d18c63b0fdc4641cc4ce897c9053389a0ffa6ad033931c179af6e5990d856dde5ecadbd43eb94ed4a3f212927c6a1966f67c1acdeb1485858c534a9976b6f1e45cb020cce24d2088df4d539bd92540470af923b71cdb7eae4c9f1eedd2bdcc60ac043a7317f607e8fd214deff36c0b3b0bed295ddb9bb5ca061696a18cfc3cffb84399c300b906a7a3052ac2589f84ca9321983a06abce6d0dfdedc152401266d54822aa9581e74556821559bc0ff2d5a4e0a83dc78b560ffa71333f7410d15d942b1d5d55c063ccc3a2ac2e62772b67f5abd613ede86989c8bab8c7b28bdec08ddc3a975bcac630f8087bba08c848a9cd140115f60d4a2d1f7681433d8fed0e91eff7e803de55367380f187ad8989ffb068103d18adba57da1f2e65c5d36392cf1c3c2e968090a7c2812af8608c88ba4d888d77fc416e5e7eebf7d8e73b1f4fe55c6e5be2a15be31dc76063d861b14e35c9f4de6ae5b918911b815aaf4105e5ce443234dd693a26d9565359050f437b7ce2d5d70a7b", &(0x7f0000002480)="324be6191bf24e72f3d26fe3634e1e222cf22a593028da7e376ac8f93c2a82b481939711e5d5864f5fb9bcfcaec1df7cd5411ad70af5cb8cb1b25933e1129073aa195ee519173285c75cff79b9a652a56fe95d039089e6a180e843473b0e70dfe6fd5d053daff0ad4639266e9d08d1961c0f9d9995adf4d5b99f6de5066ef922c3dc2fc556597dd29d40962e887fbf8c4a14d8e56b49f10566c5", 0x0, 0x0, 0x76}, 0x50) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0x40, 0xff, 0x0, 0x0, 0x79c9, 0x800, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x208, 0x3, 0x12, 0x5, 0x0, 0xfffffffe, 0x81, 0x0, 0xbcbd, 0x0, 0x10001}, 0x0, 0x2, 0xffffffffffffffff, 0xa) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002880)={0xffffffffffffffff, 0xe0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000025c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, &(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002640)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000002680)=[{}], 0x8, 0x10, &(0x7f00000026c0), &(0x7f0000002700), 0x8, 0xda, 0x8, 0x8, &(0x7f0000002740)}}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='hrtimer_start\x00', r1}, 0x10) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000003c0)='+[+&^-\x00') (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xb5, &(0x7f0000000180)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002540)={r1, 0x0, 0x1000, 0x11, &(0x7f0000000440)="2519e3107fb804c75de459dbb413564bd09dc818e5aac62fc705cc0352c4ffbcb37b8a0afc86c58c6bb24930f0546bd0d35941544ae019c437639564b0a8af212c86192445c7b4c70808a336f7608a90786760dee26b22fe1eaae8b79b2f9f26253ace756f8f2b7d713876256f2f703042940dd5e9b7d01a81b08f088e59ea3e7ec77391d7638f1e61ca49cd5869a0ec74d534aba503676a10628dc999eed3aa20568a0ef0a3ab35ec85651dc912a2bf48e56ef11a19c01336c9d0e74160e538dd1b9cce63055d3f6d5688d3c17cbbe60a39d5a1c47b9a22bc04469e2085ddee707c7882740aa485a228e3266216b9eff1976df7f603ba404f38c72a17eb3a5adcc945fa6b645f292d2cc958fe154b26e9e6c02e45794c336bb3df9259e820845858be1c5145ee3d953c99afe076602d9d16ae9edbf4168842a73b0c56960b9beb39d718662fd02423cff023ecc04b4a7b398537220f9a3a79422be7d940d3ea6a3c914d8b637dd5eb2ba948569b2e4958c06979d68a5f1ac6652db619a3955bf9fea238a0297460cda48300335a9a7b06e0b15102354d0cff18a57d2c1388ffdb460d10cf917375db4a1d5fc366e0d1cf8a2fb3361cd812922c33355d0b36df1b11fed7d251c8b3d995ef17db2df7f4ad72a9b8663df89b6a1cef5ee37627cec692a93947b2e8f4933f8809f5f2379d9a5f5e8b72645e2a7b0784c45c5a511df440471cd05ca91a4a5987ca6616f4923a409d8d0bc3352ceebb2c9a1ab64e2443cd6536a4888d997854fabf9f0c12370ec1fdd76c3e4b80b917fce1dd9ebe8ccc7364d929dacb36a3c6abc15f5d88ef78141f9643c1f0fadadf157ce10b0c70635e4904ef26d6f71ed21edffa308ca388335576f8519344dbb72ffc0d5657e1c4e3cb66009c16cbcd10961e0a857368b43a52ec18b9edacc3630833a9e27bc7021f05f719b6fd5614a34f9ddeb6a400663b24ef7bf2909220c301b98f638c050c9dff9f42619a4a4b0952a265cd3b787428e7e88fa36b4964689e7d71c56c76bc2004811bf65b5a65b3ea48c783629ba3fb3e4f3cae1df857200922f8c89d58f3246e4e2f1d9a4aafe0244dd6fe1a9903623261359170dfe31a41c82b4c4fd1add60f01926803a283768fed16d59d585d186f2ab13eab499dbef21a447dfa82b4864471e210c3eda89c3d5ef7978db0233a6a5bdce41b1b6e6bf0c3ac9ab864b9bd0f8afba3eb1e26a43813922c31f656238c8f7e3c5941abfe6577c71ab5e4fc464fa7bce68f2881746610736d83f5f77281a65b16255972081decb416205fa28c52b91be9de107bb386f5f3f42cf60088572707b3f07699408a29ddb1a10f3df889b053f8c87bbeca0c5855bdace5c67617d629a27c61af78bf6b46fa28357716608711040339ede769d1d80b4172566e7206b669025b720a30165b4f833ee2b00c0ee0b023f9437580cd88d89a6ce222d7a46b082f2c76e21681580cde35ab013a05b3fe444975d2321cf52241fc44578f763e8b036ebf72d572643da463eb0652b6dd99333e8925c8e70d7c1a94e21312b6d6413a3ff42c609ab948b481f06a563bb786fe6575f53656d9a02cf2a4564b1a4e30d0d9da523e52c9e05074c4bc5a31170bd5d296a5be0483da52c3a6f91ebbe50766483f7d5643ae32fa50685c4cab80264cc9201eca7c4a3d059874c122967a0ce3b8ef91306800006490554a8c464ddeaa0f49b71f84596a552942926f8101e63ca333edc619aead9f71c891dc17723f6d49714697caf1b962dd6fca037941feb0c79cf61b12b353d343925b668bbdb4c017fec1a80fcc0050ea79079f8701714244bc452e0f3015dea60ae1c21a0605527a35c8857b4f9485525d92eacaa81e48a9b21350a3e16299fd1c48d8aa6c9ae56921a9bb9df6c7d9475f2a558f65fa928a5f9248c0b0aad40eb9516142d3708bea1f19793798d3e2b8e423cc8ccc2766e180b6bd61a32872d9c9b358de8252d35350694054286639ad8d33e70b70c355739088c002827e5c064aea6b01cca9f50fe57ddc4eda3be21e8ad3b7298f9c42bb3410e1771702a1bf56834c1d39662a0a5c28a4c39432f6bbb4e1d90b83a720560dae2fe79f0e4e5170913a2c68900ebe1899fd3a8732a297e34a37382e9799e0528e324ce011190469c2831f631f0f2c7b23ec0e07e049d4cbe9826d3eae2b595788ea86c06e0f8de203b7f37fc9ed010ec99d83cdddfaa41d22b8ebbc826702f3f534cb7577c9fc68be19fbceac5836911ce528af23d5f06c8f4f8f146ff5587452c017ed7905bbf86b38364089f3d6ffe05fd0994b17b63191f6cd4a039d02cc369bd24477098db91f287f8a1171dbb4b2d3b384e424b6305829966986c093c626dca491ccca24b4e0eac4a4a301de985970cd7e9d133f195da0424206e8ea3b461796978fbcd389e00e6eaf8d01b7b06b67ba1743f44615a29d9b4e0940055c9a7a6ea3e4a6ba780e13f1165879b6fbcbb3b2c1f2d2f44b8e4d1f34cfd94e3c6eddab6c81820bf32ff5b85e7a60b9fe1d0b7c89e6aa8dc68b58fe2b47d7ffbdab8bed0f6c709f1e5830d04be9bd7411760d44f0169751205285b9d9bc6d20eed5e34c306c4ec336f9392a2b2accd9488bbf2585d85539c66c385afa7f73f52dac2f987c8366684bd21a0d43d486f31a1c618d173d637fc398f23aa882cdb01b2eef90e677f22298f3abfcd39d7dd3ca52b2ea67c9c9661fa3e9d19ed3ba24ef0556b4161de141fe090396314fefe23d81c3d36b6b142a4e096f4fbf372e6171e119217853abcc917b9f74b2cef10803b57eb06a7947a1f6556cdb96156f826e6dcc0ae38a1dbefa6e8020ed225c906e9deea3d5dd9234ee5f1983b56bcb0a3fbbce35301ef81cdfb69019c929debfcc18bcb8e64fa00cdeaa598454a13695cadf94227f2ba5001012a9916456513427616e201f05272481f863b4776b40cb23405ead523e6707e35a7eee4ae87a85baec0f6a7fd203320d6d3267c2c40a1f677bd7a0369eddbefb498b9b790aabef181aba3679c6573252ce3f59bb6e2dde7c04a222fb26cb46827a8b72039583db79b9b1bd6ee01c0f4450de687f3a9f71c8ff1d286231c63225389fb87df6094b40d42e06d7eb0d4ed04e98170526a76335fd98b04c70270c968740b0d8b30d2e41d1b1b26c9009dc5d8748ea7750d0bd3f9f88c227730601c01fd5f7ec08f12334412150ef07404e162404eaa7adb522b64b41806fa0014614d823be27b64a6463b0894dd3445e127980f8d320b1131a06e3ae5347a32229edec1908125558e600329aac667472bba3aeadf79aa45baecea2cf1205c6c09f3394ea7a0cf1223b97d7f31f9f2433b396307ab2bd2437b6f498977cec01ddf762022590e2237e093c73f86186e12ca34a5447b7e3510a689aa407caa2e965768a839f8b4379e33f55894992389278eb980833642f71b672b15d06e12abda352087d7b09934c13e8fc8824a300b76a8d9e5d939a37f1eb36f76f6caa893e535920ea5bdbeb8c19c17f978bb0eeb0efeaa489c1e832a664295c3161972a5eb2a2d009831c87f5239b0ff18aef8cf0d926a5aaf173caa72ce0298bf5376ed0493f571aba36399690f2a47a1eacec83ca50508427e3f65618bb457dd101a07e10ef8e19f4aba111ba17d0859318cd8f45197e5ac7b01e81d7c654cd3d7d3684326c2923ce9b19f735ca4bbd45a4ef97faaeff4c189fe6d8fb61f7660d243d9841126a264a43db9ce303cfb0507ecb8c0ebca1bb87793218b848e9d096778c2ce23cb6f3e5ac0e348531ca09c427cfc90ee66eee3717f783450680b3379cd0a09a5b4617f67d4daaf7715ec0c785b42eefb1c03be53dce9d6b7b64d4295b42dd7666d629f90da4e3e00450b2a5e670e070a6286044174a196a96c621b986d6b9f772642ffbc57eb682dde20deed078476df6f3af7103562766ec9a2d19ec215222fe5e44636f6ad4f36db45791cd227c1f198df031bf5ce1fac5f03d2a6b1d139060d7903400960384598cf7303e91aa5b6e76d6036bfc72cff9b75847bb8cd39005395452b4b810a50c07751d2c8577d248902e0d7548cf19eb168c3eb444f1dd0f86230b4056303d5e1180b3e0689cabbb9263fa6af5efb6eae67e049822edb6fca9bbc499cf8affb97b837cfdecfee785eb64eb80506ae254d49a1ccaee9069417a5968430819bfdcde73d2d7c10453308cc0c9b3a18461eb09f63cb487922552b3e5ccc8614da7a8ef5d35b03c6e81c0ba1ee1dc5faf4c7ba9587d47d0d656fb29c8eb87902d59bf1f0fb3f2194fa58f7a98942b363529333be9ef198d1c9a76746eb9044f6a106375bfd11aa48bdfc15cf2df9a60550bebdc21021a0c76d63f04e9cb1d4c76a2795c7bed181c0dfd34e9997967a6fa2de18aee8f5a9c444d2b77faf28b60200ddfeb4148d3ac65f935b02ac71c5be5f0cf97fdac8cfdceb629634a64470cd8c1be6534392a380f412e94ae0601966eec83dbe382545f798b39d4870e9c7cb007876f7a97d22767073456716be31ba7515386b801b3811e6b10a8baff057885352d12193f0c61e93e688e93f94e1c047ab642eb9710700216be56d704a5508587319c5a750741964ec70e3b5efee11996907986d5c2dc1eab37b3a0cbef10e5e016856e804d11debcc5ea60e0e30bd534d97357ab8493b3abeba67015e1d62da688f4036fa4477dcd5ab15aac87a2bbe575379f1b13f71af2b6ea5500847e415a5b9d820773fa7d1dffa049001637b60c699b1602c4d2137f6264e55ef71e29d810ef79be08a20a3b40dae9fd49b3c70da80c042e6926ce64587a139931f14f52a52728cbcf091ce84419950ac028069eb2fb90a0563ec86f19bec8ae9d051bc7797b0c2114ffbae70210d8f20b0e4ba9bedfb73623a5b86d4088a82523f3c1b358c9a4e4872a5367fb3eb62f48d492714bba50ce84fd3ff8c58b99d34f7f5a638c37f6cc00ac1bbda9215042fa94076f6eafa0f298f5f792f782d3d42e88e0d31114f683c1c1c3a4969c9f211b59f339b5b1a2386edd7b20371e52a4e8fccab2124d452e6d88e7e338ac7024b7653718b07e30b7f7376ccf81407d230dd44a63d4d26c4f588279daacd5cc315f33cabd03b41bcad749507946c78cd0914391762c784f091b1377a3fafaf910952d475c13f9de924b253d81afae94ee4db3c32a8367dd1ed2f50590c04b5aaefa87fc3a2fc62943d846df5ced2ee5b35637cb80fb2de8a8bc643cfd59b2382f559732fc52670b66be584ce65ffd0363532b1c2a94ff288ae2899fee1e6a50c58109e3904b567531e156e07dca46a2fe3c219650d780f37b07933f6d8c73929b69be6bdd3f6fba4a2b793855923030edbeaa9b8edfe947721a00fc2ce968edb6f0d5da3459c915a904df2cd44d509ba499a18e214bcef0ae99571ce4afcb17a1c0ed7681f5fde4569f6f9fa53a0fb015743ced68b40bf438f98d8633debc9f7b04276adadd5aa72f2b772db18e4da0bb424414e143713468dcb6061563a6a76fdc66776ae98324d49ccebe624a6b10dae6c2d3cf50166883d9c9f398330a5b1b91089938612283f116ede8bc7a164bde2c3ce158d8b1cd9d3d5563defc362efcea0c43341c112fac7bd0e49e623e11304e7e7042ebcc261309c9938cc148fb4c161b38c437992d92b1b1edf868310481b6d05b88b77422453afd3e25975f50632642bf484b67204abad003592c55222fa08486e4594b91ce49e6613b656a233bfb0a54596e961f6a18d26d3db5", &(0x7f0000001440)=""/17, 0xeec, 0x0, 0x1000, 0x9a, &(0x7f0000001480)="4628120380e3782b12d9db9c9d74acd94fe16f499e67201a5003b8ebc9e503bb2d49c68b51aaaa7bac5c1855fd8c2ef1207eb5b191cd04e5fb7beed3de68f0ef1bc44d2d6ebb14357ec992e5a9a24557d73e34b64a906ba6198ab72fb2925d83b1f60eba90c7401edb844e81ce5fba469874d8b02d69f0db6c6e0bce71db7390c795914647ab11f6f9e40cf37ba5e78ecfaaa68907bf3f7c836fad6c1b4bc0f273de995b4fa65d95db843bca5e7238464a433b55364800da45bb2c15b80088b641ae44c3e0fe09b30a8a4fe1b7fa8c1a592b537d12a79af2c3ba763410dcaef6cd5c0b658577c7d280d84c64b24f2795ccc03868cd77661735e859962102f4b8c08ca805570f1a8d42d589732f8ef3b4d6106eb502bc040e7be95acf18a408eb46dc5502e408268cf88f727235f55e3c10bf7af6781054450a8b455fc8188d2b1d09e7a36781a3df195445047ce3481dc46815e9d1085da357ca97839343f9613b86094c570b7de2270e889c855201fc29ec06bfd004032e87908f43bac8ed407a7731772c32915bb549c9b3fd9d52a14156e231028af025d73d56405b585beda432504ef8e326b7e76cf3d240b7197f54be4aa936366931652c9aa44d383b2bdf7d4d9671c7509912a7deaf06ceed7073bcc490a10c3aea0be23b1d7ef550eff956628279fdb4de26dfcca6e18bad9294309b1d95d3f637156ca47377bb19bb228e0833b4e3929fdc6c828729d2b3e2b129beac870ee07516f949acb9698c32da6e70bf1929ffc456c7517a1ad2740c4473317831848cac7151da04417fdbbf77752a9d31731ba89f782165cae1eafb68d39b75b411332c121753f2a1503c8e45d66c96cc49336f7d326735f8401c4943abcfa7b47726cee5dff95281890d2f45ef7758697a80b08a9fe68dd0e8b90dbe3028c34431178cd7a41ca71bee8d6d668f8351ed17c06eef6a2200e3a0af332cd8e89bdf64893f429f9ba6649d3bcb756378da70775545b6b4ae6904077fd4a0b72e7b0062a3bc071e764f8a7a5fb50504030c3bb30334cf17d5b7c265831f999fe06941b979374ed34ce7f1a17d20712d8bebc3f269d2bb513603e5b00263fe5de43f7bb5bed85b08813a88b189f490f5ec9eab90c1ea0065db01a64583e65e2deb8266b41bc37fccfb6157c9c8426850d8b6eff8570d85bdb58c546814a87fafddf715988b5091f90f4367be99ab8710d9f385cf9e75029c8a82809505129fb48c6e53d158af59d7027fd9002b632699adb3afda041f5d58522f47e0c51defc0e5ef68bec08a3bd0ffaea55d13d717a5d38f44e81031e01ca9998a640b51d67c7855594bba173887edb643dd02eab935253fa75d46b14dca3b21f8669a64b77b2249df74a5dcd545f86831f248f94bd22e5aad91bd5806d0d174eddd1ba00ce73605972bd8da712558300f1e532751eaeed84c687161a341a68c9f0b20d2debcd7c2212d24cffe56f5833c21dce1e04cf45607cc4ed18039b788097621fcb155858eaae67bcdcd3c8259f6f6357c3cc0af65801a9241a34b73dced045c5d72046e6e8ae62f6c792a312d486d23363688e292dba83867bc148138151ba14bd545bd60016545b46e4b4843eb0dc7df800f73a6975395ae76aa521d524e0c70d65711de383c867571385c93ae229f3c92195d1763846760035d36ca9090587caab21b88a077142248330f4beac7f351284212459f8dba384a9fbce5f65f26469589ddd9b7ce2b2c91471cbdab0596e0542fd48cc36024307cbcd3c851ea00062a7395738cc51d95fd2378ed627a4b82309039241c5799c74494253cd1bf5180003a86cd3dd6a8b3003fe80a2adbd69635579647397772da84adbffa8bbbf67c990ec8f4b8aa8956eff6894202682c2700b462c141ad1a4ae5a3f345bf7916cf1c1c29f11ff952e015ef33647e6b25cd8bfeef3261f3b8ebbdaf2d16dd4bd022941bc85e479980936f3e4e09ea9e103140c1e368f1c350451a4a4dee886ff3250c6c92da5ab216147b720ca9e61b9075c1af0e01d6904a0b3327c5b0fbc3ca1feb6f1173b0eed4f95912a09e89293be08d83a5a0573fed16bfd3b690e0efd99205b5b16516f73c14104c1f95e522c34ce0433d8db3bced8884e376639d702285a03a1e3c4a84eb60007b6b782665c117acfe03da5c9cf7feb2a6bd03516ecc21fea8e5926fd76ed24e324a6819d3aa0bb6257a2e2a8487f67d3c61e071c4408e1258a075bcde5348207c16f0edd3b5414ec869768576038f27c06a76201d09380f37b9f9ec19888c6f3ed3036413a168b90af57659915bf522bb7bd26f9f3d038a62c0115f85c2b741b3326938b92db16f8871cf2a966a01cd27c6587f0c9ac187c64f8e4e6d911e819da343e5beec30e5bcd212f5edf4b960ee4ffaae427803792f1d98e706fcc33664540d1d1ffa01a8ce02ec1be855910ddb4bb6b92a7411254ae4a7069cf45c620716a29da7ce5aa2795b49b9aca6b3bf626a71e4f2939aa4f12175ca3a315ec1e17724863dadb59ffe5281c1b2e4eebe3745fb097fe26ccac786a45270bf3f32c1f2a7ca44bff46410ed85202a10b8720b1741c8401a409494fe32fc55b0183d9afa0ce607a494bde6e464d6e10fcf04f34567dbeddadfb5e43cf53ba20b01b3a0aecdf16b9f39c8485cd65086e1cd20957aa5c2b693a1a240d8334c01445b350ac6a6ae4635735b20aaf988d160466400aebe252e36c6c0377d297ab4ed5af7566ac9c0ab339b75e987903c69b776c175e363bdfc8d084c0faef10c47ce0aa99353ce65d310040169617e8ba0f2ba73647a3259ee418e1d702c4a869c7cc5d05ce43554c95cb5d209b2d66b57e20ea6b0f69f1190ccdbc73554b6fccfc12126cb0b508c74685449b2f3f80614466485869272e8515d9925b071027096ab3e015fd5ce25455f6ff06f68dee33f877e12e851d297a4d7c5a91576047c5d3e200591a0fd638c8dfa83d122b2eeeade35fbb3fd987c098c45cfdc232fe8c141104b6f6c6bcd9d0486ddb9be989232a1bda870a3ff3bbd8d9ee1aedaccaebf5930ff6bfe94796cc149c61c6e02b7d3f7c29796eb376aeed448cbfc9667d8dc1980c37af19b91da70858e29ad029f7e43151a62cc8be6c9e442d32fe374aac5f627b4957948775f64471342850882673df0c52566c26da2d79a67c17bc1044e57336ea6ceb3ec869fb0178e4057e1f19d49ed97b46341ef8be37b22980143fc7563ac49f4dc5dfec0b297994849a3f089221076c5b9930577e184674adbff03d87cc8da94b092e2520567279d8debc527b9194c158ef89a5685b9d4176e7bd89bea85298aee7a65fe793f055e2fb12210fe826f0284f0f62631eca547ecec1f48a01672d883d52abe2b43215de4e2cdafff47906a75ebaf09ce4e635d10085172d37f9a186e44fab1f2aecf33fbf6be78cb3b17acc7d493ac56ddc54f6a5867eb355d91a2d13e0f83922eb0616c48e7ab1d7408e2cc886bb92569ca1fe9a5ab7ff7b5c82fbef78603ad8b2f0534fa8c9316bd2f3a3cfe0a000687eb75d10ac7c372fa8bcb1508a31532bb12bb03926495bc341d64f3e1224c60e894b8ba0bce4b95a05860750f758a01cd03b3d56bfb7237d88fadb1d8ea070dc1468b559071fa33b663442a8da409794be6e5d67bf1bd4be0430ced9ed37170759472232a688bf815fd816958544f288f6cab82c55de6419a7cc99c7f4640c5af93bb5aff734437c98dc08ff9584b70e4df9d4d013283ce26a8e5c0d432c3e3dcb524cd7a8d0cb05f1c5f8fbb4b1ef93eb642415090d085bbd06caf121bc05b0825d4b05835de7d5cdc151053628e302800773d55369ce7e95a291fdbca54526e52df492e89f8f78ce174b0698df297de2862b11c4669276759c86a7b8425e45b66fbb3f354bd9381bbc3b3a9c054c723f6ee2ca5018a5a08e5c33603ddebe12f517994e0ace5583625b8f5cd51a7db89969758394fe366f76de3473ff3b85d30b0775e9a612327cc51d724113c321b50474e0ebdcd62c0581c26b2cd643f713bc6a8ea25d3242cf1aef6f8733e8488feb5ec5314c7b1798fca61c358e438cb4b276eee7f3bc0938b8e58269b40f9d85ff7dd5f4b899555ad8f475395713ad0d72fbb9d51d9ae4ca9ba5878a327372a0b79421093a24725fd74ab582911d0d8ce5624bd19eb7a56af46bfe6141195ff60665585d2693360ed5f6105077a937ad570ec635c9ed6b35ac2deff4999f69874cc37c117dd893f88f7575f5f735c40fa3c386b038e1ae8c17fc70c652d77d3b48f61f2726b1ff9aa2e8297465617328c726146949037e7ecabb70145876f1a9190bec17c8cca596019f24161877711a6a97f3d04b846982f272bdace42a1438c36e472eb2d78e056068ed62f1143b907c61958d580405d4c23312f56e297fb83f6ca3a4eba8f594956a1d81bc09e6d1db770f821605d52d1ef3f7139e3e505cffffdd9eaf272992338403111a24dbb1eea4c6ed146bc4bb9f2bad4f89fea85b7bd06368e0f258e8fb6a8f74b1497adbf7d9c6c781f9a5c237fde03ad793a5f4479d8ea1b002c15d278e33f2d55d744931cc154f817a0fdeeadef5b5d52ea785a73bdee95e06cfd5c4083b3320c7dd24d999ab14f238ee85ce78612ab7e6d9bf63d7d88fcd314d5b92e2fda2725897ff9883fb92750e97bd6bf3ed6f9d5863f3203afb67d3178204216cb92cc9adade6d71daec4a7483563ad5c95ccf541e5539085b9c846de0aef1f791a75ff327fda988ead8c6a8c1fa9b19b9379783d967b0f5f2be5a60db49430f59350d41c4c64dfc8aabe73312c67e024c6f29c39b2803b40faa4704c655bfb5367e65f14015b6465d983b0d193febfb5d516d43bd9d026cf8093b33061468dfa487393810254c5fa72b0ab33b173c86af1b35d09c9663abd0b1342a982927854237e7e5458587b2685826dc93b8a32b9e7e7f272e363b717c0cde8d6c4e8c360184cc9723c1a715100ec8442d16b8b4b826db6a37894b90a92e5497498c5c073fb0237b573bf11bfb9674772ac31c791544ecbc25e9e54e0d12225bb0d7db37c445508d505baf1f670c5454e4d2e22116152cc2334eaaa433f1cad4b30b4e913529cf2c94199172745f2b9e56a22eb904f7d4d6c6db8c0a7a5c44e6a16b281eb1008daeb666d9113c874e9148c8f4fa109fbc7d5c55560bbd0637b18d73df7144adf6a1d441d283f113628e9df57cea8f04c10635cd4c9bb949c6b3ed704579d18c63b0fdc4641cc4ce897c9053389a0ffa6ad033931c179af6e5990d856dde5ecadbd43eb94ed4a3f212927c6a1966f67c1acdeb1485858c534a9976b6f1e45cb020cce24d2088df4d539bd92540470af923b71cdb7eae4c9f1eedd2bdcc60ac043a7317f607e8fd214deff36c0b3b0bed295ddb9bb5ca061696a18cfc3cffb84399c300b906a7a3052ac2589f84ca9321983a06abce6d0dfdedc152401266d54822aa9581e74556821559bc0ff2d5a4e0a83dc78b560ffa71333f7410d15d942b1d5d55c063ccc3a2ac2e62772b67f5abd613ede86989c8bab8c7b28bdec08ddc3a975bcac630f8087bba08c848a9cd140115f60d4a2d1f7681433d8fed0e91eff7e803de55367380f187ad8989ffb068103d18adba57da1f2e65c5d36392cf1c3c2e968090a7c2812af8608c88ba4d888d77fc416e5e7eebf7d8e73b1f4fe55c6e5be2a15be31dc76063d861b14e35c9f4de6ae5b918911b815aaf4105e5ce443234dd693a26d9565359050f437b7ce2d5d70a7b", &(0x7f0000002480)="324be6191bf24e72f3d26fe3634e1e222cf22a593028da7e376ac8f93c2a82b481939711e5d5864f5fb9bcfcaec1df7cd5411ad70af5cb8cb1b25933e1129073aa195ee519173285c75cff79b9a652a56fe95d039089e6a180e843473b0e70dfe6fd5d053daff0ad4639266e9d08d1961c0f9d9995adf4d5b99f6de5066ef922c3dc2fc556597dd29d40962e887fbf8c4a14d8e56b49f10566c5", 0x0, 0x0, 0x76}, 0x50) (async) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0x40, 0xff, 0x0, 0x0, 0x79c9, 0x800, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x208, 0x3, 0x12, 0x5, 0x0, 0xfffffffe, 0x81, 0x0, 0xbcbd, 0x0, 0x10001}, 0x0, 0x2, 0xffffffffffffffff, 0xa) (async) 14:13:51 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) r5 = syz_clone(0x40000000, &(0x7f00000001c0)="f1a3df3c35fbb79ae2fa85ed5efc3c0c83e53b2d6eb3c0c92ce14d47d345475f1640cc23f00e0c0bf9aeb65cd1bb562c97182f15d5b7", 0x36, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="7e6538db9c7aba90bb1d7a20af8de6412524daa3624e426a11a273") perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x5, 0x8, 0x8, 0x2, 0x0, 0x6, 0x40, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x10298, 0x8, 0xca0, 0x4, 0x5, 0x7, 0xa4, 0x0, 0x1, 0x0, 0x5e2}, r5, 0xc, r2, 0x10) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_type(r6, &(0x7f0000000000), 0x248800) openat$cgroup_ro(r6, &(0x7f00000003c0)='rdma.current\x00', 0x0, 0x0) [ 1922.788774][ T6164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1922.796674][ T6164] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1922.805276][ T6164] 14:13:51 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0x0, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:51 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002880)={0xffffffffffffffff, 0xe0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000025c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, &(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002640)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000002680)=[{}], 0x8, 0x10, &(0x7f00000026c0), &(0x7f0000002700), 0x8, 0xda, 0x8, 0x8, &(0x7f0000002740)}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='hrtimer_start\x00', r1}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000003c0)='+[+&^-\x00') bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xb5, &(0x7f0000000180)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002540)={r1, 0x0, 0x1000, 0x11, &(0x7f0000000440)="2519e3107fb804c75de459dbb413564bd09dc818e5aac62fc705cc0352c4ffbcb37b8a0afc86c58c6bb24930f0546bd0d35941544ae019c437639564b0a8af212c86192445c7b4c70808a336f7608a90786760dee26b22fe1eaae8b79b2f9f26253ace756f8f2b7d713876256f2f703042940dd5e9b7d01a81b08f088e59ea3e7ec77391d7638f1e61ca49cd5869a0ec74d534aba503676a10628dc999eed3aa20568a0ef0a3ab35ec85651dc912a2bf48e56ef11a19c01336c9d0e74160e538dd1b9cce63055d3f6d5688d3c17cbbe60a39d5a1c47b9a22bc04469e2085ddee707c7882740aa485a228e3266216b9eff1976df7f603ba404f38c72a17eb3a5adcc945fa6b645f292d2cc958fe154b26e9e6c02e45794c336bb3df9259e820845858be1c5145ee3d953c99afe076602d9d16ae9edbf4168842a73b0c56960b9beb39d718662fd02423cff023ecc04b4a7b398537220f9a3a79422be7d940d3ea6a3c914d8b637dd5eb2ba948569b2e4958c06979d68a5f1ac6652db619a3955bf9fea238a0297460cda48300335a9a7b06e0b15102354d0cff18a57d2c1388ffdb460d10cf917375db4a1d5fc366e0d1cf8a2fb3361cd812922c33355d0b36df1b11fed7d251c8b3d995ef17db2df7f4ad72a9b8663df89b6a1cef5ee37627cec692a93947b2e8f4933f8809f5f2379d9a5f5e8b72645e2a7b0784c45c5a511df440471cd05ca91a4a5987ca6616f4923a409d8d0bc3352ceebb2c9a1ab64e2443cd6536a4888d997854fabf9f0c12370ec1fdd76c3e4b80b917fce1dd9ebe8ccc7364d929dacb36a3c6abc15f5d88ef78141f9643c1f0fadadf157ce10b0c70635e4904ef26d6f71ed21edffa308ca388335576f8519344dbb72ffc0d5657e1c4e3cb66009c16cbcd10961e0a857368b43a52ec18b9edacc3630833a9e27bc7021f05f719b6fd5614a34f9ddeb6a400663b24ef7bf2909220c301b98f638c050c9dff9f42619a4a4b0952a265cd3b787428e7e88fa36b4964689e7d71c56c76bc2004811bf65b5a65b3ea48c783629ba3fb3e4f3cae1df857200922f8c89d58f3246e4e2f1d9a4aafe0244dd6fe1a9903623261359170dfe31a41c82b4c4fd1add60f01926803a283768fed16d59d585d186f2ab13eab499dbef21a447dfa82b4864471e210c3eda89c3d5ef7978db0233a6a5bdce41b1b6e6bf0c3ac9ab864b9bd0f8afba3eb1e26a43813922c31f656238c8f7e3c5941abfe6577c71ab5e4fc464fa7bce68f2881746610736d83f5f77281a65b16255972081decb416205fa28c52b91be9de107bb386f5f3f42cf60088572707b3f07699408a29ddb1a10f3df889b053f8c87bbeca0c5855bdace5c67617d629a27c61af78bf6b46fa28357716608711040339ede769d1d80b4172566e7206b669025b720a30165b4f833ee2b00c0ee0b023f9437580cd88d89a6ce222d7a46b082f2c76e21681580cde35ab013a05b3fe444975d2321cf52241fc44578f763e8b036ebf72d572643da463eb0652b6dd99333e8925c8e70d7c1a94e21312b6d6413a3ff42c609ab948b481f06a563bb786fe6575f53656d9a02cf2a4564b1a4e30d0d9da523e52c9e05074c4bc5a31170bd5d296a5be0483da52c3a6f91ebbe50766483f7d5643ae32fa50685c4cab80264cc9201eca7c4a3d059874c122967a0ce3b8ef91306800006490554a8c464ddeaa0f49b71f84596a552942926f8101e63ca333edc619aead9f71c891dc17723f6d49714697caf1b962dd6fca037941feb0c79cf61b12b353d343925b668bbdb4c017fec1a80fcc0050ea79079f8701714244bc452e0f3015dea60ae1c21a0605527a35c8857b4f9485525d92eacaa81e48a9b21350a3e16299fd1c48d8aa6c9ae56921a9bb9df6c7d9475f2a558f65fa928a5f9248c0b0aad40eb9516142d3708bea1f19793798d3e2b8e423cc8ccc2766e180b6bd61a32872d9c9b358de8252d35350694054286639ad8d33e70b70c355739088c002827e5c064aea6b01cca9f50fe57ddc4eda3be21e8ad3b7298f9c42bb3410e1771702a1bf56834c1d39662a0a5c28a4c39432f6bbb4e1d90b83a720560dae2fe79f0e4e5170913a2c68900ebe1899fd3a8732a297e34a37382e9799e0528e324ce011190469c2831f631f0f2c7b23ec0e07e049d4cbe9826d3eae2b595788ea86c06e0f8de203b7f37fc9ed010ec99d83cdddfaa41d22b8ebbc826702f3f534cb7577c9fc68be19fbceac5836911ce528af23d5f06c8f4f8f146ff5587452c017ed7905bbf86b38364089f3d6ffe05fd0994b17b63191f6cd4a039d02cc369bd24477098db91f287f8a1171dbb4b2d3b384e424b6305829966986c093c626dca491ccca24b4e0eac4a4a301de985970cd7e9d133f195da0424206e8ea3b461796978fbcd389e00e6eaf8d01b7b06b67ba1743f44615a29d9b4e0940055c9a7a6ea3e4a6ba780e13f1165879b6fbcbb3b2c1f2d2f44b8e4d1f34cfd94e3c6eddab6c81820bf32ff5b85e7a60b9fe1d0b7c89e6aa8dc68b58fe2b47d7ffbdab8bed0f6c709f1e5830d04be9bd7411760d44f0169751205285b9d9bc6d20eed5e34c306c4ec336f9392a2b2accd9488bbf2585d85539c66c385afa7f73f52dac2f987c8366684bd21a0d43d486f31a1c618d173d637fc398f23aa882cdb01b2eef90e677f22298f3abfcd39d7dd3ca52b2ea67c9c9661fa3e9d19ed3ba24ef0556b4161de141fe090396314fefe23d81c3d36b6b142a4e096f4fbf372e6171e119217853abcc917b9f74b2cef10803b57eb06a7947a1f6556cdb96156f826e6dcc0ae38a1dbefa6e8020ed225c906e9deea3d5dd9234ee5f1983b56bcb0a3fbbce35301ef81cdfb69019c929debfcc18bcb8e64fa00cdeaa598454a13695cadf94227f2ba5001012a9916456513427616e201f05272481f863b4776b40cb23405ead523e6707e35a7eee4ae87a85baec0f6a7fd203320d6d3267c2c40a1f677bd7a0369eddbefb498b9b790aabef181aba3679c6573252ce3f59bb6e2dde7c04a222fb26cb46827a8b72039583db79b9b1bd6ee01c0f4450de687f3a9f71c8ff1d286231c63225389fb87df6094b40d42e06d7eb0d4ed04e98170526a76335fd98b04c70270c968740b0d8b30d2e41d1b1b26c9009dc5d8748ea7750d0bd3f9f88c227730601c01fd5f7ec08f12334412150ef07404e162404eaa7adb522b64b41806fa0014614d823be27b64a6463b0894dd3445e127980f8d320b1131a06e3ae5347a32229edec1908125558e600329aac667472bba3aeadf79aa45baecea2cf1205c6c09f3394ea7a0cf1223b97d7f31f9f2433b396307ab2bd2437b6f498977cec01ddf762022590e2237e093c73f86186e12ca34a5447b7e3510a689aa407caa2e965768a839f8b4379e33f55894992389278eb980833642f71b672b15d06e12abda352087d7b09934c13e8fc8824a300b76a8d9e5d939a37f1eb36f76f6caa893e535920ea5bdbeb8c19c17f978bb0eeb0efeaa489c1e832a664295c3161972a5eb2a2d009831c87f5239b0ff18aef8cf0d926a5aaf173caa72ce0298bf5376ed0493f571aba36399690f2a47a1eacec83ca50508427e3f65618bb457dd101a07e10ef8e19f4aba111ba17d0859318cd8f45197e5ac7b01e81d7c654cd3d7d3684326c2923ce9b19f735ca4bbd45a4ef97faaeff4c189fe6d8fb61f7660d243d9841126a264a43db9ce303cfb0507ecb8c0ebca1bb87793218b848e9d096778c2ce23cb6f3e5ac0e348531ca09c427cfc90ee66eee3717f783450680b3379cd0a09a5b4617f67d4daaf7715ec0c785b42eefb1c03be53dce9d6b7b64d4295b42dd7666d629f90da4e3e00450b2a5e670e070a6286044174a196a96c621b986d6b9f772642ffbc57eb682dde20deed078476df6f3af7103562766ec9a2d19ec215222fe5e44636f6ad4f36db45791cd227c1f198df031bf5ce1fac5f03d2a6b1d139060d7903400960384598cf7303e91aa5b6e76d6036bfc72cff9b75847bb8cd39005395452b4b810a50c07751d2c8577d248902e0d7548cf19eb168c3eb444f1dd0f86230b4056303d5e1180b3e0689cabbb9263fa6af5efb6eae67e049822edb6fca9bbc499cf8affb97b837cfdecfee785eb64eb80506ae254d49a1ccaee9069417a5968430819bfdcde73d2d7c10453308cc0c9b3a18461eb09f63cb487922552b3e5ccc8614da7a8ef5d35b03c6e81c0ba1ee1dc5faf4c7ba9587d47d0d656fb29c8eb87902d59bf1f0fb3f2194fa58f7a98942b363529333be9ef198d1c9a76746eb9044f6a106375bfd11aa48bdfc15cf2df9a60550bebdc21021a0c76d63f04e9cb1d4c76a2795c7bed181c0dfd34e9997967a6fa2de18aee8f5a9c444d2b77faf28b60200ddfeb4148d3ac65f935b02ac71c5be5f0cf97fdac8cfdceb629634a64470cd8c1be6534392a380f412e94ae0601966eec83dbe382545f798b39d4870e9c7cb007876f7a97d22767073456716be31ba7515386b801b3811e6b10a8baff057885352d12193f0c61e93e688e93f94e1c047ab642eb9710700216be56d704a5508587319c5a750741964ec70e3b5efee11996907986d5c2dc1eab37b3a0cbef10e5e016856e804d11debcc5ea60e0e30bd534d97357ab8493b3abeba67015e1d62da688f4036fa4477dcd5ab15aac87a2bbe575379f1b13f71af2b6ea5500847e415a5b9d820773fa7d1dffa049001637b60c699b1602c4d2137f6264e55ef71e29d810ef79be08a20a3b40dae9fd49b3c70da80c042e6926ce64587a139931f14f52a52728cbcf091ce84419950ac028069eb2fb90a0563ec86f19bec8ae9d051bc7797b0c2114ffbae70210d8f20b0e4ba9bedfb73623a5b86d4088a82523f3c1b358c9a4e4872a5367fb3eb62f48d492714bba50ce84fd3ff8c58b99d34f7f5a638c37f6cc00ac1bbda9215042fa94076f6eafa0f298f5f792f782d3d42e88e0d31114f683c1c1c3a4969c9f211b59f339b5b1a2386edd7b20371e52a4e8fccab2124d452e6d88e7e338ac7024b7653718b07e30b7f7376ccf81407d230dd44a63d4d26c4f588279daacd5cc315f33cabd03b41bcad749507946c78cd0914391762c784f091b1377a3fafaf910952d475c13f9de924b253d81afae94ee4db3c32a8367dd1ed2f50590c04b5aaefa87fc3a2fc62943d846df5ced2ee5b35637cb80fb2de8a8bc643cfd59b2382f559732fc52670b66be584ce65ffd0363532b1c2a94ff288ae2899fee1e6a50c58109e3904b567531e156e07dca46a2fe3c219650d780f37b07933f6d8c73929b69be6bdd3f6fba4a2b793855923030edbeaa9b8edfe947721a00fc2ce968edb6f0d5da3459c915a904df2cd44d509ba499a18e214bcef0ae99571ce4afcb17a1c0ed7681f5fde4569f6f9fa53a0fb015743ced68b40bf438f98d8633debc9f7b04276adadd5aa72f2b772db18e4da0bb424414e143713468dcb6061563a6a76fdc66776ae98324d49ccebe624a6b10dae6c2d3cf50166883d9c9f398330a5b1b91089938612283f116ede8bc7a164bde2c3ce158d8b1cd9d3d5563defc362efcea0c43341c112fac7bd0e49e623e11304e7e7042ebcc261309c9938cc148fb4c161b38c437992d92b1b1edf868310481b6d05b88b77422453afd3e25975f50632642bf484b67204abad003592c55222fa08486e4594b91ce49e6613b656a233bfb0a54596e961f6a18d26d3db5", &(0x7f0000001440)=""/17, 0xeec, 0x0, 0x1000, 0x9a, &(0x7f0000001480)="4628120380e3782b12d9db9c9d74acd94fe16f499e67201a5003b8ebc9e503bb2d49c68b51aaaa7bac5c1855fd8c2ef1207eb5b191cd04e5fb7beed3de68f0ef1bc44d2d6ebb14357ec992e5a9a24557d73e34b64a906ba6198ab72fb2925d83b1f60eba90c7401edb844e81ce5fba469874d8b02d69f0db6c6e0bce71db7390c795914647ab11f6f9e40cf37ba5e78ecfaaa68907bf3f7c836fad6c1b4bc0f273de995b4fa65d95db843bca5e7238464a433b55364800da45bb2c15b80088b641ae44c3e0fe09b30a8a4fe1b7fa8c1a592b537d12a79af2c3ba763410dcaef6cd5c0b658577c7d280d84c64b24f2795ccc03868cd77661735e859962102f4b8c08ca805570f1a8d42d589732f8ef3b4d6106eb502bc040e7be95acf18a408eb46dc5502e408268cf88f727235f55e3c10bf7af6781054450a8b455fc8188d2b1d09e7a36781a3df195445047ce3481dc46815e9d1085da357ca97839343f9613b86094c570b7de2270e889c855201fc29ec06bfd004032e87908f43bac8ed407a7731772c32915bb549c9b3fd9d52a14156e231028af025d73d56405b585beda432504ef8e326b7e76cf3d240b7197f54be4aa936366931652c9aa44d383b2bdf7d4d9671c7509912a7deaf06ceed7073bcc490a10c3aea0be23b1d7ef550eff956628279fdb4de26dfcca6e18bad9294309b1d95d3f637156ca47377bb19bb228e0833b4e3929fdc6c828729d2b3e2b129beac870ee07516f949acb9698c32da6e70bf1929ffc456c7517a1ad2740c4473317831848cac7151da04417fdbbf77752a9d31731ba89f782165cae1eafb68d39b75b411332c121753f2a1503c8e45d66c96cc49336f7d326735f8401c4943abcfa7b47726cee5dff95281890d2f45ef7758697a80b08a9fe68dd0e8b90dbe3028c34431178cd7a41ca71bee8d6d668f8351ed17c06eef6a2200e3a0af332cd8e89bdf64893f429f9ba6649d3bcb756378da70775545b6b4ae6904077fd4a0b72e7b0062a3bc071e764f8a7a5fb50504030c3bb30334cf17d5b7c265831f999fe06941b979374ed34ce7f1a17d20712d8bebc3f269d2bb513603e5b00263fe5de43f7bb5bed85b08813a88b189f490f5ec9eab90c1ea0065db01a64583e65e2deb8266b41bc37fccfb6157c9c8426850d8b6eff8570d85bdb58c546814a87fafddf715988b5091f90f4367be99ab8710d9f385cf9e75029c8a82809505129fb48c6e53d158af59d7027fd9002b632699adb3afda041f5d58522f47e0c51defc0e5ef68bec08a3bd0ffaea55d13d717a5d38f44e81031e01ca9998a640b51d67c7855594bba173887edb643dd02eab935253fa75d46b14dca3b21f8669a64b77b2249df74a5dcd545f86831f248f94bd22e5aad91bd5806d0d174eddd1ba00ce73605972bd8da712558300f1e532751eaeed84c687161a341a68c9f0b20d2debcd7c2212d24cffe56f5833c21dce1e04cf45607cc4ed18039b788097621fcb155858eaae67bcdcd3c8259f6f6357c3cc0af65801a9241a34b73dced045c5d72046e6e8ae62f6c792a312d486d23363688e292dba83867bc148138151ba14bd545bd60016545b46e4b4843eb0dc7df800f73a6975395ae76aa521d524e0c70d65711de383c867571385c93ae229f3c92195d1763846760035d36ca9090587caab21b88a077142248330f4beac7f351284212459f8dba384a9fbce5f65f26469589ddd9b7ce2b2c91471cbdab0596e0542fd48cc36024307cbcd3c851ea00062a7395738cc51d95fd2378ed627a4b82309039241c5799c74494253cd1bf5180003a86cd3dd6a8b3003fe80a2adbd69635579647397772da84adbffa8bbbf67c990ec8f4b8aa8956eff6894202682c2700b462c141ad1a4ae5a3f345bf7916cf1c1c29f11ff952e015ef33647e6b25cd8bfeef3261f3b8ebbdaf2d16dd4bd022941bc85e479980936f3e4e09ea9e103140c1e368f1c350451a4a4dee886ff3250c6c92da5ab216147b720ca9e61b9075c1af0e01d6904a0b3327c5b0fbc3ca1feb6f1173b0eed4f95912a09e89293be08d83a5a0573fed16bfd3b690e0efd99205b5b16516f73c14104c1f95e522c34ce0433d8db3bced8884e376639d702285a03a1e3c4a84eb60007b6b782665c117acfe03da5c9cf7feb2a6bd03516ecc21fea8e5926fd76ed24e324a6819d3aa0bb6257a2e2a8487f67d3c61e071c4408e1258a075bcde5348207c16f0edd3b5414ec869768576038f27c06a76201d09380f37b9f9ec19888c6f3ed3036413a168b90af57659915bf522bb7bd26f9f3d038a62c0115f85c2b741b3326938b92db16f8871cf2a966a01cd27c6587f0c9ac187c64f8e4e6d911e819da343e5beec30e5bcd212f5edf4b960ee4ffaae427803792f1d98e706fcc33664540d1d1ffa01a8ce02ec1be855910ddb4bb6b92a7411254ae4a7069cf45c620716a29da7ce5aa2795b49b9aca6b3bf626a71e4f2939aa4f12175ca3a315ec1e17724863dadb59ffe5281c1b2e4eebe3745fb097fe26ccac786a45270bf3f32c1f2a7ca44bff46410ed85202a10b8720b1741c8401a409494fe32fc55b0183d9afa0ce607a494bde6e464d6e10fcf04f34567dbeddadfb5e43cf53ba20b01b3a0aecdf16b9f39c8485cd65086e1cd20957aa5c2b693a1a240d8334c01445b350ac6a6ae4635735b20aaf988d160466400aebe252e36c6c0377d297ab4ed5af7566ac9c0ab339b75e987903c69b776c175e363bdfc8d084c0faef10c47ce0aa99353ce65d310040169617e8ba0f2ba73647a3259ee418e1d702c4a869c7cc5d05ce43554c95cb5d209b2d66b57e20ea6b0f69f1190ccdbc73554b6fccfc12126cb0b508c74685449b2f3f80614466485869272e8515d9925b071027096ab3e015fd5ce25455f6ff06f68dee33f877e12e851d297a4d7c5a91576047c5d3e200591a0fd638c8dfa83d122b2eeeade35fbb3fd987c098c45cfdc232fe8c141104b6f6c6bcd9d0486ddb9be989232a1bda870a3ff3bbd8d9ee1aedaccaebf5930ff6bfe94796cc149c61c6e02b7d3f7c29796eb376aeed448cbfc9667d8dc1980c37af19b91da70858e29ad029f7e43151a62cc8be6c9e442d32fe374aac5f627b4957948775f64471342850882673df0c52566c26da2d79a67c17bc1044e57336ea6ceb3ec869fb0178e4057e1f19d49ed97b46341ef8be37b22980143fc7563ac49f4dc5dfec0b297994849a3f089221076c5b9930577e184674adbff03d87cc8da94b092e2520567279d8debc527b9194c158ef89a5685b9d4176e7bd89bea85298aee7a65fe793f055e2fb12210fe826f0284f0f62631eca547ecec1f48a01672d883d52abe2b43215de4e2cdafff47906a75ebaf09ce4e635d10085172d37f9a186e44fab1f2aecf33fbf6be78cb3b17acc7d493ac56ddc54f6a5867eb355d91a2d13e0f83922eb0616c48e7ab1d7408e2cc886bb92569ca1fe9a5ab7ff7b5c82fbef78603ad8b2f0534fa8c9316bd2f3a3cfe0a000687eb75d10ac7c372fa8bcb1508a31532bb12bb03926495bc341d64f3e1224c60e894b8ba0bce4b95a05860750f758a01cd03b3d56bfb7237d88fadb1d8ea070dc1468b559071fa33b663442a8da409794be6e5d67bf1bd4be0430ced9ed37170759472232a688bf815fd816958544f288f6cab82c55de6419a7cc99c7f4640c5af93bb5aff734437c98dc08ff9584b70e4df9d4d013283ce26a8e5c0d432c3e3dcb524cd7a8d0cb05f1c5f8fbb4b1ef93eb642415090d085bbd06caf121bc05b0825d4b05835de7d5cdc151053628e302800773d55369ce7e95a291fdbca54526e52df492e89f8f78ce174b0698df297de2862b11c4669276759c86a7b8425e45b66fbb3f354bd9381bbc3b3a9c054c723f6ee2ca5018a5a08e5c33603ddebe12f517994e0ace5583625b8f5cd51a7db89969758394fe366f76de3473ff3b85d30b0775e9a612327cc51d724113c321b50474e0ebdcd62c0581c26b2cd643f713bc6a8ea25d3242cf1aef6f8733e8488feb5ec5314c7b1798fca61c358e438cb4b276eee7f3bc0938b8e58269b40f9d85ff7dd5f4b899555ad8f475395713ad0d72fbb9d51d9ae4ca9ba5878a327372a0b79421093a24725fd74ab582911d0d8ce5624bd19eb7a56af46bfe6141195ff60665585d2693360ed5f6105077a937ad570ec635c9ed6b35ac2deff4999f69874cc37c117dd893f88f7575f5f735c40fa3c386b038e1ae8c17fc70c652d77d3b48f61f2726b1ff9aa2e8297465617328c726146949037e7ecabb70145876f1a9190bec17c8cca596019f24161877711a6a97f3d04b846982f272bdace42a1438c36e472eb2d78e056068ed62f1143b907c61958d580405d4c23312f56e297fb83f6ca3a4eba8f594956a1d81bc09e6d1db770f821605d52d1ef3f7139e3e505cffffdd9eaf272992338403111a24dbb1eea4c6ed146bc4bb9f2bad4f89fea85b7bd06368e0f258e8fb6a8f74b1497adbf7d9c6c781f9a5c237fde03ad793a5f4479d8ea1b002c15d278e33f2d55d744931cc154f817a0fdeeadef5b5d52ea785a73bdee95e06cfd5c4083b3320c7dd24d999ab14f238ee85ce78612ab7e6d9bf63d7d88fcd314d5b92e2fda2725897ff9883fb92750e97bd6bf3ed6f9d5863f3203afb67d3178204216cb92cc9adade6d71daec4a7483563ad5c95ccf541e5539085b9c846de0aef1f791a75ff327fda988ead8c6a8c1fa9b19b9379783d967b0f5f2be5a60db49430f59350d41c4c64dfc8aabe73312c67e024c6f29c39b2803b40faa4704c655bfb5367e65f14015b6465d983b0d193febfb5d516d43bd9d026cf8093b33061468dfa487393810254c5fa72b0ab33b173c86af1b35d09c9663abd0b1342a982927854237e7e5458587b2685826dc93b8a32b9e7e7f272e363b717c0cde8d6c4e8c360184cc9723c1a715100ec8442d16b8b4b826db6a37894b90a92e5497498c5c073fb0237b573bf11bfb9674772ac31c791544ecbc25e9e54e0d12225bb0d7db37c445508d505baf1f670c5454e4d2e22116152cc2334eaaa433f1cad4b30b4e913529cf2c94199172745f2b9e56a22eb904f7d4d6c6db8c0a7a5c44e6a16b281eb1008daeb666d9113c874e9148c8f4fa109fbc7d5c55560bbd0637b18d73df7144adf6a1d441d283f113628e9df57cea8f04c10635cd4c9bb949c6b3ed704579d18c63b0fdc4641cc4ce897c9053389a0ffa6ad033931c179af6e5990d856dde5ecadbd43eb94ed4a3f212927c6a1966f67c1acdeb1485858c534a9976b6f1e45cb020cce24d2088df4d539bd92540470af923b71cdb7eae4c9f1eedd2bdcc60ac043a7317f607e8fd214deff36c0b3b0bed295ddb9bb5ca061696a18cfc3cffb84399c300b906a7a3052ac2589f84ca9321983a06abce6d0dfdedc152401266d54822aa9581e74556821559bc0ff2d5a4e0a83dc78b560ffa71333f7410d15d942b1d5d55c063ccc3a2ac2e62772b67f5abd613ede86989c8bab8c7b28bdec08ddc3a975bcac630f8087bba08c848a9cd140115f60d4a2d1f7681433d8fed0e91eff7e803de55367380f187ad8989ffb068103d18adba57da1f2e65c5d36392cf1c3c2e968090a7c2812af8608c88ba4d888d77fc416e5e7eebf7d8e73b1f4fe55c6e5be2a15be31dc76063d861b14e35c9f4de6ae5b918911b815aaf4105e5ce443234dd693a26d9565359050f437b7ce2d5d70a7b", &(0x7f0000002480)="324be6191bf24e72f3d26fe3634e1e222cf22a593028da7e376ac8f93c2a82b481939711e5d5864f5fb9bcfcaec1df7cd5411ad70af5cb8cb1b25933e1129073aa195ee519173285c75cff79b9a652a56fe95d039089e6a180e843473b0e70dfe6fd5d053daff0ad4639266e9d08d1961c0f9d9995adf4d5b99f6de5066ef922c3dc2fc556597dd29d40962e887fbf8c4a14d8e56b49f10566c5", 0x0, 0x0, 0x76}, 0x50) (async, rerun: 32) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0x40, 0xff, 0x0, 0x0, 0x79c9, 0x800, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x208, 0x3, 0x12, 0x5, 0x0, 0xfffffffe, 0x81, 0x0, 0xbcbd, 0x0, 0x10001}, 0x0, 0x2, 0xffffffffffffffff, 0xa) 14:13:51 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0xffffff7f) 14:13:51 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:51 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) [ 1923.021896][ T6193] FAULT_INJECTION: forcing a failure. [ 1923.021896][ T6193] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.035142][ T6193] CPU: 1 PID: 6193 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1923.045200][ T6193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1923.055099][ T6193] Call Trace: [ 1923.058220][ T6193] [ 1923.060996][ T6193] dump_stack_lvl+0x151/0x1b7 [ 1923.065515][ T6193] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1923.070982][ T6193] dump_stack+0x15/0x17 [ 1923.074973][ T6193] should_fail+0x3c6/0x510 [ 1923.079228][ T6193] __should_failslab+0xa4/0xe0 [ 1923.083825][ T6193] ? anon_vma_fork+0xf7/0x4e0 [ 1923.088515][ T6193] should_failslab+0x9/0x20 [ 1923.092850][ T6193] slab_pre_alloc_hook+0x37/0xd0 [ 1923.097623][ T6193] ? anon_vma_fork+0xf7/0x4e0 [ 1923.102136][ T6193] kmem_cache_alloc+0x44/0x200 [ 1923.106910][ T6193] anon_vma_fork+0xf7/0x4e0 [ 1923.111250][ T6193] ? anon_vma_name+0x4c/0x70 [ 1923.115676][ T6193] ? vm_area_dup+0x17a/0x230 [ 1923.120103][ T6193] copy_mm+0xa3a/0x13e0 [ 1923.124102][ T6193] ? copy_signal+0x610/0x610 [ 1923.128525][ T6193] ? __init_rwsem+0xd6/0x1c0 [ 1923.132961][ T6193] ? copy_signal+0x4e3/0x610 [ 1923.137376][ T6193] copy_process+0x1149/0x3290 [ 1923.141977][ T6193] ? proc_fail_nth_write+0x20b/0x290 [ 1923.147204][ T6193] ? fsnotify_perm+0x6a/0x5d0 [ 1923.151697][ T6193] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1923.156647][ T6193] ? vfs_write+0x9ec/0x1110 [ 1923.160989][ T6193] kernel_clone+0x21e/0x9e0 [ 1923.165336][ T6193] ? file_end_write+0x1c0/0x1c0 [ 1923.170010][ T6193] ? create_io_thread+0x1e0/0x1e0 [ 1923.174871][ T6193] ? mutex_unlock+0xb2/0x260 [ 1923.179296][ T6193] ? __mutex_lock_slowpath+0x10/0x10 [ 1923.184416][ T6193] __x64_sys_clone+0x23f/0x290 [ 1923.189017][ T6193] ? __do_sys_vfork+0x130/0x130 [ 1923.193704][ T6193] ? ksys_write+0x260/0x2c0 [ 1923.198046][ T6193] ? debug_smp_processor_id+0x17/0x20 [ 1923.203958][ T6193] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1923.209847][ T6193] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1923.215314][ T6193] do_syscall_64+0x3d/0xb0 [ 1923.219570][ T6193] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1923.225300][ T6193] RIP: 0033:0x7f895df3fda9 [ 1923.229549][ T6193] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1923.248995][ T6193] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1923.257237][ T6193] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1923.265050][ T6193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:51 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) [ 1923.272878][ T6193] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1923.280852][ T6193] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1923.288666][ T6193] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1923.296486][ T6193] [ 1923.320630][ T6198] FAULT_INJECTION: forcing a failure. [ 1923.320630][ T6198] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.335808][ T6198] CPU: 0 PID: 6198 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1923.345876][ T6198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1923.356117][ T6198] Call Trace: [ 1923.359241][ T6198] [ 1923.362020][ T6198] dump_stack_lvl+0x151/0x1b7 [ 1923.366530][ T6198] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1923.372001][ T6198] dump_stack+0x15/0x17 [ 1923.375991][ T6198] should_fail+0x3c6/0x510 [ 1923.380245][ T6198] __should_failslab+0xa4/0xe0 [ 1923.384931][ T6198] ? anon_vma_fork+0xf7/0x4e0 [ 1923.389451][ T6198] should_failslab+0x9/0x20 [ 1923.393782][ T6198] slab_pre_alloc_hook+0x37/0xd0 [ 1923.398558][ T6198] ? anon_vma_fork+0xf7/0x4e0 [ 1923.403071][ T6198] kmem_cache_alloc+0x44/0x200 [ 1923.407673][ T6198] anon_vma_fork+0xf7/0x4e0 [ 1923.412011][ T6198] ? anon_vma_name+0x4c/0x70 [ 1923.416437][ T6198] ? vm_area_dup+0x17a/0x230 [ 1923.420912][ T6198] copy_mm+0xa3a/0x13e0 [ 1923.424861][ T6198] ? copy_signal+0x610/0x610 [ 1923.429310][ T6198] ? __init_rwsem+0xd6/0x1c0 [ 1923.433712][ T6198] ? copy_signal+0x4e3/0x610 [ 1923.438142][ T6198] copy_process+0x1149/0x3290 [ 1923.442833][ T6198] ? proc_fail_nth_write+0x20b/0x290 [ 1923.447951][ T6198] ? fsnotify_perm+0x6a/0x5d0 [ 1923.452464][ T6198] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1923.457410][ T6198] ? vfs_write+0x9ec/0x1110 [ 1923.461769][ T6198] kernel_clone+0x21e/0x9e0 [ 1923.466096][ T6198] ? file_end_write+0x1c0/0x1c0 [ 1923.470781][ T6198] ? create_io_thread+0x1e0/0x1e0 [ 1923.475640][ T6198] ? mutex_unlock+0xb2/0x260 [ 1923.480066][ T6198] ? __mutex_lock_slowpath+0x10/0x10 [ 1923.485193][ T6198] __x64_sys_clone+0x23f/0x290 [ 1923.489886][ T6198] ? __do_sys_vfork+0x130/0x130 [ 1923.494569][ T6198] ? ksys_write+0x260/0x2c0 [ 1923.498923][ T6198] ? debug_smp_processor_id+0x17/0x20 [ 1923.504115][ T6198] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1923.510115][ T6198] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1923.515574][ T6198] do_syscall_64+0x3d/0xb0 [ 1923.519828][ T6198] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1923.525554][ T6198] RIP: 0033:0x7f895df3fda9 [ 1923.529811][ T6198] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1923.549338][ T6198] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1923.557756][ T6198] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1923.565565][ T6198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:51 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 14:13:51 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1923.573377][ T6198] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1923.581195][ T6198] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1923.588999][ T6198] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1923.596815][ T6198] 14:13:51 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) r5 = syz_clone(0x40000000, &(0x7f00000001c0)="f1a3df3c35fbb79ae2fa85ed5efc3c0c83e53b2d6eb3c0c92ce14d47d345475f1640cc23f00e0c0bf9aeb65cd1bb562c97182f15d5b7", 0x36, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="7e6538db9c7aba90bb1d7a20af8de6412524daa3624e426a11a273") perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x5, 0x8, 0x8, 0x2, 0x0, 0x6, 0x40, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x10298, 0x8, 0xca0, 0x4, 0x5, 0x7, 0xa4, 0x0, 0x1, 0x0, 0x5e2}, r5, 0xc, r2, 0x10) (async) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_type(r6, &(0x7f0000000000), 0x248800) openat$cgroup_ro(r6, &(0x7f00000003c0)='rdma.current\x00', 0x0, 0x0) [ 1923.633880][ T6201] FAULT_INJECTION: forcing a failure. [ 1923.633880][ T6201] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1923.691010][ T6201] CPU: 1 PID: 6201 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1923.701092][ T6201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1923.710988][ T6201] Call Trace: [ 1923.714127][ T6201] [ 1923.716893][ T6201] dump_stack_lvl+0x151/0x1b7 [ 1923.721419][ T6201] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1923.726874][ T6201] dump_stack+0x15/0x17 [ 1923.731730][ T6201] should_fail+0x3c6/0x510 [ 1923.735983][ T6201] should_fail_alloc_page+0x5a/0x80 [ 1923.741015][ T6201] prepare_alloc_pages+0x15c/0x700 [ 1923.745964][ T6201] ? __alloc_pages_bulk+0xe40/0xe40 [ 1923.751432][ T6201] __alloc_pages+0x18c/0x8f0 [ 1923.755946][ T6201] ? prep_new_page+0x110/0x110 [ 1923.760549][ T6201] get_zeroed_page+0x1b/0x40 [ 1923.764975][ T6201] __pud_alloc+0x8b/0x260 [ 1923.769166][ T6201] ? stack_trace_snprint+0xf0/0xf0 [ 1923.774103][ T6201] ? do_handle_mm_fault+0x2330/0x2330 [ 1923.779292][ T6201] ? __stack_depot_save+0x34/0x470 [ 1923.784237][ T6201] ? anon_vma_clone+0x9a/0x500 [ 1923.788841][ T6201] copy_page_range+0x2bcf/0x2f90 [ 1923.793611][ T6201] ? __kasan_slab_alloc+0xb1/0xe0 [ 1923.798560][ T6201] ? slab_post_alloc_hook+0x53/0x2c0 [ 1923.803689][ T6201] ? copy_mm+0xa3a/0x13e0 [ 1923.807843][ T6201] ? copy_process+0x1149/0x3290 [ 1923.812532][ T6201] ? kernel_clone+0x21e/0x9e0 [ 1923.817048][ T6201] ? __x64_sys_clone+0x23f/0x290 [ 1923.821818][ T6201] ? do_syscall_64+0x3d/0xb0 [ 1923.826245][ T6201] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1923.832157][ T6201] ? pfn_valid+0x1e0/0x1e0 [ 1923.836401][ T6201] ? rwsem_write_trylock+0x15b/0x290 [ 1923.841520][ T6201] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1923.847781][ T6201] copy_mm+0xc7e/0x13e0 [ 1923.851770][ T6201] ? copy_signal+0x610/0x610 [ 1923.856191][ T6201] ? __init_rwsem+0xd6/0x1c0 [ 1923.860616][ T6201] ? copy_signal+0x4e3/0x610 [ 1923.865044][ T6201] copy_process+0x1149/0x3290 [ 1923.869560][ T6201] ? proc_fail_nth_write+0x20b/0x290 [ 1923.874682][ T6201] ? fsnotify_perm+0x6a/0x5d0 [ 1923.879208][ T6201] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1923.884142][ T6201] ? vfs_write+0x9ec/0x1110 [ 1923.888480][ T6201] kernel_clone+0x21e/0x9e0 [ 1923.892830][ T6201] ? file_end_write+0x1c0/0x1c0 [ 1923.897507][ T6201] ? create_io_thread+0x1e0/0x1e0 [ 1923.902367][ T6201] ? mutex_unlock+0xb2/0x260 [ 1923.906793][ T6201] ? __mutex_lock_slowpath+0x10/0x10 [ 1923.912101][ T6201] __x64_sys_clone+0x23f/0x290 [ 1923.916695][ T6201] ? __do_sys_vfork+0x130/0x130 [ 1923.921382][ T6201] ? ksys_write+0x260/0x2c0 [ 1923.925808][ T6201] ? debug_smp_processor_id+0x17/0x20 [ 1923.931028][ T6201] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1923.936918][ T6201] ? exit_to_user_mode_prepare+0x39/0xa0 14:13:52 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0xfffffff5) [ 1923.942386][ T6201] do_syscall_64+0x3d/0xb0 [ 1923.946638][ T6201] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1923.952367][ T6201] RIP: 0033:0x7f895df3fda9 [ 1923.956623][ T6201] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1923.976063][ T6201] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1923.984306][ T6201] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:13:52 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x2, 0x0, 0x0, 0x64}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000400)={0x0, 0x80, 0x40, 0x6, 0x58, 0x1, 0x0, 0x8, 0x14000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xba, 0x1, @perf_bp={&(0x7f0000000240)}, 0x122, 0x5, 0x81, 0x1, 0x100000000, 0x9, 0x7, 0x0, 0x0, 0x0, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x3b000000, 0x0, 0x0, &(0x7f0000002dc0)=""/4110, 0x100e}, 0x0) r9 = getpid() r10 = bpf$ITER_CREATE(0x21, &(0x7f00000002c0), 0x8) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000800)={0x0, 0x7f, 0x14}, 0xc) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) sendmsg$unix(r4, &(0x7f0000000a00)={&(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000780)="577c95ea3529ef45884bcfcf80b1a66abe0bd93cdf61cdf2dfd9c0e164ccb386dae09c656e8cc86545960553065a6721c242d01bbc7e18c79a210fa5b7189501", 0x40}], 0x1, &(0x7f00000013c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r6, @ANYRES32, @ANYRES32=r10, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="00000000280000000000000001000000010000", @ANYRES32=r10, @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="1c0000000000000001000000020000000fef7c6fd0c15dbec6c68de71c972a93247e7cfa923d4bf19afd6c6c5e0b73171051f63a9a013faea0055d8dcde0d8190198c14fab816700e23913c9261d5acc78f0ca16e98460e25c65ec4880be33f653e51297748cab60521e77beaeb0f04a7c6a3d458c28b324d09c", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000000200", @ANYRES32=r9, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000004f062f48ec0dc775c054379129eef23a000000000000000008", @ANYRES32=r3, @ANYBLOB="0000000010000000000000000100000001000000"], 0x110, 0xc000}, 0x20000841) write$cgroup_type(r13, &(0x7f0000000180), 0x9) openat$cgroup(r13, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0x20, &(0x7f0000001240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @ringbuf_query, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}}, @alu={0x4, 0x0, 0x5, 0x7, 0x4, 0xffffffffffffffff}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xff}]}, &(0x7f0000000640)='GPL\x00', 0x6, 0x100d, &(0x7f0000003e00)=""/4109, 0x41100, 0x12, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000007c0)={0x4, 0xb, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r12, r11, r13, r11], 0x0, 0x10, 0x5}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r11, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20) r14 = gettid() recvmsg$unix(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000001c0)}, {0x0}, {0x0}, {&(0x7f0000000680)=""/126, 0x7e}, {0x0}, {0x0}, {&(0x7f0000000ac0)=""/141, 0x8d}], 0x5d, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xb8}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r10, r11, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {r14, r15, r16}}}], 0x70, 0x90}, 0x8000) sendmsg$unix(r3, &(0x7f0000000540)={&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000280)="1099f2cdf80c3076dc2da348d147f73122739a66f4af13c1cfdea8caf32c4b82df74", 0x22}], 0x1, &(0x7f0000000600)=ANY=[@ANYRES32=r4, @ANYRES32, @ANYRES32=r8, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32, @ANYRES32=r3, @ANYRES32=r8, @ANYRES32=r6, @ANYBLOB="000000001c000000000000000900000002000000", @ANYRES32, @ANYRES32=r16, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x40045}, 0x400c081) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, r16}}}, @rights={{0x14, 0x1, 0x1, [r17]}}], 0xe0, 0x4004840}, 0x20000800) 14:13:52 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1923.992119][ T6201] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1924.000015][ T6201] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1924.007841][ T6201] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1924.015638][ T6201] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1924.023455][ T6201] 14:13:52 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:52 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:52 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 14:13:52 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1924.440975][ T6226] FAULT_INJECTION: forcing a failure. [ 1924.440975][ T6226] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1924.478923][ T6226] CPU: 1 PID: 6226 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1924.489003][ T6226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1924.498891][ T6226] Call Trace: [ 1924.502017][ T6226] [ 1924.504808][ T6226] dump_stack_lvl+0x151/0x1b7 [ 1924.509493][ T6226] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1924.515135][ T6226] dump_stack+0x15/0x17 [ 1924.519123][ T6226] should_fail+0x3c6/0x510 [ 1924.523551][ T6226] should_fail_alloc_page+0x5a/0x80 [ 1924.528583][ T6226] prepare_alloc_pages+0x15c/0x700 [ 1924.533537][ T6226] ? __alloc_pages_bulk+0xe40/0xe40 [ 1924.538569][ T6226] __alloc_pages+0x18c/0x8f0 [ 1924.542993][ T6226] ? prep_new_page+0x110/0x110 [ 1924.547787][ T6226] get_zeroed_page+0x1b/0x40 [ 1924.552194][ T6226] __pud_alloc+0x8b/0x260 [ 1924.556465][ T6226] ? stack_trace_snprint+0xf0/0xf0 [ 1924.561403][ T6226] ? do_handle_mm_fault+0x2330/0x2330 [ 1924.566794][ T6226] ? __stack_depot_save+0x34/0x470 [ 1924.571815][ T6226] ? anon_vma_clone+0x9a/0x500 [ 1924.576436][ T6226] copy_page_range+0x2bcf/0x2f90 [ 1924.581628][ T6226] ? __kasan_slab_alloc+0xb1/0xe0 [ 1924.586486][ T6226] ? slab_post_alloc_hook+0x53/0x2c0 [ 1924.591607][ T6226] ? copy_mm+0xa3a/0x13e0 [ 1924.595771][ T6226] ? copy_process+0x1149/0x3290 [ 1924.600545][ T6226] ? kernel_clone+0x21e/0x9e0 [ 1924.605154][ T6226] ? __x64_sys_clone+0x23f/0x290 [ 1924.609929][ T6226] ? do_syscall_64+0x3d/0xb0 [ 1924.614358][ T6226] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1924.620265][ T6226] ? pfn_valid+0x1e0/0x1e0 [ 1924.624506][ T6226] ? rwsem_write_trylock+0x15b/0x290 [ 1924.629627][ T6226] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1924.635882][ T6226] copy_mm+0xc7e/0x13e0 [ 1924.639872][ T6226] ? copy_signal+0x610/0x610 [ 1924.644297][ T6226] ? __init_rwsem+0xd6/0x1c0 [ 1924.648723][ T6226] ? copy_signal+0x4e3/0x610 [ 1924.653148][ T6226] copy_process+0x1149/0x3290 [ 1924.657663][ T6226] ? proc_fail_nth_write+0x20b/0x290 [ 1924.662785][ T6226] ? fsnotify_perm+0x6a/0x5d0 [ 1924.667298][ T6226] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1924.672244][ T6226] ? vfs_write+0x9ec/0x1110 [ 1924.676586][ T6226] kernel_clone+0x21e/0x9e0 [ 1924.680940][ T6226] ? file_end_write+0x1c0/0x1c0 [ 1924.685619][ T6226] ? create_io_thread+0x1e0/0x1e0 [ 1924.690469][ T6226] ? mutex_unlock+0xb2/0x260 [ 1924.694896][ T6226] ? __mutex_lock_slowpath+0x10/0x10 [ 1924.700019][ T6226] __x64_sys_clone+0x23f/0x290 [ 1924.704621][ T6226] ? __do_sys_vfork+0x130/0x130 [ 1924.709315][ T6226] ? ksys_write+0x260/0x2c0 [ 1924.713660][ T6226] ? debug_smp_processor_id+0x17/0x20 [ 1924.718865][ T6226] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1924.724769][ T6226] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1924.730223][ T6226] do_syscall_64+0x3d/0xb0 [ 1924.734475][ T6226] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1924.740206][ T6226] RIP: 0033:0x7f895df3fda9 [ 1924.744457][ T6226] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1924.763899][ T6226] RSP: 002b:00007f895cca0078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1924.772142][ T6226] RAX: ffffffffffffffda RBX: 00007f895e06e050 RCX: 00007f895df3fda9 [ 1924.779966][ T6226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:53 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x0, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:53 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) r5 = syz_clone(0x40000000, &(0x7f00000001c0)="f1a3df3c35fbb79ae2fa85ed5efc3c0c83e53b2d6eb3c0c92ce14d47d345475f1640cc23f00e0c0bf9aeb65cd1bb562c97182f15d5b7", 0x36, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="7e6538db9c7aba90bb1d7a20af8de6412524daa3624e426a11a273") perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x5, 0x8, 0x8, 0x2, 0x0, 0x6, 0x40, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x10298, 0x8, 0xca0, 0x4, 0x5, 0x7, 0xa4, 0x0, 0x1, 0x0, 0x5e2}, r5, 0xc, r2, 0x10) sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_type(r6, &(0x7f0000000000), 0x248800) openat$cgroup_ro(r6, &(0x7f00000003c0)='rdma.current\x00', 0x0, 0x0) 14:13:53 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) [ 1924.787766][ T6226] RBP: 00007f895cca0120 R08: 0000000000000000 R09: 0000000000000000 [ 1924.795575][ T6226] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1924.803387][ T6226] R13: 000000000000006e R14: 00007f895e06e050 R15: 00007ffdd24593b8 [ 1924.811300][ T6226] 14:13:53 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x0, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:53 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x81010000000000) [ 1924.860112][ T6230] FAULT_INJECTION: forcing a failure. [ 1924.860112][ T6230] name failslab, interval 1, probability 0, space 0, times 0 [ 1924.878434][ T6230] CPU: 1 PID: 6230 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1924.888514][ T6230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1924.898417][ T6230] Call Trace: [ 1924.901543][ T6230] [ 1924.904314][ T6230] dump_stack_lvl+0x151/0x1b7 [ 1924.908827][ T6230] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1924.914291][ T6230] ? avc_denied+0x1b0/0x1b0 [ 1924.918632][ T6230] dump_stack+0x15/0x17 [ 1924.922625][ T6230] should_fail+0x3c6/0x510 [ 1924.926877][ T6230] __should_failslab+0xa4/0xe0 [ 1924.931747][ T6230] ? vm_area_dup+0x26/0x230 [ 1924.936172][ T6230] should_failslab+0x9/0x20 [ 1924.940514][ T6230] slab_pre_alloc_hook+0x37/0xd0 [ 1924.945285][ T6230] ? vm_area_dup+0x26/0x230 [ 1924.949627][ T6230] kmem_cache_alloc+0x44/0x200 [ 1924.954228][ T6230] vm_area_dup+0x26/0x230 [ 1924.958422][ T6230] copy_mm+0x9a1/0x13e0 [ 1924.962383][ T6230] ? copy_signal+0x610/0x610 [ 1924.966812][ T6230] ? __init_rwsem+0xd6/0x1c0 [ 1924.971237][ T6230] ? copy_signal+0x4e3/0x610 [ 1924.975755][ T6230] copy_process+0x1149/0x3290 [ 1924.980264][ T6230] ? proc_fail_nth_write+0x20b/0x290 [ 1924.985386][ T6230] ? fsnotify_perm+0x6a/0x5d0 [ 1924.989902][ T6230] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1924.994849][ T6230] ? vfs_write+0x9ec/0x1110 [ 1925.000229][ T6230] kernel_clone+0x21e/0x9e0 [ 1925.004584][ T6230] ? file_end_write+0x1c0/0x1c0 [ 1925.009254][ T6230] ? create_io_thread+0x1e0/0x1e0 [ 1925.014121][ T6230] ? mutex_unlock+0xb2/0x260 [ 1925.018541][ T6230] ? __mutex_lock_slowpath+0x10/0x10 [ 1925.023662][ T6230] __x64_sys_clone+0x23f/0x290 [ 1925.028273][ T6230] ? __do_sys_vfork+0x130/0x130 [ 1925.032949][ T6230] ? ksys_write+0x260/0x2c0 [ 1925.037311][ T6230] ? debug_smp_processor_id+0x17/0x20 [ 1925.042494][ T6230] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1925.048406][ T6230] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1925.053865][ T6230] do_syscall_64+0x3d/0xb0 [ 1925.058120][ T6230] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1925.064021][ T6230] RIP: 0033:0x7f895df3fda9 [ 1925.068272][ T6230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1925.087925][ T6230] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1925.096148][ T6230] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:13:53 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x2, 0x0, 0x0, 0x64}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000400)={0x0, 0x80, 0x40, 0x6, 0x58, 0x1, 0x0, 0x8, 0x14000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xba, 0x1, @perf_bp={&(0x7f0000000240)}, 0x122, 0x5, 0x81, 0x1, 0x100000000, 0x9, 0x7, 0x0, 0x0, 0x0, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) close(r7) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) (async) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async, rerun: 32) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x3b000000, 0x0, 0x0, &(0x7f0000002dc0)=""/4110, 0x100e}, 0x0) (async, rerun: 32) r9 = getpid() r10 = bpf$ITER_CREATE(0x21, &(0x7f00000002c0), 0x8) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) (async, rerun: 32) r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000800)={0x0, 0x7f, 0x14}, 0xc) (rerun: 32) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) sendmsg$unix(r4, &(0x7f0000000a00)={&(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000780)="577c95ea3529ef45884bcfcf80b1a66abe0bd93cdf61cdf2dfd9c0e164ccb386dae09c656e8cc86545960553065a6721c242d01bbc7e18c79a210fa5b7189501", 0x40}], 0x1, &(0x7f00000013c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r6, @ANYRES32, @ANYRES32=r10, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="00000000280000000000000001000000010000", @ANYRES32=r10, @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="1c0000000000000001000000020000000fef7c6fd0c15dbec6c68de71c972a93247e7cfa923d4bf19afd6c6c5e0b73171051f63a9a013faea0055d8dcde0d8190198c14fab816700e23913c9261d5acc78f0ca16e98460e25c65ec4880be33f653e51297748cab60521e77beaeb0f04a7c6a3d458c28b324d09c", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000000200", @ANYRES32=r9, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000004f062f48ec0dc775c054379129eef23a000000000000000008", @ANYRES32=r3, @ANYBLOB="0000000010000000000000000100000001000000"], 0x110, 0xc000}, 0x20000841) write$cgroup_type(r13, &(0x7f0000000180), 0x9) openat$cgroup(r13, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0) (async, rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0x20, &(0x7f0000001240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @ringbuf_query, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}}, @alu={0x4, 0x0, 0x5, 0x7, 0x4, 0xffffffffffffffff}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xff}]}, &(0x7f0000000640)='GPL\x00', 0x6, 0x100d, &(0x7f0000003e00)=""/4109, 0x41100, 0x12, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000007c0)={0x4, 0xb, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r12, r11, r13, r11], 0x0, 0x10, 0x5}, 0x90) (async, rerun: 64) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r11, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20) (async) r14 = gettid() (async) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000001c0)}, {0x0}, {0x0}, {&(0x7f0000000680)=""/126, 0x7e}, {0x0}, {0x0}, {&(0x7f0000000ac0)=""/141, 0x8d}], 0x5d, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xb8}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r10, r11, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {r14, r15, r16}}}], 0x70, 0x90}, 0x8000) (async, rerun: 64) sendmsg$unix(r3, &(0x7f0000000540)={&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000280)="1099f2cdf80c3076dc2da348d147f73122739a66f4af13c1cfdea8caf32c4b82df74", 0x22}], 0x1, &(0x7f0000000600)=ANY=[@ANYRES32=r4, @ANYRES32, @ANYRES32=r8, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32, @ANYRES32=r3, @ANYRES32=r8, @ANYRES32=r6, @ANYBLOB="000000001c000000000000000900000002000000", @ANYRES32, @ANYRES32=r16, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x40045}, 0x400c081) (async, rerun: 64) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, r16}}}, @rights={{0x14, 0x1, 0x1, [r17]}}], 0xe0, 0x4004840}, 0x20000800) 14:13:53 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) [ 1925.103939][ T6230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1925.111750][ T6230] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1925.119573][ T6230] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1925.127374][ T6230] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1925.135368][ T6230] 14:13:53 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x2, 0x0, 0x0, 0x64}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r2 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000400)={0x0, 0x80, 0x40, 0x6, 0x58, 0x1, 0x0, 0x8, 0x14000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xba, 0x1, @perf_bp={&(0x7f0000000240)}, 0x122, 0x5, 0x81, 0x1, 0x100000000, 0x9, 0x7, 0x0, 0x0, 0x0, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80) (async) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) (async, rerun: 64) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async, rerun: 64) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x3b000000, 0x0, 0x0, &(0x7f0000002dc0)=""/4110, 0x100e}, 0x0) r9 = getpid() (async) r10 = bpf$ITER_CREATE(0x21, &(0x7f00000002c0), 0x8) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) (async) r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000800)={0x0, 0x7f, 0x14}, 0xc) (async) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) sendmsg$unix(r4, &(0x7f0000000a00)={&(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000780)="577c95ea3529ef45884bcfcf80b1a66abe0bd93cdf61cdf2dfd9c0e164ccb386dae09c656e8cc86545960553065a6721c242d01bbc7e18c79a210fa5b7189501", 0x40}], 0x1, &(0x7f00000013c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r6, @ANYRES32, @ANYRES32=r10, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="00000000280000000000000001000000010000", @ANYRES32=r10, @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="1c0000000000000001000000020000000fef7c6fd0c15dbec6c68de71c972a93247e7cfa923d4bf19afd6c6c5e0b73171051f63a9a013faea0055d8dcde0d8190198c14fab816700e23913c9261d5acc78f0ca16e98460e25c65ec4880be33f653e51297748cab60521e77beaeb0f04a7c6a3d458c28b324d09c", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000000200", @ANYRES32=r9, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000004f062f48ec0dc775c054379129eef23a000000000000000008", @ANYRES32=r3, @ANYBLOB="0000000010000000000000000100000001000000"], 0x110, 0xc000}, 0x20000841) (async, rerun: 64) write$cgroup_type(r13, &(0x7f0000000180), 0x9) (rerun: 64) openat$cgroup(r13, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0x20, &(0x7f0000001240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @ringbuf_query, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}}, @alu={0x4, 0x0, 0x5, 0x7, 0x4, 0xffffffffffffffff}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xff}]}, &(0x7f0000000640)='GPL\x00', 0x6, 0x100d, &(0x7f0000003e00)=""/4109, 0x41100, 0x12, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000007c0)={0x4, 0xb, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r12, r11, r13, r11], 0x0, 0x10, 0x5}, 0x90) (async) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r11, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20) r14 = gettid() (async) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000001c0)}, {0x0}, {0x0}, {&(0x7f0000000680)=""/126, 0x7e}, {0x0}, {0x0}, {&(0x7f0000000ac0)=""/141, 0x8d}], 0x5d, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xb8}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r10, r11, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {r14, r15, r16}}}], 0x70, 0x90}, 0x8000) (async) sendmsg$unix(r3, &(0x7f0000000540)={&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000280)="1099f2cdf80c3076dc2da348d147f73122739a66f4af13c1cfdea8caf32c4b82df74", 0x22}], 0x1, &(0x7f0000000600)=ANY=[@ANYRES32=r4, @ANYRES32, @ANYRES32=r8, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32, @ANYRES32=r3, @ANYRES32=r8, @ANYRES32=r6, @ANYBLOB="000000001c000000000000000900000002000000", @ANYRES32, @ANYRES32=r16, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x40045}, 0x400c081) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xffffffffffffffff, r16}}}, @rights={{0x14, 0x1, 0x1, [r17]}}], 0xe0, 0x4004840}, 0x20000800) [ 1925.162477][ T6251] FAULT_INJECTION: forcing a failure. [ 1925.162477][ T6251] name failslab, interval 1, probability 0, space 0, times 0 [ 1925.175469][ T6251] CPU: 0 PID: 6251 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1925.185532][ T6251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1925.195429][ T6251] Call Trace: [ 1925.198549][ T6251] [ 1925.201331][ T6251] dump_stack_lvl+0x151/0x1b7 [ 1925.205838][ T6251] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1925.211410][ T6251] dump_stack+0x15/0x17 [ 1925.215388][ T6251] should_fail+0x3c6/0x510 [ 1925.219640][ T6251] __should_failslab+0xa4/0xe0 [ 1925.224239][ T6251] ? vm_area_dup+0x26/0x230 [ 1925.228576][ T6251] should_failslab+0x9/0x20 [ 1925.232927][ T6251] slab_pre_alloc_hook+0x37/0xd0 [ 1925.237695][ T6251] ? vm_area_dup+0x26/0x230 [ 1925.242032][ T6251] kmem_cache_alloc+0x44/0x200 [ 1925.246633][ T6251] vm_area_dup+0x26/0x230 [ 1925.250799][ T6251] copy_mm+0x9a1/0x13e0 [ 1925.254792][ T6251] ? copy_signal+0x610/0x610 [ 1925.259217][ T6251] ? __init_rwsem+0xd6/0x1c0 [ 1925.263641][ T6251] ? copy_signal+0x4e3/0x610 [ 1925.268071][ T6251] copy_process+0x1149/0x3290 [ 1925.272582][ T6251] ? proc_fail_nth_write+0x20b/0x290 [ 1925.277701][ T6251] ? fsnotify_perm+0x6a/0x5d0 [ 1925.282649][ T6251] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1925.287597][ T6251] ? vfs_write+0x9ec/0x1110 [ 1925.291938][ T6251] kernel_clone+0x21e/0x9e0 [ 1925.296278][ T6251] ? file_end_write+0x1c0/0x1c0 [ 1925.300966][ T6251] ? create_io_thread+0x1e0/0x1e0 [ 1925.305827][ T6251] ? mutex_unlock+0xb2/0x260 [ 1925.310250][ T6251] ? __mutex_lock_slowpath+0x10/0x10 [ 1925.315372][ T6251] __x64_sys_clone+0x23f/0x290 [ 1925.319972][ T6251] ? __do_sys_vfork+0x130/0x130 [ 1925.324659][ T6251] ? ksys_write+0x260/0x2c0 [ 1925.329001][ T6251] ? debug_smp_processor_id+0x17/0x20 [ 1925.334206][ T6251] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1925.340107][ T6251] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1925.345600][ T6251] do_syscall_64+0x3d/0xb0 [ 1925.349832][ T6251] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1925.356340][ T6251] RIP: 0033:0x7f895df3fda9 [ 1925.360594][ T6251] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1925.380732][ T6251] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1925.388986][ T6251] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1925.396782][ T6251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1925.404596][ T6251] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:53 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x0, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:53 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) [ 1925.412406][ T6251] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1925.420389][ T6251] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1925.428206][ T6251] [ 1925.464667][ T6267] FAULT_INJECTION: forcing a failure. [ 1925.464667][ T6267] name failslab, interval 1, probability 0, space 0, times 0 [ 1925.477198][ T6267] CPU: 0 PID: 6267 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1925.487266][ T6267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1925.497162][ T6267] Call Trace: [ 1925.500279][ T6267] [ 1925.503058][ T6267] dump_stack_lvl+0x151/0x1b7 [ 1925.507576][ T6267] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1925.513059][ T6267] dump_stack+0x15/0x17 [ 1925.517034][ T6267] should_fail+0x3c6/0x510 [ 1925.521398][ T6267] __should_failslab+0xa4/0xe0 [ 1925.525984][ T6267] ? vm_area_dup+0x26/0x230 [ 1925.530309][ T6267] should_failslab+0x9/0x20 [ 1925.534647][ T6267] slab_pre_alloc_hook+0x37/0xd0 [ 1925.539425][ T6267] ? vm_area_dup+0x26/0x230 [ 1925.543952][ T6267] kmem_cache_alloc+0x44/0x200 [ 1925.548540][ T6267] vm_area_dup+0x26/0x230 [ 1925.553064][ T6267] copy_mm+0x9a1/0x13e0 [ 1925.557055][ T6267] ? copy_signal+0x610/0x610 [ 1925.561564][ T6267] ? __init_rwsem+0xd6/0x1c0 [ 1925.566362][ T6267] ? copy_signal+0x4e3/0x610 [ 1925.572239][ T6267] copy_process+0x1149/0x3290 [ 1925.576753][ T6267] ? proc_fail_nth_write+0x20b/0x290 [ 1925.582007][ T6267] ? fsnotify_perm+0x6a/0x5d0 [ 1925.586586][ T6267] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1925.591532][ T6267] ? vfs_write+0x9ec/0x1110 [ 1925.596028][ T6267] kernel_clone+0x21e/0x9e0 [ 1925.600297][ T6267] ? file_end_write+0x1c0/0x1c0 [ 1925.604997][ T6267] ? create_io_thread+0x1e0/0x1e0 [ 1925.609847][ T6267] ? mutex_unlock+0xb2/0x260 [ 1925.614270][ T6267] ? __mutex_lock_slowpath+0x10/0x10 [ 1925.619400][ T6267] __x64_sys_clone+0x23f/0x290 [ 1925.624000][ T6267] ? __do_sys_vfork+0x130/0x130 [ 1925.628678][ T6267] ? ksys_write+0x260/0x2c0 [ 1925.633025][ T6267] ? debug_smp_processor_id+0x17/0x20 [ 1925.638228][ T6267] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1925.644133][ T6267] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1925.649605][ T6267] do_syscall_64+0x3d/0xb0 [ 1925.653849][ T6267] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1925.659586][ T6267] RIP: 0033:0x7f895df3fda9 [ 1925.663833][ T6267] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1925.683277][ T6267] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1925.691808][ T6267] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1925.699618][ T6267] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1925.707432][ T6267] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:54 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 1925.715244][ T6267] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1925.723051][ T6267] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1925.730866][ T6267] [ 1925.761086][ T6272] FAULT_INJECTION: forcing a failure. [ 1925.761086][ T6272] name failslab, interval 1, probability 0, space 0, times 0 [ 1925.773626][ T6272] CPU: 0 PID: 6272 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1925.783702][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1925.793586][ T6272] Call Trace: [ 1925.796704][ T6272] [ 1925.799481][ T6272] dump_stack_lvl+0x151/0x1b7 [ 1925.803995][ T6272] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1925.809476][ T6272] dump_stack+0x15/0x17 [ 1925.813457][ T6272] should_fail+0x3c6/0x510 [ 1925.817712][ T6272] __should_failslab+0xa4/0xe0 [ 1925.822310][ T6272] ? anon_vma_fork+0x1df/0x4e0 [ 1925.826909][ T6272] should_failslab+0x9/0x20 [ 1925.831251][ T6272] slab_pre_alloc_hook+0x37/0xd0 [ 1925.836025][ T6272] ? anon_vma_fork+0x1df/0x4e0 [ 1925.840623][ T6272] kmem_cache_alloc+0x44/0x200 [ 1925.845222][ T6272] anon_vma_fork+0x1df/0x4e0 [ 1925.849649][ T6272] copy_mm+0xa3a/0x13e0 [ 1925.853643][ T6272] ? copy_signal+0x610/0x610 14:13:54 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x100000000000000) [ 1925.858066][ T6272] ? __init_rwsem+0xd6/0x1c0 [ 1925.862493][ T6272] ? copy_signal+0x4e3/0x610 [ 1925.866941][ T6272] copy_process+0x1149/0x3290 [ 1925.871436][ T6272] ? proc_fail_nth_write+0x20b/0x290 [ 1925.876557][ T6272] ? fsnotify_perm+0x6a/0x5d0 [ 1925.881071][ T6272] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1925.886017][ T6272] ? vfs_write+0x9ec/0x1110 [ 1925.890358][ T6272] kernel_clone+0x21e/0x9e0 [ 1925.894697][ T6272] ? file_end_write+0x1c0/0x1c0 [ 1925.899384][ T6272] ? create_io_thread+0x1e0/0x1e0 [ 1925.904243][ T6272] ? mutex_unlock+0xb2/0x260 [ 1925.908671][ T6272] ? __mutex_lock_slowpath+0x10/0x10 [ 1925.913795][ T6272] __x64_sys_clone+0x23f/0x290 [ 1925.918401][ T6272] ? __do_sys_vfork+0x130/0x130 [ 1925.923087][ T6272] ? ksys_write+0x260/0x2c0 [ 1925.927425][ T6272] ? debug_smp_processor_id+0x17/0x20 [ 1925.932624][ T6272] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1925.938521][ T6272] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1925.943990][ T6272] do_syscall_64+0x3d/0xb0 [ 1925.948241][ T6272] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1925.953975][ T6272] RIP: 0033:0x7f895df3fda9 [ 1925.958226][ T6272] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1925.977664][ T6272] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1925.985906][ T6272] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1925.993719][ T6272] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1926.001531][ T6272] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf9, 0x7, 0xc, 0x4, 0x0, 0xfc, 0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_bp={&(0x7f0000000100), 0x2}, 0x4001, 0x2, 0x7, 0x4, 0x7, 0x3f, 0x3, 0x0, 0x3, 0x0, 0x8000}, 0x0, 0xf, 0xffffffffffffffff, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc0, 0x0, 0x0, 0x40, 0x0, 0x101, 0x2, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffe00, 0x0, @perf_config_ext={0x3, 0x9}, 0x10a428, 0xb9f, 0x9, 0x3, 0x7ff, 0xad, 0x101, 0x0, 0xfd, 0x0, 0x6}, r0, 0xe, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x8, 0xff, 0x81, 0x0, 0xf43, 0xc0201, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff1f7a, 0x0, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x10001, 0x3, 0x992, 0x9, 0x8, 0x0, 0x2, 0x0, 0x80000000}, r0, 0x7, r1, 0xb) 14:13:54 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x0, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:54 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) [ 1926.009429][ T6272] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1926.017268][ T6272] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1926.025056][ T6272] 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf9, 0x7, 0xc, 0x4, 0x0, 0xfc, 0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_bp={&(0x7f0000000100), 0x2}, 0x4001, 0x2, 0x7, 0x4, 0x7, 0x3f, 0x3, 0x0, 0x3, 0x0, 0x8000}, 0x0, 0xf, 0xffffffffffffffff, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc0, 0x0, 0x0, 0x40, 0x0, 0x101, 0x2, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffe00, 0x0, @perf_config_ext={0x3, 0x9}, 0x10a428, 0xb9f, 0x9, 0x3, 0x7ff, 0xad, 0x101, 0x0, 0xfd, 0x0, 0x6}, r0, 0xe, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x8, 0xff, 0x81, 0x0, 0xf43, 0xc0201, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff1f7a, 0x0, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x10001, 0x3, 0x992, 0x9, 0x8, 0x0, 0x2, 0x0, 0x80000000}, r0, 0x7, r1, 0xb) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf9, 0x7, 0xc, 0x4, 0x0, 0xfc, 0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_bp={&(0x7f0000000100), 0x2}, 0x4001, 0x2, 0x7, 0x4, 0x7, 0x3f, 0x3, 0x0, 0x3, 0x0, 0x8000}, 0x0, 0xf, 0xffffffffffffffff, 0x8) (async) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc0, 0x0, 0x0, 0x40, 0x0, 0x101, 0x2, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffe00, 0x0, @perf_config_ext={0x3, 0x9}, 0x10a428, 0xb9f, 0x9, 0x3, 0x7ff, 0xad, 0x101, 0x0, 0xfd, 0x0, 0x6}, r0, 0xe, 0xffffffffffffffff, 0x1) (async) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x8, 0xff, 0x81, 0x0, 0xf43, 0xc0201, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff1f7a, 0x0, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x10001, 0x3, 0x992, 0x9, 0x8, 0x0, 0x2, 0x0, 0x80000000}, r0, 0x7, r1, 0xb) (async) 14:13:54 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x0, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1926.090488][ T6280] FAULT_INJECTION: forcing a failure. [ 1926.090488][ T6280] name failslab, interval 1, probability 0, space 0, times 0 [ 1926.129885][ T6280] CPU: 1 PID: 6280 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1926.139973][ T6280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1926.149858][ T6280] Call Trace: [ 1926.152991][ T6280] [ 1926.155758][ T6280] dump_stack_lvl+0x151/0x1b7 [ 1926.160275][ T6280] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1926.165737][ T6280] ? avc_denied+0x1b0/0x1b0 [ 1926.170082][ T6280] dump_stack+0x15/0x17 [ 1926.174069][ T6280] should_fail+0x3c6/0x510 [ 1926.178324][ T6280] __should_failslab+0xa4/0xe0 [ 1926.182925][ T6280] ? vm_area_dup+0x26/0x230 14:13:54 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0xe, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffff0001}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5865}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x3}]}, &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x1, 0x4, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340)=[{0x0, 0x2, 0x8, 0xc}], 0x10, 0x13d}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x7203, 0x15, 0xe2, 0x20c4, r0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0xe}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r4, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400), ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000ac0)=[0x0], &(0x7f0000000c00)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001600), 0x0, 0x10, &(0x7f0000001680), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001700)}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x8c9, 0x8, 0x9, 0x100, r2, 0x3, '\x00', r3, r4, 0x3, 0x0, 0x1, 0x5}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000380)='dax_writeback_one\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf9, 0x7, 0xc, 0x4, 0x0, 0xfc, 0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_bp={&(0x7f0000000100), 0x2}, 0x4001, 0x2, 0x7, 0x4, 0x7, 0x3f, 0x3, 0x0, 0x3, 0x0, 0x8000}, 0x0, 0xf, 0xffffffffffffffff, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc0, 0x0, 0x0, 0x40, 0x0, 0x101, 0x2, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffe00, 0x0, @perf_config_ext={0x3, 0x9}, 0x10a428, 0xb9f, 0x9, 0x3, 0x7ff, 0xad, 0x101, 0x0, 0xfd, 0x0, 0x6}, r0, 0xe, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x8, 0xff, 0x81, 0x0, 0xf43, 0xc0201, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff1f7a, 0x0, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x10001, 0x3, 0x992, 0x9, 0x8, 0x0, 0x2, 0x0, 0x80000000}, r0, 0x7, r1, 0xb) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf9, 0x7, 0xc, 0x4, 0x0, 0xfc, 0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_bp={&(0x7f0000000100), 0x2}, 0x4001, 0x2, 0x7, 0x4, 0x7, 0x3f, 0x3, 0x0, 0x3, 0x0, 0x8000}, 0x0, 0xf, 0xffffffffffffffff, 0x8) (async) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc0, 0x0, 0x0, 0x40, 0x0, 0x101, 0x2, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffe00, 0x0, @perf_config_ext={0x3, 0x9}, 0x10a428, 0xb9f, 0x9, 0x3, 0x7ff, 0xad, 0x101, 0x0, 0xfd, 0x0, 0x6}, r0, 0xe, 0xffffffffffffffff, 0x1) (async) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x8, 0xff, 0x81, 0x0, 0xf43, 0xc0201, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff1f7a, 0x0, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x10001, 0x3, 0x992, 0x9, 0x8, 0x0, 0x2, 0x0, 0x80000000}, r0, 0x7, r1, 0xb) (async) 14:13:54 executing program 4: syz_clone(0xc781e880, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1926.187273][ T6280] should_failslab+0x9/0x20 [ 1926.191604][ T6280] slab_pre_alloc_hook+0x37/0xd0 [ 1926.196380][ T6280] ? vm_area_dup+0x26/0x230 [ 1926.200716][ T6280] kmem_cache_alloc+0x44/0x200 [ 1926.205320][ T6280] vm_area_dup+0x26/0x230 [ 1926.209483][ T6280] copy_mm+0x9a1/0x13e0 [ 1926.213483][ T6280] ? copy_signal+0x610/0x610 [ 1926.217901][ T6280] ? __init_rwsem+0xd6/0x1c0 [ 1926.222331][ T6280] ? copy_signal+0x4e3/0x610 [ 1926.226758][ T6280] copy_process+0x1149/0x3290 [ 1926.231269][ T6280] ? proc_fail_nth_write+0x20b/0x290 [ 1926.236389][ T6280] ? fsnotify_perm+0x6a/0x5d0 [ 1926.240903][ T6280] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1926.245847][ T6280] ? vfs_write+0x9ec/0x1110 [ 1926.250192][ T6280] kernel_clone+0x21e/0x9e0 [ 1926.254527][ T6280] ? file_end_write+0x1c0/0x1c0 [ 1926.259217][ T6280] ? create_io_thread+0x1e0/0x1e0 [ 1926.264082][ T6280] ? mutex_unlock+0xb2/0x260 [ 1926.268503][ T6280] ? __mutex_lock_slowpath+0x10/0x10 [ 1926.273627][ T6280] __x64_sys_clone+0x23f/0x290 [ 1926.278225][ T6280] ? __do_sys_vfork+0x130/0x130 [ 1926.282906][ T6280] ? ksys_write+0x260/0x2c0 [ 1926.287254][ T6280] ? debug_smp_processor_id+0x17/0x20 [ 1926.292453][ T6280] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1926.298353][ T6280] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1926.303841][ T6280] do_syscall_64+0x3d/0xb0 [ 1926.308079][ T6280] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1926.313805][ T6280] RIP: 0033:0x7f895df3fda9 [ 1926.318064][ T6280] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:54 executing program 4: syz_clone(0xc781e880, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:54 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) [ 1926.337500][ T6280] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1926.345755][ T6280] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1926.353554][ T6280] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1926.361366][ T6280] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1926.369175][ T6280] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1926.376990][ T6280] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1926.384805][ T6280] 14:13:54 executing program 4: syz_clone(0xc781e880, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_clone(0x0, &(0x7f00000002c0)="a583698bd45db042f896708a3762ed504a9071b213bb06cfa6014d2c7121121e9795996c7cd769f32c67fb53f10d1c1dd7bdd0fccd2af2f8a45022f7a860f9e5119d", 0x42, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000380)="61c0e5dd0ca28c7852d9bcbf81fc1afbb2262a40b83dcd7c1e01de85d79f62df7c5e283669bafacd9aa427e30e66e7ac5a676e305750b288d2f92035cafccd94233f9ba43d3828d34e5fadd918b7afe6962aa943de94fa159ca70fac641ef90895e663059c9e01d055e34f37ba0d999e955fc37826b72b0405f1e21941b8d5f4e833e8") perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x7f, 0x0, 0x7f, 0x9a, 0x0, 0x9, 0x8b048, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x6}, 0x8, 0x6, 0xfb4, 0x8, 0x8, 0x0, 0xffff, 0x0, 0xee, 0x0, 0x6}, r0, 0x8, 0xffffffffffffffff, 0x8) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x7, 0x6, 0x0, 0x80, 0x0, 0x2, 0x80000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x2, 0xfffffffffffffffd}, 0x8020, 0x1ff, 0x0, 0x8, 0x80, 0x4, 0x0, 0x0, 0x4, 0x0, 0x80000001}, r1, 0x8, r2, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x3e, 0xc2, 0x0, 0x0, 0x1, 0xa0084, 0x9, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x81, 0x100}, 0x8884, 0x1, 0x7ff, 0x0, 0x2, 0xfffffff9, 0xc8, 0x0, 0x1000, 0x0, 0x8}, r1, 0x6, 0xffffffffffffffff, 0x3) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r1, r3, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = syz_clone(0x0, &(0x7f00000002c0)="a583698bd45db042f896708a3762ed504a9071b213bb06cfa6014d2c7121121e9795996c7cd769f32c67fb53f10d1c1dd7bdd0fccd2af2f8a45022f7a860f9e5119d", 0x42, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000380)="61c0e5dd0ca28c7852d9bcbf81fc1afbb2262a40b83dcd7c1e01de85d79f62df7c5e283669bafacd9aa427e30e66e7ac5a676e305750b288d2f92035cafccd94233f9ba43d3828d34e5fadd918b7afe6962aa943de94fa159ca70fac641ef90895e663059c9e01d055e34f37ba0d999e955fc37826b72b0405f1e21941b8d5f4e833e8") perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x7f, 0x0, 0x7f, 0x9a, 0x0, 0x9, 0x8b048, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x6}, 0x8, 0x6, 0xfb4, 0x8, 0x8, 0x0, 0xffff, 0x0, 0xee, 0x0, 0x6}, r0, 0x8, 0xffffffffffffffff, 0x8) (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x7, 0x6, 0x0, 0x80, 0x0, 0x2, 0x80000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x2, 0xfffffffffffffffd}, 0x8020, 0x1ff, 0x0, 0x8, 0x80, 0x4, 0x0, 0x0, 0x4, 0x0, 0x80000001}, r1, 0x8, r2, 0x0) (async) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x3e, 0xc2, 0x0, 0x0, 0x1, 0xa0084, 0x9, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x81, 0x100}, 0x8884, 0x1, 0x7ff, 0x0, 0x2, 0xfffffff9, 0xc8, 0x0, 0x1000, 0x0, 0x8}, r1, 0x6, 0xffffffffffffffff, 0x3) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r1, r3, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) [ 1926.402902][ T6302] FAULT_INJECTION: forcing a failure. [ 1926.402902][ T6302] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1926.418628][ T6302] CPU: 1 PID: 6302 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1926.428705][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1926.438605][ T6302] Call Trace: [ 1926.441722][ T6302] [ 1926.444513][ T6302] dump_stack_lvl+0x151/0x1b7 14:13:54 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_clone(0x0, &(0x7f00000002c0)="a583698bd45db042f896708a3762ed504a9071b213bb06cfa6014d2c7121121e9795996c7cd769f32c67fb53f10d1c1dd7bdd0fccd2af2f8a45022f7a860f9e5119d", 0x42, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000380)="61c0e5dd0ca28c7852d9bcbf81fc1afbb2262a40b83dcd7c1e01de85d79f62df7c5e283669bafacd9aa427e30e66e7ac5a676e305750b288d2f92035cafccd94233f9ba43d3828d34e5fadd918b7afe6962aa943de94fa159ca70fac641ef90895e663059c9e01d055e34f37ba0d999e955fc37826b72b0405f1e21941b8d5f4e833e8") perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x7f, 0x0, 0x7f, 0x9a, 0x0, 0x9, 0x8b048, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x6}, 0x8, 0x6, 0xfb4, 0x8, 0x8, 0x0, 0xffff, 0x0, 0xee, 0x0, 0x6}, r0, 0x8, 0xffffffffffffffff, 0x8) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x7, 0x6, 0x0, 0x80, 0x0, 0x2, 0x80000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x2, 0xfffffffffffffffd}, 0x8020, 0x1ff, 0x0, 0x8, 0x80, 0x4, 0x0, 0x0, 0x4, 0x0, 0x80000001}, r1, 0x8, r2, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x3e, 0xc2, 0x0, 0x0, 0x1, 0xa0084, 0x9, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x81, 0x100}, 0x8884, 0x1, 0x7ff, 0x0, 0x2, 0xfffffff9, 0xc8, 0x0, 0x1000, 0x0, 0x8}, r1, 0x6, 0xffffffffffffffff, 0x3) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r1, r3, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x0, &(0x7f00000002c0)="a583698bd45db042f896708a3762ed504a9071b213bb06cfa6014d2c7121121e9795996c7cd769f32c67fb53f10d1c1dd7bdd0fccd2af2f8a45022f7a860f9e5119d", 0x42, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000380)="61c0e5dd0ca28c7852d9bcbf81fc1afbb2262a40b83dcd7c1e01de85d79f62df7c5e283669bafacd9aa427e30e66e7ac5a676e305750b288d2f92035cafccd94233f9ba43d3828d34e5fadd918b7afe6962aa943de94fa159ca70fac641ef90895e663059c9e01d055e34f37ba0d999e955fc37826b72b0405f1e21941b8d5f4e833e8") (async) perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x7f, 0x0, 0x7f, 0x9a, 0x0, 0x9, 0x8b048, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000180), 0x6}, 0x8, 0x6, 0xfb4, 0x8, 0x8, 0x0, 0xffff, 0x0, 0xee, 0x0, 0x6}, r0, 0x8, 0xffffffffffffffff, 0x8) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x7, 0x6, 0x0, 0x80, 0x0, 0x2, 0x80000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x2, 0xfffffffffffffffd}, 0x8020, 0x1ff, 0x0, 0x8, 0x80, 0x4, 0x0, 0x0, 0x4, 0x0, 0x80000001}, r1, 0x8, r2, 0x0) (async) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x3e, 0xc2, 0x0, 0x0, 0x1, 0xa0084, 0x9, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x81, 0x100}, 0x8884, 0x1, 0x7ff, 0x0, 0x2, 0xfffffff9, 0xc8, 0x0, 0x1000, 0x0, 0x8}, r1, 0x6, 0xffffffffffffffff, 0x3) (async) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r1, r3, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) (async) [ 1926.449019][ T6302] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1926.454493][ T6302] dump_stack+0x15/0x17 [ 1926.458561][ T6302] should_fail+0x3c6/0x510 [ 1926.462817][ T6302] should_fail_alloc_page+0x5a/0x80 [ 1926.467850][ T6302] prepare_alloc_pages+0x15c/0x700 [ 1926.472967][ T6302] ? __alloc_pages_bulk+0xe40/0xe40 [ 1926.478011][ T6302] __alloc_pages+0x18c/0x8f0 [ 1926.482424][ T6302] ? prep_new_page+0x110/0x110 [ 1926.487020][ T6302] ? __alloc_pages+0x27e/0x8f0 [ 1926.491732][ T6302] ? __kasan_check_write+0x14/0x20 [ 1926.496675][ T6302] ? _raw_spin_lock+0xa4/0x1b0 [ 1926.501273][ T6302] __pmd_alloc+0xb1/0x550 [ 1926.505440][ T6302] ? __pud_alloc+0x260/0x260 [ 1926.509866][ T6302] ? __pud_alloc+0x213/0x260 [ 1926.514316][ T6302] ? do_handle_mm_fault+0x2330/0x2330 [ 1926.519508][ T6302] ? __stack_depot_save+0x34/0x470 [ 1926.524444][ T6302] ? anon_vma_clone+0x9a/0x500 [ 1926.529050][ T6302] copy_page_range+0x2b3d/0x2f90 [ 1926.533820][ T6302] ? __kasan_slab_alloc+0xb1/0xe0 [ 1926.538767][ T6302] ? slab_post_alloc_hook+0x53/0x2c0 [ 1926.543887][ T6302] ? copy_mm+0xa3a/0x13e0 [ 1926.548052][ T6302] ? copy_process+0x1149/0x3290 [ 1926.552741][ T6302] ? kernel_clone+0x21e/0x9e0 [ 1926.557255][ T6302] ? do_syscall_64+0x3d/0xb0 [ 1926.561684][ T6302] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1926.567595][ T6302] ? pfn_valid+0x1e0/0x1e0 [ 1926.571840][ T6302] ? rwsem_write_trylock+0x15b/0x290 [ 1926.576958][ T6302] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1926.583294][ T6302] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1926.588847][ T6302] ? __rb_insert_augmented+0x5de/0x610 [ 1926.594143][ T6302] copy_mm+0xc7e/0x13e0 [ 1926.598137][ T6302] ? copy_signal+0x610/0x610 [ 1926.602559][ T6302] ? __init_rwsem+0xd6/0x1c0 [ 1926.606988][ T6302] ? copy_signal+0x4e3/0x610 [ 1926.611411][ T6302] copy_process+0x1149/0x3290 [ 1926.615929][ T6302] ? proc_fail_nth_write+0x20b/0x290 [ 1926.621046][ T6302] ? fsnotify_perm+0x6a/0x5d0 [ 1926.625575][ T6302] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1926.630508][ T6302] ? vfs_write+0x9ec/0x1110 [ 1926.634849][ T6302] kernel_clone+0x21e/0x9e0 [ 1926.639192][ T6302] ? file_end_write+0x1c0/0x1c0 [ 1926.643875][ T6302] ? create_io_thread+0x1e0/0x1e0 [ 1926.648731][ T6302] ? mutex_unlock+0xb2/0x260 [ 1926.653164][ T6302] ? __mutex_lock_slowpath+0x10/0x10 [ 1926.658290][ T6302] __x64_sys_clone+0x23f/0x290 [ 1926.662998][ T6302] ? __do_sys_vfork+0x130/0x130 [ 1926.667682][ T6302] ? ksys_write+0x260/0x2c0 [ 1926.672024][ T6302] ? debug_smp_processor_id+0x17/0x20 [ 1926.677228][ T6302] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1926.683133][ T6302] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1926.688600][ T6302] do_syscall_64+0x3d/0xb0 [ 1926.692860][ T6302] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1926.698580][ T6302] RIP: 0033:0x7f895df3fda9 [ 1926.702922][ T6302] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1926.722480][ T6302] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1926.730706][ T6302] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1926.738608][ T6302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:55 executing program 4: socketpair(0x1, 0x800, 0x4, &(0x7f0000000000)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:55 executing program 4: socketpair(0x1, 0x800, 0x4, &(0x7f0000000000)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:55 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) [ 1926.746417][ T6302] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1926.754657][ T6302] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1926.762560][ T6302] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1926.770369][ T6302] 14:13:55 executing program 4: socketpair(0x1, 0x800, 0x4, &(0x7f0000000000)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1926.804622][ T6328] FAULT_INJECTION: forcing a failure. [ 1926.804622][ T6328] name failslab, interval 1, probability 0, space 0, times 0 [ 1926.824218][ T6328] CPU: 0 PID: 6328 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1926.834288][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1926.844188][ T6328] Call Trace: [ 1926.847304][ T6328] [ 1926.850082][ T6328] dump_stack_lvl+0x151/0x1b7 [ 1926.854595][ T6328] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1926.860063][ T6328] dump_stack+0x15/0x17 [ 1926.864141][ T6328] should_fail+0x3c6/0x510 [ 1926.868393][ T6328] __should_failslab+0xa4/0xe0 [ 1926.872994][ T6328] ? anon_vma_clone+0x9a/0x500 [ 1926.877594][ T6328] should_failslab+0x9/0x20 [ 1926.881933][ T6328] slab_pre_alloc_hook+0x37/0xd0 [ 1926.886736][ T6328] ? anon_vma_clone+0x9a/0x500 [ 1926.891317][ T6328] kmem_cache_alloc+0x44/0x200 [ 1926.895906][ T6328] anon_vma_clone+0x9a/0x500 [ 1926.900334][ T6328] anon_vma_fork+0x91/0x4e0 [ 1926.904672][ T6328] ? anon_vma_name+0x4c/0x70 [ 1926.909097][ T6328] ? vm_area_dup+0x17a/0x230 [ 1926.913527][ T6328] copy_mm+0xa3a/0x13e0 [ 1926.917521][ T6328] ? copy_signal+0x610/0x610 [ 1926.921945][ T6328] ? __init_rwsem+0xd6/0x1c0 [ 1926.926379][ T6328] ? copy_signal+0x4e3/0x610 [ 1926.930798][ T6328] copy_process+0x1149/0x3290 [ 1926.935318][ T6328] ? proc_fail_nth_write+0x20b/0x290 [ 1926.940439][ T6328] ? fsnotify_perm+0x6a/0x5d0 [ 1926.944945][ T6328] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1926.949894][ T6328] ? vfs_write+0x9ec/0x1110 [ 1926.954235][ T6328] kernel_clone+0x21e/0x9e0 [ 1926.958572][ T6328] ? file_end_write+0x1c0/0x1c0 [ 1926.963268][ T6328] ? create_io_thread+0x1e0/0x1e0 [ 1926.968123][ T6328] ? mutex_unlock+0xb2/0x260 [ 1926.972547][ T6328] ? __mutex_lock_slowpath+0x10/0x10 [ 1926.977665][ T6328] __x64_sys_clone+0x23f/0x290 [ 1926.982265][ T6328] ? __do_sys_vfork+0x130/0x130 [ 1926.986952][ T6328] ? ksys_write+0x260/0x2c0 [ 1926.991294][ T6328] ? debug_smp_processor_id+0x17/0x20 [ 1926.996500][ T6328] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1927.002409][ T6328] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1927.007871][ T6328] do_syscall_64+0x3d/0xb0 [ 1927.012122][ T6328] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1927.017850][ T6328] RIP: 0033:0x7f895df3fda9 [ 1927.022105][ T6328] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1927.041545][ T6328] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:55 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x0, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:55 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0xe, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffff0001}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5865}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x3}]}, &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x1, 0x4, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340)=[{0x0, 0x2, 0x8, 0xc}], 0x10, 0x13d}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x7203, 0x15, 0xe2, 0x20c4, r0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0xe}, 0x48) (async, rerun: 64) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async, rerun: 64) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r4, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400), ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000ac0)=[0x0], &(0x7f0000000c00)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001600), 0x0, 0x10, &(0x7f0000001680), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001700)}}, 0x10) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x8c9, 0x8, 0x9, 0x100, r2, 0x3, '\x00', r3, r4, 0x3, 0x0, 0x1, 0x5}, 0x48) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000380)='dax_writeback_one\x00', r1}, 0x10) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) [ 1927.049793][ T6328] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1927.057603][ T6328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1927.065412][ T6328] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1927.073227][ T6328] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1927.081041][ T6328] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1927.088854][ T6328] 14:13:55 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x200000000000000) 14:13:55 executing program 4: r0 = syz_clone(0x8084000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x5, 0x5, 0x0, 0x1, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0xfff, 0x1f}, 0x100, 0x6, 0x4, 0x0, 0x1004000000, 0x8001, 0x7ff, 0x0, 0x8, 0x0, 0xfeb}, r0, 0x3, 0xffffffffffffffff, 0x0) 14:13:55 executing program 4: r0 = syz_clone(0x8084000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x5, 0x5, 0x0, 0x1, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0xfff, 0x1f}, 0x100, 0x6, 0x4, 0x0, 0x1004000000, 0x8001, 0x7ff, 0x0, 0x8, 0x0, 0xfeb}, r0, 0x3, 0xffffffffffffffff, 0x0) 14:13:55 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 14:13:55 executing program 4: r0 = syz_clone(0x8084000, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x5, 0x5, 0x0, 0x1, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0xfff, 0x1f}, 0x100, 0x6, 0x4, 0x0, 0x1004000000, 0x8001, 0x7ff, 0x0, 0x8, 0x0, 0xfeb}, r0, 0x3, 0xffffffffffffffff, 0x0) 14:13:55 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x0, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:55 executing program 4: syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:55 executing program 4: syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:55 executing program 4: syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1927.217475][ T6346] FAULT_INJECTION: forcing a failure. [ 1927.217475][ T6346] name failslab, interval 1, probability 0, space 0, times 0 [ 1927.238472][ T6346] CPU: 1 PID: 6346 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1927.248551][ T6346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1927.258449][ T6346] Call Trace: [ 1927.261572][ T6346] 14:13:55 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(r0, &(0x7f0000001240)='memory.swap.current\x00', 0x0, 0x0) recvmsg$unix(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f0000000080)=""/230, 0xe6}], 0x2, &(0x7f00000001c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x138}, 0x2000) openat$cgroup_ro(r1, &(0x7f0000000340)='freezer.state\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x6, 0x80, 0x3, 0x4, 0x6, 0xea, 0x0, 0x3bf, 0x4041, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000003c0)}, 0x2c201, 0x313, 0x10001, 0x5, 0x7fff, 0x7ff, 0x0, 0x0, 0x7fffffff}, 0x0, 0x1, 0xffffffffffffffff, 0x1) [ 1927.264349][ T6346] dump_stack_lvl+0x151/0x1b7 [ 1927.268861][ T6346] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1927.274340][ T6346] dump_stack+0x15/0x17 [ 1927.278320][ T6346] should_fail+0x3c6/0x510 [ 1927.282573][ T6346] __should_failslab+0xa4/0xe0 [ 1927.287182][ T6346] ? vm_area_dup+0x26/0x230 [ 1927.291511][ T6346] should_failslab+0x9/0x20 [ 1927.295852][ T6346] slab_pre_alloc_hook+0x37/0xd0 [ 1927.300640][ T6346] ? vm_area_dup+0x26/0x230 [ 1927.304963][ T6346] kmem_cache_alloc+0x44/0x200 [ 1927.309563][ T6346] vm_area_dup+0x26/0x230 [ 1927.313739][ T6346] copy_mm+0x9a1/0x13e0 [ 1927.317722][ T6346] ? copy_signal+0x610/0x610 [ 1927.322146][ T6346] ? __init_rwsem+0xd6/0x1c0 [ 1927.326579][ T6346] ? copy_signal+0x4e3/0x610 [ 1927.331005][ T6346] copy_process+0x1149/0x3290 [ 1927.335519][ T6346] ? proc_fail_nth_write+0x20b/0x290 [ 1927.340630][ T6346] ? fsnotify_perm+0x6a/0x5d0 [ 1927.345151][ T6346] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1927.350092][ T6346] ? vfs_write+0x9ec/0x1110 [ 1927.354433][ T6346] kernel_clone+0x21e/0x9e0 [ 1927.358771][ T6346] ? file_end_write+0x1c0/0x1c0 [ 1927.363471][ T6346] ? create_io_thread+0x1e0/0x1e0 [ 1927.368321][ T6346] ? mutex_unlock+0xb2/0x260 [ 1927.373288][ T6346] ? __mutex_lock_slowpath+0x10/0x10 [ 1927.378474][ T6346] __x64_sys_clone+0x23f/0x290 [ 1927.383083][ T6346] ? __do_sys_vfork+0x130/0x130 [ 1927.387762][ T6346] ? ksys_write+0x260/0x2c0 [ 1927.392100][ T6346] ? debug_smp_processor_id+0x17/0x20 [ 1927.397307][ T6346] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1927.403223][ T6346] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1927.408684][ T6346] do_syscall_64+0x3d/0xb0 [ 1927.412930][ T6346] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1927.418677][ T6346] RIP: 0033:0x7f895df3fda9 [ 1927.422923][ T6346] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1927.442353][ T6346] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1927.450684][ T6346] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1927.458495][ T6346] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:55 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) [ 1927.466306][ T6346] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1927.474119][ T6346] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1927.481930][ T6346] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1927.489749][ T6346] 14:13:55 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(r0, &(0x7f0000001240)='memory.swap.current\x00', 0x0, 0x0) recvmsg$unix(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f0000000080)=""/230, 0xe6}], 0x2, &(0x7f00000001c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x138}, 0x2000) openat$cgroup_ro(r1, &(0x7f0000000340)='freezer.state\x00', 0x0, 0x0) (async) perf_event_open(&(0x7f0000000400)={0x6, 0x80, 0x3, 0x4, 0x6, 0xea, 0x0, 0x3bf, 0x4041, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000003c0)}, 0x2c201, 0x313, 0x10001, 0x5, 0x7fff, 0x7ff, 0x0, 0x0, 0x7fffffff}, 0x0, 0x1, 0xffffffffffffffff, 0x1) [ 1927.523890][ T6365] FAULT_INJECTION: forcing a failure. [ 1927.523890][ T6365] name failslab, interval 1, probability 0, space 0, times 0 [ 1927.543893][ T6365] CPU: 0 PID: 6365 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1927.553974][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1927.563861][ T6365] Call Trace: [ 1927.566984][ T6365] [ 1927.569764][ T6365] dump_stack_lvl+0x151/0x1b7 [ 1927.574279][ T6365] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1927.579743][ T6365] dump_stack+0x15/0x17 [ 1927.583732][ T6365] should_fail+0x3c6/0x510 [ 1927.587983][ T6365] __should_failslab+0xa4/0xe0 [ 1927.592587][ T6365] ? anon_vma_fork+0x1df/0x4e0 [ 1927.597183][ T6365] should_failslab+0x9/0x20 [ 1927.601532][ T6365] slab_pre_alloc_hook+0x37/0xd0 [ 1927.606297][ T6365] ? anon_vma_fork+0x1df/0x4e0 [ 1927.610898][ T6365] kmem_cache_alloc+0x44/0x200 [ 1927.615497][ T6365] anon_vma_fork+0x1df/0x4e0 [ 1927.619926][ T6365] copy_mm+0xa3a/0x13e0 [ 1927.623918][ T6365] ? copy_signal+0x610/0x610 [ 1927.628349][ T6365] ? __init_rwsem+0xd6/0x1c0 [ 1927.632770][ T6365] ? copy_signal+0x4e3/0x610 [ 1927.637196][ T6365] copy_process+0x1149/0x3290 [ 1927.641709][ T6365] ? proc_fail_nth_write+0x20b/0x290 [ 1927.646835][ T6365] ? fsnotify_perm+0x6a/0x5d0 [ 1927.651343][ T6365] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1927.656289][ T6365] ? vfs_write+0x9ec/0x1110 [ 1927.660637][ T6365] kernel_clone+0x21e/0x9e0 [ 1927.664975][ T6365] ? file_end_write+0x1c0/0x1c0 [ 1927.669656][ T6365] ? create_io_thread+0x1e0/0x1e0 [ 1927.674516][ T6365] ? mutex_unlock+0xb2/0x260 [ 1927.678946][ T6365] ? __mutex_lock_slowpath+0x10/0x10 [ 1927.684065][ T6365] __x64_sys_clone+0x23f/0x290 [ 1927.688676][ T6365] ? __do_sys_vfork+0x130/0x130 [ 1927.693352][ T6365] ? ksys_write+0x260/0x2c0 [ 1927.697697][ T6365] ? debug_smp_processor_id+0x17/0x20 [ 1927.702994][ T6365] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1927.708888][ T6365] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1927.714356][ T6365] do_syscall_64+0x3d/0xb0 [ 1927.718608][ T6365] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1927.724335][ T6365] RIP: 0033:0x7f895df3fda9 [ 1927.728589][ T6365] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1927.748030][ T6365] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1927.756286][ T6365] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1927.764085][ T6365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:56 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(r0, &(0x7f0000001240)='memory.swap.current\x00', 0x0, 0x0) (async) recvmsg$unix(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f0000000080)=""/230, 0xe6}], 0x2, &(0x7f00000001c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x138}, 0x2000) openat$cgroup_ro(r1, &(0x7f0000000340)='freezer.state\x00', 0x0, 0x0) (async) perf_event_open(&(0x7f0000000400)={0x6, 0x80, 0x3, 0x4, 0x6, 0xea, 0x0, 0x3bf, 0x4041, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000003c0)}, 0x2c201, 0x313, 0x10001, 0x5, 0x7fff, 0x7ff, 0x0, 0x0, 0x7fffffff}, 0x0, 0x1, 0xffffffffffffffff, 0x1) 14:13:56 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) [ 1927.771909][ T6365] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1927.779796][ T6365] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1927.787610][ T6365] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1927.795438][ T6365] 14:13:56 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x0, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:56 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001640)={'syzkaller0\x00', 0x2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x50}, {0x6}]}) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1927.815709][ T6374] FAULT_INJECTION: forcing a failure. [ 1927.815709][ T6374] name failslab, interval 1, probability 0, space 0, times 0 [ 1927.829266][ T6374] CPU: 1 PID: 6374 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1927.839332][ T6374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1927.849231][ T6374] Call Trace: [ 1927.852349][ T6374] [ 1927.855126][ T6374] dump_stack_lvl+0x151/0x1b7 [ 1927.859636][ T6374] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1927.865113][ T6374] dump_stack+0x15/0x17 [ 1927.869105][ T6374] should_fail+0x3c6/0x510 [ 1927.873354][ T6374] __should_failslab+0xa4/0xe0 [ 1927.877956][ T6374] ? vm_area_dup+0x26/0x230 [ 1927.882295][ T6374] should_failslab+0x9/0x20 [ 1927.886632][ T6374] slab_pre_alloc_hook+0x37/0xd0 [ 1927.891403][ T6374] ? vm_area_dup+0x26/0x230 [ 1927.895747][ T6374] kmem_cache_alloc+0x44/0x200 [ 1927.900346][ T6374] vm_area_dup+0x26/0x230 [ 1927.904509][ T6374] copy_mm+0x9a1/0x13e0 [ 1927.908506][ T6374] ? copy_signal+0x610/0x610 [ 1927.912926][ T6374] ? __init_rwsem+0xd6/0x1c0 [ 1927.917355][ T6374] ? copy_signal+0x4e3/0x610 [ 1927.921779][ T6374] copy_process+0x1149/0x3290 [ 1927.926296][ T6374] ? proc_fail_nth_write+0x20b/0x290 [ 1927.931465][ T6374] ? fsnotify_perm+0x6a/0x5d0 [ 1927.935926][ T6374] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1927.940882][ T6374] ? vfs_write+0x9ec/0x1110 [ 1927.945215][ T6374] kernel_clone+0x21e/0x9e0 [ 1927.949554][ T6374] ? file_end_write+0x1c0/0x1c0 [ 1927.954250][ T6374] ? create_io_thread+0x1e0/0x1e0 [ 1927.959099][ T6374] ? mutex_unlock+0xb2/0x260 [ 1927.963539][ T6374] ? __mutex_lock_slowpath+0x10/0x10 [ 1927.968649][ T6374] __x64_sys_clone+0x23f/0x290 [ 1927.973261][ T6374] ? __do_sys_vfork+0x130/0x130 [ 1927.977938][ T6374] ? ksys_write+0x260/0x2c0 [ 1927.982276][ T6374] ? debug_smp_processor_id+0x17/0x20 [ 1927.987482][ T6374] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1927.993386][ T6374] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1927.998856][ T6374] do_syscall_64+0x3d/0xb0 [ 1928.003106][ T6374] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1928.008834][ T6374] RIP: 0033:0x7f895df3fda9 [ 1928.013095][ T6374] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1928.032529][ T6374] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1928.040773][ T6374] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1928.048584][ T6374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1928.056396][ T6374] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:56 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0xe, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffff0001}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5865}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x3}]}, &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x1, 0x4, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340)=[{0x0, 0x2, 0x8, 0xc}], 0x10, 0x13d}, 0x90) (async, rerun: 32) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x7203, 0x15, 0xe2, 0x20c4, r0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0xe}, 0x48) (async, rerun: 32) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r4, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400), ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000ac0)=[0x0], &(0x7f0000000c00)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001600), 0x0, 0x10, &(0x7f0000001680), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001700)}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x8c9, 0x8, 0x9, 0x100, r2, 0x3, '\x00', r3, r4, 0x3, 0x0, 0x1, 0x5}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000380)='dax_writeback_one\x00', r1}, 0x10) (async, rerun: 64) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) (rerun: 64) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 14:13:56 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) [ 1928.064212][ T6374] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1928.072033][ T6374] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1928.079834][ T6374] [ 1928.122670][ T6387] FAULT_INJECTION: forcing a failure. [ 1928.122670][ T6387] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1928.136625][ T6387] CPU: 1 PID: 6387 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1928.146706][ T6387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1928.156684][ T6387] Call Trace: [ 1928.159808][ T6387] [ 1928.162588][ T6387] dump_stack_lvl+0x151/0x1b7 [ 1928.167108][ T6387] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1928.172563][ T6387] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1928.178059][ T6387] dump_stack+0x15/0x17 [ 1928.182022][ T6387] should_fail+0x3c6/0x510 [ 1928.186277][ T6387] should_fail_alloc_page+0x5a/0x80 [ 1928.191312][ T6387] prepare_alloc_pages+0x15c/0x700 [ 1928.196270][ T6387] ? __alloc_pages_bulk+0xe40/0xe40 [ 1928.201288][ T6387] ? sched_clock+0x9/0x10 [ 1928.205458][ T6387] __alloc_pages+0x18c/0x8f0 [ 1928.209885][ T6387] ? prep_new_page+0x110/0x110 [ 1928.214485][ T6387] ? 0xffffffffa0028ab8 [ 1928.218478][ T6387] ? is_bpf_text_address+0x172/0x190 [ 1928.223605][ T6387] pte_alloc_one+0x73/0x1b0 [ 1928.227936][ T6387] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1928.232970][ T6387] ? arch_stack_walk+0xf3/0x140 [ 1928.237658][ T6387] __pte_alloc+0x86/0x350 [ 1928.241824][ T6387] ? free_pgtables+0x280/0x280 [ 1928.246421][ T6387] ? _raw_spin_lock+0xa4/0x1b0 [ 1928.251023][ T6387] ? __kasan_check_write+0x14/0x20 [ 1928.256059][ T6387] copy_page_range+0x28a8/0x2f90 [ 1928.260844][ T6387] ? __kasan_slab_alloc+0xb1/0xe0 [ 1928.265704][ T6387] ? pfn_valid+0x1e0/0x1e0 [ 1928.269945][ T6387] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1928.275501][ T6387] ? __rb_insert_augmented+0x5de/0x610 [ 1928.280796][ T6387] copy_mm+0xc7e/0x13e0 [ 1928.284789][ T6387] ? copy_signal+0x610/0x610 [ 1928.289213][ T6387] ? __init_rwsem+0xd6/0x1c0 [ 1928.293641][ T6387] ? copy_signal+0x4e3/0x610 [ 1928.298067][ T6387] copy_process+0x1149/0x3290 [ 1928.302580][ T6387] ? proc_fail_nth_write+0x20b/0x290 [ 1928.307699][ T6387] ? fsnotify_perm+0x6a/0x5d0 [ 1928.312212][ T6387] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1928.317164][ T6387] ? vfs_write+0x9ec/0x1110 [ 1928.321502][ T6387] kernel_clone+0x21e/0x9e0 [ 1928.325852][ T6387] ? file_end_write+0x1c0/0x1c0 [ 1928.330530][ T6387] ? create_io_thread+0x1e0/0x1e0 [ 1928.335397][ T6387] ? mutex_unlock+0xb2/0x260 [ 1928.339822][ T6387] ? __mutex_lock_slowpath+0x10/0x10 [ 1928.344941][ T6387] __x64_sys_clone+0x23f/0x290 [ 1928.349537][ T6387] ? __do_sys_vfork+0x130/0x130 [ 1928.354308][ T6387] ? ksys_write+0x260/0x2c0 [ 1928.358655][ T6387] ? debug_smp_processor_id+0x17/0x20 [ 1928.364896][ T6387] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1928.370801][ T6387] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1928.376267][ T6387] do_syscall_64+0x3d/0xb0 [ 1928.380533][ T6387] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1928.386248][ T6387] RIP: 0033:0x7f895df3fda9 [ 1928.390503][ T6387] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1928.409940][ T6387] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:56 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x300000000000000) 14:13:56 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) [ 1928.418197][ T6387] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1928.425999][ T6387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1928.433810][ T6387] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1928.441620][ T6387] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1928.449865][ T6387] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1928.457691][ T6387] [ 1928.480781][ T6391] FAULT_INJECTION: forcing a failure. [ 1928.480781][ T6391] name failslab, interval 1, probability 0, space 0, times 0 [ 1928.493249][ T6391] CPU: 0 PID: 6391 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1928.503247][ T6391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1928.513408][ T6391] Call Trace: [ 1928.516531][ T6391] [ 1928.519307][ T6391] dump_stack_lvl+0x151/0x1b7 [ 1928.523818][ T6391] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1928.529292][ T6391] dump_stack+0x15/0x17 [ 1928.533285][ T6391] should_fail+0x3c6/0x510 [ 1928.537536][ T6391] __should_failslab+0xa4/0xe0 [ 1928.542238][ T6391] ? vm_area_dup+0x26/0x230 [ 1928.546570][ T6391] should_failslab+0x9/0x20 [ 1928.550909][ T6391] slab_pre_alloc_hook+0x37/0xd0 [ 1928.555682][ T6391] ? vm_area_dup+0x26/0x230 [ 1928.560022][ T6391] kmem_cache_alloc+0x44/0x200 [ 1928.564625][ T6391] vm_area_dup+0x26/0x230 [ 1928.568790][ T6391] copy_mm+0x9a1/0x13e0 [ 1928.572786][ T6391] ? copy_signal+0x610/0x610 [ 1928.577207][ T6391] ? __init_rwsem+0xd6/0x1c0 [ 1928.581633][ T6391] ? copy_signal+0x4e3/0x610 [ 1928.586067][ T6391] copy_process+0x1149/0x3290 [ 1928.590577][ T6391] ? proc_fail_nth_write+0x20b/0x290 [ 1928.595692][ T6391] ? fsnotify_perm+0x6a/0x5d0 [ 1928.600208][ T6391] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1928.605155][ T6391] ? vfs_write+0x9ec/0x1110 [ 1928.609496][ T6391] kernel_clone+0x21e/0x9e0 [ 1928.613833][ T6391] ? file_end_write+0x1c0/0x1c0 [ 1928.618537][ T6391] ? create_io_thread+0x1e0/0x1e0 [ 1928.623468][ T6391] ? mutex_unlock+0xb2/0x260 [ 1928.627893][ T6391] ? __mutex_lock_slowpath+0x10/0x10 [ 1928.633019][ T6391] __x64_sys_clone+0x23f/0x290 [ 1928.637620][ T6391] ? __do_sys_vfork+0x130/0x130 [ 1928.642296][ T6391] ? ksys_write+0x260/0x2c0 [ 1928.646647][ T6391] ? debug_smp_processor_id+0x17/0x20 [ 1928.651847][ T6391] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1928.657760][ T6391] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1928.663220][ T6391] do_syscall_64+0x3d/0xb0 [ 1928.667469][ T6391] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1928.673282][ T6391] RIP: 0033:0x7f895df3fda9 [ 1928.677809][ T6391] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1928.697947][ T6391] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1928.706187][ T6391] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1928.714008][ T6391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1928.721810][ T6391] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:57 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x0, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:57 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) [ 1928.729649][ T6391] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1928.737521][ T6391] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1928.745340][ T6391] [ 1928.773641][ T6397] FAULT_INJECTION: forcing a failure. [ 1928.773641][ T6397] name failslab, interval 1, probability 0, space 0, times 0 [ 1928.786814][ T6397] CPU: 0 PID: 6397 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1928.796879][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1928.806770][ T6397] Call Trace: [ 1928.809892][ T6397] [ 1928.812673][ T6397] dump_stack_lvl+0x151/0x1b7 [ 1928.817186][ T6397] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1928.822655][ T6397] dump_stack+0x15/0x17 [ 1928.826646][ T6397] should_fail+0x3c6/0x510 [ 1928.830899][ T6397] __should_failslab+0xa4/0xe0 [ 1928.835501][ T6397] ? vm_area_dup+0x26/0x230 [ 1928.839838][ T6397] should_failslab+0x9/0x20 [ 1928.844177][ T6397] slab_pre_alloc_hook+0x37/0xd0 [ 1928.848951][ T6397] ? vm_area_dup+0x26/0x230 [ 1928.853290][ T6397] kmem_cache_alloc+0x44/0x200 [ 1928.857900][ T6397] vm_area_dup+0x26/0x230 [ 1928.862064][ T6397] copy_mm+0x9a1/0x13e0 [ 1928.866072][ T6397] ? copy_signal+0x610/0x610 [ 1928.870476][ T6397] ? __init_rwsem+0xd6/0x1c0 [ 1928.874911][ T6397] ? copy_signal+0x4e3/0x610 [ 1928.879330][ T6397] copy_process+0x1149/0x3290 [ 1928.883858][ T6397] ? proc_fail_nth_write+0x20b/0x290 [ 1928.888963][ T6397] ? fsnotify_perm+0x6a/0x5d0 [ 1928.893476][ T6397] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1928.898424][ T6397] ? vfs_write+0x9ec/0x1110 [ 1928.902775][ T6397] kernel_clone+0x21e/0x9e0 [ 1928.907109][ T6397] ? file_end_write+0x1c0/0x1c0 [ 1928.911793][ T6397] ? create_io_thread+0x1e0/0x1e0 [ 1928.916737][ T6397] ? mutex_unlock+0xb2/0x260 [ 1928.921163][ T6397] ? __mutex_lock_slowpath+0x10/0x10 [ 1928.926284][ T6397] __x64_sys_clone+0x23f/0x290 [ 1928.930884][ T6397] ? __do_sys_vfork+0x130/0x130 [ 1928.935574][ T6397] ? ksys_write+0x260/0x2c0 [ 1928.939910][ T6397] ? debug_smp_processor_id+0x17/0x20 [ 1928.945117][ T6397] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1928.951038][ T6397] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1928.956498][ T6397] do_syscall_64+0x3d/0xb0 [ 1928.960738][ T6397] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1928.966467][ T6397] RIP: 0033:0x7f895df3fda9 [ 1928.970725][ T6397] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1928.990166][ T6397] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1928.998408][ T6397] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1929.006218][ T6397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1929.014037][ T6397] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:57 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001640)={'syzkaller0\x00', 0x2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x50}, {0x6}]}) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:57 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) [ 1929.021842][ T6397] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1929.029654][ T6397] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1929.037470][ T6397] [ 1929.062959][ T6401] FAULT_INJECTION: forcing a failure. [ 1929.062959][ T6401] name failslab, interval 1, probability 0, space 0, times 0 [ 1929.075430][ T6401] CPU: 1 PID: 6401 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1929.085434][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1929.095325][ T6401] Call Trace: [ 1929.098447][ T6401] [ 1929.101226][ T6401] dump_stack_lvl+0x151/0x1b7 [ 1929.105741][ T6401] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1929.111207][ T6401] ? avc_denied+0x1b0/0x1b0 [ 1929.115547][ T6401] dump_stack+0x15/0x17 [ 1929.119537][ T6401] should_fail+0x3c6/0x510 [ 1929.123792][ T6401] __should_failslab+0xa4/0xe0 [ 1929.128389][ T6401] ? vm_area_dup+0x26/0x230 [ 1929.132727][ T6401] should_failslab+0x9/0x20 [ 1929.137069][ T6401] slab_pre_alloc_hook+0x37/0xd0 [ 1929.141844][ T6401] ? vm_area_dup+0x26/0x230 [ 1929.146181][ T6401] kmem_cache_alloc+0x44/0x200 [ 1929.150785][ T6401] vm_area_dup+0x26/0x230 [ 1929.154951][ T6401] copy_mm+0x9a1/0x13e0 [ 1929.158972][ T6401] ? copy_signal+0x610/0x610 [ 1929.163368][ T6401] ? __init_rwsem+0xd6/0x1c0 [ 1929.167796][ T6401] ? copy_signal+0x4e3/0x610 [ 1929.172250][ T6401] copy_process+0x1149/0x3290 [ 1929.176736][ T6401] ? proc_fail_nth_write+0x20b/0x290 [ 1929.181855][ T6401] ? fsnotify_perm+0x6a/0x5d0 [ 1929.186370][ T6401] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1929.191314][ T6401] ? vfs_write+0x9ec/0x1110 [ 1929.195656][ T6401] kernel_clone+0x21e/0x9e0 [ 1929.200698][ T6401] ? file_end_write+0x1c0/0x1c0 [ 1929.205375][ T6401] ? create_io_thread+0x1e0/0x1e0 [ 1929.210237][ T6401] ? mutex_unlock+0xb2/0x260 [ 1929.214663][ T6401] ? __mutex_lock_slowpath+0x10/0x10 [ 1929.219786][ T6401] __x64_sys_clone+0x23f/0x290 [ 1929.224383][ T6401] ? __do_sys_vfork+0x130/0x130 [ 1929.229067][ T6401] ? ksys_write+0x260/0x2c0 [ 1929.233419][ T6401] ? debug_smp_processor_id+0x17/0x20 [ 1929.238644][ T6401] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1929.244520][ T6401] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1929.249988][ T6401] do_syscall_64+0x3d/0xb0 [ 1929.254251][ T6401] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1929.259976][ T6401] RIP: 0033:0x7f895df3fda9 [ 1929.264221][ T6401] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1929.283663][ T6401] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1929.291914][ T6401] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1929.299720][ T6401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1929.307537][ T6401] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1929.315343][ T6401] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 14:13:57 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 14:13:57 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:57 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001640)={'syzkaller0\x00', 0x2}) (async, rerun: 32) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x50}, {0x6}]}) (async, rerun: 32) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1929.323163][ T6401] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1929.330967][ T6401] [ 1929.351654][ T6403] FAULT_INJECTION: forcing a failure. [ 1929.351654][ T6403] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1929.367279][ T6403] CPU: 0 PID: 6403 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1929.377349][ T6403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1929.387253][ T6403] Call Trace: [ 1929.390364][ T6403] [ 1929.393141][ T6403] dump_stack_lvl+0x151/0x1b7 [ 1929.397665][ T6403] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1929.403134][ T6403] dump_stack+0x15/0x17 [ 1929.407116][ T6403] should_fail+0x3c6/0x510 [ 1929.411372][ T6403] should_fail_alloc_page+0x5a/0x80 [ 1929.416409][ T6403] prepare_alloc_pages+0x15c/0x700 [ 1929.421350][ T6403] ? __alloc_pages+0x8f0/0x8f0 [ 1929.425956][ T6403] ? __alloc_pages_bulk+0xe40/0xe40 [ 1929.430986][ T6403] ? sched_clock+0x9/0x10 [ 1929.435148][ T6403] __alloc_pages+0x18c/0x8f0 [ 1929.439576][ T6403] ? prep_new_page+0x110/0x110 [ 1929.444177][ T6403] ? 0xffffffffa00287bc [ 1929.448167][ T6403] ? is_bpf_text_address+0x172/0x190 [ 1929.453291][ T6403] pte_alloc_one+0x73/0x1b0 [ 1929.457630][ T6403] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1929.462665][ T6403] ? arch_stack_walk+0xf3/0x140 [ 1929.467351][ T6403] __pte_alloc+0x86/0x350 [ 1929.471516][ T6403] ? free_pgtables+0x280/0x280 [ 1929.476113][ T6403] ? _raw_spin_lock+0xa4/0x1b0 [ 1929.480714][ T6403] ? __kasan_check_write+0x14/0x20 [ 1929.485664][ T6403] copy_page_range+0x28a8/0x2f90 [ 1929.490446][ T6403] ? __kasan_slab_alloc+0xb1/0xe0 [ 1929.495386][ T6403] ? pfn_valid+0x1e0/0x1e0 [ 1929.499635][ T6403] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1929.505192][ T6403] ? __rb_insert_augmented+0x5de/0x610 [ 1929.510487][ T6403] copy_mm+0xc7e/0x13e0 [ 1929.514480][ T6403] ? copy_signal+0x610/0x610 [ 1929.518904][ T6403] ? __init_rwsem+0xd6/0x1c0 [ 1929.523331][ T6403] ? copy_signal+0x4e3/0x610 [ 1929.527759][ T6403] copy_process+0x1149/0x3290 [ 1929.532270][ T6403] ? proc_fail_nth_write+0x20b/0x290 [ 1929.537393][ T6403] ? fsnotify_perm+0x6a/0x5d0 [ 1929.541919][ T6403] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1929.546852][ T6403] ? vfs_write+0x9ec/0x1110 [ 1929.551208][ T6403] kernel_clone+0x21e/0x9e0 [ 1929.555535][ T6403] ? file_end_write+0x1c0/0x1c0 [ 1929.560236][ T6403] ? create_io_thread+0x1e0/0x1e0 [ 1929.565077][ T6403] ? mutex_unlock+0xb2/0x260 [ 1929.569518][ T6403] ? __mutex_lock_slowpath+0x10/0x10 [ 1929.574626][ T6403] __x64_sys_clone+0x23f/0x290 [ 1929.579401][ T6403] ? __do_sys_vfork+0x130/0x130 [ 1929.584094][ T6403] ? ksys_write+0x260/0x2c0 [ 1929.588428][ T6403] ? debug_smp_processor_id+0x17/0x20 [ 1929.593633][ T6403] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1929.599541][ T6403] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1929.605004][ T6403] do_syscall_64+0x3d/0xb0 [ 1929.609257][ T6403] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1929.614989][ T6403] RIP: 0033:0x7f895df3fda9 [ 1929.619238][ T6403] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1929.638678][ T6403] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1929.646923][ T6403] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1929.654733][ T6403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1929.662549][ T6403] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:58 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x400000000000000) 14:13:58 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) [ 1929.670357][ T6403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1929.678179][ T6403] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1929.685990][ T6403] [ 1929.731589][ T6414] FAULT_INJECTION: forcing a failure. [ 1929.731589][ T6414] name failslab, interval 1, probability 0, space 0, times 0 [ 1929.744327][ T6414] CPU: 0 PID: 6414 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1929.754394][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1929.764285][ T6414] Call Trace: [ 1929.767407][ T6414] [ 1929.770187][ T6414] dump_stack_lvl+0x151/0x1b7 [ 1929.774710][ T6414] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1929.780352][ T6414] dump_stack+0x15/0x17 [ 1929.784331][ T6414] should_fail+0x3c6/0x510 [ 1929.788594][ T6414] __should_failslab+0xa4/0xe0 [ 1929.793184][ T6414] ? anon_vma_fork+0xf7/0x4e0 [ 1929.797704][ T6414] should_failslab+0x9/0x20 [ 1929.802038][ T6414] slab_pre_alloc_hook+0x37/0xd0 [ 1929.806811][ T6414] ? anon_vma_fork+0xf7/0x4e0 [ 1929.811325][ T6414] kmem_cache_alloc+0x44/0x200 [ 1929.815927][ T6414] anon_vma_fork+0xf7/0x4e0 [ 1929.820274][ T6414] ? anon_vma_name+0x4c/0x70 [ 1929.824697][ T6414] ? vm_area_dup+0x17a/0x230 [ 1929.829118][ T6414] copy_mm+0xa3a/0x13e0 [ 1929.833112][ T6414] ? copy_signal+0x610/0x610 [ 1929.837553][ T6414] ? __init_rwsem+0xd6/0x1c0 [ 1929.841961][ T6414] ? copy_signal+0x4e3/0x610 [ 1929.846390][ T6414] copy_process+0x1149/0x3290 [ 1929.850903][ T6414] ? proc_fail_nth_write+0x20b/0x290 [ 1929.856035][ T6414] ? fsnotify_perm+0x6a/0x5d0 [ 1929.860541][ T6414] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1929.865482][ T6414] ? vfs_write+0x9ec/0x1110 [ 1929.869825][ T6414] kernel_clone+0x21e/0x9e0 [ 1929.874161][ T6414] ? file_end_write+0x1c0/0x1c0 [ 1929.878850][ T6414] ? create_io_thread+0x1e0/0x1e0 [ 1929.883711][ T6414] ? mutex_unlock+0xb2/0x260 [ 1929.888149][ T6414] ? __mutex_lock_slowpath+0x10/0x10 [ 1929.893267][ T6414] __x64_sys_clone+0x23f/0x290 [ 1929.897867][ T6414] ? __do_sys_vfork+0x130/0x130 [ 1929.902543][ T6414] ? ksys_write+0x260/0x2c0 [ 1929.906886][ T6414] ? debug_smp_processor_id+0x17/0x20 [ 1929.912091][ T6414] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1929.917994][ T6414] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1929.923463][ T6414] do_syscall_64+0x3d/0xb0 [ 1929.927713][ T6414] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1929.933443][ T6414] RIP: 0033:0x7f895df3fda9 [ 1929.937885][ T6414] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1929.957310][ T6414] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1929.965642][ T6414] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1929.973457][ T6414] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:58 executing program 4: ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:58 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1929.981266][ T6414] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1929.989076][ T6414] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1929.996976][ T6414] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1930.004792][ T6414] 14:13:58 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) 14:13:58 executing program 4: ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)) (async) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) [ 1930.072063][ T6421] FAULT_INJECTION: forcing a failure. [ 1930.072063][ T6421] name failslab, interval 1, probability 0, space 0, times 0 [ 1930.094906][ T6421] CPU: 0 PID: 6421 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1930.104977][ T6421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1930.114874][ T6421] Call Trace: [ 1930.117999][ T6421] [ 1930.120775][ T6421] dump_stack_lvl+0x151/0x1b7 [ 1930.125289][ T6421] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1930.130839][ T6421] dump_stack+0x15/0x17 [ 1930.134829][ T6421] should_fail+0x3c6/0x510 [ 1930.139083][ T6421] __should_failslab+0xa4/0xe0 [ 1930.143684][ T6421] ? anon_vma_fork+0x1df/0x4e0 [ 1930.148284][ T6421] should_failslab+0x9/0x20 [ 1930.152624][ T6421] slab_pre_alloc_hook+0x37/0xd0 [ 1930.157396][ T6421] ? anon_vma_fork+0x1df/0x4e0 [ 1930.161997][ T6421] kmem_cache_alloc+0x44/0x200 [ 1930.166597][ T6421] anon_vma_fork+0x1df/0x4e0 [ 1930.171246][ T6421] copy_mm+0xa3a/0x13e0 [ 1930.175238][ T6421] ? copy_signal+0x610/0x610 [ 1930.179668][ T6421] ? __init_rwsem+0xd6/0x1c0 [ 1930.184094][ T6421] ? copy_signal+0x4e3/0x610 [ 1930.188516][ T6421] copy_process+0x1149/0x3290 [ 1930.193028][ T6421] ? proc_fail_nth_write+0x20b/0x290 [ 1930.198148][ T6421] ? fsnotify_perm+0x6a/0x5d0 [ 1930.202660][ T6421] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1930.207609][ T6421] ? vfs_write+0x9ec/0x1110 [ 1930.211948][ T6421] kernel_clone+0x21e/0x9e0 [ 1930.216295][ T6421] ? file_end_write+0x1c0/0x1c0 [ 1930.220983][ T6421] ? create_io_thread+0x1e0/0x1e0 [ 1930.225833][ T6421] ? mutex_unlock+0xb2/0x260 [ 1930.230260][ T6421] ? __mutex_lock_slowpath+0x10/0x10 [ 1930.235383][ T6421] __x64_sys_clone+0x23f/0x290 [ 1930.239986][ T6421] ? __do_sys_vfork+0x130/0x130 [ 1930.244668][ T6421] ? ksys_write+0x260/0x2c0 [ 1930.249009][ T6421] ? debug_smp_processor_id+0x17/0x20 [ 1930.254303][ T6421] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1930.260205][ T6421] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1930.265675][ T6421] do_syscall_64+0x3d/0xb0 [ 1930.269931][ T6421] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1930.275665][ T6421] RIP: 0033:0x7f895df3fda9 [ 1930.279908][ T6421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1930.299347][ T6421] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1930.307599][ T6421] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1930.315415][ T6421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 14:13:58 executing program 4: ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:13:58 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) [ 1930.323216][ T6421] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1930.331030][ T6421] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1930.338839][ T6421] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1930.346656][ T6421] [ 1930.366883][ T6429] FAULT_INJECTION: forcing a failure. [ 1930.366883][ T6429] name failslab, interval 1, probability 0, space 0, times 0 [ 1930.381328][ T6429] CPU: 1 PID: 6429 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1930.391398][ T6429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1930.401293][ T6429] Call Trace: [ 1930.404413][ T6429] [ 1930.407197][ T6429] dump_stack_lvl+0x151/0x1b7 [ 1930.411705][ T6429] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1930.417171][ T6429] dump_stack+0x15/0x17 [ 1930.421168][ T6429] should_fail+0x3c6/0x510 [ 1930.425415][ T6429] __should_failslab+0xa4/0xe0 [ 1930.430013][ T6429] ? anon_vma_fork+0x1df/0x4e0 [ 1930.434621][ T6429] should_failslab+0x9/0x20 [ 1930.438952][ T6429] slab_pre_alloc_hook+0x37/0xd0 [ 1930.443729][ T6429] ? anon_vma_fork+0x1df/0x4e0 [ 1930.448326][ T6429] kmem_cache_alloc+0x44/0x200 [ 1930.452928][ T6429] anon_vma_fork+0x1df/0x4e0 [ 1930.457353][ T6429] copy_mm+0xa3a/0x13e0 [ 1930.461350][ T6429] ? copy_signal+0x610/0x610 [ 1930.465773][ T6429] ? __init_rwsem+0xd6/0x1c0 [ 1930.470199][ T6429] ? copy_signal+0x4e3/0x610 [ 1930.474625][ T6429] copy_process+0x1149/0x3290 [ 1930.479237][ T6429] ? proc_fail_nth_write+0x20b/0x290 [ 1930.484362][ T6429] ? fsnotify_perm+0x6a/0x5d0 [ 1930.488867][ T6429] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1930.493807][ T6429] ? vfs_write+0x9ec/0x1110 [ 1930.498150][ T6429] kernel_clone+0x21e/0x9e0 [ 1930.502497][ T6429] ? file_end_write+0x1c0/0x1c0 [ 1930.507176][ T6429] ? create_io_thread+0x1e0/0x1e0 [ 1930.512040][ T6429] ? mutex_unlock+0xb2/0x260 [ 1930.516460][ T6429] ? __mutex_lock_slowpath+0x10/0x10 [ 1930.521669][ T6429] __x64_sys_clone+0x23f/0x290 [ 1930.526271][ T6429] ? __do_sys_vfork+0x130/0x130 [ 1930.531046][ T6429] ? ksys_write+0x260/0x2c0 [ 1930.535382][ T6429] ? debug_smp_processor_id+0x17/0x20 [ 1930.540588][ T6429] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1930.546490][ T6429] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1930.551958][ T6429] do_syscall_64+0x3d/0xb0 [ 1930.556213][ T6429] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1930.561939][ T6429] RIP: 0033:0x7f895df3fda9 [ 1930.566203][ T6429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1930.585644][ T6429] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1930.593880][ T6429] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1930.601702][ T6429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1930.609504][ T6429] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:13:58 executing program 4: r0 = syz_clone(0x90082a00, 0x0, 0xfffffffffffffe67, 0x0, 0x0, 0x0) r1 = syz_clone(0x1080000, &(0x7f00000001c0)="66e7a48592f2ce0d7274eaef835e72933c902d5390661f9ca7028d26b9e6f5173a0a04949ef15835967f3796f6837f9e4e601b4d349c92657bd25d21ddc5a07c4227aa87e011205bad85f5980e160107fe798596c5a6ef1397c1d4ca202c55b9d3b535a64cc57eaa68a9c16bfe20cf7093992d395f2986dcbb5877c0e65b8bc28b08c8916e9174c56b38d01bf7938c78688e23849212ca129f345c4f63e9e960b942afc9769f32823c0165324db6f841e97e93f9a7672b8c7090184971951df4fee369", 0xc3, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)="d5614f9714fcc7c3e7f76e3c34b49c555beebe09956ea17c158f3e60a54ae53fcf881a3b892c06b841e97c6b601855f7be749d43de397566b68527fb18cd73d1806f4ae33b139d799a05084272983192cb5bb43ef47b4fcf5cc369b3fad45db532aa0b950ecf64ec61682185d3192a46e4a6458446bc9b11b3bb2778bfc6c9e301fe015e448d96ca3021408bd61d72530d79c7d291b22cd76af704bae9699602d0493be63290a3aeea254f19c6acc1dacff62a0ec2df1f2c6de2b03ef309f30a6a9e0966e5128e075882dc95991add0d5274a7854b5a7220f2539df93d3371d8db91c726baeddb9a4fa5dc53bd4633fa0358e5961ea9c762067c04e8a8f8a75f73289a3450761ad25acc0665c0d36b16c4a53a69ecb1f6cad4e8aed5a2a186a520deae51a8ed1924176cf142d9ce866572b080805ccfc1e792c4391d49f958a367de5b5cc584401fd5ac19c32304e9d83fee22c6e318fcee584d3ca4a58b2040ba27c104f0617c750c049200fd7e28d728b009e5a4956eb31ae3aa92d72c508b91da2c3603ae8128215b8f9d23b67cbfde6de3930a95d299e7f38727305bb065211aec3cbd81368b4afe3494e83df9fc216cf13d74594a89a3025f5a1d5a4ab332048ca94658d5a3ab0c31105a403d909cd019dcc307ef54a7d4c4043f20faee2dad212d7be3698921f952177ed4f818c7ee2988fb850e08ef097991896393f878aec18f5789a8e832760f9d16e257d0e64fe4f2ab105c755e1d580f2d5141fc8b8910733a07a889574c513cf827349870327ee2adf751030e782634f2a2442697f5ed82e68e1d78dfd3adb7b042a0c0cef44eec740ff5d63dcaabfd2c91bcbf398e8537c2abdce4e6c68a715842e07c2f7830567391dd92044b64384be2bef85f42ec9311ab4eb09d974f0bab2c240e002e1d0a70781437ae4857a76a9788fc2f28501fa7a80e6d9eef35f9c061ee7bc1d659e0b70c50924fb3b22f6946f32ba62c01ff0dd846acf2c587327348a12f5a7888d366e26a895ed385f0d723243e8f9d2f5e6a5ad11f75e8609b21b2740868f47fb3dfa8bbd48126b43c8015d6c96103d55b199f33f92d3e223f3d4b3d62eea3bd836e77b615cae2b502a70aedc26fefb5ca043918b5f73ab2f2290a5f9470320f5bcead289addf5468e6f6aff0f2a375939d08991a0a8eacce37a259d487f7d8b0b2cadf123f4e4bb56af58a213e968289e628fe250a3442f6bd097a7806474f771e8b875b1cc949c2c12dfe7015bddcad8448db6f5fff68d3d06d14731a9e0c34863d392e074d6b4990403cf8bec5c8ae38eb098eae4c70c7aac536fc7eb52ef3437a49667badb94da85e1a1a9a382da494133815c97e1b3afad921d1bdcb012a6957c8c60909c575f5fc4d4320986ae8c81e70b8be4ed70a8a653e302ab72313af33df3b812fd1090f6d118952254303d34153405d2b5bb9c797a12f836534049b56429d7fb8c98409a88ff70667b4c03dc441a6122fbf30f43e59a8a9388cc79d1f48dc08abc3ef11223f98c41925f8b3f37364994300cc5636882c7fe53c055bfde9180a9227c56460d1e15f6400ce395d595249a0381d13907298863cd5bd3afbe04406dfb535dbd1294320a74e831799042cdfe1ed1945347785734d9bf78d09590c46d262a7fe04bf7df269663a9d7804b71b3228d65dba5c39e803b48fff28387d5b58fc4390c6812a9557089b1df14887c2e454ced1d665dd122d3d94edb1fc686a7fb19fe916b8a7d5ec9442451e32d29f8e0a7038c83d2d46127901e05951fb9d43b95da3f2e50132bfc91d9e202ab92a847f7d0f2e54dd96c7c34e84984a883b884e424e26ca6b92438524e22fb111b9d83bf0c883bb859e8ef4eb3e547cd7834a7ebca3367232928c3e737d3a21402a8ea5760a4862c6181c1463f33fb0bb770486c8dda3932e4cad3afdaf4f3d7bebfcb61baa184700db8b3c37b5a4beb60064f0629db26ca98781998600dc873fc7b1fed7c671ca604651ad0b6dea12b20c244ad40ff5356a28f8e128f01623639af3a09a4a57d93765db2a29057c9a43f556f793dbd7eb9ac07a9daaa8ed4d42a19e5fb95d1b3e9761e4de2716a55c65510ca715fcc0568b9aeecac1ddc9114c57c343920cfd99c335e2112a7f7e3c3a2ffac79ac065b0fbf30ec0a1fcf9d800480e1b6412eaff53b651a30c97d7969666d3c227db2948ef05b46c6761ccbe13f646c3391b60088836937dee8caae5ba1b7f4e21ed05d6dc1df977cd09bf0d2b266a54f921d176acf9b59fdda74c75b2700b87b4e31bc1c4fb5b2fe7a556700dd6d2be4e607ec3168370b1d643f1dcad34a580bfb43a0f4d78805b7a0bf74ad0d5bfa5f490e76b05e20459269549a88fdb9ba1100a061a9e797c5a510ed15ebbf50cf0910a9811b55f650e3d16e92e3df5c2c9050b2c3938ab669953865eced3e43d741b245e6061d7a627d8969931541266c42b8a765e6f4eb067e5b02ad22c473e15fc5a6455d9d926e647db36d5682eba6b4196bc7b9c3cac1cae928435576c48d115452cafa90fa79ebfda257723594451bc2aa40584baceecc0fde05f597abb92a40e31065b0c43595a195e251883b7d6ac5fd407de64cae5b30cbf7d754815ff86ea2a231cee970b68166bba9a7edfb7f8fc16d2a95cc2d32dfdd1f59046ff7896d337f9688cbea9a48fffdeab961514fc652aea556a08a5a405f503867560a649437fbfadcc6d7b99ce78dede2b547c492b1329fd821087c660c689d31e8101ab687ccc22aa9dd04d80bf9cc5b07bd5ce44adb65e529a52ad8c44650a2abbee731d422d14c3e7ae4f083504df48e49001dd8107e7f3612c28a52dd8f906114e9aad54d6a4c0ebcbc5dfd2dcee50820225e18fce7ec2ba5fe66dfe9a706bcf54b5997ff3e16756c5221b3cd83aae63dcbcfd20b770139d42379d276828c1a8fdaec7693b777988e5f3664a45a06621c18f6454cc9139c71527133aaa8cdbd749e3a9f9973dc075e5552148e99d700fa0cffcab26162baf38f851ee6bf2a89a43dad3eb7a98faffcf7b0584786c74191743b01c170f2cf9160b613e13d4f2595e305c7da310f8d7f7224eebbf1f05c392934f1a4bdda7442a8548dba3f538704d9e2a91b013b321ee2f12e688f9de9635e4c73a41b77dca75859400cd63a86eca364d17b439df1460969f58f199bfab7ba2ad2c9f95a52f51ba464315ea8eeed930f93886e9fc4c97c1725dbdb484b7215890b7e350111b4ccaa72e8ec1fb51230ccdf3351dd3d0f766cf8c2c803324c46fd1d2a89f4800aa5b70ea10cc68227ef10b5d928f264b75e8d0de7b8a9f95c4881525d88a27d17ea62e48768cee8c1e2bf3ba2e95c8201ee06de8a2c9474718e0901585d3d9ed2487e9569055e64124f5ec9c4425cdba6f132dd911c536fa467e8ee9702557e7b0cd5b54ede31816bd1584b677134276533f699656978cd905be04544c07ebee8af3e1cc60f725055a8ccd72373a64a2ac40e0f37622d4f07939a50d4b0cd6965fec011886cfe9573d191cc092de66276ef57572bc6388bd6b3f51277d2e4274b8769b92ef76fa65f4bf126cca6c0310b920231521413f0b380444132618fa7402f897fc20cc35965299c55cda8dede168dd8a33f44f4dc11f77aa845197a8367e73bb2496574c1197e1b20ee76c76f64fa29085c959a0f8344c82034585f052741b06a9c7819bde2061dcfbca9965f3a74e78fb26d71ee0b1ffbbc238f15018067cdef8590e989bfcb2508406fd2aaf0f4fc4b1814ec9b2fe1226941c67c30ff20c3a95f1e36e34a90de7ba50e9ae3deb2717a1055404e9a6217a5157b0da57ad766a0413326ed6bcbfa7ab920c8dd143bc3cdb69e106d5c54727e39862e9adab0e2f4cf61ebd18db5d252f9635fca60155707974fad900aaed3523cfbfd78c22d0338947aecce6fdb7ad0448760639a707625ab1f54a9cf943d96e3a61a03d9601fbc71a59b18c9962960426e93ae8a315ef10f60f627b8b29c4171458485366fcde47a79cae17f75c8f6ece20bc18dd1ddcacce5602b7b4451e41a49c9bc8a095f5a66048487a292d8518ed41c28813e678b45e5c38cd26c129b04beba4a2be5e7d07cd122831fd8ff2f0e01cc2478ec6090b889c235d0bde9509235efdd4fa7039d57df96138b4097fb92332b348e8c2dab620817932ccbe33b03488cb1ce4096f8e2de3d0230599eba8f71fd0f9480b6f0cdd5a7987b75cc53d8f7be9a2592d02dd3140323bcbb1d37c19562d58b0c8d741123d08f3975a369544ee1dbd636caa5e6c8d0196263fa3ac4712262abb8c769a20d477c295021bf91c2454813d88c3c341e70a9519b6b610989f145c7e870561f9ef5a3ab64e6fd1010d7f8ac4b42e65e0ef669f8497ea56e57a7fb758ec7f8aab305a19475883fc8d0095749f68b0bc23b8cbf776d6a1d8adb7ad44e8d3ab16e79f43707e7d30bb21e7c5d580bbe2a98093f29b56fc1df44e29dd0d70488271471ad347a9a8044498984340cb39fa9f52c4adcb4ebddd8c75aa454d878b05f32f2ee19585361cc54f13852763ff6ca247bc6fa9a499ba0e49aa7c626b5cf486653cd49212b15c149a5727d76626f3c81b65f6764a17e0dc3aaa1af8f21dee941bfb03304de245efe3ec661f54fb6ed9247061a2017f14977ef32bf8d47b0dbfa27166a7b790910b5d1169c391259099cc9fbb24724cbdbe05a9f5983d7a543db458bccfdc31aa5e73824cbf5aadd3fb70a7082587eb6e06170db370d0352da350b9e0118cb9cbaa06bd06a2979c75c739681747c0f46ccc72834a4c7bf1c362b16e55b53b5034ec4a5de54356e4aab570a91bece3147167946cc078fb6fccd8a8e30f7db51b13325c968d340a5e803a0df522da943906c26544a1206e97e6b8f5558c62105d0f82190172f5d38d31664b67a91ab30a4f0a1711aba91ddcb3cafe8079966ace59f5e9fe5d3ab0d864b1a89d7ec21205a23c316c9ea6ad6f228c543ec2f244df11042b287f15692be36c8d7d33c739cdab792297254ee22fb18f6a9db32e60352f59104a00000244092ba382946c419349881b2e0ab1df00327df446277271478a3d29ff5c5ec54047857de6847881bfbdb3a490dafd8831eee628899a9f8fce70b2e434cb16dd8a938a2062401641206602bc3ce7b22f0e26a6aba13abc49eced88f0c71487c54fc51549bc036f7be160dd8b6eaa63da5c4694a4dae3d23b42f5726503e7852d29c5adc81f7294159f71f8acdc4de62089e93b6a680e7a23283593d30ac940991f540a71b14d0338b235bd39c6566bc98ea429058ee81787e3b570e1dce72c54f076346ef11bd09288c2a82fb70bdd734359abdc8bd5286a164a3ac484bd69e0980e8541020a01b0225b96ae607606a07f1f128b7f12b8fd4682ea9ca7be894e4ec2094bca4757c82a3379039cac7b6cf6da6e687814a72d9da7d3df430570d8c2c84de3eabc619a5213b4d744e84e7ca3e463808116d26ac7af91900aa03ff8f70b03569a3b9c0e9455ffa6103d9f91db4a35fb870a07a6e22bb324260078d7cf97f33656d5acf9079af322e65f51f2297d796df68bdfa1163fd45fc82e0511ae57c73bad006bcda9490c801884c7ca5acd2667a820ff5dd13988b5a37ed572a641129381bfdf6e8fe4a8271d4735325c820578c77688536dae800b2f09ad40744414c2217bcb3bf94b59dda255e29c21d92f177e6ed0eba5bb1f3eacfb063bf37d67a0ff56795170e8bf8f75a51bf1c75103dadd641a6ecfa46498216") r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000002000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r4) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x5, 0x7f, 0xff, 0xcf, 0x0, 0x6, 0x140, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x5, @perf_config_ext={0xffffffffffffffff, 0x2}, 0x2000, 0x7fffffff, 0x4, 0x2, 0x59c7, 0x80000001, 0xaf1, 0x0, 0xffffffff, 0x0, 0x5ca3}, r1, 0xa, r4, 0x1) r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x0, 0xfe, 0x5, 0x2, 0x0, 0x7ff, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8, 0x2, @perf_config_ext={0x7, 0x1}, 0x809, 0x3f, 0xd2db, 0x0, 0x4, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x3f}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x80, 0xa9, 0x2, 0x20, 0x0, 0x1, 0x152808, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xb}, 0x40a0, 0x7621, 0x0, 0x4, 0x73, 0x5, 0x2, 0x0, 0x5, 0x0, 0x8000000000000000}, r0, 0xa, r5, 0x12) 14:13:58 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 14:13:58 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:59 executing program 4: r0 = syz_clone(0x90082a00, 0x0, 0xfffffffffffffe67, 0x0, 0x0, 0x0) (async) r1 = syz_clone(0x1080000, &(0x7f00000001c0)="66e7a48592f2ce0d7274eaef835e72933c902d5390661f9ca7028d26b9e6f5173a0a04949ef15835967f3796f6837f9e4e601b4d349c92657bd25d21ddc5a07c4227aa87e011205bad85f5980e160107fe798596c5a6ef1397c1d4ca202c55b9d3b535a64cc57eaa68a9c16bfe20cf7093992d395f2986dcbb5877c0e65b8bc28b08c8916e9174c56b38d01bf7938c78688e23849212ca129f345c4f63e9e960b942afc9769f32823c0165324db6f841e97e93f9a7672b8c7090184971951df4fee369", 0xc3, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)="d5614f9714fcc7c3e7f76e3c34b49c555beebe09956ea17c158f3e60a54ae53fcf881a3b892c06b841e97c6b601855f7be749d43de397566b68527fb18cd73d1806f4ae33b139d799a05084272983192cb5bb43ef47b4fcf5cc369b3fad45db532aa0b950ecf64ec61682185d3192a46e4a6458446bc9b11b3bb2778bfc6c9e301fe015e448d96ca3021408bd61d72530d79c7d291b22cd76af704bae9699602d0493be63290a3aeea254f19c6acc1dacff62a0ec2df1f2c6de2b03ef309f30a6a9e0966e5128e075882dc95991add0d5274a7854b5a7220f2539df93d3371d8db91c726baeddb9a4fa5dc53bd4633fa0358e5961ea9c762067c04e8a8f8a75f73289a3450761ad25acc0665c0d36b16c4a53a69ecb1f6cad4e8aed5a2a186a520deae51a8ed1924176cf142d9ce866572b080805ccfc1e792c4391d49f958a367de5b5cc584401fd5ac19c32304e9d83fee22c6e318fcee584d3ca4a58b2040ba27c104f0617c750c049200fd7e28d728b009e5a4956eb31ae3aa92d72c508b91da2c3603ae8128215b8f9d23b67cbfde6de3930a95d299e7f38727305bb065211aec3cbd81368b4afe3494e83df9fc216cf13d74594a89a3025f5a1d5a4ab332048ca94658d5a3ab0c31105a403d909cd019dcc307ef54a7d4c4043f20faee2dad212d7be3698921f952177ed4f818c7ee2988fb850e08ef097991896393f878aec18f5789a8e832760f9d16e257d0e64fe4f2ab105c755e1d580f2d5141fc8b8910733a07a889574c513cf827349870327ee2adf751030e782634f2a2442697f5ed82e68e1d78dfd3adb7b042a0c0cef44eec740ff5d63dcaabfd2c91bcbf398e8537c2abdce4e6c68a715842e07c2f7830567391dd92044b64384be2bef85f42ec9311ab4eb09d974f0bab2c240e002e1d0a70781437ae4857a76a9788fc2f28501fa7a80e6d9eef35f9c061ee7bc1d659e0b70c50924fb3b22f6946f32ba62c01ff0dd846acf2c587327348a12f5a7888d366e26a895ed385f0d723243e8f9d2f5e6a5ad11f75e8609b21b2740868f47fb3dfa8bbd48126b43c8015d6c96103d55b199f33f92d3e223f3d4b3d62eea3bd836e77b615cae2b502a70aedc26fefb5ca043918b5f73ab2f2290a5f9470320f5bcead289addf5468e6f6aff0f2a375939d08991a0a8eacce37a259d487f7d8b0b2cadf123f4e4bb56af58a213e968289e628fe250a3442f6bd097a7806474f771e8b875b1cc949c2c12dfe7015bddcad8448db6f5fff68d3d06d14731a9e0c34863d392e074d6b4990403cf8bec5c8ae38eb098eae4c70c7aac536fc7eb52ef3437a49667badb94da85e1a1a9a382da494133815c97e1b3afad921d1bdcb012a6957c8c60909c575f5fc4d4320986ae8c81e70b8be4ed70a8a653e302ab72313af33df3b812fd1090f6d118952254303d34153405d2b5bb9c797a12f836534049b56429d7fb8c98409a88ff70667b4c03dc441a6122fbf30f43e59a8a9388cc79d1f48dc08abc3ef11223f98c41925f8b3f37364994300cc5636882c7fe53c055bfde9180a9227c56460d1e15f6400ce395d595249a0381d13907298863cd5bd3afbe04406dfb535dbd1294320a74e831799042cdfe1ed1945347785734d9bf78d09590c46d262a7fe04bf7df269663a9d7804b71b3228d65dba5c39e803b48fff28387d5b58fc4390c6812a9557089b1df14887c2e454ced1d665dd122d3d94edb1fc686a7fb19fe916b8a7d5ec9442451e32d29f8e0a7038c83d2d46127901e05951fb9d43b95da3f2e50132bfc91d9e202ab92a847f7d0f2e54dd96c7c34e84984a883b884e424e26ca6b92438524e22fb111b9d83bf0c883bb859e8ef4eb3e547cd7834a7ebca3367232928c3e737d3a21402a8ea5760a4862c6181c1463f33fb0bb770486c8dda3932e4cad3afdaf4f3d7bebfcb61baa184700db8b3c37b5a4beb60064f0629db26ca98781998600dc873fc7b1fed7c671ca604651ad0b6dea12b20c244ad40ff5356a28f8e128f01623639af3a09a4a57d93765db2a29057c9a43f556f793dbd7eb9ac07a9daaa8ed4d42a19e5fb95d1b3e9761e4de2716a55c65510ca715fcc0568b9aeecac1ddc9114c57c343920cfd99c335e2112a7f7e3c3a2ffac79ac065b0fbf30ec0a1fcf9d800480e1b6412eaff53b651a30c97d7969666d3c227db2948ef05b46c6761ccbe13f646c3391b60088836937dee8caae5ba1b7f4e21ed05d6dc1df977cd09bf0d2b266a54f921d176acf9b59fdda74c75b2700b87b4e31bc1c4fb5b2fe7a556700dd6d2be4e607ec3168370b1d643f1dcad34a580bfb43a0f4d78805b7a0bf74ad0d5bfa5f490e76b05e20459269549a88fdb9ba1100a061a9e797c5a510ed15ebbf50cf0910a9811b55f650e3d16e92e3df5c2c9050b2c3938ab669953865eced3e43d741b245e6061d7a627d8969931541266c42b8a765e6f4eb067e5b02ad22c473e15fc5a6455d9d926e647db36d5682eba6b4196bc7b9c3cac1cae928435576c48d115452cafa90fa79ebfda257723594451bc2aa40584baceecc0fde05f597abb92a40e31065b0c43595a195e251883b7d6ac5fd407de64cae5b30cbf7d754815ff86ea2a231cee970b68166bba9a7edfb7f8fc16d2a95cc2d32dfdd1f59046ff7896d337f9688cbea9a48fffdeab961514fc652aea556a08a5a405f503867560a649437fbfadcc6d7b99ce78dede2b547c492b1329fd821087c660c689d31e8101ab687ccc22aa9dd04d80bf9cc5b07bd5ce44adb65e529a52ad8c44650a2abbee731d422d14c3e7ae4f083504df48e49001dd8107e7f3612c28a52dd8f906114e9aad54d6a4c0ebcbc5dfd2dcee50820225e18fce7ec2ba5fe66dfe9a706bcf54b5997ff3e16756c5221b3cd83aae63dcbcfd20b770139d42379d276828c1a8fdaec7693b777988e5f3664a45a06621c18f6454cc9139c71527133aaa8cdbd749e3a9f9973dc075e5552148e99d700fa0cffcab26162baf38f851ee6bf2a89a43dad3eb7a98faffcf7b0584786c74191743b01c170f2cf9160b613e13d4f2595e305c7da310f8d7f7224eebbf1f05c392934f1a4bdda7442a8548dba3f538704d9e2a91b013b321ee2f12e688f9de9635e4c73a41b77dca75859400cd63a86eca364d17b439df1460969f58f199bfab7ba2ad2c9f95a52f51ba464315ea8eeed930f93886e9fc4c97c1725dbdb484b7215890b7e350111b4ccaa72e8ec1fb51230ccdf3351dd3d0f766cf8c2c803324c46fd1d2a89f4800aa5b70ea10cc68227ef10b5d928f264b75e8d0de7b8a9f95c4881525d88a27d17ea62e48768cee8c1e2bf3ba2e95c8201ee06de8a2c9474718e0901585d3d9ed2487e9569055e64124f5ec9c4425cdba6f132dd911c536fa467e8ee9702557e7b0cd5b54ede31816bd1584b677134276533f699656978cd905be04544c07ebee8af3e1cc60f725055a8ccd72373a64a2ac40e0f37622d4f07939a50d4b0cd6965fec011886cfe9573d191cc092de66276ef57572bc6388bd6b3f51277d2e4274b8769b92ef76fa65f4bf126cca6c0310b920231521413f0b380444132618fa7402f897fc20cc35965299c55cda8dede168dd8a33f44f4dc11f77aa845197a8367e73bb2496574c1197e1b20ee76c76f64fa29085c959a0f8344c82034585f052741b06a9c7819bde2061dcfbca9965f3a74e78fb26d71ee0b1ffbbc238f15018067cdef8590e989bfcb2508406fd2aaf0f4fc4b1814ec9b2fe1226941c67c30ff20c3a95f1e36e34a90de7ba50e9ae3deb2717a1055404e9a6217a5157b0da57ad766a0413326ed6bcbfa7ab920c8dd143bc3cdb69e106d5c54727e39862e9adab0e2f4cf61ebd18db5d252f9635fca60155707974fad900aaed3523cfbfd78c22d0338947aecce6fdb7ad0448760639a707625ab1f54a9cf943d96e3a61a03d9601fbc71a59b18c9962960426e93ae8a315ef10f60f627b8b29c4171458485366fcde47a79cae17f75c8f6ece20bc18dd1ddcacce5602b7b4451e41a49c9bc8a095f5a66048487a292d8518ed41c28813e678b45e5c38cd26c129b04beba4a2be5e7d07cd122831fd8ff2f0e01cc2478ec6090b889c235d0bde9509235efdd4fa7039d57df96138b4097fb92332b348e8c2dab620817932ccbe33b03488cb1ce4096f8e2de3d0230599eba8f71fd0f9480b6f0cdd5a7987b75cc53d8f7be9a2592d02dd3140323bcbb1d37c19562d58b0c8d741123d08f3975a369544ee1dbd636caa5e6c8d0196263fa3ac4712262abb8c769a20d477c295021bf91c2454813d88c3c341e70a9519b6b610989f145c7e870561f9ef5a3ab64e6fd1010d7f8ac4b42e65e0ef669f8497ea56e57a7fb758ec7f8aab305a19475883fc8d0095749f68b0bc23b8cbf776d6a1d8adb7ad44e8d3ab16e79f43707e7d30bb21e7c5d580bbe2a98093f29b56fc1df44e29dd0d70488271471ad347a9a8044498984340cb39fa9f52c4adcb4ebddd8c75aa454d878b05f32f2ee19585361cc54f13852763ff6ca247bc6fa9a499ba0e49aa7c626b5cf486653cd49212b15c149a5727d76626f3c81b65f6764a17e0dc3aaa1af8f21dee941bfb03304de245efe3ec661f54fb6ed9247061a2017f14977ef32bf8d47b0dbfa27166a7b790910b5d1169c391259099cc9fbb24724cbdbe05a9f5983d7a543db458bccfdc31aa5e73824cbf5aadd3fb70a7082587eb6e06170db370d0352da350b9e0118cb9cbaa06bd06a2979c75c739681747c0f46ccc72834a4c7bf1c362b16e55b53b5034ec4a5de54356e4aab570a91bece3147167946cc078fb6fccd8a8e30f7db51b13325c968d340a5e803a0df522da943906c26544a1206e97e6b8f5558c62105d0f82190172f5d38d31664b67a91ab30a4f0a1711aba91ddcb3cafe8079966ace59f5e9fe5d3ab0d864b1a89d7ec21205a23c316c9ea6ad6f228c543ec2f244df11042b287f15692be36c8d7d33c739cdab792297254ee22fb18f6a9db32e60352f59104a00000244092ba382946c419349881b2e0ab1df00327df446277271478a3d29ff5c5ec54047857de6847881bfbdb3a490dafd8831eee628899a9f8fce70b2e434cb16dd8a938a2062401641206602bc3ce7b22f0e26a6aba13abc49eced88f0c71487c54fc51549bc036f7be160dd8b6eaa63da5c4694a4dae3d23b42f5726503e7852d29c5adc81f7294159f71f8acdc4de62089e93b6a680e7a23283593d30ac940991f540a71b14d0338b235bd39c6566bc98ea429058ee81787e3b570e1dce72c54f076346ef11bd09288c2a82fb70bdd734359abdc8bd5286a164a3ac484bd69e0980e8541020a01b0225b96ae607606a07f1f128b7f12b8fd4682ea9ca7be894e4ec2094bca4757c82a3379039cac7b6cf6da6e687814a72d9da7d3df430570d8c2c84de3eabc619a5213b4d744e84e7ca3e463808116d26ac7af91900aa03ff8f70b03569a3b9c0e9455ffa6103d9f91db4a35fb870a07a6e22bb324260078d7cf97f33656d5acf9079af322e65f51f2297d796df68bdfa1163fd45fc82e0511ae57c73bad006bcda9490c801884c7ca5acd2667a820ff5dd13988b5a37ed572a641129381bfdf6e8fe4a8271d4735325c820578c77688536dae800b2f09ad40744414c2217bcb3bf94b59dda255e29c21d92f177e6ed0eba5bb1f3eacfb063bf37d67a0ff56795170e8bf8f75a51bf1c75103dadd641a6ecfa46498216") (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000002000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r4) (async) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x5, 0x7f, 0xff, 0xcf, 0x0, 0x6, 0x140, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x5, @perf_config_ext={0xffffffffffffffff, 0x2}, 0x2000, 0x7fffffff, 0x4, 0x2, 0x59c7, 0x80000001, 0xaf1, 0x0, 0xffffffff, 0x0, 0x5ca3}, r1, 0xa, r4, 0x1) (async) r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x0, 0xfe, 0x5, 0x2, 0x0, 0x7ff, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8, 0x2, @perf_config_ext={0x7, 0x1}, 0x809, 0x3f, 0xd2db, 0x0, 0x4, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x3f}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x80, 0xa9, 0x2, 0x20, 0x0, 0x1, 0x152808, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xb}, 0x40a0, 0x7621, 0x0, 0x4, 0x73, 0x5, 0x2, 0x0, 0x5, 0x0, 0x8000000000000000}, r0, 0xa, r5, 0x12) [ 1930.617313][ T6429] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1930.625226][ T6429] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1930.633031][ T6429] 14:13:59 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x500000000000000) [ 1930.693681][ T6436] FAULT_INJECTION: forcing a failure. [ 1930.693681][ T6436] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1930.712837][ T6436] CPU: 0 PID: 6436 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1930.722919][ T6436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1930.732817][ T6436] Call Trace: [ 1930.735932][ T6436] [ 1930.738712][ T6436] dump_stack_lvl+0x151/0x1b7 [ 1930.743226][ T6436] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1930.748697][ T6436] dump_stack+0x15/0x17 [ 1930.752687][ T6436] should_fail+0x3c6/0x510 [ 1930.757030][ T6436] should_fail_alloc_page+0x5a/0x80 [ 1930.762094][ T6436] prepare_alloc_pages+0x15c/0x700 [ 1930.767006][ T6436] ? __alloc_pages+0x8f0/0x8f0 [ 1930.771609][ T6436] ? __alloc_pages_bulk+0xe40/0xe40 [ 1930.776643][ T6436] ? sched_clock+0x9/0x10 [ 1930.780811][ T6436] __alloc_pages+0x18c/0x8f0 [ 1930.785234][ T6436] ? prep_new_page+0x110/0x110 [ 1930.789840][ T6436] ? 0xffffffffa0002c40 [ 1930.793834][ T6436] ? is_bpf_text_address+0x172/0x190 [ 1930.798948][ T6436] pte_alloc_one+0x73/0x1b0 [ 1930.803287][ T6436] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1930.808322][ T6436] ? arch_stack_walk+0xf3/0x140 [ 1930.813008][ T6436] __pte_alloc+0x86/0x350 [ 1930.817178][ T6436] ? free_pgtables+0x280/0x280 [ 1930.821772][ T6436] ? _raw_spin_lock+0xa4/0x1b0 [ 1930.826374][ T6436] ? __kasan_check_write+0x14/0x20 [ 1930.831412][ T6436] copy_page_range+0x28a8/0x2f90 [ 1930.836179][ T6436] ? __kasan_slab_alloc+0xb1/0xe0 [ 1930.841046][ T6436] ? pfn_valid+0x1e0/0x1e0 [ 1930.845298][ T6436] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1930.850850][ T6436] ? __rb_insert_augmented+0x5de/0x610 [ 1930.856152][ T6436] copy_mm+0xc7e/0x13e0 [ 1930.860143][ T6436] ? copy_signal+0x610/0x610 [ 1930.864561][ T6436] ? __init_rwsem+0xd6/0x1c0 [ 1930.868988][ T6436] ? copy_signal+0x4e3/0x610 [ 1930.873417][ T6436] copy_process+0x1149/0x3290 [ 1930.877931][ T6436] ? proc_fail_nth_write+0x20b/0x290 [ 1930.883051][ T6436] ? fsnotify_perm+0x6a/0x5d0 [ 1930.887565][ T6436] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1930.892518][ T6436] ? vfs_write+0x9ec/0x1110 [ 1930.896874][ T6436] kernel_clone+0x21e/0x9e0 [ 1930.901275][ T6436] ? file_end_write+0x1c0/0x1c0 [ 1930.905969][ T6436] ? create_io_thread+0x1e0/0x1e0 [ 1930.910829][ T6436] ? mutex_unlock+0xb2/0x260 [ 1930.915248][ T6436] ? __mutex_lock_slowpath+0x10/0x10 [ 1930.920369][ T6436] __x64_sys_clone+0x23f/0x290 [ 1930.924971][ T6436] ? __do_sys_vfork+0x130/0x130 [ 1930.929654][ T6436] ? ksys_write+0x260/0x2c0 [ 1930.933998][ T6436] ? debug_smp_processor_id+0x17/0x20 [ 1930.939200][ T6436] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1930.945105][ T6436] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1930.950575][ T6436] do_syscall_64+0x3d/0xb0 [ 1930.954833][ T6436] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1930.960553][ T6436] RIP: 0033:0x7f895df3fda9 [ 1930.964810][ T6436] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1930.984260][ T6436] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:13:59 executing program 4: r0 = syz_clone(0x90082a00, 0x0, 0xfffffffffffffe67, 0x0, 0x0, 0x0) (async) r1 = syz_clone(0x1080000, &(0x7f00000001c0)="66e7a48592f2ce0d7274eaef835e72933c902d5390661f9ca7028d26b9e6f5173a0a04949ef15835967f3796f6837f9e4e601b4d349c92657bd25d21ddc5a07c4227aa87e011205bad85f5980e160107fe798596c5a6ef1397c1d4ca202c55b9d3b535a64cc57eaa68a9c16bfe20cf7093992d395f2986dcbb5877c0e65b8bc28b08c8916e9174c56b38d01bf7938c78688e23849212ca129f345c4f63e9e960b942afc9769f32823c0165324db6f841e97e93f9a7672b8c7090184971951df4fee369", 0xc3, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)="d5614f9714fcc7c3e7f76e3c34b49c555beebe09956ea17c158f3e60a54ae53fcf881a3b892c06b841e97c6b601855f7be749d43de397566b68527fb18cd73d1806f4ae33b139d799a05084272983192cb5bb43ef47b4fcf5cc369b3fad45db532aa0b950ecf64ec61682185d3192a46e4a6458446bc9b11b3bb2778bfc6c9e301fe015e448d96ca3021408bd61d72530d79c7d291b22cd76af704bae9699602d0493be63290a3aeea254f19c6acc1dacff62a0ec2df1f2c6de2b03ef309f30a6a9e0966e5128e075882dc95991add0d5274a7854b5a7220f2539df93d3371d8db91c726baeddb9a4fa5dc53bd4633fa0358e5961ea9c762067c04e8a8f8a75f73289a3450761ad25acc0665c0d36b16c4a53a69ecb1f6cad4e8aed5a2a186a520deae51a8ed1924176cf142d9ce866572b080805ccfc1e792c4391d49f958a367de5b5cc584401fd5ac19c32304e9d83fee22c6e318fcee584d3ca4a58b2040ba27c104f0617c750c049200fd7e28d728b009e5a4956eb31ae3aa92d72c508b91da2c3603ae8128215b8f9d23b67cbfde6de3930a95d299e7f38727305bb065211aec3cbd81368b4afe3494e83df9fc216cf13d74594a89a3025f5a1d5a4ab332048ca94658d5a3ab0c31105a403d909cd019dcc307ef54a7d4c4043f20faee2dad212d7be3698921f952177ed4f818c7ee2988fb850e08ef097991896393f878aec18f5789a8e832760f9d16e257d0e64fe4f2ab105c755e1d580f2d5141fc8b8910733a07a889574c513cf827349870327ee2adf751030e782634f2a2442697f5ed82e68e1d78dfd3adb7b042a0c0cef44eec740ff5d63dcaabfd2c91bcbf398e8537c2abdce4e6c68a715842e07c2f7830567391dd92044b64384be2bef85f42ec9311ab4eb09d974f0bab2c240e002e1d0a70781437ae4857a76a9788fc2f28501fa7a80e6d9eef35f9c061ee7bc1d659e0b70c50924fb3b22f6946f32ba62c01ff0dd846acf2c587327348a12f5a7888d366e26a895ed385f0d723243e8f9d2f5e6a5ad11f75e8609b21b2740868f47fb3dfa8bbd48126b43c8015d6c96103d55b199f33f92d3e223f3d4b3d62eea3bd836e77b615cae2b502a70aedc26fefb5ca043918b5f73ab2f2290a5f9470320f5bcead289addf5468e6f6aff0f2a375939d08991a0a8eacce37a259d487f7d8b0b2cadf123f4e4bb56af58a213e968289e628fe250a3442f6bd097a7806474f771e8b875b1cc949c2c12dfe7015bddcad8448db6f5fff68d3d06d14731a9e0c34863d392e074d6b4990403cf8bec5c8ae38eb098eae4c70c7aac536fc7eb52ef3437a49667badb94da85e1a1a9a382da494133815c97e1b3afad921d1bdcb012a6957c8c60909c575f5fc4d4320986ae8c81e70b8be4ed70a8a653e302ab72313af33df3b812fd1090f6d118952254303d34153405d2b5bb9c797a12f836534049b56429d7fb8c98409a88ff70667b4c03dc441a6122fbf30f43e59a8a9388cc79d1f48dc08abc3ef11223f98c41925f8b3f37364994300cc5636882c7fe53c055bfde9180a9227c56460d1e15f6400ce395d595249a0381d13907298863cd5bd3afbe04406dfb535dbd1294320a74e831799042cdfe1ed1945347785734d9bf78d09590c46d262a7fe04bf7df269663a9d7804b71b3228d65dba5c39e803b48fff28387d5b58fc4390c6812a9557089b1df14887c2e454ced1d665dd122d3d94edb1fc686a7fb19fe916b8a7d5ec9442451e32d29f8e0a7038c83d2d46127901e05951fb9d43b95da3f2e50132bfc91d9e202ab92a847f7d0f2e54dd96c7c34e84984a883b884e424e26ca6b92438524e22fb111b9d83bf0c883bb859e8ef4eb3e547cd7834a7ebca3367232928c3e737d3a21402a8ea5760a4862c6181c1463f33fb0bb770486c8dda3932e4cad3afdaf4f3d7bebfcb61baa184700db8b3c37b5a4beb60064f0629db26ca98781998600dc873fc7b1fed7c671ca604651ad0b6dea12b20c244ad40ff5356a28f8e128f01623639af3a09a4a57d93765db2a29057c9a43f556f793dbd7eb9ac07a9daaa8ed4d42a19e5fb95d1b3e9761e4de2716a55c65510ca715fcc0568b9aeecac1ddc9114c57c343920cfd99c335e2112a7f7e3c3a2ffac79ac065b0fbf30ec0a1fcf9d800480e1b6412eaff53b651a30c97d7969666d3c227db2948ef05b46c6761ccbe13f646c3391b60088836937dee8caae5ba1b7f4e21ed05d6dc1df977cd09bf0d2b266a54f921d176acf9b59fdda74c75b2700b87b4e31bc1c4fb5b2fe7a556700dd6d2be4e607ec3168370b1d643f1dcad34a580bfb43a0f4d78805b7a0bf74ad0d5bfa5f490e76b05e20459269549a88fdb9ba1100a061a9e797c5a510ed15ebbf50cf0910a9811b55f650e3d16e92e3df5c2c9050b2c3938ab669953865eced3e43d741b245e6061d7a627d8969931541266c42b8a765e6f4eb067e5b02ad22c473e15fc5a6455d9d926e647db36d5682eba6b4196bc7b9c3cac1cae928435576c48d115452cafa90fa79ebfda257723594451bc2aa40584baceecc0fde05f597abb92a40e31065b0c43595a195e251883b7d6ac5fd407de64cae5b30cbf7d754815ff86ea2a231cee970b68166bba9a7edfb7f8fc16d2a95cc2d32dfdd1f59046ff7896d337f9688cbea9a48fffdeab961514fc652aea556a08a5a405f503867560a649437fbfadcc6d7b99ce78dede2b547c492b1329fd821087c660c689d31e8101ab687ccc22aa9dd04d80bf9cc5b07bd5ce44adb65e529a52ad8c44650a2abbee731d422d14c3e7ae4f083504df48e49001dd8107e7f3612c28a52dd8f906114e9aad54d6a4c0ebcbc5dfd2dcee50820225e18fce7ec2ba5fe66dfe9a706bcf54b5997ff3e16756c5221b3cd83aae63dcbcfd20b770139d42379d276828c1a8fdaec7693b777988e5f3664a45a06621c18f6454cc9139c71527133aaa8cdbd749e3a9f9973dc075e5552148e99d700fa0cffcab26162baf38f851ee6bf2a89a43dad3eb7a98faffcf7b0584786c74191743b01c170f2cf9160b613e13d4f2595e305c7da310f8d7f7224eebbf1f05c392934f1a4bdda7442a8548dba3f538704d9e2a91b013b321ee2f12e688f9de9635e4c73a41b77dca75859400cd63a86eca364d17b439df1460969f58f199bfab7ba2ad2c9f95a52f51ba464315ea8eeed930f93886e9fc4c97c1725dbdb484b7215890b7e350111b4ccaa72e8ec1fb51230ccdf3351dd3d0f766cf8c2c803324c46fd1d2a89f4800aa5b70ea10cc68227ef10b5d928f264b75e8d0de7b8a9f95c4881525d88a27d17ea62e48768cee8c1e2bf3ba2e95c8201ee06de8a2c9474718e0901585d3d9ed2487e9569055e64124f5ec9c4425cdba6f132dd911c536fa467e8ee9702557e7b0cd5b54ede31816bd1584b677134276533f699656978cd905be04544c07ebee8af3e1cc60f725055a8ccd72373a64a2ac40e0f37622d4f07939a50d4b0cd6965fec011886cfe9573d191cc092de66276ef57572bc6388bd6b3f51277d2e4274b8769b92ef76fa65f4bf126cca6c0310b920231521413f0b380444132618fa7402f897fc20cc35965299c55cda8dede168dd8a33f44f4dc11f77aa845197a8367e73bb2496574c1197e1b20ee76c76f64fa29085c959a0f8344c82034585f052741b06a9c7819bde2061dcfbca9965f3a74e78fb26d71ee0b1ffbbc238f15018067cdef8590e989bfcb2508406fd2aaf0f4fc4b1814ec9b2fe1226941c67c30ff20c3a95f1e36e34a90de7ba50e9ae3deb2717a1055404e9a6217a5157b0da57ad766a0413326ed6bcbfa7ab920c8dd143bc3cdb69e106d5c54727e39862e9adab0e2f4cf61ebd18db5d252f9635fca60155707974fad900aaed3523cfbfd78c22d0338947aecce6fdb7ad0448760639a707625ab1f54a9cf943d96e3a61a03d9601fbc71a59b18c9962960426e93ae8a315ef10f60f627b8b29c4171458485366fcde47a79cae17f75c8f6ece20bc18dd1ddcacce5602b7b4451e41a49c9bc8a095f5a66048487a292d8518ed41c28813e678b45e5c38cd26c129b04beba4a2be5e7d07cd122831fd8ff2f0e01cc2478ec6090b889c235d0bde9509235efdd4fa7039d57df96138b4097fb92332b348e8c2dab620817932ccbe33b03488cb1ce4096f8e2de3d0230599eba8f71fd0f9480b6f0cdd5a7987b75cc53d8f7be9a2592d02dd3140323bcbb1d37c19562d58b0c8d741123d08f3975a369544ee1dbd636caa5e6c8d0196263fa3ac4712262abb8c769a20d477c295021bf91c2454813d88c3c341e70a9519b6b610989f145c7e870561f9ef5a3ab64e6fd1010d7f8ac4b42e65e0ef669f8497ea56e57a7fb758ec7f8aab305a19475883fc8d0095749f68b0bc23b8cbf776d6a1d8adb7ad44e8d3ab16e79f43707e7d30bb21e7c5d580bbe2a98093f29b56fc1df44e29dd0d70488271471ad347a9a8044498984340cb39fa9f52c4adcb4ebddd8c75aa454d878b05f32f2ee19585361cc54f13852763ff6ca247bc6fa9a499ba0e49aa7c626b5cf486653cd49212b15c149a5727d76626f3c81b65f6764a17e0dc3aaa1af8f21dee941bfb03304de245efe3ec661f54fb6ed9247061a2017f14977ef32bf8d47b0dbfa27166a7b790910b5d1169c391259099cc9fbb24724cbdbe05a9f5983d7a543db458bccfdc31aa5e73824cbf5aadd3fb70a7082587eb6e06170db370d0352da350b9e0118cb9cbaa06bd06a2979c75c739681747c0f46ccc72834a4c7bf1c362b16e55b53b5034ec4a5de54356e4aab570a91bece3147167946cc078fb6fccd8a8e30f7db51b13325c968d340a5e803a0df522da943906c26544a1206e97e6b8f5558c62105d0f82190172f5d38d31664b67a91ab30a4f0a1711aba91ddcb3cafe8079966ace59f5e9fe5d3ab0d864b1a89d7ec21205a23c316c9ea6ad6f228c543ec2f244df11042b287f15692be36c8d7d33c739cdab792297254ee22fb18f6a9db32e60352f59104a00000244092ba382946c419349881b2e0ab1df00327df446277271478a3d29ff5c5ec54047857de6847881bfbdb3a490dafd8831eee628899a9f8fce70b2e434cb16dd8a938a2062401641206602bc3ce7b22f0e26a6aba13abc49eced88f0c71487c54fc51549bc036f7be160dd8b6eaa63da5c4694a4dae3d23b42f5726503e7852d29c5adc81f7294159f71f8acdc4de62089e93b6a680e7a23283593d30ac940991f540a71b14d0338b235bd39c6566bc98ea429058ee81787e3b570e1dce72c54f076346ef11bd09288c2a82fb70bdd734359abdc8bd5286a164a3ac484bd69e0980e8541020a01b0225b96ae607606a07f1f128b7f12b8fd4682ea9ca7be894e4ec2094bca4757c82a3379039cac7b6cf6da6e687814a72d9da7d3df430570d8c2c84de3eabc619a5213b4d744e84e7ca3e463808116d26ac7af91900aa03ff8f70b03569a3b9c0e9455ffa6103d9f91db4a35fb870a07a6e22bb324260078d7cf97f33656d5acf9079af322e65f51f2297d796df68bdfa1163fd45fc82e0511ae57c73bad006bcda9490c801884c7ca5acd2667a820ff5dd13988b5a37ed572a641129381bfdf6e8fe4a8271d4735325c820578c77688536dae800b2f09ad40744414c2217bcb3bf94b59dda255e29c21d92f177e6ed0eba5bb1f3eacfb063bf37d67a0ff56795170e8bf8f75a51bf1c75103dadd641a6ecfa46498216") (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000002000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r4) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x5, 0x7f, 0xff, 0xcf, 0x0, 0x6, 0x140, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x5, @perf_config_ext={0xffffffffffffffff, 0x2}, 0x2000, 0x7fffffff, 0x4, 0x2, 0x59c7, 0x80000001, 0xaf1, 0x0, 0xffffffff, 0x0, 0x5ca3}, r1, 0xa, r4, 0x1) r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x0, 0xfe, 0x5, 0x2, 0x0, 0x7ff, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8, 0x2, @perf_config_ext={0x7, 0x1}, 0x809, 0x3f, 0xd2db, 0x0, 0x4, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x3f}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x80, 0xa9, 0x2, 0x20, 0x0, 0x1, 0x152808, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xb}, 0x40a0, 0x7621, 0x0, 0x4, 0x73, 0x5, 0x2, 0x0, 0x5, 0x0, 0x8000000000000000}, r0, 0xa, r5, 0x12) 14:13:59 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:13:59 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) [ 1930.992495][ T6436] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1931.000306][ T6436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1931.008116][ T6436] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1931.015928][ T6436] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1931.023754][ T6436] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1931.031740][ T6436] 14:13:59 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x80, 0x6, 0x5, 0xfb, 0xff, 0x0, 0x37, 0x100, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x5c0, 0x1}, 0x200, 0x5, 0x0, 0x6, 0x1ff, 0x2, 0x7, 0x0, 0x9, 0x0, 0x926}, r2, 0x7, r0, 0x5) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x3, 0x6, 0x4, 0x0, 0x1, 0x81202, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x98, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x10c000, 0x2, 0x0, 0x2, 0x1000, 0x2, 0x2, 0x0, 0x5, 0x0, 0x6}, r1, 0xc, r0, 0x1) r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0xfffffffffffffd71, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x94, 0x8, 0x8, &(0x7f00000007c0)}}, 0xffffffffffffff29) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x6, 0x6, 0x8e, 0x5, 0x0, 0x102, 0x94212, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6c72, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x12950, 0x46bb, 0x397, 0x2, 0x1, 0x1, 0x3ff, 0x0, 0x9, 0x0, 0x3}, r1, 0x5, r3, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0) [ 1931.065601][ T6454] FAULT_INJECTION: forcing a failure. [ 1931.065601][ T6454] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1931.102971][ T6454] CPU: 1 PID: 6454 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1931.113047][ T6454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1931.122941][ T6454] Call Trace: [ 1931.126066][ T6454] [ 1931.128842][ T6454] dump_stack_lvl+0x151/0x1b7 [ 1931.133355][ T6454] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1931.138824][ T6454] dump_stack+0x15/0x17 [ 1931.142813][ T6454] should_fail+0x3c6/0x510 [ 1931.147066][ T6454] should_fail_alloc_page+0x5a/0x80 [ 1931.152104][ T6454] prepare_alloc_pages+0x15c/0x700 [ 1931.157051][ T6454] ? __alloc_pages_bulk+0xe40/0xe40 [ 1931.162093][ T6454] __alloc_pages+0x18c/0x8f0 [ 1931.166509][ T6454] ? prep_new_page+0x110/0x110 [ 1931.171109][ T6454] ? __alloc_pages+0x27e/0x8f0 [ 1931.175711][ T6454] ? __kasan_check_write+0x14/0x20 [ 1931.180743][ T6454] ? _raw_spin_lock+0xa4/0x1b0 [ 1931.185370][ T6454] pte_alloc_one+0x73/0x1b0 [ 1931.189696][ T6454] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1931.194723][ T6454] ? __pmd_alloc+0x48d/0x550 [ 1931.199142][ T6454] __pte_alloc+0x86/0x350 [ 1931.203309][ T6454] ? __pud_alloc+0x260/0x260 [ 1931.207755][ T6454] ? __pud_alloc+0x213/0x260 [ 1931.212165][ T6454] ? free_pgtables+0x280/0x280 [ 1931.216763][ T6454] ? do_handle_mm_fault+0x2330/0x2330 [ 1931.221972][ T6454] ? __stack_depot_save+0x34/0x470 [ 1931.226922][ T6454] ? anon_vma_clone+0x9a/0x500 [ 1931.231533][ T6454] copy_page_range+0x28a8/0x2f90 [ 1931.236292][ T6454] ? __kasan_slab_alloc+0xb1/0xe0 [ 1931.241150][ T6454] ? slab_post_alloc_hook+0x53/0x2c0 [ 1931.246274][ T6454] ? kernel_clone+0x21e/0x9e0 [ 1931.250786][ T6454] ? do_syscall_64+0x3d/0xb0 [ 1931.255213][ T6454] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1931.261120][ T6454] ? pfn_valid+0x1e0/0x1e0 [ 1931.265377][ T6454] ? rwsem_write_trylock+0x15b/0x290 [ 1931.270487][ T6454] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1931.276824][ T6454] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1931.282389][ T6454] ? __rb_insert_augmented+0x5de/0x610 [ 1931.287762][ T6454] copy_mm+0xc7e/0x13e0 [ 1931.291756][ T6454] ? copy_signal+0x610/0x610 [ 1931.296180][ T6454] ? __init_rwsem+0xd6/0x1c0 [ 1931.300606][ T6454] ? copy_signal+0x4e3/0x610 [ 1931.305031][ T6454] copy_process+0x1149/0x3290 [ 1931.309557][ T6454] ? proc_fail_nth_write+0x20b/0x290 [ 1931.314667][ T6454] ? fsnotify_perm+0x6a/0x5d0 [ 1931.319265][ T6454] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1931.324211][ T6454] ? vfs_write+0x9ec/0x1110 [ 1931.328559][ T6454] kernel_clone+0x21e/0x9e0 [ 1931.333080][ T6454] ? file_end_write+0x1c0/0x1c0 [ 1931.337756][ T6454] ? create_io_thread+0x1e0/0x1e0 [ 1931.342615][ T6454] ? mutex_unlock+0xb2/0x260 [ 1931.347042][ T6454] ? __mutex_lock_slowpath+0x10/0x10 [ 1931.352160][ T6454] __x64_sys_clone+0x23f/0x290 [ 1931.356760][ T6454] ? __do_sys_vfork+0x130/0x130 [ 1931.361446][ T6454] ? ksys_write+0x260/0x2c0 [ 1931.365787][ T6454] ? debug_smp_processor_id+0x17/0x20 [ 1931.370995][ T6454] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1931.376894][ T6454] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1931.382365][ T6454] do_syscall_64+0x3d/0xb0 [ 1931.386616][ T6454] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1931.392347][ T6454] RIP: 0033:0x7f895df3fda9 [ 1931.396686][ T6454] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 14:13:59 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) [ 1931.416125][ T6454] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1931.424369][ T6454] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1931.432181][ T6454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1931.439993][ T6454] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1931.447806][ T6454] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1931.455618][ T6454] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1931.463432][ T6454] [ 1931.499844][ T6458] FAULT_INJECTION: forcing a failure. [ 1931.499844][ T6458] name failslab, interval 1, probability 0, space 0, times 0 [ 1931.512366][ T6458] CPU: 0 PID: 6458 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1931.522417][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1931.532399][ T6458] Call Trace: [ 1931.535517][ T6458] [ 1931.538299][ T6458] dump_stack_lvl+0x151/0x1b7 [ 1931.542807][ T6458] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1931.548363][ T6458] dump_stack+0x15/0x17 [ 1931.552354][ T6458] should_fail+0x3c6/0x510 [ 1931.556607][ T6458] __should_failslab+0xa4/0xe0 [ 1931.561209][ T6458] ? vm_area_dup+0x26/0x230 [ 1931.565546][ T6458] should_failslab+0x9/0x20 [ 1931.569889][ T6458] slab_pre_alloc_hook+0x37/0xd0 [ 1931.574666][ T6458] ? vm_area_dup+0x26/0x230 [ 1931.579006][ T6458] kmem_cache_alloc+0x44/0x200 [ 1931.583608][ T6458] vm_area_dup+0x26/0x230 [ 1931.587771][ T6458] copy_mm+0x9a1/0x13e0 [ 1931.591762][ T6458] ? copy_signal+0x610/0x610 [ 1931.596186][ T6458] ? __init_rwsem+0xd6/0x1c0 [ 1931.600611][ T6458] ? copy_signal+0x4e3/0x610 [ 1931.605049][ T6458] copy_process+0x1149/0x3290 [ 1931.609555][ T6458] ? proc_fail_nth_write+0x20b/0x290 [ 1931.614672][ T6458] ? fsnotify_perm+0x6a/0x5d0 [ 1931.619196][ T6458] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1931.624144][ T6458] ? vfs_write+0x9ec/0x1110 [ 1931.628560][ T6458] kernel_clone+0x21e/0x9e0 [ 1931.632899][ T6458] ? file_end_write+0x1c0/0x1c0 [ 1931.637597][ T6458] ? create_io_thread+0x1e0/0x1e0 [ 1931.642451][ T6458] ? mutex_unlock+0xb2/0x260 [ 1931.646890][ T6458] ? __mutex_lock_slowpath+0x10/0x10 [ 1931.651995][ T6458] __x64_sys_clone+0x23f/0x290 [ 1931.656592][ T6458] ? __do_sys_vfork+0x130/0x130 [ 1931.661453][ T6458] ? ksys_write+0x260/0x2c0 [ 1931.665794][ T6458] ? debug_smp_processor_id+0x17/0x20 [ 1931.671001][ T6458] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1931.676905][ T6458] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1931.682372][ T6458] do_syscall_64+0x3d/0xb0 [ 1931.686625][ T6458] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1931.692352][ T6458] RIP: 0033:0x7f895df3fda9 [ 1931.696607][ T6458] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1931.716066][ T6458] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1931.724468][ T6458] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1931.732295][ T6458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1931.740182][ T6458] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:14:00 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:14:00 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x600000000000000) 14:14:00 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) [ 1931.747988][ T6458] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1931.755832][ T6458] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1931.763617][ T6458] [ 1932.008641][ T6468] FAULT_INJECTION: forcing a failure. [ 1932.008641][ T6468] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1932.021775][ T6468] CPU: 1 PID: 6468 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1932.031759][ T6468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1932.041655][ T6468] Call Trace: [ 1932.044777][ T6468] [ 1932.047553][ T6468] dump_stack_lvl+0x151/0x1b7 [ 1932.052069][ T6468] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1932.057540][ T6468] dump_stack+0x15/0x17 [ 1932.061530][ T6468] should_fail+0x3c6/0x510 [ 1932.065783][ T6468] should_fail_alloc_page+0x5a/0x80 [ 1932.070817][ T6468] prepare_alloc_pages+0x15c/0x700 [ 1932.075764][ T6468] ? __alloc_pages+0x8f0/0x8f0 [ 1932.080364][ T6468] ? __alloc_pages_bulk+0xe40/0xe40 [ 1932.085495][ T6468] __alloc_pages+0x18c/0x8f0 [ 1932.089909][ T6468] ? prep_new_page+0x110/0x110 [ 1932.094525][ T6468] ? 0xffffffffa000207c [ 1932.098503][ T6468] ? is_bpf_text_address+0x172/0x190 [ 1932.103625][ T6468] pte_alloc_one+0x73/0x1b0 [ 1932.107962][ T6468] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1932.112997][ T6468] ? arch_stack_walk+0xf3/0x140 [ 1932.117688][ T6468] __pte_alloc+0x86/0x350 [ 1932.121856][ T6468] ? free_pgtables+0x280/0x280 [ 1932.126463][ T6468] ? _raw_spin_lock+0xa4/0x1b0 [ 1932.131057][ T6468] ? __kasan_check_write+0x14/0x20 [ 1932.135997][ T6468] copy_page_range+0x28a8/0x2f90 [ 1932.140777][ T6468] ? __kasan_slab_alloc+0xb1/0xe0 [ 1932.145641][ T6468] ? pfn_valid+0x1e0/0x1e0 [ 1932.149895][ T6468] ? vma_gap_callbacks_rotate+0x1b7/0x210 [ 1932.155440][ T6468] ? __rb_insert_augmented+0x5de/0x610 [ 1932.160823][ T6468] copy_mm+0xc7e/0x13e0 [ 1932.164815][ T6468] ? copy_signal+0x610/0x610 [ 1932.169238][ T6468] ? __init_rwsem+0xd6/0x1c0 [ 1932.173664][ T6468] ? copy_signal+0x4e3/0x610 [ 1932.178091][ T6468] copy_process+0x1149/0x3290 [ 1932.182612][ T6468] ? proc_fail_nth_write+0x20b/0x290 [ 1932.187729][ T6468] ? fsnotify_perm+0x6a/0x5d0 [ 1932.192240][ T6468] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1932.197189][ T6468] ? vfs_write+0x9ec/0x1110 [ 1932.201530][ T6468] kernel_clone+0x21e/0x9e0 [ 1932.205865][ T6468] ? file_end_write+0x1c0/0x1c0 [ 1932.210568][ T6468] ? create_io_thread+0x1e0/0x1e0 [ 1932.215419][ T6468] ? mutex_unlock+0xb2/0x260 [ 1932.219933][ T6468] ? __mutex_lock_slowpath+0x10/0x10 [ 1932.225047][ T6468] __x64_sys_clone+0x23f/0x290 [ 1932.229652][ T6468] ? __do_sys_vfork+0x130/0x130 [ 1932.234332][ T6468] ? ksys_write+0x260/0x2c0 [ 1932.238672][ T6468] ? debug_smp_processor_id+0x17/0x20 [ 1932.243877][ T6468] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1932.249783][ T6468] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1932.255269][ T6468] do_syscall_64+0x3d/0xb0 [ 1932.259501][ T6468] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1932.265231][ T6468] RIP: 0033:0x7f895df3fda9 [ 1932.269489][ T6468] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1932.289014][ T6468] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1932.297367][ T6468] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1932.305175][ T6468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1932.312987][ T6468] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1932.320800][ T6468] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1932.328611][ T6468] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1932.336429][ T6468] 14:14:05 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:14:05 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x80, 0x6, 0x5, 0xfb, 0xff, 0x0, 0x37, 0x100, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x5c0, 0x1}, 0x200, 0x5, 0x0, 0x6, 0x1ff, 0x2, 0x7, 0x0, 0x9, 0x0, 0x926}, r2, 0x7, r0, 0x5) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x3, 0x6, 0x4, 0x0, 0x1, 0x81202, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x98, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x10c000, 0x2, 0x0, 0x2, 0x1000, 0x2, 0x2, 0x0, 0x5, 0x0, 0x6}, r1, 0xc, r0, 0x1) r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0xfffffffffffffd71, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x94, 0x8, 0x8, &(0x7f00000007c0)}}, 0xffffffffffffff29) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x6, 0x6, 0x8e, 0x5, 0x0, 0x102, 0x94212, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6c72, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x12950, 0x46bb, 0x397, 0x2, 0x1, 0x1, 0x3ff, 0x0, 0x9, 0x0, 0x3}, r1, 0x5, r3, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) (async) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x80, 0x6, 0x5, 0xfb, 0xff, 0x0, 0x37, 0x100, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x5c0, 0x1}, 0x200, 0x5, 0x0, 0x6, 0x1ff, 0x2, 0x7, 0x0, 0x9, 0x0, 0x926}, r2, 0x7, r0, 0x5) (async) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x3, 0x6, 0x4, 0x0, 0x1, 0x81202, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x98, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x10c000, 0x2, 0x0, 0x2, 0x1000, 0x2, 0x2, 0x0, 0x5, 0x0, 0x6}, r1, 0xc, r0, 0x1) (async) bpf$ITER_CREATE(0x21, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0xfffffffffffffd71, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x94, 0x8, 0x8, &(0x7f00000007c0)}}, 0xffffffffffffff29) (async) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x6, 0x6, 0x8e, 0x5, 0x0, 0x102, 0x94212, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6c72, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x12950, 0x46bb, 0x397, 0x2, 0x1, 0x1, 0x3ff, 0x0, 0x9, 0x0, 0x3}, r1, 0x5, r3, 0x8) (async) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) (async) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0) (async) 14:14:05 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 14:14:05 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b72151cea375925d05000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r1, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1f, &(0x7f00000005c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x37, 0x8, 0x8, &(0x7f0000000680)}}, 0x10) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x8, [@union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x0, 0x5, 0xbd}, {0xe, 0x1, 0xfffffffe}]}, @typedef={0xf}]}, {0x0, [0x5f, 0x61, 0x0, 0x30, 0x0, 0x2e]}}, &(0x7f0000000c00)=""/4096, 0x50, 0x1000, 0x1, 0x3}, 0x20) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x11, &(0x7f0000002000)=ANY=[@ANYBLOB="6515e52fffffffff186000000e00000000000000ffffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800007aee6333acc04effa1050000007b8af8ff00000000bfa200000000001655793800f8ffffffb732000008000000b7040000010000008500cef6ba0b4c14fa36feff01000000852000000500000085100000ffffffff183900000500000000000000000000008e57daaea3d0d5934fa24fb094e04b4da29885bc9413a1d60654aae2bfde17e13169cd325d8534c9cac627de8ccc404ff81b6bcf7f10ae1c15b37bb89cc6bbbba13c11bd9072577581fd36ce869f901e1707295b640a2e486fc937fc6bfead369162858b77e8cf30640118d6536b40cff257aa3040e14b94a05fed12752a2347558de6f087ec8e5ef216a6be00e3df7d4ae60d53eefe428cc741fa8785612aaf73c9eb8e6084c75c"], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x86, &(0x7f0000000340)=""/134, 0x41100, 0x11, '\x00', r2, 0x0, r3, 0x8, &(0x7f00000008c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000900)={0x5, 0x4, 0x7ff, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r0, r0, r0, r0, r0, r0, r0], 0x0, 0x10, 0x6}, 0x90) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@base={0x11, 0x4, 0x4, 0x3}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000280)={r7, &(0x7f0000000240), 0x20000000, 0x2}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000001fc0)='afs_send_data\x00', r4}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="0700000000001a0128a400001811000000000000000000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b80)={r0, 0x58, &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f0000000480)=0x7fffffffe) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001e80)={0x11, 0x1a, &(0x7f0000000a40)=ANY=[], &(0x7f0000000b40)='syzkaller\x00', 0x9, 0x57, &(0x7f0000001c00)=""/87, 0x41100, 0x3b, '\x00', r9, 0x0, r3, 0x8, &(0x7f0000001d00)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x3, 0xf, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001d80)=[r10, r0], &(0x7f0000001dc0)=[{0x3, 0x3, 0x7, 0x4}, {0x2, 0x4, 0xc, 0xe8ca525798998d8c}, {0x3, 0x4, 0xc, 0xb}, {0x3, 0x4, 0x3, 0xc}, {0x0, 0x2, 0xf}, {0x3, 0x2, 0x1, 0x5}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x5, 0x9, 0x4}, {0x5, 0x2, 0x4, 0x2}], 0x10, 0x80000001}, 0x90) recvmsg$unix(r10, &(0x7f0000001f80)={&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000a40)=""/176, 0xb0}], 0x1, &(0x7f0000001f40)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x141) 14:14:05 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x700000000000000) [ 1937.282490][ T6481] FAULT_INJECTION: forcing a failure. [ 1937.282490][ T6481] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1937.296198][ T6481] CPU: 1 PID: 6481 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1937.306256][ T6481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1937.316149][ T6481] Call Trace: [ 1937.319271][ T6481] [ 1937.322053][ T6481] dump_stack_lvl+0x151/0x1b7 [ 1937.326565][ T6481] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1937.332034][ T6481] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1937.337501][ T6481] dump_stack+0x15/0x17 [ 1937.341492][ T6481] should_fail+0x3c6/0x510 [ 1937.345746][ T6481] should_fail_alloc_page+0x5a/0x80 [ 1937.350782][ T6481] prepare_alloc_pages+0x15c/0x700 [ 1937.355741][ T6481] ? __alloc_pages_bulk+0xe40/0xe40 [ 1937.360769][ T6481] ? sched_clock+0x9/0x10 [ 1937.364927][ T6481] ? native_set_ldt+0x360/0x360 [ 1937.369613][ T6481] __alloc_pages+0x18c/0x8f0 [ 1937.374039][ T6481] ? _raw_spin_unlock+0x4d/0x70 [ 1937.378727][ T6481] ? prep_new_page+0x110/0x110 [ 1937.383326][ T6481] pte_alloc_one+0x73/0x1b0 [ 1937.387667][ T6481] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1937.392713][ T6481] ? preempt_schedule+0xd9/0xe0 [ 1937.397386][ T6481] ? preempt_schedule_common+0xbe/0xf0 [ 1937.402682][ T6481] __pte_alloc+0x86/0x350 [ 1937.406868][ T6481] ? free_pgtables+0x280/0x280 [ 1937.411445][ T6481] ? _raw_spin_lock+0xa4/0x1b0 [ 1937.416046][ T6481] ? __kasan_check_write+0x14/0x20 [ 1937.421001][ T6481] copy_page_range+0x28a8/0x2f90 [ 1937.425769][ T6481] ? __kasan_slab_alloc+0xb1/0xe0 [ 1937.430632][ T6481] ? pfn_valid+0x1e0/0x1e0 [ 1937.434883][ T6481] ? vma_gap_callbacks_rotate+0x1b7/0x210 [ 1937.440435][ T6481] ? __rb_insert_augmented+0x5de/0x610 [ 1937.445732][ T6481] copy_mm+0xc7e/0x13e0 [ 1937.449728][ T6481] ? copy_signal+0x610/0x610 [ 1937.454148][ T6481] ? __init_rwsem+0xd6/0x1c0 [ 1937.458576][ T6481] ? copy_signal+0x4e3/0x610 [ 1937.463001][ T6481] copy_process+0x1149/0x3290 [ 1937.467517][ T6481] ? proc_fail_nth_write+0x20b/0x290 [ 1937.472638][ T6481] ? fsnotify_perm+0x6a/0x5d0 [ 1937.477149][ T6481] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1937.482097][ T6481] ? vfs_write+0x9ec/0x1110 [ 1937.486438][ T6481] kernel_clone+0x21e/0x9e0 [ 1937.490774][ T6481] ? file_end_write+0x1c0/0x1c0 [ 1937.495563][ T6481] ? create_io_thread+0x1e0/0x1e0 [ 1937.500407][ T6481] ? mutex_unlock+0xb2/0x260 [ 1937.504933][ T6481] ? __mutex_lock_slowpath+0x10/0x10 [ 1937.510133][ T6481] __x64_sys_clone+0x23f/0x290 [ 1937.514734][ T6481] ? __do_sys_vfork+0x130/0x130 [ 1937.519416][ T6481] ? ksys_write+0x260/0x2c0 [ 1937.523846][ T6481] ? debug_smp_processor_id+0x17/0x20 [ 1937.529052][ T6481] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1937.534954][ T6481] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1937.540424][ T6481] do_syscall_64+0x3d/0xb0 [ 1937.544675][ T6481] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1937.550404][ T6481] RIP: 0033:0x7f895df3fda9 [ 1937.554659][ T6481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1937.574096][ T6481] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:14:05 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) [ 1937.582342][ T6481] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1937.590156][ T6481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1937.597963][ T6481] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1937.605782][ T6481] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1937.613586][ T6481] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1937.621415][ T6481] 14:14:06 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x0, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1937.717353][ T6499] FAULT_INJECTION: forcing a failure. [ 1937.717353][ T6499] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1937.730620][ T6499] CPU: 1 PID: 6499 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1937.740853][ T6499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1937.750741][ T6499] Call Trace: [ 1937.753890][ T6499] [ 1937.756649][ T6499] dump_stack_lvl+0x151/0x1b7 [ 1937.761155][ T6499] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1937.766624][ T6499] dump_stack+0x15/0x17 [ 1937.770616][ T6499] should_fail+0x3c6/0x510 [ 1937.774867][ T6499] should_fail_alloc_page+0x5a/0x80 [ 1937.779901][ T6499] prepare_alloc_pages+0x15c/0x700 [ 1937.784848][ T6499] ? __alloc_pages+0x8f0/0x8f0 [ 1937.789465][ T6499] ? __alloc_pages_bulk+0xe40/0xe40 [ 1937.794490][ T6499] __alloc_pages+0x18c/0x8f0 [ 1937.798910][ T6499] ? prep_new_page+0x110/0x110 [ 1937.803512][ T6499] ? 0xffffffffa00282a8 [ 1937.807525][ T6499] ? is_bpf_text_address+0x172/0x190 [ 1937.812628][ T6499] pte_alloc_one+0x73/0x1b0 [ 1937.816961][ T6499] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1937.821995][ T6499] ? arch_stack_walk+0xf3/0x140 [ 1937.826683][ T6499] __pte_alloc+0x86/0x350 [ 1937.830860][ T6499] ? free_pgtables+0x280/0x280 [ 1937.835450][ T6499] ? _raw_spin_lock+0xa4/0x1b0 [ 1937.840050][ T6499] ? __kasan_check_write+0x14/0x20 [ 1937.844997][ T6499] copy_page_range+0x28a8/0x2f90 [ 1937.849771][ T6499] ? __kasan_slab_alloc+0xb1/0xe0 [ 1937.854635][ T6499] ? pfn_valid+0x1e0/0x1e0 [ 1937.858885][ T6499] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1937.864439][ T6499] ? __rb_insert_augmented+0x5de/0x610 [ 1937.869736][ T6499] copy_mm+0xc7e/0x13e0 [ 1937.873730][ T6499] ? copy_signal+0x610/0x610 [ 1937.878150][ T6499] ? __init_rwsem+0xd6/0x1c0 [ 1937.882577][ T6499] ? copy_signal+0x4e3/0x610 [ 1937.887006][ T6499] copy_process+0x1149/0x3290 [ 1937.891520][ T6499] ? proc_fail_nth_write+0x20b/0x290 [ 1937.896640][ T6499] ? fsnotify_perm+0x6a/0x5d0 [ 1937.901158][ T6499] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1937.906098][ T6499] ? vfs_write+0x9ec/0x1110 [ 1937.910439][ T6499] kernel_clone+0x21e/0x9e0 [ 1937.914780][ T6499] ? file_end_write+0x1c0/0x1c0 [ 1937.919465][ T6499] ? create_io_thread+0x1e0/0x1e0 [ 1937.924324][ T6499] ? mutex_unlock+0xb2/0x260 [ 1937.928757][ T6499] ? __mutex_lock_slowpath+0x10/0x10 [ 1937.933873][ T6499] __x64_sys_clone+0x23f/0x290 [ 1937.938472][ T6499] ? __do_sys_vfork+0x130/0x130 [ 1937.943159][ T6499] ? ksys_write+0x260/0x2c0 [ 1937.947503][ T6499] ? debug_smp_processor_id+0x17/0x20 [ 1937.952711][ T6499] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1937.958610][ T6499] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1937.964077][ T6499] do_syscall_64+0x3d/0xb0 [ 1937.968330][ T6499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1937.974058][ T6499] RIP: 0033:0x7f895df3fda9 [ 1937.978312][ T6499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1937.997753][ T6499] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1938.006085][ T6499] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:14:06 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x80, 0x6, 0x5, 0xfb, 0xff, 0x0, 0x37, 0x100, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x5c0, 0x1}, 0x200, 0x5, 0x0, 0x6, 0x1ff, 0x2, 0x7, 0x0, 0x9, 0x0, 0x926}, r2, 0x7, r0, 0x5) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x3, 0x6, 0x4, 0x0, 0x1, 0x81202, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x98, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x10c000, 0x2, 0x0, 0x2, 0x1000, 0x2, 0x2, 0x0, 0x5, 0x0, 0x6}, r1, 0xc, r0, 0x1) r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0xfffffffffffffd71, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x94, 0x8, 0x8, &(0x7f00000007c0)}}, 0xffffffffffffff29) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x6, 0x6, 0x8e, 0x5, 0x0, 0x102, 0x94212, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6c72, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x12950, 0x46bb, 0x397, 0x2, 0x1, 0x1, 0x3ff, 0x0, 0x9, 0x0, 0x3}, r1, 0x5, r3, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) (async) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x80, 0x6, 0x5, 0xfb, 0xff, 0x0, 0x37, 0x100, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x5c0, 0x1}, 0x200, 0x5, 0x0, 0x6, 0x1ff, 0x2, 0x7, 0x0, 0x9, 0x0, 0x926}, r2, 0x7, r0, 0x5) (async) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x3, 0x6, 0x4, 0x0, 0x1, 0x81202, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x98, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x10c000, 0x2, 0x0, 0x2, 0x1000, 0x2, 0x2, 0x0, 0x5, 0x0, 0x6}, r1, 0xc, r0, 0x1) (async) bpf$ITER_CREATE(0x21, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0xfffffffffffffd71, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x94, 0x8, 0x8, &(0x7f00000007c0)}}, 0xffffffffffffff29) (async) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x6, 0x6, 0x8e, 0x5, 0x0, 0x102, 0x94212, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6c72, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x12950, 0x46bb, 0x397, 0x2, 0x1, 0x1, 0x3ff, 0x0, 0x9, 0x0, 0x3}, r1, 0x5, r3, 0x8) (async) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) (async) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.events.local\x00', 0x0, 0x0) (async) 14:14:06 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 14:14:06 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x0, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1938.013897][ T6499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1938.021707][ T6499] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1938.029520][ T6499] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1938.037330][ T6499] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1938.045143][ T6499] [ 1938.078987][ T6507] FAULT_INJECTION: forcing a failure. [ 1938.078987][ T6507] name failslab, interval 1, probability 0, space 0, times 0 [ 1938.091634][ T6507] CPU: 0 PID: 6507 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1938.101703][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1938.111592][ T6507] Call Trace: [ 1938.114716][ T6507] [ 1938.117495][ T6507] dump_stack_lvl+0x151/0x1b7 [ 1938.122006][ T6507] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1938.127479][ T6507] dump_stack+0x15/0x17 [ 1938.131551][ T6507] should_fail+0x3c6/0x510 [ 1938.135809][ T6507] __should_failslab+0xa4/0xe0 [ 1938.140404][ T6507] ? vm_area_dup+0x26/0x230 [ 1938.144741][ T6507] should_failslab+0x9/0x20 [ 1938.149087][ T6507] slab_pre_alloc_hook+0x37/0xd0 [ 1938.153868][ T6507] ? vm_area_dup+0x26/0x230 [ 1938.158197][ T6507] kmem_cache_alloc+0x44/0x200 [ 1938.162802][ T6507] vm_area_dup+0x26/0x230 [ 1938.166962][ T6507] copy_mm+0x9a1/0x13e0 [ 1938.170961][ T6507] ? copy_signal+0x610/0x610 [ 1938.175381][ T6507] ? __init_rwsem+0xd6/0x1c0 [ 1938.179858][ T6507] ? copy_signal+0x4e3/0x610 [ 1938.184251][ T6507] copy_process+0x1149/0x3290 [ 1938.188753][ T6507] ? proc_fail_nth_write+0x20b/0x290 [ 1938.193876][ T6507] ? fsnotify_perm+0x6a/0x5d0 [ 1938.198392][ T6507] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1938.203327][ T6507] ? vfs_write+0x9ec/0x1110 [ 1938.207667][ T6507] kernel_clone+0x21e/0x9e0 [ 1938.212006][ T6507] ? file_end_write+0x1c0/0x1c0 [ 1938.216691][ T6507] ? create_io_thread+0x1e0/0x1e0 [ 1938.221566][ T6507] ? mutex_unlock+0xb2/0x260 [ 1938.225982][ T6507] ? __mutex_lock_slowpath+0x10/0x10 [ 1938.231110][ T6507] __x64_sys_clone+0x23f/0x290 [ 1938.235703][ T6507] ? __do_sys_vfork+0x130/0x130 [ 1938.240386][ T6507] ? ksys_write+0x260/0x2c0 [ 1938.244731][ T6507] ? debug_smp_processor_id+0x17/0x20 [ 1938.249935][ T6507] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1938.255836][ T6507] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1938.261304][ T6507] do_syscall_64+0x3d/0xb0 [ 1938.265556][ T6507] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1938.271289][ T6507] RIP: 0033:0x7f895df3fda9 [ 1938.275539][ T6507] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1938.294979][ T6507] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1938.303223][ T6507] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1938.311034][ T6507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1938.318845][ T6507] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:14:06 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x800000000000000) 14:14:06 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) 14:14:06 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x0, 0x4, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:14:06 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.self_freezing\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000140)) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x3, 0x0}, 0x8) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1d, 0x1, 0x3, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r0, r1, 0x1e, 0xc, 0x0, @link_id=r2, r3}, 0x20) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1938.326747][ T6507] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1938.334566][ T6507] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1938.342379][ T6507] 14:14:06 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.self_freezing\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000140)) (async) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000140)) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x3, 0x0}, 0x8) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1d, 0x1, 0x3, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0]}, 0x40) (async) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1d, 0x1, 0x3, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r0, r1, 0x1e, 0xc, 0x0, @link_id=r2, r3}, 0x20) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1938.384611][ T6526] FAULT_INJECTION: forcing a failure. [ 1938.384611][ T6526] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1938.398477][ T6526] CPU: 0 PID: 6526 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1938.408544][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1938.418525][ T6526] Call Trace: [ 1938.421651][ T6526] [ 1938.424440][ T6526] dump_stack_lvl+0x151/0x1b7 [ 1938.428941][ T6526] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1938.434495][ T6526] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1938.439970][ T6526] dump_stack+0x15/0x17 [ 1938.443955][ T6526] should_fail+0x3c6/0x510 [ 1938.448208][ T6526] should_fail_alloc_page+0x5a/0x80 [ 1938.453239][ T6526] prepare_alloc_pages+0x15c/0x700 [ 1938.458197][ T6526] ? __alloc_pages_bulk+0xe40/0xe40 [ 1938.463225][ T6526] ? sched_clock+0x9/0x10 [ 1938.467387][ T6526] ? native_set_ldt+0x360/0x360 [ 1938.472080][ T6526] __alloc_pages+0x18c/0x8f0 [ 1938.476499][ T6526] ? _raw_spin_unlock+0x4d/0x70 14:14:06 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.self_freezing\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000140)) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x3, 0x0}, 0x8) (async) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1d, 0x1, 0x3, &(0x7f0000000080)=[0x0], 0x1, 0x0, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r0, r1, 0x1e, 0xc, 0x0, @link_id=r2, r3}, 0x20) (async) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 14:14:06 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000080)="e25024ee82c25fb2abededc6bfd69b3d45d3ce7716cc8c62ef84bc05a497591824a6f5c2287bad650b884ca574da5538ba8fe8c22125c851f3c8", 0x3a}, {&(0x7f00000000c0)="82bab88220e33f7ffb5d7220f71670135c699c02699d3d73979c5e54281eb7537c7d3e59373974348bd96a4931bdb32b8eecc325998d03bb3a1e9eb265cc68f727749dc900f8602ea6eeb622d3a853a492c068d2f751416c02d4b4e0cf51bc3de4352480577651da58ab40e54af668e37b4e05331be49f84eaff114deee97eb217c0548d324d71adf20ac3802a", 0x8d}], 0x2, 0x0, 0x0, 0x4008800}, 0x4008000) 14:14:06 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) sendmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000080)="e25024ee82c25fb2abededc6bfd69b3d45d3ce7716cc8c62ef84bc05a497591824a6f5c2287bad650b884ca574da5538ba8fe8c22125c851f3c8", 0x3a}, {&(0x7f00000000c0)="82bab88220e33f7ffb5d7220f71670135c699c02699d3d73979c5e54281eb7537c7d3e59373974348bd96a4931bdb32b8eecc325998d03bb3a1e9eb265cc68f727749dc900f8602ea6eeb622d3a853a492c068d2f751416c02d4b4e0cf51bc3de4352480577651da58ab40e54af668e37b4e05331be49f84eaff114deee97eb217c0548d324d71adf20ac3802a", 0x8d}], 0x2, 0x0, 0x0, 0x4008800}, 0x4008000) [ 1938.481185][ T6526] ? prep_new_page+0x110/0x110 [ 1938.485801][ T6526] pte_alloc_one+0x73/0x1b0 [ 1938.490127][ T6526] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1938.495160][ T6526] ? preempt_schedule+0xd9/0xe0 [ 1938.499847][ T6526] ? preempt_schedule_common+0xbe/0xf0 [ 1938.505144][ T6526] __pte_alloc+0x86/0x350 [ 1938.509311][ T6526] ? free_pgtables+0x280/0x280 [ 1938.513905][ T6526] ? _raw_spin_lock+0xa4/0x1b0 [ 1938.518511][ T6526] ? __kasan_check_write+0x14/0x20 [ 1938.523458][ T6526] copy_page_range+0x28a8/0x2f90 [ 1938.528329][ T6526] ? __kasan_slab_alloc+0xb1/0xe0 14:14:06 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b72151cea375925d05000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r1, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1f, &(0x7f00000005c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x37, 0x8, 0x8, &(0x7f0000000680)}}, 0x10) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x8, [@union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x0, 0x5, 0xbd}, {0xe, 0x1, 0xfffffffe}]}, @typedef={0xf}]}, {0x0, [0x5f, 0x61, 0x0, 0x30, 0x0, 0x2e]}}, &(0x7f0000000c00)=""/4096, 0x50, 0x1000, 0x1, 0x3}, 0x20) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x11, &(0x7f0000002000)=ANY=[@ANYBLOB="6515e52fffffffff186000000e00000000000000ffffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800007aee6333acc04effa1050000007b8af8ff00000000bfa200000000001655793800f8ffffffb732000008000000b7040000010000008500cef6ba0b4c14fa36feff01000000852000000500000085100000ffffffff183900000500000000000000000000008e57daaea3d0d5934fa24fb094e04b4da29885bc9413a1d60654aae2bfde17e13169cd325d8534c9cac627de8ccc404ff81b6bcf7f10ae1c15b37bb89cc6bbbba13c11bd9072577581fd36ce869f901e1707295b640a2e486fc937fc6bfead369162858b77e8cf30640118d6536b40cff257aa3040e14b94a05fed12752a2347558de6f087ec8e5ef216a6be00e3df7d4ae60d53eefe428cc741fa8785612aaf73c9eb8e6084c75c"], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x86, &(0x7f0000000340)=""/134, 0x41100, 0x11, '\x00', r2, 0x0, r3, 0x8, &(0x7f00000008c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000900)={0x5, 0x4, 0x7ff, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r0, r0, r0, r0, r0, r0, r0], 0x0, 0x10, 0x6}, 0x90) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@base={0x11, 0x4, 0x4, 0x3}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000280)={r7, &(0x7f0000000240), 0x20000000, 0x2}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000001fc0)='afs_send_data\x00', r4}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="0700000000001a0128a400001811000000000000000000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b80)={r0, 0x58, &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f0000000480)=0x7fffffffe) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001e80)={0x11, 0x1a, &(0x7f0000000a40)=ANY=[], &(0x7f0000000b40)='syzkaller\x00', 0x9, 0x57, &(0x7f0000001c00)=""/87, 0x41100, 0x3b, '\x00', r9, 0x0, r3, 0x8, &(0x7f0000001d00)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x3, 0xf, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001d80)=[r10, r0], &(0x7f0000001dc0)=[{0x3, 0x3, 0x7, 0x4}, {0x2, 0x4, 0xc, 0xe8ca525798998d8c}, {0x3, 0x4, 0xc, 0xb}, {0x3, 0x4, 0x3, 0xc}, {0x0, 0x2, 0xf}, {0x3, 0x2, 0x1, 0x5}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x5, 0x9, 0x4}, {0x5, 0x2, 0x4, 0x2}], 0x10, 0x80000001}, 0x90) recvmsg$unix(r10, &(0x7f0000001f80)={&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000a40)=""/176, 0xb0}], 0x1, &(0x7f0000001f40)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x141) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b72151cea375925d05000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r1, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1f, &(0x7f00000005c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x37, 0x8, 0x8, &(0x7f0000000680)}}, 0x10) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x8, [@union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x0, 0x5, 0xbd}, {0xe, 0x1, 0xfffffffe}]}, @typedef={0xf}]}, {0x0, [0x5f, 0x61, 0x0, 0x30, 0x0, 0x2e]}}, &(0x7f0000000c00)=""/4096, 0x50, 0x1000, 0x1, 0x3}, 0x20) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x11, &(0x7f0000002000)=ANY=[@ANYBLOB="6515e52fffffffff186000000e00000000000000ffffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800007aee6333acc04effa1050000007b8af8ff00000000bfa200000000001655793800f8ffffffb732000008000000b7040000010000008500cef6ba0b4c14fa36feff01000000852000000500000085100000ffffffff183900000500000000000000000000008e57daaea3d0d5934fa24fb094e04b4da29885bc9413a1d60654aae2bfde17e13169cd325d8534c9cac627de8ccc404ff81b6bcf7f10ae1c15b37bb89cc6bbbba13c11bd9072577581fd36ce869f901e1707295b640a2e486fc937fc6bfead369162858b77e8cf30640118d6536b40cff257aa3040e14b94a05fed12752a2347558de6f087ec8e5ef216a6be00e3df7d4ae60d53eefe428cc741fa8785612aaf73c9eb8e6084c75c"], &(0x7f0000000180)='syzkaller\x00', 0x7, 0x86, &(0x7f0000000340)=""/134, 0x41100, 0x11, '\x00', r2, 0x0, r3, 0x8, &(0x7f00000008c0)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000900)={0x5, 0x4, 0x7ff, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r0, r0, r0, r0, r0, r0, r0], 0x0, 0x10, 0x6}, 0x90) (async) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) (async) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x0) (async) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@base={0x11, 0x4, 0x4, 0x3}, 0x48) (async) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000280)={r7, &(0x7f0000000240), 0x20000000, 0x2}, 0x20) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000001fc0)='afs_send_data\x00', r4}, 0x10) (async) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="0700000000001a0128a400001811000000000000000000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b80)={r0, 0x58, &(0x7f0000001c80)}, 0x10) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) (async) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f0000000480)=0x7fffffffe) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001e80)={0x11, 0x1a, &(0x7f0000000a40)=ANY=[], &(0x7f0000000b40)='syzkaller\x00', 0x9, 0x57, &(0x7f0000001c00)=""/87, 0x41100, 0x3b, '\x00', r9, 0x0, r3, 0x8, &(0x7f0000001d00)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x3, 0xf, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001d80)=[r10, r0], &(0x7f0000001dc0)=[{0x3, 0x3, 0x7, 0x4}, {0x2, 0x4, 0xc, 0xe8ca525798998d8c}, {0x3, 0x4, 0xc, 0xb}, {0x3, 0x4, 0x3, 0xc}, {0x0, 0x2, 0xf}, {0x3, 0x2, 0x1, 0x5}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x5, 0x9, 0x4}, {0x5, 0x2, 0x4, 0x2}], 0x10, 0x80000001}, 0x90) (async) recvmsg$unix(r10, &(0x7f0000001f80)={&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000a40)=""/176, 0xb0}], 0x1, &(0x7f0000001f40)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x141) (async) 14:14:06 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) sendmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000080)="e25024ee82c25fb2abededc6bfd69b3d45d3ce7716cc8c62ef84bc05a497591824a6f5c2287bad650b884ca574da5538ba8fe8c22125c851f3c8", 0x3a}, {&(0x7f00000000c0)="82bab88220e33f7ffb5d7220f71670135c699c02699d3d73979c5e54281eb7537c7d3e59373974348bd96a4931bdb32b8eecc325998d03bb3a1e9eb265cc68f727749dc900f8602ea6eeb622d3a853a492c068d2f751416c02d4b4e0cf51bc3de4352480577651da58ab40e54af668e37b4e05331be49f84eaff114deee97eb217c0548d324d71adf20ac3802a", 0x8d}], 0x2, 0x0, 0x0, 0x4008800}, 0x4008000) [ 1938.533285][ T6526] ? pfn_valid+0x1e0/0x1e0 [ 1938.537975][ T6526] ? vma_interval_tree_augment_rotate+0x1a3/0x1d0 [ 1938.544207][ T6526] copy_mm+0xc7e/0x13e0 [ 1938.548205][ T6526] ? copy_signal+0x610/0x610 [ 1938.552628][ T6526] ? __init_rwsem+0xd6/0x1c0 [ 1938.557056][ T6526] ? copy_signal+0x4e3/0x610 [ 1938.561581][ T6526] copy_process+0x1149/0x3290 [ 1938.566089][ T6526] ? proc_fail_nth_write+0x20b/0x290 [ 1938.571205][ T6526] ? fsnotify_perm+0x6a/0x5d0 [ 1938.575711][ T6526] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1938.580663][ T6526] ? vfs_write+0x9ec/0x1110 14:14:06 executing program 4: r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0x1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) openat$cgroup_ro(r2, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0xf) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r5, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, 0x0}, 0x8) r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r9, 0xa, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r10, r5, 0x2, &(0x7f00000009c0)=[r6, r11, r6], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x23, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2992, 0x0, 0x0, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @snprintf], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='syzkaller\x00', 0x7a3b, 0x44, &(0x7f0000000500)=""/68, 0x40f00, 0x21, '\x00', 0x0, 0x24, r4, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0x3, 0x9, 0x8}, 0x10, r10, 0xffffffffffffffff, 0x3, &(0x7f0000000640), &(0x7f0000000680)=[{0x1, 0x5, 0xc, 0x8}, {0x4, 0x1, 0x0, 0x4}, {0x3, 0x2, 0xc, 0xe}], 0x10, 0x3}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000240)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000002c0)='GPL\x00', 0x4, 0xf3, &(0x7f0000000300)=""/243, 0x41000, 0x2a, '\x00', r1, 0x1b, r2, 0x8, &(0x7f00000004c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x10, 0x5, 0xff}, 0x10, r10, 0x0, 0x7, 0x0, &(0x7f0000000540)=[{0x0, 0x5, 0xd}, {0x4, 0x4, 0xc, 0x7}, {0x4, 0x1, 0x8, 0xc}, {0x2, 0x3, 0x1, 0x3}, {0x0, 0x5, 0xa, 0x3}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x4, 0xa, 0x4}], 0x10, 0x7ff}, 0x90) r12 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r13 = perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x80, 0x2, 0x1, 0x8, 0xe2, 0x0, 0x10001, 0xb4510, 0xa, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0xa8464117949fffce, @perf_config_ext={0xdd, 0x2}, 0x900, 0xffffffffffffff61, 0x7f, 0x1, 0x1, 0xfffff001, 0x3, 0x0, 0x3, 0x0, 0x2}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x6) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3f, 0xff, 0x2, 0x7, 0x0, 0xc2d8, 0x18805, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x10060, 0x400, 0x6, 0x3, 0xb44, 0x3, 0x4, 0x0, 0x3f, 0x0, 0x2}, r12, 0xf, r13, 0x1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r12, r13, 0x0, 0x6, &(0x7f0000000140)='%$*j+\x00'}, 0x30) [ 1938.585018][ T6526] kernel_clone+0x21e/0x9e0 [ 1938.589341][ T6526] ? file_end_write+0x1c0/0x1c0 [ 1938.594031][ T6526] ? create_io_thread+0x1e0/0x1e0 [ 1938.598932][ T6526] ? mutex_unlock+0xb2/0x260 [ 1938.603315][ T6526] ? __mutex_lock_slowpath+0x10/0x10 [ 1938.608435][ T6526] __x64_sys_clone+0x23f/0x290 [ 1938.613030][ T6526] ? __do_sys_vfork+0x130/0x130 [ 1938.617714][ T6526] ? ksys_write+0x260/0x2c0 [ 1938.622057][ T6526] ? debug_smp_processor_id+0x17/0x20 [ 1938.627276][ T6526] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1938.633180][ T6526] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1938.638637][ T6526] do_syscall_64+0x3d/0xb0 [ 1938.642887][ T6526] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1938.648712][ T6526] RIP: 0033:0x7f895df3fda9 [ 1938.652957][ T6526] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1938.672398][ T6526] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 14:14:07 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 14:14:07 executing program 4: r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0x1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) openat$cgroup_ro(r2, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) (async) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0xf) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r5, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, 0x0}, 0x8) (async) r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r9, 0xa, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r10, r5, 0x2, &(0x7f00000009c0)=[r6, r11, r6], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x23, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2992, 0x0, 0x0, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @snprintf], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='syzkaller\x00', 0x7a3b, 0x44, &(0x7f0000000500)=""/68, 0x40f00, 0x21, '\x00', 0x0, 0x24, r4, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0x3, 0x9, 0x8}, 0x10, r10, 0xffffffffffffffff, 0x3, &(0x7f0000000640), &(0x7f0000000680)=[{0x1, 0x5, 0xc, 0x8}, {0x4, 0x1, 0x0, 0x4}, {0x3, 0x2, 0xc, 0xe}], 0x10, 0x3}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000240)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000002c0)='GPL\x00', 0x4, 0xf3, &(0x7f0000000300)=""/243, 0x41000, 0x2a, '\x00', r1, 0x1b, r2, 0x8, &(0x7f00000004c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x10, 0x5, 0xff}, 0x10, r10, 0x0, 0x7, 0x0, &(0x7f0000000540)=[{0x0, 0x5, 0xd}, {0x4, 0x4, 0xc, 0x7}, {0x4, 0x1, 0x8, 0xc}, {0x2, 0x3, 0x1, 0x3}, {0x0, 0x5, 0xa, 0x3}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x4, 0xa, 0x4}], 0x10, 0x7ff}, 0x90) (async) r12 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r13 = perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x80, 0x2, 0x1, 0x8, 0xe2, 0x0, 0x10001, 0xb4510, 0xa, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0xa8464117949fffce, @perf_config_ext={0xdd, 0x2}, 0x900, 0xffffffffffffff61, 0x7f, 0x1, 0x1, 0xfffff001, 0x3, 0x0, 0x3, 0x0, 0x2}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x6) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3f, 0xff, 0x2, 0x7, 0x0, 0xc2d8, 0x18805, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x10060, 0x400, 0x6, 0x3, 0xb44, 0x3, 0x4, 0x0, 0x3f, 0x0, 0x2}, r12, 0xf, r13, 0x1) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r12, r13, 0x0, 0x6, &(0x7f0000000140)='%$*j+\x00'}, 0x30) [ 1938.680642][ T6526] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1938.688451][ T6526] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1938.696265][ T6526] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1938.704076][ T6526] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1938.711896][ T6526] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1938.719702][ T6526] 14:14:07 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x0, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1938.752449][ T6552] FAULT_INJECTION: forcing a failure. [ 1938.752449][ T6552] name failslab, interval 1, probability 0, space 0, times 0 [ 1938.765221][ T6552] CPU: 0 PID: 6552 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1938.775304][ T6552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1938.785190][ T6552] Call Trace: [ 1938.788310][ T6552] [ 1938.791085][ T6552] dump_stack_lvl+0x151/0x1b7 [ 1938.795599][ T6552] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1938.801075][ T6552] dump_stack+0x15/0x17 [ 1938.805056][ T6552] should_fail+0x3c6/0x510 [ 1938.809311][ T6552] __should_failslab+0xa4/0xe0 [ 1938.813909][ T6552] ? anon_vma_clone+0x9a/0x500 [ 1938.818515][ T6552] should_failslab+0x9/0x20 [ 1938.822854][ T6552] slab_pre_alloc_hook+0x37/0xd0 [ 1938.827635][ T6552] ? anon_vma_clone+0x9a/0x500 [ 1938.832236][ T6552] kmem_cache_alloc+0x44/0x200 [ 1938.836825][ T6552] anon_vma_clone+0x9a/0x500 [ 1938.841263][ T6552] anon_vma_fork+0x91/0x4e0 [ 1938.845598][ T6552] ? anon_vma_name+0x43/0x70 [ 1938.850016][ T6552] ? vm_area_dup+0x17a/0x230 [ 1938.854441][ T6552] copy_mm+0xa3a/0x13e0 [ 1938.858436][ T6552] ? copy_signal+0x610/0x610 [ 1938.862860][ T6552] ? __init_rwsem+0xd6/0x1c0 [ 1938.867289][ T6552] ? copy_signal+0x4e3/0x610 [ 1938.871713][ T6552] copy_process+0x1149/0x3290 [ 1938.876231][ T6552] ? proc_fail_nth_write+0x20b/0x290 [ 1938.881348][ T6552] ? fsnotify_perm+0x6a/0x5d0 [ 1938.885864][ T6552] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1938.890808][ T6552] ? vfs_write+0x9ec/0x1110 [ 1938.895147][ T6552] kernel_clone+0x21e/0x9e0 [ 1938.899490][ T6552] ? file_end_write+0x1c0/0x1c0 [ 1938.904172][ T6552] ? create_io_thread+0x1e0/0x1e0 [ 1938.909035][ T6552] ? mutex_unlock+0xb2/0x260 [ 1938.913466][ T6552] ? __mutex_lock_slowpath+0x10/0x10 [ 1938.918585][ T6552] __x64_sys_clone+0x23f/0x290 [ 1938.923198][ T6552] ? __do_sys_vfork+0x130/0x130 [ 1938.927868][ T6552] ? ksys_write+0x260/0x2c0 [ 1938.932209][ T6552] ? debug_smp_processor_id+0x17/0x20 [ 1938.937425][ T6552] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1938.943317][ T6552] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1938.948788][ T6552] do_syscall_64+0x3d/0xb0 [ 1938.953039][ T6552] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1938.958768][ T6552] RIP: 0033:0x7f895df3fda9 [ 1938.963023][ T6552] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1938.982461][ T6552] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1938.990706][ T6552] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:14:07 executing program 4: r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0x1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) openat$cgroup_ro(r2, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0xf) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) (async) r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r5, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, 0x0}, 0x8) r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r9, 0xa, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r10, r5, 0x2, &(0x7f00000009c0)=[r6, r11, r6], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x23, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2992, 0x0, 0x0, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @snprintf], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='syzkaller\x00', 0x7a3b, 0x44, &(0x7f0000000500)=""/68, 0x40f00, 0x21, '\x00', 0x0, 0x24, r4, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0x3, 0x9, 0x8}, 0x10, r10, 0xffffffffffffffff, 0x3, &(0x7f0000000640), &(0x7f0000000680)=[{0x1, 0x5, 0xc, 0x8}, {0x4, 0x1, 0x0, 0x4}, {0x3, 0x2, 0xc, 0xe}], 0x10, 0x3}, 0x90) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000240)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000002c0)='GPL\x00', 0x4, 0xf3, &(0x7f0000000300)=""/243, 0x41000, 0x2a, '\x00', r1, 0x1b, r2, 0x8, &(0x7f00000004c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x10, 0x5, 0xff}, 0x10, r10, 0x0, 0x7, 0x0, &(0x7f0000000540)=[{0x0, 0x5, 0xd}, {0x4, 0x4, 0xc, 0x7}, {0x4, 0x1, 0x8, 0xc}, {0x2, 0x3, 0x1, 0x3}, {0x0, 0x5, 0xa, 0x3}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x4, 0xa, 0x4}], 0x10, 0x7ff}, 0x90) (async) r12 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r13 = perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x80, 0x2, 0x1, 0x8, 0xe2, 0x0, 0x10001, 0xb4510, 0xa, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0xa8464117949fffce, @perf_config_ext={0xdd, 0x2}, 0x900, 0xffffffffffffff61, 0x7f, 0x1, 0x1, 0xfffff001, 0x3, 0x0, 0x3, 0x0, 0x2}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x6) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3f, 0xff, 0x2, 0x7, 0x0, 0xc2d8, 0x18805, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x10060, 0x400, 0x6, 0x3, 0xb44, 0x3, 0x4, 0x0, 0x3f, 0x0, 0x2}, r12, 0xf, r13, 0x1) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r12, r13, 0x0, 0x6, &(0x7f0000000140)='%$*j+\x00'}, 0x30) 14:14:07 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 14:14:07 executing program 4: r0 = syz_clone(0x98080d00, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x40, 0x3f, 0xf0, 0x81, 0x0, 0x0, 0x200, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x540, 0x0, @perf_config_ext={0x0, 0x7ff}, 0x1000, 0x4, 0x7, 0x2, 0x8, 0x6, 0x4, 0x0, 0xffff230a, 0x0, 0x6}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x6, 0x6, 0x7f, 0xfe, 0x0, 0x8fb8, 0x40020, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xd779, 0x1, @perf_config_ext={0x4d, 0x6e}, 0x0, 0x8, 0x10000, 0x5, 0x1ff, 0x6, 0x7f, 0x0, 0x4, 0x0, 0x3f}, r0, 0x0, r1, 0x0) [ 1938.998517][ T6552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1939.006327][ T6552] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1939.014141][ T6552] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1939.021958][ T6552] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1939.029766][ T6552] 14:14:07 executing program 4: r0 = syz_clone(0x98080d00, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0) (async) r1 = perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x40, 0x3f, 0xf0, 0x81, 0x0, 0x0, 0x200, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x540, 0x0, @perf_config_ext={0x0, 0x7ff}, 0x1000, 0x4, 0x7, 0x2, 0x8, 0x6, 0x4, 0x0, 0xffff230a, 0x0, 0x6}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x6, 0x6, 0x7f, 0xfe, 0x0, 0x8fb8, 0x40020, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xd779, 0x1, @perf_config_ext={0x4d, 0x6e}, 0x0, 0x8, 0x10000, 0x5, 0x1ff, 0x6, 0x7f, 0x0, 0x4, 0x0, 0x3f}, r0, 0x0, r1, 0x0) 14:14:07 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x0, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:14:07 executing program 4: r0 = syz_clone(0x98080d00, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0) (async, rerun: 32) r1 = perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x40, 0x3f, 0xf0, 0x81, 0x0, 0x0, 0x200, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x540, 0x0, @perf_config_ext={0x0, 0x7ff}, 0x1000, 0x4, 0x7, 0x2, 0x8, 0x6, 0x4, 0x0, 0xffff230a, 0x0, 0x6}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xb) (rerun: 32) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x6, 0x6, 0x7f, 0xfe, 0x0, 0x8fb8, 0x40020, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xd779, 0x1, @perf_config_ext={0x4d, 0x6e}, 0x0, 0x8, 0x10000, 0x5, 0x1ff, 0x6, 0x7f, 0x0, 0x4, 0x0, 0x3f}, r0, 0x0, r1, 0x0) 14:14:07 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x2, 0x0, 0x20, 0x1f, 0x0, 0x4, 0x51811, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffff8, 0x1, @perf_bp, 0x200, 0x1, 0x5, 0x0, 0x5, 0xfffff1bb, 0x5, 0x0, 0x7, 0x0, 0xffffffffffffffff}, r0, 0xa, 0xffffffffffffffff, 0xa) [ 1939.079130][ T6585] FAULT_INJECTION: forcing a failure. [ 1939.079130][ T6585] name failslab, interval 1, probability 0, space 0, times 0 [ 1939.095633][ T6585] CPU: 0 PID: 6585 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1939.105706][ T6585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1939.115597][ T6585] Call Trace: [ 1939.118718][ T6585] [ 1939.121499][ T6585] dump_stack_lvl+0x151/0x1b7 14:14:07 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x2, 0x0, 0x20, 0x1f, 0x0, 0x4, 0x51811, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffff8, 0x1, @perf_bp, 0x200, 0x1, 0x5, 0x0, 0x5, 0xfffff1bb, 0x5, 0x0, 0x7, 0x0, 0xffffffffffffffff}, r0, 0xa, 0xffffffffffffffff, 0xa) 14:14:07 executing program 4: syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x2, 0x0, 0x20, 0x1f, 0x0, 0x4, 0x51811, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffff8, 0x1, @perf_bp, 0x200, 0x1, 0x5, 0x0, 0x5, 0xfffff1bb, 0x5, 0x0, 0x7, 0x0, 0xffffffffffffffff}, r0, 0xa, 0xffffffffffffffff, 0xa) 14:14:07 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000013c0)={0xffffffffffffffff, 0xffff, 0x10}, 0xc) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002700)=@generic={&(0x7f00000026c0)='./file0\x00', 0x0, 0x18}, 0x18) sendmsg$tipc(r1, &(0x7f0000000940)={&(0x7f0000000300)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}, 0x3}}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000340)="7a0d1c87f2444c339327e390042923b6b0d829f6d169d8d05bac6d6c743aa46d42f0337b982bbccfa917c97c2b6015fc4e112c973d5053", 0x37}, {&(0x7f0000000680)="0186283d6882c6a659505f72bac270a1eb273fb4b5b3289cddc290edb8344c6f300e39a792c19b91cd746c2cea083949119bb438703caa245fe0ae4082b06d103a69191c100ff4fd5624e61978e9ee61941bb7708eba9d8463dbdd635c1f30b40dd70fe81dd1ac8b03b1a70b07f8c27a539f34dff4b6b9189e796fd8853866e90f9aeeaefe", 0x85}, {&(0x7f0000002a40)="62b4a680436f570131df603c27ab4dc5ba1a96db9dcad8e1ac35163a2b6efa7ec85132c09d4d26af211df68cd18616d41e724e1e324fadfeaa3ff64fff62d24703d16072a206bdbe6f524d33a9076d5e5471e5513529d290d4c96e98bc09be8b13f96b47929b8625d3373e8816b26fa89e3fd8f66644f1de805cb7bd7c989491b93b112220343c2d5ec06918bd0630777b71b52c5ea598e6ce81d92e0cf2f70ad30772065703faf5d6c071b4f0dfe7b7466ee6401bed312ffa87153f69feb6265117e27c7435f23ef144be53e5d67c48c7d44ab311078185167f419e721fe3c2c8ae03eda171c859b5dd327cff302d0c4e860045caeaa6e96a4205e6021489846502274d1bf69369ef0cc7b67da478b9b4a4b8ddd7a8c2978224d48fac607d2e590f4053af15e0370b6b9354da85998e620580316bba0a5797d6643d97b9659a5599ded7cafe2b9c460989a80b6941e37b6b86f3df467d6218de8e303e2e74bc99ea0ecf246864f4df447dd77f6933466dd635c37a75118e85c5cf402faf5ce6dd462725c6f3b0e564d52257fddb3b14456b90873714f67a505bdb8e4f38134dff6db6025ff2cc7b77d3abfde4bccb2101a4704bd7b3b067614afb152232d01a33de99a20fc504fbac26e82b3bb810e2be8e67350749bbf3c4198126d5ac7dd6992746047581a86cac5634f7519bbcc185599cbb21eee1f968ef85c53e9ac1fb80bab3ea4d0433b8851f7b7622ac39e8651442aafd8907ced30928d7c571a2cedd9bbe30c7c60a57b23995624a49e4e10a37739d73e0caee0e1b53b02686119c3f091088292d355ef7cbb659f451d10413c572631031e83a3735b8873b9616a49721ecca633747ae42791bb5dc8cf32fd72fc5ab99fd491129f67fa8467ae8fc979f96d210a12532ab7c51a0c746837b582c64597574f25b245b2422b9d0233ee5a6dd338df5d365cd9d8f8595bd9668bee4beeb2b3282a045e56b6707a248de1a6dec03e65dd9839fa0d311c891da6e5a0cd500e601a3855863e364c3cf4ac91ecfb1886a44771ab42e313f2c0623f8474e53a4a90e6877ee868440e949a68fc8f75ff4bf1ce3b7b9d9a375a42552086966fbcfd87f342e3f9b5ee574d9d38a004790b6e0f0c7f812915c0eae41ba69a2284ecf37484b20d7f4d807822d0cad900d25150e3c3a80cc409753e053925f233f4edb72d0179fa0fcb2b86d7dd537063b138d5aa49bd846feeb362cb34fcb484ffec37326cecad31608c7165aba4d3f178375c17a34557cbc4a592ddf084a0118d1018d1af9bc0910b9e9592ce0d91537032f58a1103865ad042f8bfbb39eaa6c9abd790b57ec445bcecdb30a7a3052cdb4e354902662e5c2bdead13ae9b5b450306678f7ec5e496fe102c12578b8b581329cf497e6085b7abbe13ffee48f35af57e89d60bfc7758fbd817740542365fe50b396768adf4a998368fdb46aa733394337a770844501b5efc6a7754086e703090a94dd7ae05428c69a9d84bc9119677c98009be38c1194b832ba2b185391e92cc451dfb4f7770beb2aa33eee91062cc94604ef35a26f5105d5eda24e131ad62a9ce0a6889dbe1b72d465a7663a4b49e5111761726ee16fd6b1a7ce822d660780c6897d7d810468795311fb3bc584b3b5f6558b684270cf6c70df3e7c475412a0fa2fc278f088c06aad3a2b31f39f879b146141db476e1e353fc6a29f4bc09636fdf4c1ba9a655f10aa5aa639516018784de09ea15059646a0365b93781544b2340089d2a98da9b0fa84945a0d1e419dba810e6f30a637f9c75b1623dc93613e2e5dd70c58c650415533f0da9130724e97ce61917cfc5b5008a0b46938514203c299581f323e5d4c6b75782e49a92bc04f00c3863d244388c8969e74eda61cbf0e6dc78b597bb43d3e538de235fa1e48ed6d2ba57a27dfb4cd57349ceb78966218962e7a7ef7b13c6aafb40abb87915a6021c14d4c8381d01e7ae38316681dc00c501de5a84003e7e84f261382455b4d7b70ed49e5476dc70fb801da8ccd2aac8c3328f0b348308224dc4729ea087a3ed13ca476219ed3a78d82a0f62372eb315f5b8fc192246595462f2166de89bbf59aa24c38b8db06e27270414f47869e38d39c815f31d0ca3be98e36e043899264cb15a015a34a9948469d5291eb508e8483349201f59b867af28706501e835d0d05cf0355d0ae733d2c85dba3dfbe0bc083e0c0d7cfc9183a0d1c5f4fb47d64586b52181df3c93c6d788ddcf3a991bc459f888f241be4dff19cc884e778389b8b48d479b3f2a2778c54a268c01895df298254c5c9aa13b0064498adef102f1cc9dc8f9e62da8a46bd96e1f3bc692bc83203be096f429f0feb79e6c6aca4bcefe740160e56b6c18b87039af0ab5c90e82792897c2cb155f6106133a6fafaef99cf1ccb368317a8589de10f01385b877b13fcdb953e42135600fdd7f914aae8114c42c572a6bfb921c0bfc307443d4ef1b85e228a14590f529c1392240d9782b1edae3c5305864ec78149dd660b5594a3a207c73d3f2e3f41341bf95061cbe3ca4fca97524688e77eea675ca10b0c17e6ccec51daad0c269f8de2c6f960c9e14580ae9dcad5dd561fc87068bfc755092f9858f534c19bad7a36f20cd7da01eb2f76c69df7cfda43de974ca2fc617ad966c9d91fe0d27a52f3dcb0557cf9f09ae476f7e3e642c5f563c8b708f1d6306222df5334aed0a137d6b2331f003d6594fc0742c74436938617c882186ba442b16bee55179167d26b0eb9da817d36a57ad9c584be2ee654811ab377a5d082638151a2554b45a57ad8e4c33d9519bccffcd1db35ce18e1b1c3e3648bd16b1f7cc8a81d9c60bb2af6b3910a0fe5d69999888c6d293b7c6f6bb6c65254257ca0cac23f4e20d73d065db6d0fc6d91075003cfc384debc4d6ece01d6dec6ccff83e4b715299b4a68e46aee7cc50998b38f84b81d817f289a9378030911fe241630f7581a292d2fed0ca69791f956a7490350f76dfaae090ad81c34e5c0c444aeb33a906fb2bb58affd6b60ced12e53030ae4d7e67c88ec75b170fd8020628bf95cb7fc5b6857b8bba60bee3f70e50648b65394ba9e317b429299eda55f300012a9df11da8b9fc1fb501b6377a49106ffd3ecee3ca4c2cecb940a59f7636c435195dc84a45c1a5a87d8fa04975f5c1584e0b1804b3e31e3be203fb1967ba5315182e8882ee5894f2d6b70b1af6d4b428e0fcc5cafe823aab761ec824a94a50091332a71a01ef6a5682dc561d73785fb10679054814c19675a54beb644b20b7ec952d78ed3c06073ea8f721402d4b6bfd19a6bf5f357ef1df1189d9caf2c8810ecf0ce86706bb3f94ce392caaf2ca41221bdc3b945b8557035635b7e28dbc6bcb2ae9804a965c1eb3839075d6901ba24a67aa704d02a5a0daf28d4ea5b362dcf5e1f22dba4c2de638971e8107b62e75bfcb33dfd8cf9f6228e98fc1bb6afd9a4ddadbf733d1383664cee401414976c07ea2494fe98a1299791d5a3fa0ac4578d787abd53a815c4a3a145e70e26a7b8e93d5220b10b9c40009d5dde6ddd4e585dfbc552d45fae62d0b45f581673c98aa57eb717e49f61accd75c0f1987a3175b6f6d0b1384b050fc50289dceb3c2526223736ae044734dd258bbcbed0254edd568d83e8f1f6e6876f1cd52d93798257153b894fb95a198e89659c5365888ea611df4e5314039fb8aa38e7cc3e96bf026eaa76795af399a72058a89a692cf34210c2fc7ff2f7769f8286831a2c7a967cde1cc66e6b8988220f4a063aee3c2fcea9a89b21bc2e7b74b2e20a1751af54dee14ee2d7306d13fb68f70184e12269970d9cf41b5816ba29e32f35209e050d5712a82ea52d7deb1c9e3e591335e4e8ec0acb14b4f4b143f9c984fd3662cb29175a885d4293d030f24a651233772e8933b235e55e8c196344fba6993c0deeb244a1144f5a1d629129b5735e3cfd75a3d9ad5f4dd8f2702f33a82d8134693d1b38759ad3befddd0dd3db591cd3c44ea86877b803cb4260518f64fe85c1463f716462473f04342038da358f5c96c41f1eb3b8a814117e9ee358bbe4e64e02c2c3d134119bab030c374a700c156a16d34bcf9391d4f82979fa4f0f5e2e0a71a0a2fe52886341013f00ede9d745396eee76054620e445423bf9fc0c8ecc2a3db2e2efa044148125141d9965db8fa6b68e2775bbe20d7947ac111d385c99dc240dc68bc8bb50ad61107c3a5f467aa35979dbca09b140234e933fc654c745b68c379f0d82756229952f0b4198e259d781a8f8f86579bb38f766ae948bcc4d22beda15e5307573e2eb861f85d384a2b4e2adb857125ec3c29720f5f766a3b3725184d1bbb3c1e44c619399c6d57dc18b4f3d9498b0e048376703a1b17511402b0a7c078195d9e8c4d6dea0522cb2ccf39e8497df5027aa1363e293098e94d7630a8da9b4226fb008a0e04bb0de8ce67ec834388ac804d2c3e6180bfc5d09e900a63bf96df6da3fd93f6e471fcacc1cfe2fb08e098be6716547e7c66ffabf04d8a2e1359b30cf70adaf6bca7361a8e221a2cc68f4befea72884c4dcb7c25da7ce3d75908620225b586ce1434175e0f702f9275fe75eb53b5394e7a00eb0d260971defe6a9d6c02fabbcc6b53f105af233e2bc0648a62da72e481093ce33a309bb76e677ea474840fb961b52179b8d413e55287113722490cc0995aff2a508b540c9eff4db0f40f3f130724d8435bfb6f9573a70ec86d886e8fda59d534bc2a434467844ff211e32ec079805ec169754b74983bfb9b78b2874de3a23ac08c5fecad250d938e3af81b775f50c487cecc1d4d8be6747036048b278d023e3de6fc15fbbd36cae15abb3c0a0f3ebd75579ddad5f4e9471160aa5823990edbc1e508d533da124e050baeaa58570b1fbef4745c8f7c1a4ee3354e0ff4c92c4766847e6e4f4669d9d165a99aa24cc0f4cc3e7b7be9189353427f52a84d2672052af93fb68b3ac25a26fc2063c92a5c599e5f61bdf8593e52cdacb1571e7a6c2b1cdec753fe6c5abb68ccaaecc3255aa0999c349b039ae6c23cc54c18897b7289a743559754c2ba439ded2d1f1ec85dfff492fbc1eba95aa0e9c4f6432847048924b7b664320f6380361f8f21c1808f72645a5aa35dd3f60ba68dc472a52b63c81a863ca03916f68e02f3b6e03fafdbff730bb7ad1789ab7fb97b76218e87bec72ec306f1369ba6a2b08f7acaa460296f961afeb008d406c2d9e6dd32ad442a560f89594d82956d03a4b0edf7c50d9f31a7eeb442be7c58085180ace5e88288a4080c6ba50569185c75de35d81df984393034ec6bf193cf165a1f91e8fc220b86c46acf86dea8ae73c0e67ce69e31986fb1ebc922b2941a5a198d1274e246915c058fadeceb0bb2f25fc4b68b4eda22a245ab01e180c5fca6aa523e333810f0d6c5731818735ca348c5627bd2e79eb089e7b6b4842ac9c0302ef1a3676e98c8480d1a9b6d9fe914f70cecbfb110939bf58fd4daf58ff374eee2109174a2cbbc72ad94f51212c5519a802a9c7ed35a4ddc80ef9921f3c0282eb14b00767a99ae0650fe5fc34c17d65b73c8ba8929b35f01222a329b65ddaa6f0f38fd0aa5fd365e2cc15d42178c23f9d3bc149eac2da3ecbf84d4cee6bd90097b57373bdb684860bd06db6167cc10e742499c244439470f73d529b930ecdd8993796a5c662038c11f2c49e829285eb070155c9cf73ae081dd6245a47bc8f0c0d46b3ea080ad0d5954bac1fcfcc4e32065c7386bccee654f507aec3c68055a9527add4ab54", 0x1000}, {&(0x7f0000000880)="27c4195028e99fce0b54ede07ff905bc1541ee013006afe5c8180ac8f859a3da83276d3fbeec24e72d4e556d91caf267a86ed793c6de3be1a4be44dd2b7cbfb7d35628d961eaaedcba8cfd549afc6b560fe230f9acf8878d60cc4326f946e4f41fd687eee3ad03c61bde6b1e3ed799a2984bc04a6da7b7c0206a0ce3d02d3c84b9d98f65abc85de0", 0x88}, {&(0x7f0000000480)="be8a35709ab98664bb160e97ca86972eb9ca0ff5be72fb250ee5dd4b93fc313877eab667bb6b75b4f2ea124cc962b86b2aab030075d379c75f54d78e8e180e440ebc8f90cedb1edd52bc2fea37964d4809e02291ef0a36b0c739", 0x5a}], 0x5, &(0x7f0000000bc0)="c16204ae1fdfb54708fc7f7955cc34a012ad21ed54926e5cbc1ff2a68062d0745c86f1a4d9b452bd142f0ae3f700f9ed9d3de9038a7fc927e4c7cdaade7970cb44fea9fa90c855c64c491fd3d9463d743fc337b32227f7f6565bc39f79d09ba65a4992b84d1f0463d438a89f5e90592f", 0x70, 0x800}, 0x10) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x6, 0x30}, 0xc) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000040)="3523d8da26c4dfdf6b35c321c7a60a42ac7709cb14070f01dfc5371cd39e0c3d24ef079446ae2e0637f872", &(0x7f0000000500)=""/208}, 0x20) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f0000001940)=ANY=[@ANYBLOB="1802000000000000000000147c8d75790d46c8dc57c6cd9c00000000008500000053000000950000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001780)={r5, 0xe0, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f0000001500)=[0x0], &(0x7f0000001540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001580)=[{}], 0x8, 0x10, &(0x7f00000015c0), &(0x7f0000001600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001640)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="180000010000000000000000b2000000181100001b1d766c23cb5994ce1f581fb73ff11f14fd8a47a71e2faf99768068a917f42315021417ec76ad0c1d19ce0d0bfddffca8b21199bdb7bacb390109c16ebf921d4294de0b0523a005152c3cff469ec71618e90cf2eebc8f3960f5dee029bdf3abecf436840e5074df059684caf146eca8fc3d6cf67f9cbc226a", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xd700000, 0x0, 0x0, 0x41000, 0x4b, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x4, 0x7, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000003c0)=[r4], &(0x7f0000000740)=[{0x3, 0x5, 0xc, 0x9}, {0x5, 0x4, 0x4, 0x2}, {0x0, 0x4, 0x1, 0xb}, {0x4, 0x3, 0x9, 0x3}, {0x5, 0x5, 0x3, 0x8}, {0x0, 0x3, 0x9, 0xc}, {0x3, 0x1, 0x9, 0xb}], 0x10, 0x180000}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x90) r8 = syz_open_procfs$namespace(0x0, 0x0) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000ac0)=ANY=[@ANYRES64=r7], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x3, 0x3ff, 0xfffffffd, 0xb7, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x4, &(0x7f0000001700)={r10, 0x0, 0x0}, 0x20) socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@o_path={&(0x7f00000009c0)='./file0\x00', 0x0, 0x4000, r3}, 0x18) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1a, 0x4, 0x3, 0x1f, 0xc, r10, 0x1800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x5}, 0x48) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8914, &(0x7f0000000080)) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x4, 0x1e, &(0x7f0000000e40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @call={0x85, 0x0, 0x0, 0x9c}, @call={0x85, 0x0, 0x0, 0xc2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x3, 0xf1, &(0x7f0000000f40)=""/241, 0x41100, 0x71, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x1, 0x6, 0x3f, 0x2426}, 0x10, 0x0, r9, 0x5, &(0x7f0000000a00)=[r10, r13, r13, r14, r11, r13, r14, r14], &(0x7f0000000a40)=[{0x3, 0x1, 0x0, 0x1}, {0x3, 0x2, 0x1, 0xa}, {0x5, 0x3, 0x7, 0x5}, {0x3, 0x3, 0x4, 0xa}, {0x5, 0x1, 0xa, 0xe}], 0x10, 0x1}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0x6, &(0x7f0000000380)=@raw=[@ldst={0x3, 0x1, 0x1, 0x7, 0xb, 0x4, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r13}}], &(0x7f00000003c0)='syzkaller\x00', 0x2, 0x7e, &(0x7f0000000400)=""/126, 0x41100, 0x26, '\x00', 0x0, 0xa, r12, 0x8, &(0x7f0000000980)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x6, 0x7, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000001180)=[r14, r8, 0xffffffffffffffff, r10, r13], &(0x7f00000011c0)=[{0x3, 0x5, 0x6}, {0x4, 0x2, 0x5, 0x3}, {0x1, 0x1, 0x2, 0x8}, {0x4, 0x4, 0x7, 0xc}, {0x4, 0x5, 0xf, 0x7}, {0x2, 0x1, 0x0, 0x9}], 0x10, 0x8e7}, 0x90) r15 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002980)={0x11, 0x5, &(0x7f0000002740)=@raw=[@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000002780)='syzkaller\x00', 0xffffffff, 0x47, &(0x7f00000027c0)=""/71, 0x41000, 0x41, '\x00', r6, 0x0, r14, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002840)={0x3, 0xb, 0x100, 0x81}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000002900)=[0x1, r15], &(0x7f0000002940)=[{0x5, 0x5, 0xf, 0x2}, {0x5, 0x1, 0x1, 0x6}], 0x10, 0x9c15}, 0x90) sendmsg$tipc(r0, &(0x7f0000002680)={&(0x7f00000012c0)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x2}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000001300)="d2c1a0835e0f94bcb4ecb864afcbf09b24fd1deada679127aa716a02f33630fe6f245cd9d29fe9b482ca85761ef6c1c33c088f0fd93ce021cb592ff3453f8de88067c236308d7c5ce05535f92fea317ed68903bd2271dd4871a9b155b54d4157bd3daf51ed779c4439e8f36dec60eec1db1ec47da74eaadb72bb6cc38c278b14a91ca8ec9984179f6fe2b978ce0257fdf6de78ce274c37", 0x97}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="160ca6c8b2c05a3004bd3b63b35cfb9b4351917dad9019961b7de09e3a182159951594f7e2ed4d6bf4f253e62bfd3c0d981e0524feae9770bfea5423bc8a3f541a0b50df538d459bab7113ac377137d3edf500806e83f9a3", 0x58}, {&(0x7f0000001480)="4efa9a095d789700dfe8cc41c1b41a8f353f7ce6979e2a3c260c2b0c5c0c553a09af9f348090ede23a5c28f64fc16b70be5714adc07a00b87e5b907e3faff054537656051386af38d8e5c82505abe1c3285a64de512374903e23739b6a5593a5cabf7e5177825d8bd4c70f80af5d197000bd7f2dae4920184cb5574c1044c8f4697d972f802ac4d04dca47c65a91310ae8b231ebf5e7b7f84600418ec6e1dd", 0x9f}, {&(0x7f0000001540)="f8fb2ce752f965a4ee5f67cb74a47060a6dc9dd774f9199f00bba1b46cd60061eae1e538dfac6caa7578af34817137ed841249975f22ea6d73f3e9667d1d4fd7171f5508d14617a194644b434fa666ebccdc7db37a1e3a329ed7ad81083272088be6a29f953991e29b9a9d3b3cdf1cccf4de9f2314cbf1ba70ef3ff707c50c4e553f8737dacd5527cb59b45469fe3f382f408d86ad381e281791826f4c369ee9fdf50e4eaa7849a8d726ee6ac7d52a70442a1f701b8a0eb4714ce9e91bbc374f57c82885ba4751dfa7d2abfe11489283232d1c671d8188f2b1e9e74184c4e16bc07263df48903ca98e29ebfaf94bbeeff4b52542ee01d8dcda21033bb3fd6418a6772a82d0385f0937721b423ebde8e3c528e65d652882686211d04413e54d21b55b29de2e3136c8f0ee333ef8a6bef4cfd742d4fabbca30281dc6590ff42da4b01139d4ac093e92590c770105ed000850e522ad05c8259070bcb183aca3afc3ac25f2895942d0fb8dcfdc6abc6ce6cf03272af43012e722fc32b61a1cdb1a35ee4e74b5b80cadde08dce4324bedf0098b63d7a53cffcc04bf3c199fa98cbac977845a98d68d8cab6eb33cf482f96e1020d1e2034f2be6cca27b15900a15cfc479a2a2b771fa72dbf63201047951fbb435ef6653c1e1547deb03de00391bf831b8a3be094a58deb1e800aa53b1431bf51881ec6497c6ebcd27ced9dc4e4dc114f4083bd47bc6e7a001dfcce4fedb57c9f7f79a9f130e5cd2a4a1c8afe8097c67343cab43e93aef91e8116eeab514a3cd4f63a449f67be78e140133fc32622355234f0206a4478611f783aff863f8a65e8fa5f8f0ccf309802020ed5594b3b9f9047ccc74a66b6c14efd78725271c03559f49fd678372e1d1b72e834841bdcdd0b0e95f0aa09dbd5c9aab66378c54c89f4737e5d4d7a27920d1f14261509ac50729e06ba9ec53a160690a7f69450f7887a6f437d4b611bf2b821b344426f501f9f7c270783ce10e82673fb7517026e2c4a319c6b78262b5e3cb362a08c985a051f3bd26412017081fd7a05748ff78532871452a6c426880f6426a6ff789502c19eb26d097dce06fc3f31639a0b279bd063f1479565e8a7b58edebc9e7a1362baf911f7d55e665ed03a44fa0daf77a8ca09550a4c9c5722ca17bd052f3af9680633fb343ecda332476b800fb2c47f151180b4992f0087d246032fabf62f5c8104cd5ba28c8292cfc41f33c622c127c977e21ead9329c29d3cf25c01c9b0a753eb9b1c8282c99b93ad2bfea6c7cee00b29ca8f2bd5ac56acde67a6004752bb9f878b0800c91dd1635d32c49f2484f51a215ed4b8e717111e3121d1a8e2b0cf5d224ad997e9116870d4cfa5e86f1b10cc4052022b7a18a23030ab41d5ad42d8a5bd11218ce7ec32f41bdbfaf6875f6b98f2bb4cb636340ec1cc75bf03f01d4ba42cbaccbdd01f9ce13eea97e5ff1f0f8614ceacd2a1fc2c3ad123e09a643b6823e37a8e2cbea51d165718beef042389ceb609ef8733f363ae2d9078350daf5efab4544535aee21a32314a126240436cb8c98e42c17dab3c5004b4591dd4a7909064620461d0db7f01d263ffedebe3d4d91084470593bd785fea1e2bbeb4b358fe4cbbbcc2ec26c8cbbbce094aad1afae428d1d55121fa780474fd4f2e69ede1256d6ecaaf962a14b7cc56a2959686dd217881ea970d884e79656f31a9e86fb094aa792babf34dcde26d3e9a440b647104b726eaa000104f858c47a7ea6c7af7edd75ef802c573e48809db61a55e628f52aa209f8eca6213d5013ae0211b90fbbc1b80c1f754fb7e24d86d2da5985104c41e9bfe4a09413b8f9950adec385e7f2f1580f5b466601d1451552f65a17699946e1506e994d4d06b430a7b5f6b9c8d8edde1ec43993573f5aba7a5fcb4f5249171d8a6fbf9c56a299657f101dad5462e477bfb5c4f4bb2388f4617e328fc3370f455a9a9d7c9732480b1209e67ff469fd2328c1c540a0c588a3f08396e2c5c230791c6095f335992d368d32875a68301282406042ec52cbf7004fcf1f2e8f2f2a611f7e9a02dfc6acaebf298c4f317e1fed4246729a0581288a925647b10393886c916cec5c5eb0ad4b9306404b2b85c9fc3a96d699bb3ecb17aee6fb95c7611b8568addaf2c20c2ffafebb9081a0216edb22158ac9bd57117d5ca14a600ab2d1ae049a91e6619bf46aa16106667ae371ee823e75b61b2005f4f490cf7492acf7127ac6fdd18a04dbf933adca88a2c56a59f91fed5d7d8ec474e0102bed735704a2aa81287a807407b5aab960a0099514c4e96871b96b6a9043e3de020ea5b6afcf45ead487b76936c7fd08c1e911016eb8272584ef4dfda4d4f9024b1f1cdfc99b1c9b01fc7b839e9027415d8bd2710775cc774fb79758aecf5cb136bd25f4c9f7af583bf6b253163c912c1a993796764ba83c8c51f2fdecebad9de7ca9cc286635d9c82491f03220b457ea17d41e75e4338bf2e59e9196d8edf3dd8f0f96e13e6524db57d1a038d9f0a9585daa71e370830620f7c3d3ed199245723fe53b8aa8d8493ee0eb154ad0598fb28466955596368c4cf6ec5876ede0fe1174d76c555df99824079af74e47f729b577ff27021e792a61e3b190aa291148893f27dcc677351e5c60f9acda17376f1ca3aa9341010c21fd1df5ccefad990043e71ed4b7ed4a889fd847165009a21a764ea00970ebe2b8b51d558fc7e88bd581f2b8258e3bf27c073d1f6012e4c8af0bb14f80abee860552f583bd53e18eff291b0d5ea8e92e58c13a65930bd2de07a5f8b200a6c89ac734cf61a3a4878bbc4bbddd047dbd0e546b823843b08fef4941ddc3399e6ae2523dd230fa8a7138edb60673f72607ba4ceb263f21650fbc0679841200bf05346953a08481103dd6f2ac3150ad27f5786ca64ef42eaed90c2b0a6557c72a5ecd4f72df390d9de405bdfad2bd9f2c1ebcf55202e1f73d201e44f2c42d340c190766f1bfbb87a8c93666e301fe10ef689946d99e0484805a04da4093414eca78a89dbaf8466ac4bfe14c152d4ed7ae214ab5306327a51399b3a966bb9555e3a00121e4018a57659f42bf11bf796f8a98985285cdbda33f6b23587e0c2f0edb1dddf141ef060ba750e5db5dd2f6cfcac686988d0b0cc428be9d24f929b46e9ae77fb56457f10ea74a10ce2880541cfd9b17381fa035f500146817cadcddf3f0002f66a350621290f020140b33abbfd35024a261f58a7ae38ce55ec6733d846e72df2f38549bca1e5adadf724bd35e902a0ab818bec5b5f4d950989c3fbab801d2893131c57ed2fd59b2eaa7a431803d5038956414df7b2e523befd5cee123835faaafeaf09478c01b23fbd3f26b0e62714de2bed36fe46199628ec48d83d191626eca3e9d71e1ae12af871a25decbe7a2c1d77ea61d814b1e3f93c07bc2a47de4bd87bc1ccb9e82f497c51e3e27eab3ed3835297ef8d89f6cc8f82710e67b7df3c30a36376e67cc50a3bc97a5e8e586102c2a623b8be012decff27f086637c0d6e883a682d7ec61c1bed11c080e6c4be5700f8dab7e41085954871cd899d508e043dc4565300ded8be9ea1a83025c2ff27c2693c2b074f769af2bd55ab447ae59658797e5b2ee5c628c1e69d3d1d66d9ccb9069ade7a7acec5270c8245c7a272af14f878a527a4d80859c56794438650036e4c36a192f52eca2f4c86adddfeb2fb27667a50f69fc673ff1f659c6073b3dac95d62a2209887c119d7fe6031a13a6da918333547012389c1ec0152abbd709df051932bc10baba4db9fc61ecf92ab4e234b6b7a3ab6540dc2a667e1aeec32aea1f9a9e13f8cea1499a994b722403bb4439f4d506a191c5d3ac0a2521c5d4173a9c983acbeec1d12ae45fe8e4b36e2eadd722a8a6509ff41ad51fcdd014591b8c28e6de27eb86257b159cb16de21c5d07541117f2e3e05b0876468638146da132c99a03186f6910e467f63991dd69fdf3be05a9ce57d5dd34fcfecc1a7f1e34f1f28294b9eb9ce99775481e326ccded422ff85aac9ef1bdba8b012c414a153e5300efbd8f528ea5a85079246d44388466da35257caa2f82f0be28642aa1200fc2147bf21fe2e6e1b6067523de348a0a5ce4ea71f43064534b93e9434493442e6ef34058f9595962d1284e7add2c9e504b00da8805b97a7d94e55e3de22a59634a46499622d1fda130b1f957a19e4e6ddad5103f16d413f29d1d9cf459d4a5419df30d54c9783b045498299e06b33832d1792a0a2c6a016168350a2ea4dc5620062c7d3029e16ecf97eb50e2624e0916a34845a27caad01dfa9953b49c11cf448230d309e09250a9432f872cf1a61830ab7900f86ad4c00ccd8c0def2f17ed962855f99199e13695dfa3f564f3eb55f6b8a8756a812bbd5bcab38d468a7e523dfccfdb76abb4e84644c7539af15a3a591aa8661fcb7cee789fb2e37b808d36a4bb0a9cf5aa7403ceaec608ecbbc90a95976a0a2ed06c5562f01fda470a4bc155aab682d229912cc6d413b835cd6bbe356de68da2c346e9df0f279192a3322cc5351e7ae3b768962d626d503c0dcd4a0bd9b1eb58f01f393da3270bbf5edccbeaf3a10f32389f5035900cf3901e6d8b7fd3213661c4dbb0d71314ad5449ddbd1747faabe62ae7145f1b64a6f717df813864bcd420eb9f223afa0e696bc13578f3363dd659ab3b4c19b883d4c5e89fcd138e7715d9ab726824555d54a8f2d5cd42cd43b3cce73cb5faf11d64f2928d369b7d5afe9fe229e5517aff71d5795cf6e21faf769d46074128615764eb3896db69820dd7de6a8c0fe0cc9b4d9bbf6efb7d22a4ab8e8f248dd2e095fc7558ea8b2a62c0a45b4d704148cbad82236bca0dfc8829feb41a7d55fce8483e1cb3c839038593113f611b5ed751d540098fd2aa11365da40d0541ec823f885bfed6ebc6939f7a33f78de6eb86db9ad17aed3ddd1c2045a40b3be6f0ef44185ae9e3e8d728dfee22f372ace2abc979504823628bea73137a3fcb1e4e81ff619f7a70d83df8182272b19f9554b94479a289117132db8ebe42f6f2e93062ecf3561afa0fa343d8466ced2dbf3de93745882eaa8dd16b168bcbdf51e686bcbc8eeb5b6c3b18aecbf75dd036f89e2e3ffb4c19cee8ad3cb7ea9b287150f97d3ccbd1d42382639a2a5541e34826253bc1c51c010d07eb5d9a5507c870bb35431043c84f31c79fa6e633ad16635f314b5eee751b9d3680a3806c623e3c741610ecc102860eb1b0b694fd848fefc7c910a0758ec89b05f625d35119bce44961a3aeb5603153ba3bb4c9ac6d6f79e3ca8c3522f3dc8c1d8081ae2c6fee6b91a59a5ce4878d43e7c374762a7484678149f10f2e6f5525b53e81df52c05c949f63b6cf71bf2da3e1a7f9d100c63d76a4fd4db9910432bcad9d730693062a1a35b2c71694b5b0466b7d0c8d7a0743162c26d389f8a2a4e7c5faa6f4d778a57c8de4cdf63ad5969c360db49c4cfd80bb02bda9c159d325391942609977dd78c74b47b982d6f263e9402101f98c1b76b7a38bf37ba63793199c75a9d7f0aeed2e943fddcf968b0490da1b69d4b03eb34ad8df9aa064fcbb150f0a6ceaaa008443195a2268c3d11798d3c1fdfe7efc546811c591005e968bd2f593d0561b8aca8720f03a781560b76f666f8823ab3f7448e43a2e3eec411f904f275e69753afc9407c6ab1231985cc70747e3525287bd6eacda7137df17e34741e44b9e74ee8ef1cd7e32394d3b132d6eb8b414f0822167e376c58c0f7b4ef05e02de47850dcb8f63273cd6059feb1e83313ce", 0x1000}, {&(0x7f0000002540)="40105bc9e51f81f92ee2377ad523175332a171b7afbe4d2969dceeeca8517dafb425f39ae474672f8f9281080c8068cb8af0984bd0b50d443fd67116a831c297d0e1c049c33255013d51c2bafb04c830e6fe80678e6c1b12192bcd04de034dddcac5c7d771347c53592724521f5909f80a9c1958c198bc058f63dbdd654487a378ce1379a2da4ddaff0361089e889a77da5619f025cd232ba1e469fbe35a80ed2f0bc6cb1ff94166dc", 0xa9}], 0x6, 0x0, 0x0, 0x40000}, 0x10) [ 1939.126184][ T6585] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1939.131654][ T6585] dump_stack+0x15/0x17 [ 1939.135643][ T6585] should_fail+0x3c6/0x510 [ 1939.139985][ T6585] __should_failslab+0xa4/0xe0 [ 1939.144587][ T6585] ? anon_vma_clone+0x9a/0x500 [ 1939.149188][ T6585] should_failslab+0x9/0x20 [ 1939.153523][ T6585] slab_pre_alloc_hook+0x37/0xd0 [ 1939.158295][ T6585] ? anon_vma_clone+0x9a/0x500 [ 1939.162901][ T6585] kmem_cache_alloc+0x44/0x200 [ 1939.167498][ T6585] anon_vma_clone+0x9a/0x500 [ 1939.171926][ T6585] anon_vma_fork+0x91/0x4e0 [ 1939.176261][ T6585] ? anon_vma_name+0x43/0x70 [ 1939.180685][ T6585] ? vm_area_dup+0x17a/0x230 [ 1939.185116][ T6585] copy_mm+0xa3a/0x13e0 [ 1939.189116][ T6585] ? copy_signal+0x610/0x610 [ 1939.193532][ T6585] ? __init_rwsem+0xd6/0x1c0 [ 1939.197956][ T6585] ? copy_signal+0x4e3/0x610 [ 1939.202443][ T6585] copy_process+0x1149/0x3290 [ 1939.206906][ T6585] ? proc_fail_nth_write+0x20b/0x290 [ 1939.212019][ T6585] ? fsnotify_perm+0x6a/0x5d0 [ 1939.216533][ T6585] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1939.221495][ T6585] ? vfs_write+0x9ec/0x1110 [ 1939.225822][ T6585] kernel_clone+0x21e/0x9e0 [ 1939.230158][ T6585] ? file_end_write+0x1c0/0x1c0 [ 1939.234842][ T6585] ? create_io_thread+0x1e0/0x1e0 [ 1939.239704][ T6585] ? mutex_unlock+0xb2/0x260 [ 1939.244132][ T6585] ? __mutex_lock_slowpath+0x10/0x10 [ 1939.249253][ T6585] __x64_sys_clone+0x23f/0x290 [ 1939.253865][ T6585] ? __do_sys_vfork+0x130/0x130 [ 1939.258646][ T6585] ? ksys_write+0x260/0x2c0 [ 1939.262980][ T6585] ? debug_smp_processor_id+0x17/0x20 [ 1939.268185][ T6585] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1939.274088][ T6585] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1939.279556][ T6585] do_syscall_64+0x3d/0xb0 [ 1939.283807][ T6585] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1939.289535][ T6585] RIP: 0033:0x7f895df3fda9 [ 1939.293806][ T6585] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1939.313236][ T6585] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1939.321476][ T6585] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:14:07 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000013c0)={0xffffffffffffffff, 0xffff, 0x10}, 0xc) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002700)=@generic={&(0x7f00000026c0)='./file0\x00', 0x0, 0x18}, 0x18) sendmsg$tipc(r1, &(0x7f0000000940)={&(0x7f0000000300)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}, 0x3}}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000340)="7a0d1c87f2444c339327e390042923b6b0d829f6d169d8d05bac6d6c743aa46d42f0337b982bbccfa917c97c2b6015fc4e112c973d5053", 0x37}, {&(0x7f0000000680)="0186283d6882c6a659505f72bac270a1eb273fb4b5b3289cddc290edb8344c6f300e39a792c19b91cd746c2cea083949119bb438703caa245fe0ae4082b06d103a69191c100ff4fd5624e61978e9ee61941bb7708eba9d8463dbdd635c1f30b40dd70fe81dd1ac8b03b1a70b07f8c27a539f34dff4b6b9189e796fd8853866e90f9aeeaefe", 0x85}, {&(0x7f0000002a40)="62b4a680436f570131df603c27ab4dc5ba1a96db9dcad8e1ac35163a2b6efa7ec85132c09d4d26af211df68cd18616d41e724e1e324fadfeaa3ff64fff62d24703d16072a206bdbe6f524d33a9076d5e5471e5513529d290d4c96e98bc09be8b13f96b47929b8625d3373e8816b26fa89e3fd8f66644f1de805cb7bd7c989491b93b112220343c2d5ec06918bd0630777b71b52c5ea598e6ce81d92e0cf2f70ad30772065703faf5d6c071b4f0dfe7b7466ee6401bed312ffa87153f69feb6265117e27c7435f23ef144be53e5d67c48c7d44ab311078185167f419e721fe3c2c8ae03eda171c859b5dd327cff302d0c4e860045caeaa6e96a4205e6021489846502274d1bf69369ef0cc7b67da478b9b4a4b8ddd7a8c2978224d48fac607d2e590f4053af15e0370b6b9354da85998e620580316bba0a5797d6643d97b9659a5599ded7cafe2b9c460989a80b6941e37b6b86f3df467d6218de8e303e2e74bc99ea0ecf246864f4df447dd77f6933466dd635c37a75118e85c5cf402faf5ce6dd462725c6f3b0e564d52257fddb3b14456b90873714f67a505bdb8e4f38134dff6db6025ff2cc7b77d3abfde4bccb2101a4704bd7b3b067614afb152232d01a33de99a20fc504fbac26e82b3bb810e2be8e67350749bbf3c4198126d5ac7dd6992746047581a86cac5634f7519bbcc185599cbb21eee1f968ef85c53e9ac1fb80bab3ea4d0433b8851f7b7622ac39e8651442aafd8907ced30928d7c571a2cedd9bbe30c7c60a57b23995624a49e4e10a37739d73e0caee0e1b53b02686119c3f091088292d355ef7cbb659f451d10413c572631031e83a3735b8873b9616a49721ecca633747ae42791bb5dc8cf32fd72fc5ab99fd491129f67fa8467ae8fc979f96d210a12532ab7c51a0c746837b582c64597574f25b245b2422b9d0233ee5a6dd338df5d365cd9d8f8595bd9668bee4beeb2b3282a045e56b6707a248de1a6dec03e65dd9839fa0d311c891da6e5a0cd500e601a3855863e364c3cf4ac91ecfb1886a44771ab42e313f2c0623f8474e53a4a90e6877ee868440e949a68fc8f75ff4bf1ce3b7b9d9a375a42552086966fbcfd87f342e3f9b5ee574d9d38a004790b6e0f0c7f812915c0eae41ba69a2284ecf37484b20d7f4d807822d0cad900d25150e3c3a80cc409753e053925f233f4edb72d0179fa0fcb2b86d7dd537063b138d5aa49bd846feeb362cb34fcb484ffec37326cecad31608c7165aba4d3f178375c17a34557cbc4a592ddf084a0118d1018d1af9bc0910b9e9592ce0d91537032f58a1103865ad042f8bfbb39eaa6c9abd790b57ec445bcecdb30a7a3052cdb4e354902662e5c2bdead13ae9b5b450306678f7ec5e496fe102c12578b8b581329cf497e6085b7abbe13ffee48f35af57e89d60bfc7758fbd817740542365fe50b396768adf4a998368fdb46aa733394337a770844501b5efc6a7754086e703090a94dd7ae05428c69a9d84bc9119677c98009be38c1194b832ba2b185391e92cc451dfb4f7770beb2aa33eee91062cc94604ef35a26f5105d5eda24e131ad62a9ce0a6889dbe1b72d465a7663a4b49e5111761726ee16fd6b1a7ce822d660780c6897d7d810468795311fb3bc584b3b5f6558b684270cf6c70df3e7c475412a0fa2fc278f088c06aad3a2b31f39f879b146141db476e1e353fc6a29f4bc09636fdf4c1ba9a655f10aa5aa639516018784de09ea15059646a0365b93781544b2340089d2a98da9b0fa84945a0d1e419dba810e6f30a637f9c75b1623dc93613e2e5dd70c58c650415533f0da9130724e97ce61917cfc5b5008a0b46938514203c299581f323e5d4c6b75782e49a92bc04f00c3863d244388c8969e74eda61cbf0e6dc78b597bb43d3e538de235fa1e48ed6d2ba57a27dfb4cd57349ceb78966218962e7a7ef7b13c6aafb40abb87915a6021c14d4c8381d01e7ae38316681dc00c501de5a84003e7e84f261382455b4d7b70ed49e5476dc70fb801da8ccd2aac8c3328f0b348308224dc4729ea087a3ed13ca476219ed3a78d82a0f62372eb315f5b8fc192246595462f2166de89bbf59aa24c38b8db06e27270414f47869e38d39c815f31d0ca3be98e36e043899264cb15a015a34a9948469d5291eb508e8483349201f59b867af28706501e835d0d05cf0355d0ae733d2c85dba3dfbe0bc083e0c0d7cfc9183a0d1c5f4fb47d64586b52181df3c93c6d788ddcf3a991bc459f888f241be4dff19cc884e778389b8b48d479b3f2a2778c54a268c01895df298254c5c9aa13b0064498adef102f1cc9dc8f9e62da8a46bd96e1f3bc692bc83203be096f429f0feb79e6c6aca4bcefe740160e56b6c18b87039af0ab5c90e82792897c2cb155f6106133a6fafaef99cf1ccb368317a8589de10f01385b877b13fcdb953e42135600fdd7f914aae8114c42c572a6bfb921c0bfc307443d4ef1b85e228a14590f529c1392240d9782b1edae3c5305864ec78149dd660b5594a3a207c73d3f2e3f41341bf95061cbe3ca4fca97524688e77eea675ca10b0c17e6ccec51daad0c269f8de2c6f960c9e14580ae9dcad5dd561fc87068bfc755092f9858f534c19bad7a36f20cd7da01eb2f76c69df7cfda43de974ca2fc617ad966c9d91fe0d27a52f3dcb0557cf9f09ae476f7e3e642c5f563c8b708f1d6306222df5334aed0a137d6b2331f003d6594fc0742c74436938617c882186ba442b16bee55179167d26b0eb9da817d36a57ad9c584be2ee654811ab377a5d082638151a2554b45a57ad8e4c33d9519bccffcd1db35ce18e1b1c3e3648bd16b1f7cc8a81d9c60bb2af6b3910a0fe5d69999888c6d293b7c6f6bb6c65254257ca0cac23f4e20d73d065db6d0fc6d91075003cfc384debc4d6ece01d6dec6ccff83e4b715299b4a68e46aee7cc50998b38f84b81d817f289a9378030911fe241630f7581a292d2fed0ca69791f956a7490350f76dfaae090ad81c34e5c0c444aeb33a906fb2bb58affd6b60ced12e53030ae4d7e67c88ec75b170fd8020628bf95cb7fc5b6857b8bba60bee3f70e50648b65394ba9e317b429299eda55f300012a9df11da8b9fc1fb501b6377a49106ffd3ecee3ca4c2cecb940a59f7636c435195dc84a45c1a5a87d8fa04975f5c1584e0b1804b3e31e3be203fb1967ba5315182e8882ee5894f2d6b70b1af6d4b428e0fcc5cafe823aab761ec824a94a50091332a71a01ef6a5682dc561d73785fb10679054814c19675a54beb644b20b7ec952d78ed3c06073ea8f721402d4b6bfd19a6bf5f357ef1df1189d9caf2c8810ecf0ce86706bb3f94ce392caaf2ca41221bdc3b945b8557035635b7e28dbc6bcb2ae9804a965c1eb3839075d6901ba24a67aa704d02a5a0daf28d4ea5b362dcf5e1f22dba4c2de638971e8107b62e75bfcb33dfd8cf9f6228e98fc1bb6afd9a4ddadbf733d1383664cee401414976c07ea2494fe98a1299791d5a3fa0ac4578d787abd53a815c4a3a145e70e26a7b8e93d5220b10b9c40009d5dde6ddd4e585dfbc552d45fae62d0b45f581673c98aa57eb717e49f61accd75c0f1987a3175b6f6d0b1384b050fc50289dceb3c2526223736ae044734dd258bbcbed0254edd568d83e8f1f6e6876f1cd52d93798257153b894fb95a198e89659c5365888ea611df4e5314039fb8aa38e7cc3e96bf026eaa76795af399a72058a89a692cf34210c2fc7ff2f7769f8286831a2c7a967cde1cc66e6b8988220f4a063aee3c2fcea9a89b21bc2e7b74b2e20a1751af54dee14ee2d7306d13fb68f70184e12269970d9cf41b5816ba29e32f35209e050d5712a82ea52d7deb1c9e3e591335e4e8ec0acb14b4f4b143f9c984fd3662cb29175a885d4293d030f24a651233772e8933b235e55e8c196344fba6993c0deeb244a1144f5a1d629129b5735e3cfd75a3d9ad5f4dd8f2702f33a82d8134693d1b38759ad3befddd0dd3db591cd3c44ea86877b803cb4260518f64fe85c1463f716462473f04342038da358f5c96c41f1eb3b8a814117e9ee358bbe4e64e02c2c3d134119bab030c374a700c156a16d34bcf9391d4f82979fa4f0f5e2e0a71a0a2fe52886341013f00ede9d745396eee76054620e445423bf9fc0c8ecc2a3db2e2efa044148125141d9965db8fa6b68e2775bbe20d7947ac111d385c99dc240dc68bc8bb50ad61107c3a5f467aa35979dbca09b140234e933fc654c745b68c379f0d82756229952f0b4198e259d781a8f8f86579bb38f766ae948bcc4d22beda15e5307573e2eb861f85d384a2b4e2adb857125ec3c29720f5f766a3b3725184d1bbb3c1e44c619399c6d57dc18b4f3d9498b0e048376703a1b17511402b0a7c078195d9e8c4d6dea0522cb2ccf39e8497df5027aa1363e293098e94d7630a8da9b4226fb008a0e04bb0de8ce67ec834388ac804d2c3e6180bfc5d09e900a63bf96df6da3fd93f6e471fcacc1cfe2fb08e098be6716547e7c66ffabf04d8a2e1359b30cf70adaf6bca7361a8e221a2cc68f4befea72884c4dcb7c25da7ce3d75908620225b586ce1434175e0f702f9275fe75eb53b5394e7a00eb0d260971defe6a9d6c02fabbcc6b53f105af233e2bc0648a62da72e481093ce33a309bb76e677ea474840fb961b52179b8d413e55287113722490cc0995aff2a508b540c9eff4db0f40f3f130724d8435bfb6f9573a70ec86d886e8fda59d534bc2a434467844ff211e32ec079805ec169754b74983bfb9b78b2874de3a23ac08c5fecad250d938e3af81b775f50c487cecc1d4d8be6747036048b278d023e3de6fc15fbbd36cae15abb3c0a0f3ebd75579ddad5f4e9471160aa5823990edbc1e508d533da124e050baeaa58570b1fbef4745c8f7c1a4ee3354e0ff4c92c4766847e6e4f4669d9d165a99aa24cc0f4cc3e7b7be9189353427f52a84d2672052af93fb68b3ac25a26fc2063c92a5c599e5f61bdf8593e52cdacb1571e7a6c2b1cdec753fe6c5abb68ccaaecc3255aa0999c349b039ae6c23cc54c18897b7289a743559754c2ba439ded2d1f1ec85dfff492fbc1eba95aa0e9c4f6432847048924b7b664320f6380361f8f21c1808f72645a5aa35dd3f60ba68dc472a52b63c81a863ca03916f68e02f3b6e03fafdbff730bb7ad1789ab7fb97b76218e87bec72ec306f1369ba6a2b08f7acaa460296f961afeb008d406c2d9e6dd32ad442a560f89594d82956d03a4b0edf7c50d9f31a7eeb442be7c58085180ace5e88288a4080c6ba50569185c75de35d81df984393034ec6bf193cf165a1f91e8fc220b86c46acf86dea8ae73c0e67ce69e31986fb1ebc922b2941a5a198d1274e246915c058fadeceb0bb2f25fc4b68b4eda22a245ab01e180c5fca6aa523e333810f0d6c5731818735ca348c5627bd2e79eb089e7b6b4842ac9c0302ef1a3676e98c8480d1a9b6d9fe914f70cecbfb110939bf58fd4daf58ff374eee2109174a2cbbc72ad94f51212c5519a802a9c7ed35a4ddc80ef9921f3c0282eb14b00767a99ae0650fe5fc34c17d65b73c8ba8929b35f01222a329b65ddaa6f0f38fd0aa5fd365e2cc15d42178c23f9d3bc149eac2da3ecbf84d4cee6bd90097b57373bdb684860bd06db6167cc10e742499c244439470f73d529b930ecdd8993796a5c662038c11f2c49e829285eb070155c9cf73ae081dd6245a47bc8f0c0d46b3ea080ad0d5954bac1fcfcc4e32065c7386bccee654f507aec3c68055a9527add4ab54", 0x1000}, {&(0x7f0000000880)="27c4195028e99fce0b54ede07ff905bc1541ee013006afe5c8180ac8f859a3da83276d3fbeec24e72d4e556d91caf267a86ed793c6de3be1a4be44dd2b7cbfb7d35628d961eaaedcba8cfd549afc6b560fe230f9acf8878d60cc4326f946e4f41fd687eee3ad03c61bde6b1e3ed799a2984bc04a6da7b7c0206a0ce3d02d3c84b9d98f65abc85de0", 0x88}, {&(0x7f0000000480)="be8a35709ab98664bb160e97ca86972eb9ca0ff5be72fb250ee5dd4b93fc313877eab667bb6b75b4f2ea124cc962b86b2aab030075d379c75f54d78e8e180e440ebc8f90cedb1edd52bc2fea37964d4809e02291ef0a36b0c739", 0x5a}], 0x5, &(0x7f0000000bc0)="c16204ae1fdfb54708fc7f7955cc34a012ad21ed54926e5cbc1ff2a68062d0745c86f1a4d9b452bd142f0ae3f700f9ed9d3de9038a7fc927e4c7cdaade7970cb44fea9fa90c855c64c491fd3d9463d743fc337b32227f7f6565bc39f79d09ba65a4992b84d1f0463d438a89f5e90592f", 0x70, 0x800}, 0x10) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x6, 0x30}, 0xc) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000040)="3523d8da26c4dfdf6b35c321c7a60a42ac7709cb14070f01dfc5371cd39e0c3d24ef079446ae2e0637f872", &(0x7f0000000500)=""/208}, 0x20) (async) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000040)="3523d8da26c4dfdf6b35c321c7a60a42ac7709cb14070f01dfc5371cd39e0c3d24ef079446ae2e0637f872", &(0x7f0000000500)=""/208}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f0000001940)=ANY=[@ANYBLOB="1802000000000000000000147c8d75790d46c8dc57c6cd9c00000000008500000053000000950000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) (async) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f0000001940)=ANY=[@ANYBLOB="1802000000000000000000147c8d75790d46c8dc57c6cd9c00000000008500000053000000950000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001780)={r5, 0xe0, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f0000001500)=[0x0], &(0x7f0000001540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001580)=[{}], 0x8, 0x10, &(0x7f00000015c0), &(0x7f0000001600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001640)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="180000010000000000000000b2000000181100001b1d766c23cb5994ce1f581fb73ff11f14fd8a47a71e2faf99768068a917f42315021417ec76ad0c1d19ce0d0bfddffca8b21199bdb7bacb390109c16ebf921d4294de0b0523a005152c3cff469ec71618e90cf2eebc8f3960f5dee029bdf3abecf436840e5074df059684caf146eca8fc3d6cf67f9cbc226a", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xd700000, 0x0, 0x0, 0x41000, 0x4b, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x4, 0x7, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000003c0)=[r4], &(0x7f0000000740)=[{0x3, 0x5, 0xc, 0x9}, {0x5, 0x4, 0x4, 0x2}, {0x0, 0x4, 0x1, 0xb}, {0x4, 0x3, 0x9, 0x3}, {0x5, 0x5, 0x3, 0x8}, {0x0, 0x3, 0x9, 0xc}, {0x3, 0x1, 0x9, 0xb}], 0x10, 0x180000}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x90) syz_open_procfs$namespace(0x0, 0x0) (async) r8 = syz_open_procfs$namespace(0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000ac0)=ANY=[@ANYRES64=r7], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) (async) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000ac0)=ANY=[@ANYRES64=r7], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x3, 0x3ff, 0xfffffffd, 0xb7, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) (async) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x3, 0x3ff, 0xfffffffd, 0xb7, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x4, &(0x7f0000001700)={r10, 0x0, 0x0}, 0x20) socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)) (async) socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@o_path={&(0x7f00000009c0)='./file0\x00', 0x0, 0x4000, r3}, 0x18) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1a, 0x4, 0x3, 0x1f, 0xc, r10, 0x1800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x5}, 0x48) (async) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1a, 0x4, 0x3, 0x1f, 0xc, r10, 0x1800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x5}, 0x48) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8914, &(0x7f0000000080)) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x4, 0x1e, &(0x7f0000000e40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @call={0x85, 0x0, 0x0, 0x9c}, @call={0x85, 0x0, 0x0, 0xc2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x3, 0xf1, &(0x7f0000000f40)=""/241, 0x41100, 0x71, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x1, 0x6, 0x3f, 0x2426}, 0x10, 0x0, r9, 0x5, &(0x7f0000000a00)=[r10, r13, r13, r14, r11, r13, r14, r14], &(0x7f0000000a40)=[{0x3, 0x1, 0x0, 0x1}, {0x3, 0x2, 0x1, 0xa}, {0x5, 0x3, 0x7, 0x5}, {0x3, 0x3, 0x4, 0xa}, {0x5, 0x1, 0xa, 0xe}], 0x10, 0x1}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0x6, &(0x7f0000000380)=@raw=[@ldst={0x3, 0x1, 0x1, 0x7, 0xb, 0x4, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r13}}], &(0x7f00000003c0)='syzkaller\x00', 0x2, 0x7e, &(0x7f0000000400)=""/126, 0x41100, 0x26, '\x00', 0x0, 0xa, r12, 0x8, &(0x7f0000000980)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x6, 0x7, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000001180)=[r14, r8, 0xffffffffffffffff, r10, r13], &(0x7f00000011c0)=[{0x3, 0x5, 0x6}, {0x4, 0x2, 0x5, 0x3}, {0x1, 0x1, 0x2, 0x8}, {0x4, 0x4, 0x7, 0xc}, {0x4, 0x5, 0xf, 0x7}, {0x2, 0x1, 0x0, 0x9}], 0x10, 0x8e7}, 0x90) r15 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002980)={0x11, 0x5, &(0x7f0000002740)=@raw=[@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000002780)='syzkaller\x00', 0xffffffff, 0x47, &(0x7f00000027c0)=""/71, 0x41000, 0x41, '\x00', r6, 0x0, r14, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002840)={0x3, 0xb, 0x100, 0x81}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000002900)=[0x1, r15], &(0x7f0000002940)=[{0x5, 0x5, 0xf, 0x2}, {0x5, 0x1, 0x1, 0x6}], 0x10, 0x9c15}, 0x90) sendmsg$tipc(r0, &(0x7f0000002680)={&(0x7f00000012c0)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x2}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000001300)="d2c1a0835e0f94bcb4ecb864afcbf09b24fd1deada679127aa716a02f33630fe6f245cd9d29fe9b482ca85761ef6c1c33c088f0fd93ce021cb592ff3453f8de88067c236308d7c5ce05535f92fea317ed68903bd2271dd4871a9b155b54d4157bd3daf51ed779c4439e8f36dec60eec1db1ec47da74eaadb72bb6cc38c278b14a91ca8ec9984179f6fe2b978ce0257fdf6de78ce274c37", 0x97}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="160ca6c8b2c05a3004bd3b63b35cfb9b4351917dad9019961b7de09e3a182159951594f7e2ed4d6bf4f253e62bfd3c0d981e0524feae9770bfea5423bc8a3f541a0b50df538d459bab7113ac377137d3edf500806e83f9a3", 0x58}, {&(0x7f0000001480)="4efa9a095d789700dfe8cc41c1b41a8f353f7ce6979e2a3c260c2b0c5c0c553a09af9f348090ede23a5c28f64fc16b70be5714adc07a00b87e5b907e3faff054537656051386af38d8e5c82505abe1c3285a64de512374903e23739b6a5593a5cabf7e5177825d8bd4c70f80af5d197000bd7f2dae4920184cb5574c1044c8f4697d972f802ac4d04dca47c65a91310ae8b231ebf5e7b7f84600418ec6e1dd", 0x9f}, {&(0x7f0000001540)="f8fb2ce752f965a4ee5f67cb74a47060a6dc9dd774f9199f00bba1b46cd60061eae1e538dfac6caa7578af34817137ed841249975f22ea6d73f3e9667d1d4fd7171f5508d14617a194644b434fa666ebccdc7db37a1e3a329ed7ad81083272088be6a29f953991e29b9a9d3b3cdf1cccf4de9f2314cbf1ba70ef3ff707c50c4e553f8737dacd5527cb59b45469fe3f382f408d86ad381e281791826f4c369ee9fdf50e4eaa7849a8d726ee6ac7d52a70442a1f701b8a0eb4714ce9e91bbc374f57c82885ba4751dfa7d2abfe11489283232d1c671d8188f2b1e9e74184c4e16bc07263df48903ca98e29ebfaf94bbeeff4b52542ee01d8dcda21033bb3fd6418a6772a82d0385f0937721b423ebde8e3c528e65d652882686211d04413e54d21b55b29de2e3136c8f0ee333ef8a6bef4cfd742d4fabbca30281dc6590ff42da4b01139d4ac093e92590c770105ed000850e522ad05c8259070bcb183aca3afc3ac25f2895942d0fb8dcfdc6abc6ce6cf03272af43012e722fc32b61a1cdb1a35ee4e74b5b80cadde08dce4324bedf0098b63d7a53cffcc04bf3c199fa98cbac977845a98d68d8cab6eb33cf482f96e1020d1e2034f2be6cca27b15900a15cfc479a2a2b771fa72dbf63201047951fbb435ef6653c1e1547deb03de00391bf831b8a3be094a58deb1e800aa53b1431bf51881ec6497c6ebcd27ced9dc4e4dc114f4083bd47bc6e7a001dfcce4fedb57c9f7f79a9f130e5cd2a4a1c8afe8097c67343cab43e93aef91e8116eeab514a3cd4f63a449f67be78e140133fc32622355234f0206a4478611f783aff863f8a65e8fa5f8f0ccf309802020ed5594b3b9f9047ccc74a66b6c14efd78725271c03559f49fd678372e1d1b72e834841bdcdd0b0e95f0aa09dbd5c9aab66378c54c89f4737e5d4d7a27920d1f14261509ac50729e06ba9ec53a160690a7f69450f7887a6f437d4b611bf2b821b344426f501f9f7c270783ce10e82673fb7517026e2c4a319c6b78262b5e3cb362a08c985a051f3bd26412017081fd7a05748ff78532871452a6c426880f6426a6ff789502c19eb26d097dce06fc3f31639a0b279bd063f1479565e8a7b58edebc9e7a1362baf911f7d55e665ed03a44fa0daf77a8ca09550a4c9c5722ca17bd052f3af9680633fb343ecda332476b800fb2c47f151180b4992f0087d246032fabf62f5c8104cd5ba28c8292cfc41f33c622c127c977e21ead9329c29d3cf25c01c9b0a753eb9b1c8282c99b93ad2bfea6c7cee00b29ca8f2bd5ac56acde67a6004752bb9f878b0800c91dd1635d32c49f2484f51a215ed4b8e717111e3121d1a8e2b0cf5d224ad997e9116870d4cfa5e86f1b10cc4052022b7a18a23030ab41d5ad42d8a5bd11218ce7ec32f41bdbfaf6875f6b98f2bb4cb636340ec1cc75bf03f01d4ba42cbaccbdd01f9ce13eea97e5ff1f0f8614ceacd2a1fc2c3ad123e09a643b6823e37a8e2cbea51d165718beef042389ceb609ef8733f363ae2d9078350daf5efab4544535aee21a32314a126240436cb8c98e42c17dab3c5004b4591dd4a7909064620461d0db7f01d263ffedebe3d4d91084470593bd785fea1e2bbeb4b358fe4cbbbcc2ec26c8cbbbce094aad1afae428d1d55121fa780474fd4f2e69ede1256d6ecaaf962a14b7cc56a2959686dd217881ea970d884e79656f31a9e86fb094aa792babf34dcde26d3e9a440b647104b726eaa000104f858c47a7ea6c7af7edd75ef802c573e48809db61a55e628f52aa209f8eca6213d5013ae0211b90fbbc1b80c1f754fb7e24d86d2da5985104c41e9bfe4a09413b8f9950adec385e7f2f1580f5b466601d1451552f65a17699946e1506e994d4d06b430a7b5f6b9c8d8edde1ec43993573f5aba7a5fcb4f5249171d8a6fbf9c56a299657f101dad5462e477bfb5c4f4bb2388f4617e328fc3370f455a9a9d7c9732480b1209e67ff469fd2328c1c540a0c588a3f08396e2c5c230791c6095f335992d368d32875a68301282406042ec52cbf7004fcf1f2e8f2f2a611f7e9a02dfc6acaebf298c4f317e1fed4246729a0581288a925647b10393886c916cec5c5eb0ad4b9306404b2b85c9fc3a96d699bb3ecb17aee6fb95c7611b8568addaf2c20c2ffafebb9081a0216edb22158ac9bd57117d5ca14a600ab2d1ae049a91e6619bf46aa16106667ae371ee823e75b61b2005f4f490cf7492acf7127ac6fdd18a04dbf933adca88a2c56a59f91fed5d7d8ec474e0102bed735704a2aa81287a807407b5aab960a0099514c4e96871b96b6a9043e3de020ea5b6afcf45ead487b76936c7fd08c1e911016eb8272584ef4dfda4d4f9024b1f1cdfc99b1c9b01fc7b839e9027415d8bd2710775cc774fb79758aecf5cb136bd25f4c9f7af583bf6b253163c912c1a993796764ba83c8c51f2fdecebad9de7ca9cc286635d9c82491f03220b457ea17d41e75e4338bf2e59e9196d8edf3dd8f0f96e13e6524db57d1a038d9f0a9585daa71e370830620f7c3d3ed199245723fe53b8aa8d8493ee0eb154ad0598fb28466955596368c4cf6ec5876ede0fe1174d76c555df99824079af74e47f729b577ff27021e792a61e3b190aa291148893f27dcc677351e5c60f9acda17376f1ca3aa9341010c21fd1df5ccefad990043e71ed4b7ed4a889fd847165009a21a764ea00970ebe2b8b51d558fc7e88bd581f2b8258e3bf27c073d1f6012e4c8af0bb14f80abee860552f583bd53e18eff291b0d5ea8e92e58c13a65930bd2de07a5f8b200a6c89ac734cf61a3a4878bbc4bbddd047dbd0e546b823843b08fef4941ddc3399e6ae2523dd230fa8a7138edb60673f72607ba4ceb263f21650fbc0679841200bf05346953a08481103dd6f2ac3150ad27f5786ca64ef42eaed90c2b0a6557c72a5ecd4f72df390d9de405bdfad2bd9f2c1ebcf55202e1f73d201e44f2c42d340c190766f1bfbb87a8c93666e301fe10ef689946d99e0484805a04da4093414eca78a89dbaf8466ac4bfe14c152d4ed7ae214ab5306327a51399b3a966bb9555e3a00121e4018a57659f42bf11bf796f8a98985285cdbda33f6b23587e0c2f0edb1dddf141ef060ba750e5db5dd2f6cfcac686988d0b0cc428be9d24f929b46e9ae77fb56457f10ea74a10ce2880541cfd9b17381fa035f500146817cadcddf3f0002f66a350621290f020140b33abbfd35024a261f58a7ae38ce55ec6733d846e72df2f38549bca1e5adadf724bd35e902a0ab818bec5b5f4d950989c3fbab801d2893131c57ed2fd59b2eaa7a431803d5038956414df7b2e523befd5cee123835faaafeaf09478c01b23fbd3f26b0e62714de2bed36fe46199628ec48d83d191626eca3e9d71e1ae12af871a25decbe7a2c1d77ea61d814b1e3f93c07bc2a47de4bd87bc1ccb9e82f497c51e3e27eab3ed3835297ef8d89f6cc8f82710e67b7df3c30a36376e67cc50a3bc97a5e8e586102c2a623b8be012decff27f086637c0d6e883a682d7ec61c1bed11c080e6c4be5700f8dab7e41085954871cd899d508e043dc4565300ded8be9ea1a83025c2ff27c2693c2b074f769af2bd55ab447ae59658797e5b2ee5c628c1e69d3d1d66d9ccb9069ade7a7acec5270c8245c7a272af14f878a527a4d80859c56794438650036e4c36a192f52eca2f4c86adddfeb2fb27667a50f69fc673ff1f659c6073b3dac95d62a2209887c119d7fe6031a13a6da918333547012389c1ec0152abbd709df051932bc10baba4db9fc61ecf92ab4e234b6b7a3ab6540dc2a667e1aeec32aea1f9a9e13f8cea1499a994b722403bb4439f4d506a191c5d3ac0a2521c5d4173a9c983acbeec1d12ae45fe8e4b36e2eadd722a8a6509ff41ad51fcdd014591b8c28e6de27eb86257b159cb16de21c5d07541117f2e3e05b0876468638146da132c99a03186f6910e467f63991dd69fdf3be05a9ce57d5dd34fcfecc1a7f1e34f1f28294b9eb9ce99775481e326ccded422ff85aac9ef1bdba8b012c414a153e5300efbd8f528ea5a85079246d44388466da35257caa2f82f0be28642aa1200fc2147bf21fe2e6e1b6067523de348a0a5ce4ea71f43064534b93e9434493442e6ef34058f9595962d1284e7add2c9e504b00da8805b97a7d94e55e3de22a59634a46499622d1fda130b1f957a19e4e6ddad5103f16d413f29d1d9cf459d4a5419df30d54c9783b045498299e06b33832d1792a0a2c6a016168350a2ea4dc5620062c7d3029e16ecf97eb50e2624e0916a34845a27caad01dfa9953b49c11cf448230d309e09250a9432f872cf1a61830ab7900f86ad4c00ccd8c0def2f17ed962855f99199e13695dfa3f564f3eb55f6b8a8756a812bbd5bcab38d468a7e523dfccfdb76abb4e84644c7539af15a3a591aa8661fcb7cee789fb2e37b808d36a4bb0a9cf5aa7403ceaec608ecbbc90a95976a0a2ed06c5562f01fda470a4bc155aab682d229912cc6d413b835cd6bbe356de68da2c346e9df0f279192a3322cc5351e7ae3b768962d626d503c0dcd4a0bd9b1eb58f01f393da3270bbf5edccbeaf3a10f32389f5035900cf3901e6d8b7fd3213661c4dbb0d71314ad5449ddbd1747faabe62ae7145f1b64a6f717df813864bcd420eb9f223afa0e696bc13578f3363dd659ab3b4c19b883d4c5e89fcd138e7715d9ab726824555d54a8f2d5cd42cd43b3cce73cb5faf11d64f2928d369b7d5afe9fe229e5517aff71d5795cf6e21faf769d46074128615764eb3896db69820dd7de6a8c0fe0cc9b4d9bbf6efb7d22a4ab8e8f248dd2e095fc7558ea8b2a62c0a45b4d704148cbad82236bca0dfc8829feb41a7d55fce8483e1cb3c839038593113f611b5ed751d540098fd2aa11365da40d0541ec823f885bfed6ebc6939f7a33f78de6eb86db9ad17aed3ddd1c2045a40b3be6f0ef44185ae9e3e8d728dfee22f372ace2abc979504823628bea73137a3fcb1e4e81ff619f7a70d83df8182272b19f9554b94479a289117132db8ebe42f6f2e93062ecf3561afa0fa343d8466ced2dbf3de93745882eaa8dd16b168bcbdf51e686bcbc8eeb5b6c3b18aecbf75dd036f89e2e3ffb4c19cee8ad3cb7ea9b287150f97d3ccbd1d42382639a2a5541e34826253bc1c51c010d07eb5d9a5507c870bb35431043c84f31c79fa6e633ad16635f314b5eee751b9d3680a3806c623e3c741610ecc102860eb1b0b694fd848fefc7c910a0758ec89b05f625d35119bce44961a3aeb5603153ba3bb4c9ac6d6f79e3ca8c3522f3dc8c1d8081ae2c6fee6b91a59a5ce4878d43e7c374762a7484678149f10f2e6f5525b53e81df52c05c949f63b6cf71bf2da3e1a7f9d100c63d76a4fd4db9910432bcad9d730693062a1a35b2c71694b5b0466b7d0c8d7a0743162c26d389f8a2a4e7c5faa6f4d778a57c8de4cdf63ad5969c360db49c4cfd80bb02bda9c159d325391942609977dd78c74b47b982d6f263e9402101f98c1b76b7a38bf37ba63793199c75a9d7f0aeed2e943fddcf968b0490da1b69d4b03eb34ad8df9aa064fcbb150f0a6ceaaa008443195a2268c3d11798d3c1fdfe7efc546811c591005e968bd2f593d0561b8aca8720f03a781560b76f666f8823ab3f7448e43a2e3eec411f904f275e69753afc9407c6ab1231985cc70747e3525287bd6eacda7137df17e34741e44b9e74ee8ef1cd7e32394d3b132d6eb8b414f0822167e376c58c0f7b4ef05e02de47850dcb8f63273cd6059feb1e83313ce", 0x1000}, {&(0x7f0000002540)="40105bc9e51f81f92ee2377ad523175332a171b7afbe4d2969dceeeca8517dafb425f39ae474672f8f9281080c8068cb8af0984bd0b50d443fd67116a831c297d0e1c049c33255013d51c2bafb04c830e6fe80678e6c1b12192bcd04de034dddcac5c7d771347c53592724521f5909f80a9c1958c198bc058f63dbdd654487a378ce1379a2da4ddaff0361089e889a77da5619f025cd232ba1e469fbe35a80ed2f0bc6cb1ff94166dc", 0xa9}], 0x6, 0x0, 0x0, 0x40000}, 0x10) 14:14:07 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x1800000000000000) 14:14:07 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) [ 1939.329286][ T6585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1939.337095][ T6585] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1939.344996][ T6585] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1939.352809][ T6585] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1939.360625][ T6585] 14:14:07 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000013c0)={0xffffffffffffffff, 0xffff, 0x10}, 0xc) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002700)=@generic={&(0x7f00000026c0)='./file0\x00', 0x0, 0x18}, 0x18) sendmsg$tipc(r1, &(0x7f0000000940)={&(0x7f0000000300)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}, 0x3}}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000340)="7a0d1c87f2444c339327e390042923b6b0d829f6d169d8d05bac6d6c743aa46d42f0337b982bbccfa917c97c2b6015fc4e112c973d5053", 0x37}, {&(0x7f0000000680)="0186283d6882c6a659505f72bac270a1eb273fb4b5b3289cddc290edb8344c6f300e39a792c19b91cd746c2cea083949119bb438703caa245fe0ae4082b06d103a69191c100ff4fd5624e61978e9ee61941bb7708eba9d8463dbdd635c1f30b40dd70fe81dd1ac8b03b1a70b07f8c27a539f34dff4b6b9189e796fd8853866e90f9aeeaefe", 0x85}, {&(0x7f0000002a40)="62b4a680436f570131df603c27ab4dc5ba1a96db9dcad8e1ac35163a2b6efa7ec85132c09d4d26af211df68cd18616d41e724e1e324fadfeaa3ff64fff62d24703d16072a206bdbe6f524d33a9076d5e5471e5513529d290d4c96e98bc09be8b13f96b47929b8625d3373e8816b26fa89e3fd8f66644f1de805cb7bd7c989491b93b112220343c2d5ec06918bd0630777b71b52c5ea598e6ce81d92e0cf2f70ad30772065703faf5d6c071b4f0dfe7b7466ee6401bed312ffa87153f69feb6265117e27c7435f23ef144be53e5d67c48c7d44ab311078185167f419e721fe3c2c8ae03eda171c859b5dd327cff302d0c4e860045caeaa6e96a4205e6021489846502274d1bf69369ef0cc7b67da478b9b4a4b8ddd7a8c2978224d48fac607d2e590f4053af15e0370b6b9354da85998e620580316bba0a5797d6643d97b9659a5599ded7cafe2b9c460989a80b6941e37b6b86f3df467d6218de8e303e2e74bc99ea0ecf246864f4df447dd77f6933466dd635c37a75118e85c5cf402faf5ce6dd462725c6f3b0e564d52257fddb3b14456b90873714f67a505bdb8e4f38134dff6db6025ff2cc7b77d3abfde4bccb2101a4704bd7b3b067614afb152232d01a33de99a20fc504fbac26e82b3bb810e2be8e67350749bbf3c4198126d5ac7dd6992746047581a86cac5634f7519bbcc185599cbb21eee1f968ef85c53e9ac1fb80bab3ea4d0433b8851f7b7622ac39e8651442aafd8907ced30928d7c571a2cedd9bbe30c7c60a57b23995624a49e4e10a37739d73e0caee0e1b53b02686119c3f091088292d355ef7cbb659f451d10413c572631031e83a3735b8873b9616a49721ecca633747ae42791bb5dc8cf32fd72fc5ab99fd491129f67fa8467ae8fc979f96d210a12532ab7c51a0c746837b582c64597574f25b245b2422b9d0233ee5a6dd338df5d365cd9d8f8595bd9668bee4beeb2b3282a045e56b6707a248de1a6dec03e65dd9839fa0d311c891da6e5a0cd500e601a3855863e364c3cf4ac91ecfb1886a44771ab42e313f2c0623f8474e53a4a90e6877ee868440e949a68fc8f75ff4bf1ce3b7b9d9a375a42552086966fbcfd87f342e3f9b5ee574d9d38a004790b6e0f0c7f812915c0eae41ba69a2284ecf37484b20d7f4d807822d0cad900d25150e3c3a80cc409753e053925f233f4edb72d0179fa0fcb2b86d7dd537063b138d5aa49bd846feeb362cb34fcb484ffec37326cecad31608c7165aba4d3f178375c17a34557cbc4a592ddf084a0118d1018d1af9bc0910b9e9592ce0d91537032f58a1103865ad042f8bfbb39eaa6c9abd790b57ec445bcecdb30a7a3052cdb4e354902662e5c2bdead13ae9b5b450306678f7ec5e496fe102c12578b8b581329cf497e6085b7abbe13ffee48f35af57e89d60bfc7758fbd817740542365fe50b396768adf4a998368fdb46aa733394337a770844501b5efc6a7754086e703090a94dd7ae05428c69a9d84bc9119677c98009be38c1194b832ba2b185391e92cc451dfb4f7770beb2aa33eee91062cc94604ef35a26f5105d5eda24e131ad62a9ce0a6889dbe1b72d465a7663a4b49e5111761726ee16fd6b1a7ce822d660780c6897d7d810468795311fb3bc584b3b5f6558b684270cf6c70df3e7c475412a0fa2fc278f088c06aad3a2b31f39f879b146141db476e1e353fc6a29f4bc09636fdf4c1ba9a655f10aa5aa639516018784de09ea15059646a0365b93781544b2340089d2a98da9b0fa84945a0d1e419dba810e6f30a637f9c75b1623dc93613e2e5dd70c58c650415533f0da9130724e97ce61917cfc5b5008a0b46938514203c299581f323e5d4c6b75782e49a92bc04f00c3863d244388c8969e74eda61cbf0e6dc78b597bb43d3e538de235fa1e48ed6d2ba57a27dfb4cd57349ceb78966218962e7a7ef7b13c6aafb40abb87915a6021c14d4c8381d01e7ae38316681dc00c501de5a84003e7e84f261382455b4d7b70ed49e5476dc70fb801da8ccd2aac8c3328f0b348308224dc4729ea087a3ed13ca476219ed3a78d82a0f62372eb315f5b8fc192246595462f2166de89bbf59aa24c38b8db06e27270414f47869e38d39c815f31d0ca3be98e36e043899264cb15a015a34a9948469d5291eb508e8483349201f59b867af28706501e835d0d05cf0355d0ae733d2c85dba3dfbe0bc083e0c0d7cfc9183a0d1c5f4fb47d64586b52181df3c93c6d788ddcf3a991bc459f888f241be4dff19cc884e778389b8b48d479b3f2a2778c54a268c01895df298254c5c9aa13b0064498adef102f1cc9dc8f9e62da8a46bd96e1f3bc692bc83203be096f429f0feb79e6c6aca4bcefe740160e56b6c18b87039af0ab5c90e82792897c2cb155f6106133a6fafaef99cf1ccb368317a8589de10f01385b877b13fcdb953e42135600fdd7f914aae8114c42c572a6bfb921c0bfc307443d4ef1b85e228a14590f529c1392240d9782b1edae3c5305864ec78149dd660b5594a3a207c73d3f2e3f41341bf95061cbe3ca4fca97524688e77eea675ca10b0c17e6ccec51daad0c269f8de2c6f960c9e14580ae9dcad5dd561fc87068bfc755092f9858f534c19bad7a36f20cd7da01eb2f76c69df7cfda43de974ca2fc617ad966c9d91fe0d27a52f3dcb0557cf9f09ae476f7e3e642c5f563c8b708f1d6306222df5334aed0a137d6b2331f003d6594fc0742c74436938617c882186ba442b16bee55179167d26b0eb9da817d36a57ad9c584be2ee654811ab377a5d082638151a2554b45a57ad8e4c33d9519bccffcd1db35ce18e1b1c3e3648bd16b1f7cc8a81d9c60bb2af6b3910a0fe5d69999888c6d293b7c6f6bb6c65254257ca0cac23f4e20d73d065db6d0fc6d91075003cfc384debc4d6ece01d6dec6ccff83e4b715299b4a68e46aee7cc50998b38f84b81d817f289a9378030911fe241630f7581a292d2fed0ca69791f956a7490350f76dfaae090ad81c34e5c0c444aeb33a906fb2bb58affd6b60ced12e53030ae4d7e67c88ec75b170fd8020628bf95cb7fc5b6857b8bba60bee3f70e50648b65394ba9e317b429299eda55f300012a9df11da8b9fc1fb501b6377a49106ffd3ecee3ca4c2cecb940a59f7636c435195dc84a45c1a5a87d8fa04975f5c1584e0b1804b3e31e3be203fb1967ba5315182e8882ee5894f2d6b70b1af6d4b428e0fcc5cafe823aab761ec824a94a50091332a71a01ef6a5682dc561d73785fb10679054814c19675a54beb644b20b7ec952d78ed3c06073ea8f721402d4b6bfd19a6bf5f357ef1df1189d9caf2c8810ecf0ce86706bb3f94ce392caaf2ca41221bdc3b945b8557035635b7e28dbc6bcb2ae9804a965c1eb3839075d6901ba24a67aa704d02a5a0daf28d4ea5b362dcf5e1f22dba4c2de638971e8107b62e75bfcb33dfd8cf9f6228e98fc1bb6afd9a4ddadbf733d1383664cee401414976c07ea2494fe98a1299791d5a3fa0ac4578d787abd53a815c4a3a145e70e26a7b8e93d5220b10b9c40009d5dde6ddd4e585dfbc552d45fae62d0b45f581673c98aa57eb717e49f61accd75c0f1987a3175b6f6d0b1384b050fc50289dceb3c2526223736ae044734dd258bbcbed0254edd568d83e8f1f6e6876f1cd52d93798257153b894fb95a198e89659c5365888ea611df4e5314039fb8aa38e7cc3e96bf026eaa76795af399a72058a89a692cf34210c2fc7ff2f7769f8286831a2c7a967cde1cc66e6b8988220f4a063aee3c2fcea9a89b21bc2e7b74b2e20a1751af54dee14ee2d7306d13fb68f70184e12269970d9cf41b5816ba29e32f35209e050d5712a82ea52d7deb1c9e3e591335e4e8ec0acb14b4f4b143f9c984fd3662cb29175a885d4293d030f24a651233772e8933b235e55e8c196344fba6993c0deeb244a1144f5a1d629129b5735e3cfd75a3d9ad5f4dd8f2702f33a82d8134693d1b38759ad3befddd0dd3db591cd3c44ea86877b803cb4260518f64fe85c1463f716462473f04342038da358f5c96c41f1eb3b8a814117e9ee358bbe4e64e02c2c3d134119bab030c374a700c156a16d34bcf9391d4f82979fa4f0f5e2e0a71a0a2fe52886341013f00ede9d745396eee76054620e445423bf9fc0c8ecc2a3db2e2efa044148125141d9965db8fa6b68e2775bbe20d7947ac111d385c99dc240dc68bc8bb50ad61107c3a5f467aa35979dbca09b140234e933fc654c745b68c379f0d82756229952f0b4198e259d781a8f8f86579bb38f766ae948bcc4d22beda15e5307573e2eb861f85d384a2b4e2adb857125ec3c29720f5f766a3b3725184d1bbb3c1e44c619399c6d57dc18b4f3d9498b0e048376703a1b17511402b0a7c078195d9e8c4d6dea0522cb2ccf39e8497df5027aa1363e293098e94d7630a8da9b4226fb008a0e04bb0de8ce67ec834388ac804d2c3e6180bfc5d09e900a63bf96df6da3fd93f6e471fcacc1cfe2fb08e098be6716547e7c66ffabf04d8a2e1359b30cf70adaf6bca7361a8e221a2cc68f4befea72884c4dcb7c25da7ce3d75908620225b586ce1434175e0f702f9275fe75eb53b5394e7a00eb0d260971defe6a9d6c02fabbcc6b53f105af233e2bc0648a62da72e481093ce33a309bb76e677ea474840fb961b52179b8d413e55287113722490cc0995aff2a508b540c9eff4db0f40f3f130724d8435bfb6f9573a70ec86d886e8fda59d534bc2a434467844ff211e32ec079805ec169754b74983bfb9b78b2874de3a23ac08c5fecad250d938e3af81b775f50c487cecc1d4d8be6747036048b278d023e3de6fc15fbbd36cae15abb3c0a0f3ebd75579ddad5f4e9471160aa5823990edbc1e508d533da124e050baeaa58570b1fbef4745c8f7c1a4ee3354e0ff4c92c4766847e6e4f4669d9d165a99aa24cc0f4cc3e7b7be9189353427f52a84d2672052af93fb68b3ac25a26fc2063c92a5c599e5f61bdf8593e52cdacb1571e7a6c2b1cdec753fe6c5abb68ccaaecc3255aa0999c349b039ae6c23cc54c18897b7289a743559754c2ba439ded2d1f1ec85dfff492fbc1eba95aa0e9c4f6432847048924b7b664320f6380361f8f21c1808f72645a5aa35dd3f60ba68dc472a52b63c81a863ca03916f68e02f3b6e03fafdbff730bb7ad1789ab7fb97b76218e87bec72ec306f1369ba6a2b08f7acaa460296f961afeb008d406c2d9e6dd32ad442a560f89594d82956d03a4b0edf7c50d9f31a7eeb442be7c58085180ace5e88288a4080c6ba50569185c75de35d81df984393034ec6bf193cf165a1f91e8fc220b86c46acf86dea8ae73c0e67ce69e31986fb1ebc922b2941a5a198d1274e246915c058fadeceb0bb2f25fc4b68b4eda22a245ab01e180c5fca6aa523e333810f0d6c5731818735ca348c5627bd2e79eb089e7b6b4842ac9c0302ef1a3676e98c8480d1a9b6d9fe914f70cecbfb110939bf58fd4daf58ff374eee2109174a2cbbc72ad94f51212c5519a802a9c7ed35a4ddc80ef9921f3c0282eb14b00767a99ae0650fe5fc34c17d65b73c8ba8929b35f01222a329b65ddaa6f0f38fd0aa5fd365e2cc15d42178c23f9d3bc149eac2da3ecbf84d4cee6bd90097b57373bdb684860bd06db6167cc10e742499c244439470f73d529b930ecdd8993796a5c662038c11f2c49e829285eb070155c9cf73ae081dd6245a47bc8f0c0d46b3ea080ad0d5954bac1fcfcc4e32065c7386bccee654f507aec3c68055a9527add4ab54", 0x1000}, {&(0x7f0000000880)="27c4195028e99fce0b54ede07ff905bc1541ee013006afe5c8180ac8f859a3da83276d3fbeec24e72d4e556d91caf267a86ed793c6de3be1a4be44dd2b7cbfb7d35628d961eaaedcba8cfd549afc6b560fe230f9acf8878d60cc4326f946e4f41fd687eee3ad03c61bde6b1e3ed799a2984bc04a6da7b7c0206a0ce3d02d3c84b9d98f65abc85de0", 0x88}, {&(0x7f0000000480)="be8a35709ab98664bb160e97ca86972eb9ca0ff5be72fb250ee5dd4b93fc313877eab667bb6b75b4f2ea124cc962b86b2aab030075d379c75f54d78e8e180e440ebc8f90cedb1edd52bc2fea37964d4809e02291ef0a36b0c739", 0x5a}], 0x5, &(0x7f0000000bc0)="c16204ae1fdfb54708fc7f7955cc34a012ad21ed54926e5cbc1ff2a68062d0745c86f1a4d9b452bd142f0ae3f700f9ed9d3de9038a7fc927e4c7cdaade7970cb44fea9fa90c855c64c491fd3d9463d743fc337b32227f7f6565bc39f79d09ba65a4992b84d1f0463d438a89f5e90592f", 0x70, 0x800}, 0x10) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x6, 0x30}, 0xc) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000040)="3523d8da26c4dfdf6b35c321c7a60a42ac7709cb14070f01dfc5371cd39e0c3d24ef079446ae2e0637f872", &(0x7f0000000500)=""/208}, 0x20) (async) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f0000001940)=ANY=[@ANYBLOB="1802000000000000000000147c8d75790d46c8dc57c6cd9c00000000008500000053000000950000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001780)={r5, 0xe0, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f0000001500)=[0x0], &(0x7f0000001540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001580)=[{}], 0x8, 0x10, &(0x7f00000015c0), &(0x7f0000001600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001640)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="180000010000000000000000b2000000181100001b1d766c23cb5994ce1f581fb73ff11f14fd8a47a71e2faf99768068a917f42315021417ec76ad0c1d19ce0d0bfddffca8b21199bdb7bacb390109c16ebf921d4294de0b0523a005152c3cff469ec71618e90cf2eebc8f3960f5dee029bdf3abecf436840e5074df059684caf146eca8fc3d6cf67f9cbc226a", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xd700000, 0x0, 0x0, 0x41000, 0x4b, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x4, 0x7, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000003c0)=[r4], &(0x7f0000000740)=[{0x3, 0x5, 0xc, 0x9}, {0x5, 0x4, 0x4, 0x2}, {0x0, 0x4, 0x1, 0xb}, {0x4, 0x3, 0x9, 0x3}, {0x5, 0x5, 0x3, 0x8}, {0x0, 0x3, 0x9, 0xc}, {0x3, 0x1, 0x9, 0xb}], 0x10, 0x180000}, 0x90) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x90) r8 = syz_open_procfs$namespace(0x0, 0x0) (async) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000ac0)=ANY=[@ANYRES64=r7], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) (async) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x3, 0x3ff, 0xfffffffd, 0xb7, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x4, &(0x7f0000001700)={r10, 0x0, 0x0}, 0x20) (async) socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@o_path={&(0x7f00000009c0)='./file0\x00', 0x0, 0x4000, r3}, 0x18) (async) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1a, 0x4, 0x3, 0x1f, 0xc, r10, 0x1800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x5}, 0x48) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8914, &(0x7f0000000080)) (async) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x4, 0x1e, &(0x7f0000000e40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @call={0x85, 0x0, 0x0, 0x9c}, @call={0x85, 0x0, 0x0, 0xc2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x3, 0xf1, &(0x7f0000000f40)=""/241, 0x41100, 0x71, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x1, 0x6, 0x3f, 0x2426}, 0x10, 0x0, r9, 0x5, &(0x7f0000000a00)=[r10, r13, r13, r14, r11, r13, r14, r14], &(0x7f0000000a40)=[{0x3, 0x1, 0x0, 0x1}, {0x3, 0x2, 0x1, 0xa}, {0x5, 0x3, 0x7, 0x5}, {0x3, 0x3, 0x4, 0xa}, {0x5, 0x1, 0xa, 0xe}], 0x10, 0x1}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0x6, &(0x7f0000000380)=@raw=[@ldst={0x3, 0x1, 0x1, 0x7, 0xb, 0x4, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r13}}], &(0x7f00000003c0)='syzkaller\x00', 0x2, 0x7e, &(0x7f0000000400)=""/126, 0x41100, 0x26, '\x00', 0x0, 0xa, r12, 0x8, &(0x7f0000000980)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x6, 0x7, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000001180)=[r14, r8, 0xffffffffffffffff, r10, r13], &(0x7f00000011c0)=[{0x3, 0x5, 0x6}, {0x4, 0x2, 0x5, 0x3}, {0x1, 0x1, 0x2, 0x8}, {0x4, 0x4, 0x7, 0xc}, {0x4, 0x5, 0xf, 0x7}, {0x2, 0x1, 0x0, 0x9}], 0x10, 0x8e7}, 0x90) (async) r15 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002980)={0x11, 0x5, &(0x7f0000002740)=@raw=[@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000002780)='syzkaller\x00', 0xffffffff, 0x47, &(0x7f00000027c0)=""/71, 0x41000, 0x41, '\x00', r6, 0x0, r14, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002840)={0x3, 0xb, 0x100, 0x81}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000002900)=[0x1, r15], &(0x7f0000002940)=[{0x5, 0x5, 0xf, 0x2}, {0x5, 0x1, 0x1, 0x6}], 0x10, 0x9c15}, 0x90) sendmsg$tipc(r0, &(0x7f0000002680)={&(0x7f00000012c0)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x2}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000001300)="d2c1a0835e0f94bcb4ecb864afcbf09b24fd1deada679127aa716a02f33630fe6f245cd9d29fe9b482ca85761ef6c1c33c088f0fd93ce021cb592ff3453f8de88067c236308d7c5ce05535f92fea317ed68903bd2271dd4871a9b155b54d4157bd3daf51ed779c4439e8f36dec60eec1db1ec47da74eaadb72bb6cc38c278b14a91ca8ec9984179f6fe2b978ce0257fdf6de78ce274c37", 0x97}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="160ca6c8b2c05a3004bd3b63b35cfb9b4351917dad9019961b7de09e3a182159951594f7e2ed4d6bf4f253e62bfd3c0d981e0524feae9770bfea5423bc8a3f541a0b50df538d459bab7113ac377137d3edf500806e83f9a3", 0x58}, {&(0x7f0000001480)="4efa9a095d789700dfe8cc41c1b41a8f353f7ce6979e2a3c260c2b0c5c0c553a09af9f348090ede23a5c28f64fc16b70be5714adc07a00b87e5b907e3faff054537656051386af38d8e5c82505abe1c3285a64de512374903e23739b6a5593a5cabf7e5177825d8bd4c70f80af5d197000bd7f2dae4920184cb5574c1044c8f4697d972f802ac4d04dca47c65a91310ae8b231ebf5e7b7f84600418ec6e1dd", 0x9f}, {&(0x7f0000001540)="f8fb2ce752f965a4ee5f67cb74a47060a6dc9dd774f9199f00bba1b46cd60061eae1e538dfac6caa7578af34817137ed841249975f22ea6d73f3e9667d1d4fd7171f5508d14617a194644b434fa666ebccdc7db37a1e3a329ed7ad81083272088be6a29f953991e29b9a9d3b3cdf1cccf4de9f2314cbf1ba70ef3ff707c50c4e553f8737dacd5527cb59b45469fe3f382f408d86ad381e281791826f4c369ee9fdf50e4eaa7849a8d726ee6ac7d52a70442a1f701b8a0eb4714ce9e91bbc374f57c82885ba4751dfa7d2abfe11489283232d1c671d8188f2b1e9e74184c4e16bc07263df48903ca98e29ebfaf94bbeeff4b52542ee01d8dcda21033bb3fd6418a6772a82d0385f0937721b423ebde8e3c528e65d652882686211d04413e54d21b55b29de2e3136c8f0ee333ef8a6bef4cfd742d4fabbca30281dc6590ff42da4b01139d4ac093e92590c770105ed000850e522ad05c8259070bcb183aca3afc3ac25f2895942d0fb8dcfdc6abc6ce6cf03272af43012e722fc32b61a1cdb1a35ee4e74b5b80cadde08dce4324bedf0098b63d7a53cffcc04bf3c199fa98cbac977845a98d68d8cab6eb33cf482f96e1020d1e2034f2be6cca27b15900a15cfc479a2a2b771fa72dbf63201047951fbb435ef6653c1e1547deb03de00391bf831b8a3be094a58deb1e800aa53b1431bf51881ec6497c6ebcd27ced9dc4e4dc114f4083bd47bc6e7a001dfcce4fedb57c9f7f79a9f130e5cd2a4a1c8afe8097c67343cab43e93aef91e8116eeab514a3cd4f63a449f67be78e140133fc32622355234f0206a4478611f783aff863f8a65e8fa5f8f0ccf309802020ed5594b3b9f9047ccc74a66b6c14efd78725271c03559f49fd678372e1d1b72e834841bdcdd0b0e95f0aa09dbd5c9aab66378c54c89f4737e5d4d7a27920d1f14261509ac50729e06ba9ec53a160690a7f69450f7887a6f437d4b611bf2b821b344426f501f9f7c270783ce10e82673fb7517026e2c4a319c6b78262b5e3cb362a08c985a051f3bd26412017081fd7a05748ff78532871452a6c426880f6426a6ff789502c19eb26d097dce06fc3f31639a0b279bd063f1479565e8a7b58edebc9e7a1362baf911f7d55e665ed03a44fa0daf77a8ca09550a4c9c5722ca17bd052f3af9680633fb343ecda332476b800fb2c47f151180b4992f0087d246032fabf62f5c8104cd5ba28c8292cfc41f33c622c127c977e21ead9329c29d3cf25c01c9b0a753eb9b1c8282c99b93ad2bfea6c7cee00b29ca8f2bd5ac56acde67a6004752bb9f878b0800c91dd1635d32c49f2484f51a215ed4b8e717111e3121d1a8e2b0cf5d224ad997e9116870d4cfa5e86f1b10cc4052022b7a18a23030ab41d5ad42d8a5bd11218ce7ec32f41bdbfaf6875f6b98f2bb4cb636340ec1cc75bf03f01d4ba42cbaccbdd01f9ce13eea97e5ff1f0f8614ceacd2a1fc2c3ad123e09a643b6823e37a8e2cbea51d165718beef042389ceb609ef8733f363ae2d9078350daf5efab4544535aee21a32314a126240436cb8c98e42c17dab3c5004b4591dd4a7909064620461d0db7f01d263ffedebe3d4d91084470593bd785fea1e2bbeb4b358fe4cbbbcc2ec26c8cbbbce094aad1afae428d1d55121fa780474fd4f2e69ede1256d6ecaaf962a14b7cc56a2959686dd217881ea970d884e79656f31a9e86fb094aa792babf34dcde26d3e9a440b647104b726eaa000104f858c47a7ea6c7af7edd75ef802c573e48809db61a55e628f52aa209f8eca6213d5013ae0211b90fbbc1b80c1f754fb7e24d86d2da5985104c41e9bfe4a09413b8f9950adec385e7f2f1580f5b466601d1451552f65a17699946e1506e994d4d06b430a7b5f6b9c8d8edde1ec43993573f5aba7a5fcb4f5249171d8a6fbf9c56a299657f101dad5462e477bfb5c4f4bb2388f4617e328fc3370f455a9a9d7c9732480b1209e67ff469fd2328c1c540a0c588a3f08396e2c5c230791c6095f335992d368d32875a68301282406042ec52cbf7004fcf1f2e8f2f2a611f7e9a02dfc6acaebf298c4f317e1fed4246729a0581288a925647b10393886c916cec5c5eb0ad4b9306404b2b85c9fc3a96d699bb3ecb17aee6fb95c7611b8568addaf2c20c2ffafebb9081a0216edb22158ac9bd57117d5ca14a600ab2d1ae049a91e6619bf46aa16106667ae371ee823e75b61b2005f4f490cf7492acf7127ac6fdd18a04dbf933adca88a2c56a59f91fed5d7d8ec474e0102bed735704a2aa81287a807407b5aab960a0099514c4e96871b96b6a9043e3de020ea5b6afcf45ead487b76936c7fd08c1e911016eb8272584ef4dfda4d4f9024b1f1cdfc99b1c9b01fc7b839e9027415d8bd2710775cc774fb79758aecf5cb136bd25f4c9f7af583bf6b253163c912c1a993796764ba83c8c51f2fdecebad9de7ca9cc286635d9c82491f03220b457ea17d41e75e4338bf2e59e9196d8edf3dd8f0f96e13e6524db57d1a038d9f0a9585daa71e370830620f7c3d3ed199245723fe53b8aa8d8493ee0eb154ad0598fb28466955596368c4cf6ec5876ede0fe1174d76c555df99824079af74e47f729b577ff27021e792a61e3b190aa291148893f27dcc677351e5c60f9acda17376f1ca3aa9341010c21fd1df5ccefad990043e71ed4b7ed4a889fd847165009a21a764ea00970ebe2b8b51d558fc7e88bd581f2b8258e3bf27c073d1f6012e4c8af0bb14f80abee860552f583bd53e18eff291b0d5ea8e92e58c13a65930bd2de07a5f8b200a6c89ac734cf61a3a4878bbc4bbddd047dbd0e546b823843b08fef4941ddc3399e6ae2523dd230fa8a7138edb60673f72607ba4ceb263f21650fbc0679841200bf05346953a08481103dd6f2ac3150ad27f5786ca64ef42eaed90c2b0a6557c72a5ecd4f72df390d9de405bdfad2bd9f2c1ebcf55202e1f73d201e44f2c42d340c190766f1bfbb87a8c93666e301fe10ef689946d99e0484805a04da4093414eca78a89dbaf8466ac4bfe14c152d4ed7ae214ab5306327a51399b3a966bb9555e3a00121e4018a57659f42bf11bf796f8a98985285cdbda33f6b23587e0c2f0edb1dddf141ef060ba750e5db5dd2f6cfcac686988d0b0cc428be9d24f929b46e9ae77fb56457f10ea74a10ce2880541cfd9b17381fa035f500146817cadcddf3f0002f66a350621290f020140b33abbfd35024a261f58a7ae38ce55ec6733d846e72df2f38549bca1e5adadf724bd35e902a0ab818bec5b5f4d950989c3fbab801d2893131c57ed2fd59b2eaa7a431803d5038956414df7b2e523befd5cee123835faaafeaf09478c01b23fbd3f26b0e62714de2bed36fe46199628ec48d83d191626eca3e9d71e1ae12af871a25decbe7a2c1d77ea61d814b1e3f93c07bc2a47de4bd87bc1ccb9e82f497c51e3e27eab3ed3835297ef8d89f6cc8f82710e67b7df3c30a36376e67cc50a3bc97a5e8e586102c2a623b8be012decff27f086637c0d6e883a682d7ec61c1bed11c080e6c4be5700f8dab7e41085954871cd899d508e043dc4565300ded8be9ea1a83025c2ff27c2693c2b074f769af2bd55ab447ae59658797e5b2ee5c628c1e69d3d1d66d9ccb9069ade7a7acec5270c8245c7a272af14f878a527a4d80859c56794438650036e4c36a192f52eca2f4c86adddfeb2fb27667a50f69fc673ff1f659c6073b3dac95d62a2209887c119d7fe6031a13a6da918333547012389c1ec0152abbd709df051932bc10baba4db9fc61ecf92ab4e234b6b7a3ab6540dc2a667e1aeec32aea1f9a9e13f8cea1499a994b722403bb4439f4d506a191c5d3ac0a2521c5d4173a9c983acbeec1d12ae45fe8e4b36e2eadd722a8a6509ff41ad51fcdd014591b8c28e6de27eb86257b159cb16de21c5d07541117f2e3e05b0876468638146da132c99a03186f6910e467f63991dd69fdf3be05a9ce57d5dd34fcfecc1a7f1e34f1f28294b9eb9ce99775481e326ccded422ff85aac9ef1bdba8b012c414a153e5300efbd8f528ea5a85079246d44388466da35257caa2f82f0be28642aa1200fc2147bf21fe2e6e1b6067523de348a0a5ce4ea71f43064534b93e9434493442e6ef34058f9595962d1284e7add2c9e504b00da8805b97a7d94e55e3de22a59634a46499622d1fda130b1f957a19e4e6ddad5103f16d413f29d1d9cf459d4a5419df30d54c9783b045498299e06b33832d1792a0a2c6a016168350a2ea4dc5620062c7d3029e16ecf97eb50e2624e0916a34845a27caad01dfa9953b49c11cf448230d309e09250a9432f872cf1a61830ab7900f86ad4c00ccd8c0def2f17ed962855f99199e13695dfa3f564f3eb55f6b8a8756a812bbd5bcab38d468a7e523dfccfdb76abb4e84644c7539af15a3a591aa8661fcb7cee789fb2e37b808d36a4bb0a9cf5aa7403ceaec608ecbbc90a95976a0a2ed06c5562f01fda470a4bc155aab682d229912cc6d413b835cd6bbe356de68da2c346e9df0f279192a3322cc5351e7ae3b768962d626d503c0dcd4a0bd9b1eb58f01f393da3270bbf5edccbeaf3a10f32389f5035900cf3901e6d8b7fd3213661c4dbb0d71314ad5449ddbd1747faabe62ae7145f1b64a6f717df813864bcd420eb9f223afa0e696bc13578f3363dd659ab3b4c19b883d4c5e89fcd138e7715d9ab726824555d54a8f2d5cd42cd43b3cce73cb5faf11d64f2928d369b7d5afe9fe229e5517aff71d5795cf6e21faf769d46074128615764eb3896db69820dd7de6a8c0fe0cc9b4d9bbf6efb7d22a4ab8e8f248dd2e095fc7558ea8b2a62c0a45b4d704148cbad82236bca0dfc8829feb41a7d55fce8483e1cb3c839038593113f611b5ed751d540098fd2aa11365da40d0541ec823f885bfed6ebc6939f7a33f78de6eb86db9ad17aed3ddd1c2045a40b3be6f0ef44185ae9e3e8d728dfee22f372ace2abc979504823628bea73137a3fcb1e4e81ff619f7a70d83df8182272b19f9554b94479a289117132db8ebe42f6f2e93062ecf3561afa0fa343d8466ced2dbf3de93745882eaa8dd16b168bcbdf51e686bcbc8eeb5b6c3b18aecbf75dd036f89e2e3ffb4c19cee8ad3cb7ea9b287150f97d3ccbd1d42382639a2a5541e34826253bc1c51c010d07eb5d9a5507c870bb35431043c84f31c79fa6e633ad16635f314b5eee751b9d3680a3806c623e3c741610ecc102860eb1b0b694fd848fefc7c910a0758ec89b05f625d35119bce44961a3aeb5603153ba3bb4c9ac6d6f79e3ca8c3522f3dc8c1d8081ae2c6fee6b91a59a5ce4878d43e7c374762a7484678149f10f2e6f5525b53e81df52c05c949f63b6cf71bf2da3e1a7f9d100c63d76a4fd4db9910432bcad9d730693062a1a35b2c71694b5b0466b7d0c8d7a0743162c26d389f8a2a4e7c5faa6f4d778a57c8de4cdf63ad5969c360db49c4cfd80bb02bda9c159d325391942609977dd78c74b47b982d6f263e9402101f98c1b76b7a38bf37ba63793199c75a9d7f0aeed2e943fddcf968b0490da1b69d4b03eb34ad8df9aa064fcbb150f0a6ceaaa008443195a2268c3d11798d3c1fdfe7efc546811c591005e968bd2f593d0561b8aca8720f03a781560b76f666f8823ab3f7448e43a2e3eec411f904f275e69753afc9407c6ab1231985cc70747e3525287bd6eacda7137df17e34741e44b9e74ee8ef1cd7e32394d3b132d6eb8b414f0822167e376c58c0f7b4ef05e02de47850dcb8f63273cd6059feb1e83313ce", 0x1000}, {&(0x7f0000002540)="40105bc9e51f81f92ee2377ad523175332a171b7afbe4d2969dceeeca8517dafb425f39ae474672f8f9281080c8068cb8af0984bd0b50d443fd67116a831c297d0e1c049c33255013d51c2bafb04c830e6fe80678e6c1b12192bcd04de034dddcac5c7d771347c53592724521f5909f80a9c1958c198bc058f63dbdd654487a378ce1379a2da4ddaff0361089e889a77da5619f025cd232ba1e469fbe35a80ed2f0bc6cb1ff94166dc", 0xa9}], 0x6, 0x0, 0x0, 0x40000}, 0x10) 14:14:07 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() r1 = perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x9, 0x4, 0x1, 0x7, 0x0, 0xd085, 0x0, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10, 0x5, 0x4, 0x3, 0x3, 0x7, 0x3, 0x0, 0x8, 0x0, 0x4}, 0x0, 0xc, 0xffffffffffffffff, 0xa) syz_clone(0x0, &(0x7f0000000140)="b5914ac1161a6265c8e0c741349e2747670e48ca6d35d9937a379b1c6caa5e13b3697f981ba9023ee4359cb4", 0x2c, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="73bc949f7c665727f63e17097122dba7c0315c89fcca44843493d185c69703c3bed10d5a3e762baba8431c4aeaa1806b3adc5b2fab8cb2302b6aeb3f2adde7d9e139afc8a6c723ba728b0b964fa106db9a20482df5f68df1614578a55d01df498f2283d2a9c66e43ef67dc6dd5f5ea2a9db34f43441650ca37e01a7ce16710d9cbdc52c148db42c9d8390582cb569e025af2772278a4f7c8def39d44eb5fd82e0b440b081d3d2f1817cd3e37f08d10eb2e9a204f1a47273c52ccf73a87ba9f150e63c0ce018242919c231021a371f1ef") perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x33, 0x1, 0x1, 0x20, 0x0, 0x3, 0x10000, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0xa6, 0xce9}, 0x2, 0x2, 0x9, 0x3, 0x9, 0x10000, 0x7f, 0x0, 0x7, 0x0, 0x20}, r0, 0x7, r1, 0x2) 14:14:07 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) gettid() r1 = perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x9, 0x4, 0x1, 0x7, 0x0, 0xd085, 0x0, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10, 0x5, 0x4, 0x3, 0x3, 0x7, 0x3, 0x0, 0x8, 0x0, 0x4}, 0x0, 0xc, 0xffffffffffffffff, 0xa) syz_clone(0x0, &(0x7f0000000140)="b5914ac1161a6265c8e0c741349e2747670e48ca6d35d9937a379b1c6caa5e13b3697f981ba9023ee4359cb4", 0x2c, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="73bc949f7c665727f63e17097122dba7c0315c89fcca44843493d185c69703c3bed10d5a3e762baba8431c4aeaa1806b3adc5b2fab8cb2302b6aeb3f2adde7d9e139afc8a6c723ba728b0b964fa106db9a20482df5f68df1614578a55d01df498f2283d2a9c66e43ef67dc6dd5f5ea2a9db34f43441650ca37e01a7ce16710d9cbdc52c148db42c9d8390582cb569e025af2772278a4f7c8def39d44eb5fd82e0b440b081d3d2f1817cd3e37f08d10eb2e9a204f1a47273c52ccf73a87ba9f150e63c0ce018242919c231021a371f1ef") (async) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x33, 0x1, 0x1, 0x20, 0x0, 0x3, 0x10000, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0xa6, 0xce9}, 0x2, 0x2, 0x9, 0x3, 0x9, 0x10000, 0x7f, 0x0, 0x7, 0x0, 0x20}, r0, 0x7, r1, 0x2) [ 1939.401480][ T6612] FAULT_INJECTION: forcing a failure. [ 1939.401480][ T6612] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1939.414749][ T6612] CPU: 0 PID: 6612 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1939.424899][ T6612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1939.434798][ T6612] Call Trace: [ 1939.437918][ T6612] [ 1939.440697][ T6612] dump_stack_lvl+0x151/0x1b7 [ 1939.445218][ T6612] ? io_uring_drop_tctx_refs+0x190/0x190 14:14:07 executing program 4: r0 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() r1 = perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x9, 0x4, 0x1, 0x7, 0x0, 0xd085, 0x0, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10, 0x5, 0x4, 0x3, 0x3, 0x7, 0x3, 0x0, 0x8, 0x0, 0x4}, 0x0, 0xc, 0xffffffffffffffff, 0xa) syz_clone(0x0, &(0x7f0000000140)="b5914ac1161a6265c8e0c741349e2747670e48ca6d35d9937a379b1c6caa5e13b3697f981ba9023ee4359cb4", 0x2c, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="73bc949f7c665727f63e17097122dba7c0315c89fcca44843493d185c69703c3bed10d5a3e762baba8431c4aeaa1806b3adc5b2fab8cb2302b6aeb3f2adde7d9e139afc8a6c723ba728b0b964fa106db9a20482df5f68df1614578a55d01df498f2283d2a9c66e43ef67dc6dd5f5ea2a9db34f43441650ca37e01a7ce16710d9cbdc52c148db42c9d8390582cb569e025af2772278a4f7c8def39d44eb5fd82e0b440b081d3d2f1817cd3e37f08d10eb2e9a204f1a47273c52ccf73a87ba9f150e63c0ce018242919c231021a371f1ef") perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x33, 0x1, 0x1, 0x20, 0x0, 0x3, 0x10000, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0xa6, 0xce9}, 0x2, 0x2, 0x9, 0x3, 0x9, 0x10000, 0x7f, 0x0, 0x7, 0x0, 0x20}, r0, 0x7, r1, 0x2) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) gettid() (async) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x9, 0x4, 0x1, 0x7, 0x0, 0xd085, 0x0, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10, 0x5, 0x4, 0x3, 0x3, 0x7, 0x3, 0x0, 0x8, 0x0, 0x4}, 0x0, 0xc, 0xffffffffffffffff, 0xa) (async) syz_clone(0x0, &(0x7f0000000140)="b5914ac1161a6265c8e0c741349e2747670e48ca6d35d9937a379b1c6caa5e13b3697f981ba9023ee4359cb4", 0x2c, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="73bc949f7c665727f63e17097122dba7c0315c89fcca44843493d185c69703c3bed10d5a3e762baba8431c4aeaa1806b3adc5b2fab8cb2302b6aeb3f2adde7d9e139afc8a6c723ba728b0b964fa106db9a20482df5f68df1614578a55d01df498f2283d2a9c66e43ef67dc6dd5f5ea2a9db34f43441650ca37e01a7ce16710d9cbdc52c148db42c9d8390582cb569e025af2772278a4f7c8def39d44eb5fd82e0b440b081d3d2f1817cd3e37f08d10eb2e9a204f1a47273c52ccf73a87ba9f150e63c0ce018242919c231021a371f1ef") (async) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x33, 0x1, 0x1, 0x20, 0x0, 0x3, 0x10000, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0xa6, 0xce9}, 0x2, 0x2, 0x9, 0x3, 0x9, 0x10000, 0x7f, 0x0, 0x7, 0x0, 0x20}, r0, 0x7, r1, 0x2) (async) [ 1939.450682][ T6612] dump_stack+0x15/0x17 [ 1939.454671][ T6612] should_fail+0x3c6/0x510 [ 1939.458926][ T6612] should_fail_alloc_page+0x5a/0x80 [ 1939.463968][ T6612] prepare_alloc_pages+0x15c/0x700 [ 1939.468904][ T6612] ? __alloc_pages+0x8f0/0x8f0 [ 1939.473506][ T6612] ? __alloc_pages_bulk+0xe40/0xe40 [ 1939.478540][ T6612] __alloc_pages+0x18c/0x8f0 [ 1939.482967][ T6612] ? prep_new_page+0x110/0x110 [ 1939.487573][ T6612] ? 0xffffffffa002a634 [ 1939.491555][ T6612] ? is_bpf_text_address+0x172/0x190 [ 1939.496676][ T6612] pte_alloc_one+0x73/0x1b0 [ 1939.501013][ T6612] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1939.506051][ T6612] ? arch_stack_walk+0xf3/0x140 [ 1939.510739][ T6612] __pte_alloc+0x86/0x350 [ 1939.514900][ T6612] ? free_pgtables+0x280/0x280 [ 1939.519505][ T6612] ? _raw_spin_lock+0xa4/0x1b0 [ 1939.524114][ T6612] ? __kasan_check_write+0x14/0x20 [ 1939.529062][ T6612] copy_page_range+0x28a8/0x2f90 [ 1939.533829][ T6612] ? __kasan_slab_alloc+0xb1/0xe0 [ 1939.538694][ T6612] ? pfn_valid+0x1e0/0x1e0 [ 1939.542944][ T6612] ? vma_gap_callbacks_rotate+0x1e2/0x210 14:14:07 executing program 4: r0 = syz_clone(0x28229680, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) r2 = syz_clone(0xa00, &(0x7f0000000100)="3c85b2d55531db32056b284748752d1b61e7651cb8cca84dfca87c97fa5ce7eceac89eb422118afa429fbda9550f013f3f1719c79e40beb7e7", 0x39, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="7726f25569558a9a605acc8d6dc293299d2ff0788ed75c8564b686171959c55d3ef3a7012bb0b05a9711b3f7280b6f86517cc9f4820fadf01f489586a3c957e6e5ac57ec01b0ecd280a9606326f6a83d975b2560341e115d1c2542910ec12f692b3ed27f55cb6d2f2d83ff853cb57cead9067d41fb9c18c60145a696f2fc708dde55d6814b68d6acb0e63643becf3b713ff73355c853e70cf96e3ccc73e80c") bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r2, r1, 0x0, 0x3, &(0x7f0000000280)='*!\x00'}, 0x30) r3 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r3, r1, 0x0, 0x1b, &(0x7f0000000080)='blkio.throttle.io_serviced\x00'}, 0x30) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0506617, &(0x7f0000000040)=0x2) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x20, 0x1, 0x1, 0x8, 0x0, 0x6, 0x102, 0x5, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x64e1503a1d942405, @perf_config_ext={0x9, 0xd4c7}, 0x1000, 0x9, 0x1, 0x8, 0xb953, 0x42ba, 0x4, 0x0, 0x7}, r0, 0x3, r1, 0x3) [ 1939.548496][ T6612] ? __rb_insert_augmented+0x5de/0x610 [ 1939.553788][ T6612] copy_mm+0xc7e/0x13e0 [ 1939.557863][ T6612] ? copy_signal+0x610/0x610 [ 1939.562306][ T6612] ? __init_rwsem+0xd6/0x1c0 [ 1939.566715][ T6612] ? copy_signal+0x4e3/0x610 [ 1939.571144][ T6612] copy_process+0x1149/0x3290 [ 1939.575660][ T6612] ? proc_fail_nth_write+0x20b/0x290 [ 1939.580779][ T6612] ? fsnotify_perm+0x6a/0x5d0 [ 1939.585293][ T6612] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1939.590238][ T6612] ? vfs_write+0x9ec/0x1110 [ 1939.594583][ T6612] kernel_clone+0x21e/0x9e0 14:14:07 executing program 4: r0 = syz_clone(0x28229680, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) (async) r2 = syz_clone(0xa00, &(0x7f0000000100)="3c85b2d55531db32056b284748752d1b61e7651cb8cca84dfca87c97fa5ce7eceac89eb422118afa429fbda9550f013f3f1719c79e40beb7e7", 0x39, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="7726f25569558a9a605acc8d6dc293299d2ff0788ed75c8564b686171959c55d3ef3a7012bb0b05a9711b3f7280b6f86517cc9f4820fadf01f489586a3c957e6e5ac57ec01b0ecd280a9606326f6a83d975b2560341e115d1c2542910ec12f692b3ed27f55cb6d2f2d83ff853cb57cead9067d41fb9c18c60145a696f2fc708dde55d6814b68d6acb0e63643becf3b713ff73355c853e70cf96e3ccc73e80c") bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r2, r1, 0x0, 0x3, &(0x7f0000000280)='*!\x00'}, 0x30) r3 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r3, r1, 0x0, 0x1b, &(0x7f0000000080)='blkio.throttle.io_serviced\x00'}, 0x30) (async) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0506617, &(0x7f0000000040)=0x2) (async) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x20, 0x1, 0x1, 0x8, 0x0, 0x6, 0x102, 0x5, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x64e1503a1d942405, @perf_config_ext={0x9, 0xd4c7}, 0x1000, 0x9, 0x1, 0x8, 0xb953, 0x42ba, 0x4, 0x0, 0x7}, r0, 0x3, r1, 0x3) [ 1939.598923][ T6612] ? file_end_write+0x1c0/0x1c0 [ 1939.603604][ T6612] ? create_io_thread+0x1e0/0x1e0 [ 1939.608463][ T6612] ? mutex_unlock+0xb2/0x260 [ 1939.612893][ T6612] ? __mutex_lock_slowpath+0x10/0x10 [ 1939.618015][ T6612] __x64_sys_clone+0x23f/0x290 [ 1939.622614][ T6612] ? __do_sys_vfork+0x130/0x130 [ 1939.627301][ T6612] ? ksys_write+0x260/0x2c0 [ 1939.631649][ T6612] ? debug_smp_processor_id+0x17/0x20 [ 1939.636863][ T6612] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1939.642838][ T6612] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1939.648309][ T6612] do_syscall_64+0x3d/0xb0 14:14:07 executing program 4: syz_clone(0x28229680, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r0 = syz_clone(0x28229680, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) r2 = syz_clone(0xa00, &(0x7f0000000100)="3c85b2d55531db32056b284748752d1b61e7651cb8cca84dfca87c97fa5ce7eceac89eb422118afa429fbda9550f013f3f1719c79e40beb7e7", 0x39, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="7726f25569558a9a605acc8d6dc293299d2ff0788ed75c8564b686171959c55d3ef3a7012bb0b05a9711b3f7280b6f86517cc9f4820fadf01f489586a3c957e6e5ac57ec01b0ecd280a9606326f6a83d975b2560341e115d1c2542910ec12f692b3ed27f55cb6d2f2d83ff853cb57cead9067d41fb9c18c60145a696f2fc708dde55d6814b68d6acb0e63643becf3b713ff73355c853e70cf96e3ccc73e80c") bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r2, r1, 0x0, 0x3, &(0x7f0000000280)='*!\x00'}, 0x30) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r2, r1, 0x0, 0x3, &(0x7f0000000280)='*!\x00'}, 0x30) r3 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r3, r1, 0x0, 0x1b, &(0x7f0000000080)='blkio.throttle.io_serviced\x00'}, 0x30) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0506617, &(0x7f0000000040)=0x2) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x20, 0x1, 0x1, 0x8, 0x0, 0x6, 0x102, 0x5, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x64e1503a1d942405, @perf_config_ext={0x9, 0xd4c7}, 0x1000, 0x9, 0x1, 0x8, 0xb953, 0x42ba, 0x4, 0x0, 0x7}, r0, 0x3, r1, 0x3) [ 1939.652738][ T6612] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1939.658461][ T6612] RIP: 0033:0x7f895df3fda9 [ 1939.662800][ T6612] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1939.682245][ T6612] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1939.690483][ T6612] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 14:14:08 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x22802, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x13) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x1000100, &(0x7f0000000000)="9979a176737ec5b7813aad38562d0f83e3b93d59072fabc1098ab1b08bea5ffd213c993b32074660a994c91fc9908fb138425ab54eee5e1172cd21362ccd514fc8f79acf9436", 0x46, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="b04c26443636435b5b43b4d7cbf045277550ad16524d44eec90a157e163b8b46915528156ab90b567ce5a810eeb6af7ee3cd33b54fbcfc2430214a3b59540676f92abb427e56774c7ff163e6bc26efcfcee71fa3a1378e35179c15bf7cba2c760dc0b91ff897fab9fca32f8da7b92536f63a08a8541eea64672b0b491688f6881bad115c61ea7c25599702656bdcd77ecb89992ce3e4e43d4134d14f0fbaa12f67155f4ea116d395e4") 14:14:08 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x0, 0x2, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) 14:14:08 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) [ 1939.698295][ T6612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1939.706107][ T6612] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1939.713927][ T6612] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1939.721904][ T6612] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1939.729724][ T6612] 14:14:08 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000003002c2135b8e40c721af002c9375963e2e52c579f3390d94c70eb425d5451fbdd2b475c21955d8e6b2c3b473687497b800dd09cd93f487580d73759cd94f100ac13ce7e0ecb1e019f5c60bac58cb650d1aafa7e729b95f3190fd3f1ce24609a0acdd2a263d4721041d53847e815967ad6b5470492c9e1e29f4a77262488263d77cedd88f605192d6b47376344ed71b8a1572d814245a29e1b6cc940c48826"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x6, 0x13, &(0x7f0000000840)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10001}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2754}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000900)='GPL\x00', 0x10000, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xb, 0x6, 0xfffff001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000bc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000c00)=[{0x4, 0x7, 0x7, 0x8}, {0x5, 0x4, 0x3, 0xb}, {0x4, 0x5, 0xa}, {0x0, 0x4, 0xc, 0xa}, {0x3, 0x3, 0x2, 0xa}, {0x2, 0x4, 0x0, 0x5}, {0x5, 0x2, 0x1, 0x9}, {0x5, 0x1, 0xf, 0xc}], 0x10, 0x1000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r3, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xbe, &(0x7f0000002640), 0x30, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0x100045, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000001200)=ANY=[@ANYRES64=r2], &(0x7f00000011c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a, '\x00', r4, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90002}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x2}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=r6], 0x8) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYRES16=r8], 0x34100) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='.\x00', 0x0, 0x18}, 0x18) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r11, 0x4030582a, &(0x7f0000000040)=0xff57000000000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x8, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x699}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @ldst={0x0, 0x3, 0x1, 0x2, 0xa, 0x2, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x66, &(0x7f0000000240)=""/102, 0x41000, 0x2, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[r5, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r11], &(0x7f0000000440)=[{0x4, 0x5, 0xc, 0xe1c6f034fce0ee49}, {0x5, 0x1, 0x6}], 0x10, 0x5}, 0x90) r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x2, 0x18}, 0xc) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00', 0x0, 0x8}, 0x18) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0x1, 0xffffffffffffffff}, 0x4) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x9, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', r4, 0x0, r12, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xf, 0x0, 0x267}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[r13, r14, r15, r16, r17], &(0x7f0000000640)=[{0x3, 0x3, 0x0, 0x3}, {0x3, 0x4, 0xc}, {0x2, 0x1, 0x8, 0x3}, {0x5, 0x2, 0x2, 0x6}, {0x4, 0x2, 0xe, 0x4}, {0x0, 0x4, 0x0, 0x8}, {0x5, 0x1, 0x7, 0x8}, {0x1, 0x4, 0x0, 0x3}], 0x10, 0x6}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) [ 1939.779538][ T6651] FAULT_INJECTION: forcing a failure. [ 1939.779538][ T6651] name failslab, interval 1, probability 0, space 0, times 0 14:14:08 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x22802, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x13) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x1000100, &(0x7f0000000000)="9979a176737ec5b7813aad38562d0f83e3b93d59072fabc1098ab1b08bea5ffd213c993b32074660a994c91fc9908fb138425ab54eee5e1172cd21362ccd514fc8f79acf9436", 0x46, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="b04c26443636435b5b43b4d7cbf045277550ad16524d44eec90a157e163b8b46915528156ab90b567ce5a810eeb6af7ee3cd33b54fbcfc2430214a3b59540676f92abb427e56774c7ff163e6bc26efcfcee71fa3a1378e35179c15bf7cba2c760dc0b91ff897fab9fca32f8da7b92536f63a08a8541eea64672b0b491688f6881bad115c61ea7c25599702656bdcd77ecb89992ce3e4e43d4134d14f0fbaa12f67155f4ea116d395e4") (async) syz_clone(0x1000100, &(0x7f0000000000)="9979a176737ec5b7813aad38562d0f83e3b93d59072fabc1098ab1b08bea5ffd213c993b32074660a994c91fc9908fb138425ab54eee5e1172cd21362ccd514fc8f79acf9436", 0x46, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="b04c26443636435b5b43b4d7cbf045277550ad16524d44eec90a157e163b8b46915528156ab90b567ce5a810eeb6af7ee3cd33b54fbcfc2430214a3b59540676f92abb427e56774c7ff163e6bc26efcfcee71fa3a1378e35179c15bf7cba2c760dc0b91ff897fab9fca32f8da7b92536f63a08a8541eea64672b0b491688f6881bad115c61ea7c25599702656bdcd77ecb89992ce3e4e43d4134d14f0fbaa12f67155f4ea116d395e4") [ 1939.841113][ T6651] CPU: 0 PID: 6651 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1939.851189][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1939.861082][ T6651] Call Trace: [ 1939.864207][ T6651] [ 1939.866981][ T6651] dump_stack_lvl+0x151/0x1b7 [ 1939.871503][ T6651] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1939.876968][ T6651] dump_stack+0x15/0x17 [ 1939.880958][ T6651] should_fail+0x3c6/0x510 [ 1939.885209][ T6651] __should_failslab+0xa4/0xe0 [ 1939.889811][ T6651] ? anon_vma_fork+0xf7/0x4e0 [ 1939.894325][ T6651] should_failslab+0x9/0x20 [ 1939.898664][ T6651] slab_pre_alloc_hook+0x37/0xd0 [ 1939.903441][ T6651] ? anon_vma_fork+0xf7/0x4e0 [ 1939.907950][ T6651] kmem_cache_alloc+0x44/0x200 [ 1939.912552][ T6651] anon_vma_fork+0xf7/0x4e0 [ 1939.916888][ T6651] ? anon_vma_name+0x43/0x70 [ 1939.921318][ T6651] ? vm_area_dup+0x17a/0x230 [ 1939.925751][ T6651] copy_mm+0xa3a/0x13e0 [ 1939.929763][ T6651] ? copy_signal+0x610/0x610 [ 1939.934162][ T6651] ? __init_rwsem+0xd6/0x1c0 [ 1939.938590][ T6651] ? copy_signal+0x4e3/0x610 [ 1939.943015][ T6651] copy_process+0x1149/0x3290 [ 1939.947531][ T6651] ? proc_fail_nth_write+0x20b/0x290 [ 1939.952652][ T6651] ? fsnotify_perm+0x6a/0x5d0 [ 1939.957165][ T6651] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1939.962111][ T6651] ? vfs_write+0x9ec/0x1110 [ 1939.966453][ T6651] kernel_clone+0x21e/0x9e0 [ 1939.970788][ T6651] ? file_end_write+0x1c0/0x1c0 [ 1939.975476][ T6651] ? create_io_thread+0x1e0/0x1e0 [ 1939.980334][ T6651] ? mutex_unlock+0xb2/0x260 [ 1939.984763][ T6651] ? __mutex_lock_slowpath+0x10/0x10 [ 1939.989885][ T6651] __x64_sys_clone+0x23f/0x290 [ 1939.994483][ T6651] ? __do_sys_vfork+0x130/0x130 [ 1939.999172][ T6651] ? ksys_write+0x260/0x2c0 [ 1940.003517][ T6651] ? debug_smp_processor_id+0x17/0x20 [ 1940.008717][ T6651] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1940.014619][ T6651] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1940.020089][ T6651] do_syscall_64+0x3d/0xb0 [ 1940.024342][ T6651] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1940.030067][ T6651] RIP: 0033:0x7f895df3fda9 [ 1940.034321][ T6651] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1940.053850][ T6651] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1940.062118][ T6651] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1940.069908][ T6651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1940.077730][ T6651] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 14:14:08 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) [ 1940.085530][ T6651] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1940.093346][ T6651] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1940.101160][ T6651] [ 1940.130691][ T6664] FAULT_INJECTION: forcing a failure. [ 1940.130691][ T6664] name failslab, interval 1, probability 0, space 0, times 0 [ 1940.154463][ T6664] CPU: 1 PID: 6664 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1940.164541][ T6664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1940.174438][ T6664] Call Trace: [ 1940.177559][ T6664] [ 1940.180345][ T6664] dump_stack_lvl+0x151/0x1b7 [ 1940.184853][ T6664] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1940.190328][ T6664] dump_stack+0x15/0x17 [ 1940.194309][ T6664] should_fail+0x3c6/0x510 [ 1940.198574][ T6664] __should_failslab+0xa4/0xe0 [ 1940.203170][ T6664] ? anon_vma_fork+0xf7/0x4e0 [ 1940.207677][ T6664] should_failslab+0x9/0x20 [ 1940.212021][ T6664] slab_pre_alloc_hook+0x37/0xd0 [ 1940.216793][ T6664] ? anon_vma_fork+0xf7/0x4e0 [ 1940.221305][ T6664] kmem_cache_alloc+0x44/0x200 [ 1940.225906][ T6664] anon_vma_fork+0xf7/0x4e0 [ 1940.230242][ T6664] ? anon_vma_name+0x43/0x70 [ 1940.234672][ T6664] ? vm_area_dup+0x17a/0x230 [ 1940.239101][ T6664] copy_mm+0xa3a/0x13e0 [ 1940.243099][ T6664] ? copy_signal+0x610/0x610 [ 1940.247517][ T6664] ? __init_rwsem+0xd6/0x1c0 [ 1940.251939][ T6664] ? copy_signal+0x4e3/0x610 [ 1940.256367][ T6664] copy_process+0x1149/0x3290 [ 1940.260884][ T6664] ? proc_fail_nth_write+0x20b/0x290 [ 1940.266001][ T6664] ? fsnotify_perm+0x6a/0x5d0 [ 1940.270514][ T6664] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1940.275460][ T6664] ? vfs_write+0x9ec/0x1110 [ 1940.279802][ T6664] kernel_clone+0x21e/0x9e0 [ 1940.284142][ T6664] ? file_end_write+0x1c0/0x1c0 [ 1940.288827][ T6664] ? create_io_thread+0x1e0/0x1e0 [ 1940.293686][ T6664] ? mutex_unlock+0xb2/0x260 [ 1940.298125][ T6664] ? __mutex_lock_slowpath+0x10/0x10 [ 1940.303240][ T6664] __x64_sys_clone+0x23f/0x290 [ 1940.307837][ T6664] ? __do_sys_vfork+0x130/0x130 [ 1940.312519][ T6664] ? ksys_write+0x260/0x2c0 [ 1940.316872][ T6664] ? debug_smp_processor_id+0x17/0x20 [ 1940.322068][ T6664] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1940.327973][ T6664] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1940.333443][ T6664] do_syscall_64+0x3d/0xb0 [ 1940.337695][ T6664] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1940.343420][ T6664] RIP: 0033:0x7f895df3fda9 [ 1940.347673][ T6664] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1940.367119][ T6664] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1940.375363][ T6664] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1940.383182][ T6664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1940.390985][ T6664] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1940.398830][ T6664] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1940.406607][ T6664] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1940.414424][ T6664] [ 1940.428559][ T6664] ------------[ cut here ]------------ [ 1940.442604][ T6664] refcount_t: underflow; use-after-free. [ 1940.448568][ T6664] WARNING: CPU: 1 PID: 6664 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0 [ 1940.458807][ T6664] Modules linked in: [ 1940.462623][ T6664] CPU: 1 PID: 6664 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1940.473059][ T6664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1940.483208][ T6664] RIP: 0010:refcount_warn_saturate+0x158/0x1a0 [ 1940.489457][ T6664] Code: 04 01 48 c7 c7 40 c8 82 85 e8 e4 9e dc fe 0f 0b eb 8b e8 6b 49 0b ff c6 05 73 8e 9e 04 01 48 c7 c7 a0 c8 82 85 e8 c8 9e dc fe <0f> 0b e9 6c ff ff ff e8 4c 49 0b ff c6 05 55 8e 9e 04 01 48 c7 c7 [ 1940.509229][ T6664] RSP: 0018:ffffc90000aa7968 EFLAGS: 00010246 [ 1940.515201][ T6664] RAX: 59b0cbb5a3696700 RBX: 0000000000000003 RCX: 0000000000040000 [ 1940.523251][ T6664] RDX: ffffc900041c9000 RSI: 000000000001941c RDI: 000000000001941d [ 1940.531313][ T6664] RBP: ffffc90000aa7978 R08: ffffffff81575f25 R09: ffffed103ee265e8 [ 1940.539383][ T6664] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102d4dfd3c [ 1940.547417][ T6664] R13: ffff88816a6fe9e0 R14: 0000000000000003 R15: ffff88815f82b181 [ 1940.555281][ T6664] FS: 00007f895ccc16c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1940.564315][ T6664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1940.570967][ T6664] CR2: 000055555672f818 CR3: 000000016a7d0000 CR4: 00000000003506a0 [ 1940.579004][ T6664] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1940.586953][ T6664] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 1940.595076][ T6664] Call Trace: [ 1940.598375][ T6664] [ 1940.601286][ T6664] ? show_regs+0x58/0x60 [ 1940.605360][ T6664] ? __warn+0x160/0x2f0 [ 1940.609730][ T6664] ? refcount_warn_saturate+0x158/0x1a0 [ 1940.615170][ T6664] ? report_bug+0x3d9/0x5b0 [ 1940.619739][ T6664] ? refcount_warn_saturate+0x158/0x1a0 [ 1940.625185][ T6664] ? handle_bug+0x41/0x70 [ 1940.629624][ T6664] ? exc_invalid_op+0x1b/0x50 [ 1940.634207][ T6664] ? asm_exc_invalid_op+0x1b/0x20 [ 1940.639290][ T6664] ? __wake_up_klogd+0xd5/0x110 [ 1940.644027][ T6664] ? refcount_warn_saturate+0x158/0x1a0 [ 1940.649642][ T6664] ? refcount_warn_saturate+0x158/0x1a0 [ 1940.655074][ T6664] vm_area_free_no_check+0x123/0x130 [ 1940.660423][ T6664] copy_mm+0xefb/0x13e0 [ 1940.664470][ T6664] ? copy_signal+0x610/0x610 [ 1940.669125][ T6664] ? __init_rwsem+0xd6/0x1c0 [ 1940.673606][ T6664] ? copy_signal+0x4e3/0x610 [ 1940.678243][ T6664] copy_process+0x1149/0x3290 [ 1940.682809][ T6664] ? proc_fail_nth_write+0x20b/0x290 [ 1940.688257][ T6664] ? fsnotify_perm+0x6a/0x5d0 [ 1940.692842][ T6664] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1940.698017][ T6664] ? vfs_write+0x9ec/0x1110 [ 1940.702405][ T6664] kernel_clone+0x21e/0x9e0 [ 1940.706744][ T6664] ? file_end_write+0x1c0/0x1c0 [ 1940.711715][ T6664] ? create_io_thread+0x1e0/0x1e0 [ 1940.716621][ T6664] ? mutex_unlock+0xb2/0x260 [ 1940.721304][ T6664] ? __mutex_lock_slowpath+0x10/0x10 [ 1940.726472][ T6664] __x64_sys_clone+0x23f/0x290 [ 1940.731341][ T6664] ? __do_sys_vfork+0x130/0x130 [ 1940.736161][ T6664] ? ksys_write+0x260/0x2c0 [ 1940.740735][ T6664] ? debug_smp_processor_id+0x17/0x20 [ 1940.746067][ T6664] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1940.752327][ T6664] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1940.758006][ T6664] do_syscall_64+0x3d/0xb0 [ 1940.762304][ T6664] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1940.768256][ T6664] RIP: 0033:0x7f895df3fda9 [ 1940.772555][ T6664] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1940.792474][ T6664] RSP: 002b:00007f895ccc1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1940.800989][ T6664] RAX: ffffffffffffffda RBX: 00007f895e06df80 RCX: 00007f895df3fda9 [ 1940.809013][ T6664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1940.816860][ T6664] RBP: 00007f895ccc1120 R08: 0000000000000000 R09: 0000000000000000 [ 1940.824942][ T6664] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1940.833019][ T6664] R13: 000000000000000b R14: 00007f895e06df80 R15: 00007ffdd24593b8 [ 1940.841054][ T6664] [ 1940.843951][ T6664] ---[ end trace 504277a34af2d234 ]--- [ 1941.277673][ T6653] BUG: unable to handle page fault for address: ffffed1800000017 [ 1941.285225][ T6653] #PF: supervisor read access in kernel mode [ 1941.291048][ T6653] #PF: error_code(0x0000) - not-present page [ 1941.296853][ T6653] PGD 23fff2067 P4D 23fff2067 PUD 0 [ 1941.301972][ T6653] Oops: 0000 [#1] PREEMPT SMP KASAN [ 1941.307008][ T6653] CPU: 0 PID: 6653 Comm: syz-executor.4 Tainted: G W 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1941.318466][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1941.328358][ T6653] RIP: 0010:__rb_erase_color+0xa08/0xa60 [ 1941.333827][ T6653] Code: 4c 89 ef e8 8a 20 2b ff 4d 89 65 00 4d 85 f6 49 bc 00 00 00 00 00 fc ff df 48 8b 5d a0 74 29 49 8d 5e 10 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 b9 1f 2b ff 49 8d 46 08 4d 39 6e [ 1941.353267][ T6653] RSP: 0018:ffffc90000a97580 EFLAGS: 00010a06 [ 1941.359175][ T6653] RAX: 1ffff11800000017 RBX: ffff88c0000000b8 RCX: dffffc0000000000 [ 1941.366980][ T6653] RDX: ffffffff81a50880 RSI: ffff88810fe266a0 RDI: ffff888105bb63d0 [ 1941.374788][ T6653] RBP: ffffc90000a975e0 R08: ffffffff81a4e940 R09: ffffed1021fc4cd8 [ 1941.382612][ T6653] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1941.390417][ T6653] R13: ffff88815f82b180 R14: ffff88c0000000a8 R15: ffff888114d5dd10 [ 1941.398259][ T6653] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1941.406996][ T6653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1941.413424][ T6653] CR2: ffffed1800000017 CR3: 0000000155107000 CR4: 00000000003506b0 [ 1941.421315][ T6653] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1941.429134][ T6653] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 1941.437025][ T6653] Call Trace: [ 1941.440150][ T6653] [ 1941.442935][ T6653] ? __die_body+0x62/0xb0 [ 1941.447100][ T6653] ? __die+0x7e/0x90 [ 1941.450819][ T6653] ? page_fault_oops+0x7f9/0xa90 [ 1941.455599][ T6653] ? kernelmode_fixup_or_oops+0x270/0x270 [ 1941.461145][ T6653] ? 0xffffffffa0030000 [ 1941.465148][ T6653] ? is_prefetch+0x47a/0x6d0 [ 1941.469567][ T6653] ? __rb_erase_color+0xa08/0xa60 [ 1941.474428][ T6653] ? __rb_erase_color+0xa08/0xa60 [ 1941.479288][ T6653] ? stack_trace_snprint+0xf0/0xf0 [ 1941.484232][ T6653] ? kernelmode_fixup_or_oops+0x21b/0x270 [ 1941.489796][ T6653] ? __bad_area_nosemaphore+0xcf/0x490 [ 1941.495092][ T6653] ? kmem_cache_free+0x116/0x2e0 [ 1941.499882][ T6653] ? kasan_set_track+0x5d/0x70 [ 1941.504458][ T6653] ? __kasan_slab_free+0x11/0x20 [ 1941.509231][ T6653] ? bad_area_nosemaphore+0x2d/0x40 [ 1941.514263][ T6653] ? do_kern_addr_fault+0x69/0x80 [ 1941.519383][ T6653] ? exc_page_fault+0x4eb/0x830 [ 1941.524074][ T6653] ? asm_exc_page_fault+0x27/0x30 [ 1941.528937][ T6653] ? vma_interval_tree_remove+0xae0/0xba0 [ 1941.534501][ T6653] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 1941.540737][ T6653] ? __rb_erase_color+0xa08/0xa60 [ 1941.545601][ T6653] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 1941.551854][ T6653] vma_interval_tree_remove+0xb82/0xba0 [ 1941.557232][ T6653] unlink_file_vma+0xd9/0xf0 [ 1941.561660][ T6653] free_pgtables+0x13f/0x280 [ 1941.566081][ T6653] exit_mmap+0x3e7/0x6f0 [ 1941.570158][ T6653] ? exit_aio+0x25e/0x3c0 [ 1941.574323][ T6653] ? vm_brk+0x30/0x30 [ 1941.578142][ T6653] ? mutex_unlock+0xb2/0x260 [ 1941.582593][ T6653] ? uprobe_clear_state+0x2cd/0x320 [ 1941.587607][ T6653] __mmput+0x95/0x310 [ 1941.591427][ T6653] mmput+0x5b/0x170 [ 1941.595075][ T6653] do_exit+0xb9c/0x2ca0 [ 1941.599069][ T6653] ? simple_acl_create+0x2c0/0x2c0 [ 1941.604006][ T6653] ? put_task_struct+0x80/0x80 [ 1941.608607][ T6653] ? ____kasan_slab_free+0x131/0x160 [ 1941.613732][ T6653] do_group_exit+0x141/0x310 [ 1941.618157][ T6653] get_signal+0x7a3/0x1630 [ 1941.622425][ T6653] arch_do_signal_or_restart+0xbd/0x1680 [ 1941.627890][ T6653] ? force_sig_fault+0x127/0x1d0 [ 1941.632672][ T6653] ? get_sigframe_size+0x10/0x10 [ 1941.637424][ T6653] ? page_fault_oops+0xa90/0xa90 [ 1941.642198][ T6653] exit_to_user_mode_loop+0xa0/0xe0 [ 1941.647230][ T6653] exit_to_user_mode_prepare+0x5a/0xa0 [ 1941.652525][ T6653] irqentry_exit_to_user_mode+0x9/0x20 [ 1941.657820][ T6653] irqentry_exit+0x12/0x40 [ 1941.662098][ T6653] exc_page_fault+0x47a/0x830 [ 1941.666590][ T6653] asm_exc_page_fault+0x27/0x30 [ 1941.671273][ T6653] RIP: 0033:0x3694cf9af7c8 [ 1941.675522][ T6653] Code: Unable to access opcode bytes at RIP 0x3694cf9af79e. [ 1941.682728][ T6653] RSP: 002b:0000000020000048 EFLAGS: 00010217 [ 1941.688632][ T6653] RAX: 0000000000000000 RBX: 00007f526cbdbf80 RCX: 00007f526caadda9 [ 1941.696449][ T6653] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000001000000 [ 1941.704259][ T6653] RBP: 00007f526cafa47a R08: 0000000020000100 R09: 0000000020000100 [ 1941.712159][ T6653] R10: 00000000200000c0 R11: 0000000000000206 R12: 0000000000000000 [ 1941.719979][ T6653] R13: 000000000000000b R14: 00007f526cbdbf80 R15: 00007ffd82b71b28 [ 1941.727780][ T6653] [ 1941.730906][ T6653] Modules linked in: [ 1941.734636][ T6653] CR2: ffffed1800000017 [ 1941.738629][ T6653] ---[ end trace 504277a34af2d235 ]--- [ 1941.743919][ T6653] RIP: 0010:__rb_erase_color+0xa08/0xa60 [ 1941.749387][ T6653] Code: 4c 89 ef e8 8a 20 2b ff 4d 89 65 00 4d 85 f6 49 bc 00 00 00 00 00 fc ff df 48 8b 5d a0 74 29 49 8d 5e 10 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 b9 1f 2b ff 49 8d 46 08 4d 39 6e [ 1941.768916][ T6653] RSP: 0018:ffffc90000a97580 EFLAGS: 00010a06 [ 1941.774824][ T6653] RAX: 1ffff11800000017 RBX: ffff88c0000000b8 RCX: dffffc0000000000 [ 1941.782629][ T6653] RDX: ffffffff81a50880 RSI: ffff88810fe266a0 RDI: ffff888105bb63d0 [ 1941.790438][ T6653] RBP: ffffc90000a975e0 R08: ffffffff81a4e940 R09: ffffed1021fc4cd8 [ 1941.798250][ T6653] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1941.806159][ T6653] R13: ffff88815f82b180 R14: ffff88c0000000a8 R15: ffff888114d5dd10 [ 1941.813963][ T6653] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1941.822811][ T6653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1941.829235][ T6653] CR2: ffffed1800000017 CR3: 0000000155107000 CR4: 00000000003506b0 [ 1941.837049][ T6653] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1941.844857][ T6653] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 1941.852707][ T6653] Kernel panic - not syncing: Fatal exception [ 1941.858906][ T6653] Kernel Offset: disabled [ 1941.863027][ T6653] Rebooting in 86400 seconds..