last executing test programs: 2.560640919s ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.26863349s ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.253675231s ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 1.955812364s ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 1.501921837s ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.304585263s ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 1.19864097s ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 1.142192154s ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 1.076231859s ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.022899354s ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) 957.345448ms ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 907.748682ms ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 858.173826ms ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 808.873539ms ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) 759.853143ms ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 704.732947ms ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 654.664531ms ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 605.588634ms ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) 556.305258ms ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 507.572852ms ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 449.007306ms ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 402.49184ms ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) 350.155574ms ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 301.054247ms ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 252.62767ms ago: executing program 3 (id=3623): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 197.222565ms ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) 147.712609ms ago: executing program 1 (id=3624): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000}, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe7, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd47e0ffff00120600631177fbac141416e000030a44079f03fec0000000000000000000000000002e01050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x3fe, 0x9, 0x180, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x48) close(0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000a40)='ns/uts\x00') r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@enum={0x0, 0x2, 0x0, 0xf, 0x4, [{}, {}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x42}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000), 0xfdef) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4fc0a000500feff"], &(0x7f0000000000)='GPL\x00', 0x6, 0x89, &(0x7f0000003300)=""/137, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x80) 98.436662ms ago: executing program 2 (id=3622): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000000a0000000000010100000000000000000000009500000000100000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) (async) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xfdef) (async, rerun: 32) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x4) (rerun: 32) 49.332156ms ago: executing program 4 (id=3621): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x2000000, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae}, 0x48) bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, r0, 0x1e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x48) 0s ago: executing program 0 (id=3619): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000280)="d122ffbd4e563e8729f1e80bd7ac1acb1410e85c7cd038bfc3d2c2f0a8a7d31a4836de2796eaafddd0cd8013239f8d7a79afd190fe25e397a80277807339b0516943a1fb0c631d88762c93f2c57d852845686949ac356d9a201942afbcc9f08fb4000670a1251340", &(0x7f0000000840)=""/194, &(0x7f0000000780)="a614601c5128cbc1c137859b9a623d591e454b0256a613dfa93748c19294ac548b521e61dda437b75646f670e64af053e7879f76d4034b46998c8a0793b0e13df280b8189c79a1f34cadb5c615a1030534cb3a47ce87e2b5a9a806b0f5556b0e9f1b164f1bb6ab8a23fb72152638a2d6597c133728551b9560529b2e3aefc3a00c921258584d4e42c1f2802a5f0efbc7aa2836e5", &(0x7f0000000000)="c25094c596ca7a6ad3936ef00dbc1c63e8b17a060cb2c9e61d34b8273938e51c2c73199c2456391aca145b", 0x3, r0}, 0x38) sendmsg$unix(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e408"], 0xfdef) kernel console output (not intermixed with test programs): ut_many+0x160/0x1b0 [ 294.923643][ T5958] ? fpu__clear_all+0x20/0x20 [ 294.928153][ T5958] ? __kasan_check_read+0x11/0x20 [ 294.933015][ T5958] __x64_sys_bpf+0x7b/0x90 [ 294.937272][ T5958] do_syscall_64+0x34/0x70 [ 294.941524][ T5958] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 294.947249][ T5958] RIP: 0033:0x7fad41929ef9 [ 294.951511][ T5958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.970942][ T5958] RSP: 002b:00007fad405a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 294.979271][ T5958] RAX: ffffffffffffffda RBX: 00007fad41ae2f80 RCX: 00007fad41929ef9 [ 294.987085][ T5958] RDX: 0000000000000080 RSI: 0000000020000040 RDI: 0000000000000005 [ 294.994893][ T5958] RBP: 00007fad405a4090 R08: 0000000000000000 R09: 0000000000000000 [ 295.002705][ T5958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 295.010530][ T5958] R13: 0000000000000000 R14: 00007fad41ae2f80 R15: 00007ffda3f44a18 [ 295.251923][ T5976] bond_slave_1: mtu less than device minimum [ 297.138124][ T6015] bond_slave_1: mtu less than device minimum [ 297.278284][ T6017] device veth0_vlan left promiscuous mode [ 297.405903][ T6017] device veth0_vlan entered promiscuous mode [ 297.586363][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 297.595630][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 297.611066][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 297.636419][ T6029] device veth0_vlan left promiscuous mode [ 297.791678][ T6029] device veth0_vlan entered promiscuous mode [ 298.418157][ T24] audit: type=1400 audit(1725482200.230:137): avc: denied { create } for pid=6044 comm="syz.1.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 298.461920][ T6058] bond_slave_1: mtu less than device minimum [ 298.961220][ T6067] device veth0_vlan left promiscuous mode [ 299.070732][ T6067] device veth0_vlan entered promiscuous mode [ 299.315476][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 299.323932][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 299.400824][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 299.508755][ T6099] bond_slave_1: mtu less than device minimum [ 300.008145][ T6111] FAULT_INJECTION: forcing a failure. [ 300.008145][ T6111] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 300.146132][ T6111] CPU: 1 PID: 6111 Comm: syz.2.1944 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 300.157238][ T6111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 300.167126][ T6111] Call Trace: [ 300.170268][ T6111] dump_stack_lvl+0x1e2/0x24b [ 300.174772][ T6111] ? bfq_pos_tree_add_move+0x43b/0x43b [ 300.180070][ T6111] dump_stack+0x15/0x17 [ 300.184051][ T6111] should_fail+0x3c6/0x510 [ 300.188307][ T6111] should_fail_alloc_page+0x52/0x60 [ 300.193436][ T6111] __alloc_pages_nodemask+0x1b3/0xaf0 [ 300.198650][ T6111] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 300.204080][ T6111] ? kvm_sched_clock_read+0x18/0x40 [ 300.209051][ T6111] shmem_alloc_page+0x257/0x420 [ 300.213726][ T6111] ? put_page+0xd0/0xd0 [ 300.217722][ T6111] ? debug_smp_processor_id+0x17/0x20 [ 300.222936][ T6111] ? shmem_alloc_and_acct_page+0x227/0x8e0 [ 300.228579][ T6111] ? _raw_write_unlock_irqrestore+0x60/0x70 [ 300.234300][ T6111] ? percpu_counter_add_batch+0x6c/0x160 [ 300.239765][ T6111] shmem_alloc_and_acct_page+0x395/0x8e0 [ 300.245233][ T6111] ? shmem_swapin_page+0x1950/0x1950 [ 300.250353][ T6111] ? sched_clock+0x3a/0x40 [ 300.254606][ T6111] ? sched_clock_cpu+0x1b/0x3b0 [ 300.259289][ T6111] ? sched_clock+0x3a/0x40 [ 300.263550][ T6111] ? __irq_exit_rcu+0x40/0x150 [ 300.268146][ T6111] ? irq_exit_rcu+0x9/0x10 [ 300.272396][ T6111] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 300.278037][ T6111] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 300.284028][ T6111] ? find_get_entry+0x163/0x4c0 [ 300.288717][ T6111] shmem_getpage_gfp+0x891/0x2480 [ 300.293603][ T6111] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 300.299339][ T6111] ? shmem_getpage+0xa0/0xa0 [ 300.303747][ T6111] ? iov_iter_fault_in_readable+0x31f/0x4f0 [ 300.309475][ T6111] shmem_write_begin+0xca/0x1b0 [ 300.314232][ T6111] generic_perform_write+0x2cd/0x570 [ 300.319284][ T6111] ? grab_cache_page_write_begin+0xa0/0xa0 [ 300.324942][ T6111] ? file_remove_privs+0x570/0x570 [ 300.329879][ T6111] __generic_file_write_iter+0x23c/0x560 [ 300.335345][ T6111] ? generic_write_checks+0x3b9/0x470 [ 300.340556][ T6111] generic_file_write_iter+0xaf/0x1c0 [ 300.345752][ T6111] vfs_write+0xb4c/0xe70 [ 300.349835][ T6111] ? irq_exit_rcu+0x9/0x10 [ 300.354082][ T6111] ? kernel_write+0x3d0/0x3d0 [ 300.358599][ T6111] ? mutex_trylock+0xa0/0xa0 [ 300.363020][ T6111] ? __fdget_pos+0x2e7/0x3a0 [ 300.367445][ T6111] ? ksys_write+0x77/0x2c0 [ 300.371698][ T6111] ksys_write+0x199/0x2c0 [ 300.375867][ T6111] ? kvm_sched_clock_read+0x18/0x40 [ 300.380899][ T6111] ? __ia32_sys_read+0x90/0x90 [ 300.385504][ T6111] ? debug_smp_processor_id+0x17/0x20 [ 300.390706][ T6111] __x64_sys_write+0x7b/0x90 [ 300.395131][ T6111] do_syscall_64+0x34/0x70 [ 300.399387][ T6111] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 300.405114][ T6111] RIP: 0033:0x7f0f3d57fef9 [ 300.409372][ T6111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.428808][ T6111] RSP: 002b:00007f0f3c1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 300.437051][ T6111] RAX: ffffffffffffffda RBX: 00007f0f3d738f80 RCX: 00007f0f3d57fef9 [ 300.444861][ T6111] RDX: 0000000000040001 RSI: 0000000020000180 RDI: 0000000000000006 [ 300.452728][ T6111] RBP: 00007f0f3c1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 300.460485][ T6111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 300.468298][ T6111] R13: 0000000000000000 R14: 00007f0f3d738f80 R15: 00007ffe3d741f68 [ 300.904261][ T6124] device veth0_vlan left promiscuous mode [ 300.998570][ T6124] device veth0_vlan entered promiscuous mode [ 301.138529][ T6144] bond_slave_1: mtu less than device minimum [ 301.824442][ T6165] device veth0_vlan left promiscuous mode [ 302.082541][ T6165] device veth0_vlan entered promiscuous mode [ 302.576763][ T6181] bond_slave_1: mtu less than device minimum [ 303.510385][ T6200] device veth0_vlan left promiscuous mode [ 303.688100][ T6200] device veth0_vlan entered promiscuous mode [ 303.903641][ T2043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 303.925010][ T2043] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 304.003770][ T2043] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 304.049906][ T6219] bond_slave_1: mtu less than device minimum [ 304.149910][ T6226] bond_slave_1: mtu less than device minimum [ 304.365905][ T6254] bond_slave_1: mtu less than device minimum [ 305.381240][ T24] audit: type=1400 audit(1725482207.260:138): avc: denied { create } for pid=6277 comm="syz.2.2003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 305.513128][ T6289] bond_slave_1: mtu less than device minimum [ 306.170880][ T6302] FAULT_INJECTION: forcing a failure. [ 306.170880][ T6302] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 306.407258][ T6302] CPU: 0 PID: 6302 Comm: syz.4.2012 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 306.418357][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 306.428252][ T6302] Call Trace: [ 306.431380][ T6302] dump_stack_lvl+0x1e2/0x24b [ 306.435890][ T6302] ? bfq_pos_tree_add_move+0x43b/0x43b [ 306.441192][ T6302] ? __alloc_skb+0x37c/0x510 [ 306.445609][ T6302] dump_stack+0x15/0x17 [ 306.449663][ T6302] should_fail+0x3c6/0x510 [ 306.453854][ T6302] should_fail_usercopy+0x1a/0x20 [ 306.458720][ T6302] _copy_from_iter+0x22c/0xd10 [ 306.463375][ T6302] ? sock_alloc_send_pskb+0x936/0xa50 [ 306.468524][ T6302] ? copyout_mc+0x90/0x90 [ 306.472704][ T6302] ? __check_object_size+0x2e6/0x3c0 [ 306.477823][ T6302] skb_copy_datagram_from_iter+0x100/0x6d0 [ 306.483531][ T6302] tun_get_user+0x1904/0x38f0 [ 306.487976][ T6302] ? kmem_cache_free+0xa9/0x1e0 [ 306.492650][ T6302] ? do_sys_openat2+0x1fc/0x710 [ 306.497344][ T6302] ? _kstrtoull+0x3a0/0x4a0 [ 306.501681][ T6302] ? tun_do_read+0x1f60/0x1f60 [ 306.506279][ T6302] ? kstrtouint_from_user+0x20a/0x2a0 [ 306.511492][ T6302] ? kstrtol_from_user+0x310/0x310 [ 306.516526][ T6302] ? avc_policy_seqno+0x1b/0x70 [ 306.521213][ T6302] ? selinux_file_permission+0x2bb/0x560 [ 306.526684][ T6302] ? fsnotify_perm+0x67/0x4e0 [ 306.531317][ T6302] tun_chr_write_iter+0x1a8/0x250 [ 306.536166][ T6302] vfs_write+0xb4c/0xe70 [ 306.540243][ T6302] ? kernel_write+0x3d0/0x3d0 [ 306.544820][ T6302] ? __fdget_pos+0x209/0x3a0 [ 306.549192][ T6302] ? ksys_write+0x77/0x2c0 [ 306.553448][ T6302] ksys_write+0x199/0x2c0 [ 306.557609][ T6302] ? __ia32_sys_read+0x90/0x90 [ 306.562212][ T6302] ? debug_smp_processor_id+0x17/0x20 [ 306.567416][ T6302] __x64_sys_write+0x7b/0x90 [ 306.571838][ T6302] do_syscall_64+0x34/0x70 [ 306.576095][ T6302] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 306.581818][ T6302] RIP: 0033:0x7fd7ce091ef9 [ 306.586067][ T6302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.605510][ T6302] RSP: 002b:00007fd7ccd0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 306.613841][ T6302] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 306.621650][ T6302] RDX: 000000000000fdef RSI: 0000000020001cc0 RDI: 00000000000000c8 [ 306.629460][ T6302] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 306.637266][ T6302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 306.645250][ T6302] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 306.803887][ T6310] FAULT_INJECTION: forcing a failure. [ 306.803887][ T6310] name failslab, interval 1, probability 0, space 0, times 0 [ 307.096956][ T6310] CPU: 0 PID: 6310 Comm: syz.1.2015 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 307.108063][ T6310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 307.117952][ T6310] Call Trace: [ 307.121085][ T6310] dump_stack_lvl+0x1e2/0x24b [ 307.125672][ T6310] ? panic+0x812/0x812 [ 307.129580][ T6310] ? bfq_pos_tree_add_move+0x43b/0x43b [ 307.134904][ T6310] ? __alloc_pages_nodemask+0xa8e/0xaf0 [ 307.140255][ T6310] dump_stack+0x15/0x17 [ 307.144252][ T6310] should_fail+0x3c6/0x510 [ 307.148503][ T6310] ? __build_skb+0x2a/0x300 [ 307.152839][ T6310] __should_failslab+0xa4/0xe0 [ 307.157442][ T6310] should_failslab+0x9/0x20 [ 307.161779][ T6310] kmem_cache_alloc+0x3d/0x2e0 [ 307.166382][ T6310] __build_skb+0x2a/0x300 [ 307.170553][ T6310] build_skb+0x25/0x1e0 [ 307.174539][ T6310] tun_get_user+0x1bd6/0x38f0 [ 307.179057][ T6310] ? _kstrtoull+0x3a0/0x4a0 [ 307.183389][ T6310] ? tun_do_read+0x1f60/0x1f60 [ 307.187988][ T6310] ? kstrtouint_from_user+0x20a/0x2a0 [ 307.193196][ T6310] ? kstrtol_from_user+0x310/0x310 [ 307.198147][ T6310] ? avc_policy_seqno+0x1b/0x70 [ 307.202833][ T6310] ? selinux_file_permission+0x2bb/0x560 [ 307.208301][ T6310] ? fsnotify_perm+0x67/0x4e0 [ 307.212813][ T6310] tun_chr_write_iter+0x1a8/0x250 [ 307.217674][ T6310] vfs_write+0xb4c/0xe70 [ 307.221753][ T6310] ? kernel_write+0x3d0/0x3d0 [ 307.226268][ T6310] ? __fdget_pos+0x209/0x3a0 [ 307.230689][ T6310] ? ksys_write+0x77/0x2c0 [ 307.234942][ T6310] ksys_write+0x199/0x2c0 [ 307.239162][ T6310] ? __ia32_sys_read+0x90/0x90 [ 307.243712][ T6310] ? debug_smp_processor_id+0x17/0x20 [ 307.248918][ T6310] __x64_sys_write+0x7b/0x90 [ 307.253343][ T6310] do_syscall_64+0x34/0x70 [ 307.257605][ T6310] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 307.263327][ T6310] RIP: 0033:0x7f564fc0aef9 [ 307.267592][ T6310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.287209][ T6310] RSP: 002b:00007f564e885038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.295442][ T6310] RAX: ffffffffffffffda RBX: 00007f564fdc3f80 RCX: 00007f564fc0aef9 [ 307.303533][ T6310] RDX: 0000000000000015 RSI: 0000000020000000 RDI: 00000000000000c8 [ 307.311328][ T6310] RBP: 00007f564e885090 R08: 0000000000000000 R09: 0000000000000000 [ 307.319151][ T6310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.326961][ T6310] R13: 0000000000000000 R14: 00007f564fdc3f80 R15: 00007ffe85943878 [ 307.414390][ T6324] bond_slave_1: mtu less than device minimum [ 308.615933][ T6350] FAULT_INJECTION: forcing a failure. [ 308.615933][ T6350] name failslab, interval 1, probability 0, space 0, times 0 [ 308.696260][ T6350] CPU: 0 PID: 6350 Comm: syz.1.2030 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 308.707365][ T6350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 308.717310][ T6350] Call Trace: [ 308.720385][ T6350] dump_stack_lvl+0x1e2/0x24b [ 308.724890][ T6350] ? bfq_pos_tree_add_move+0x43b/0x43b [ 308.730185][ T6350] dump_stack+0x15/0x17 [ 308.734172][ T6350] should_fail+0x3c6/0x510 [ 308.738429][ T6350] ? __se_sys_bpf+0x45a0/0x11cb0 [ 308.743204][ T6350] __should_failslab+0xa4/0xe0 [ 308.747801][ T6350] should_failslab+0x9/0x20 [ 308.752142][ T6350] kmem_cache_alloc_trace+0x3a/0x2e0 [ 308.757325][ T6350] ? bpf_get_raw_tracepoint+0xa8/0x290 [ 308.762554][ T6350] __se_sys_bpf+0x45a0/0x11cb0 [ 308.767241][ T6350] ? stack_trace_save+0x113/0x1c0 [ 308.772104][ T6350] ? terminate_walk+0x407/0x4f0 [ 308.776787][ T6350] ? stack_trace_snprint+0xf0/0xf0 [ 308.781735][ T6350] ? kmem_cache_free+0xa9/0x1e0 [ 308.786420][ T6350] ? kmem_cache_free+0xa9/0x1e0 [ 308.791106][ T6350] ? kasan_set_track+0x5d/0x70 [ 308.795705][ T6350] ? __x64_sys_bpf+0x90/0x90 [ 308.800133][ T6350] ? __kasan_slab_free+0x11/0x20 [ 308.804904][ T6350] ? slab_free_freelist_hook+0xc0/0x190 [ 308.810287][ T6350] ? kmem_cache_free+0xa9/0x1e0 [ 308.814977][ T6350] ? putname+0xe7/0x140 [ 308.818968][ T6350] ? do_sys_openat2+0x1fc/0x710 [ 308.823653][ T6350] ? __x64_sys_openat+0x243/0x290 [ 308.828515][ T6350] ? do_syscall_64+0x34/0x70 [ 308.832946][ T6350] ? _kstrtoull+0x3a0/0x4a0 [ 308.837280][ T6350] ? kstrtouint_from_user+0x20a/0x2a0 [ 308.842485][ T6350] ? kstrtol_from_user+0x310/0x310 [ 308.847480][ T6350] ? memset+0x35/0x40 [ 308.851252][ T6350] ? __fsnotify_parent+0x4b9/0x6c0 [ 308.856252][ T6350] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 308.862795][ T6350] ? proc_fail_nth_write+0x20b/0x290 [ 308.868127][ T6350] ? proc_fail_nth_read+0x210/0x210 [ 308.873126][ T6350] ? security_file_permission+0x86/0xb0 [ 308.878507][ T6350] ? rw_verify_area+0x1c3/0x360 [ 308.883194][ T6350] ? preempt_count_add+0x92/0x1a0 [ 308.888054][ T6350] ? vfs_write+0x852/0xe70 [ 308.892306][ T6350] ? kmem_cache_free+0xa9/0x1e0 [ 308.896997][ T6350] ? __kasan_check_write+0x14/0x20 [ 308.901943][ T6350] ? fput_many+0x160/0x1b0 [ 308.906197][ T6350] ? debug_smp_processor_id+0x17/0x20 [ 308.911401][ T6350] __x64_sys_bpf+0x7b/0x90 [ 308.915738][ T6350] do_syscall_64+0x34/0x70 [ 308.919995][ T6350] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 308.925719][ T6350] RIP: 0033:0x7f564fc0aef9 [ 308.929975][ T6350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.949419][ T6350] RSP: 002b:00007f564e885038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 308.957663][ T6350] RAX: ffffffffffffffda RBX: 00007f564fdc3f80 RCX: 00007f564fc0aef9 [ 308.965468][ T6350] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000011 [ 308.973280][ T6350] RBP: 00007f564e885090 R08: 0000000000000000 R09: 0000000000000000 [ 308.981090][ T6350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.988901][ T6350] R13: 0000000000000000 R14: 00007f564fdc3f80 R15: 00007ffe85943878 [ 309.001510][ T6360] bond_slave_1: mtu less than device minimum [ 309.553502][ T6372] bond_slave_1: mtu less than device minimum [ 309.700419][ T6379] bond_slave_1: mtu less than device minimum [ 310.055092][ T6382] FAULT_INJECTION: forcing a failure. [ 310.055092][ T6382] name failslab, interval 1, probability 0, space 0, times 0 [ 310.292155][ T6382] CPU: 1 PID: 6382 Comm: syz.4.2042 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 310.303259][ T6382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 310.313147][ T6382] Call Trace: [ 310.316281][ T6382] dump_stack_lvl+0x1e2/0x24b [ 310.320785][ T6382] ? panic+0x812/0x812 [ 310.324689][ T6382] ? bfq_pos_tree_add_move+0x43b/0x43b [ 310.329988][ T6382] ? arch_stack_walk+0xf3/0x140 [ 310.334675][ T6382] dump_stack+0x15/0x17 [ 310.338666][ T6382] should_fail+0x3c6/0x510 [ 310.342917][ T6382] ? __alloc_skb+0x80/0x510 [ 310.347260][ T6382] __should_failslab+0xa4/0xe0 [ 310.351946][ T6382] should_failslab+0x9/0x20 [ 310.356283][ T6382] kmem_cache_alloc+0x3d/0x2e0 [ 310.360881][ T6382] __alloc_skb+0x80/0x510 [ 310.365134][ T6382] tipc_msg_build+0x13e/0x1040 [ 310.369651][ T6382] ? proc_pident_instantiate+0x7a/0x2e0 [ 310.375030][ T6382] ? proc_pident_lookup+0x1c4/0x260 [ 310.380221][ T6382] ? tipc_node_find+0x206/0x4c0 [ 310.384893][ T6382] ? tipc_msg_fragment+0x760/0x760 [ 310.389844][ T6382] ? tipc_node_get_mtu+0x20f/0x2b0 [ 310.394859][ T6382] __tipc_sendmsg+0x19fb/0x3ab0 [ 310.399518][ T6382] ? tipc_sk_publish+0x3e0/0x3e0 [ 310.404246][ T6382] ? avc_has_perm+0x14d/0x400 [ 310.408757][ T6382] ? memcpy+0x56/0x70 [ 310.412571][ T6382] ? avc_has_perm+0x275/0x400 [ 310.417090][ T6382] ? avc_has_perm_noaudit+0x240/0x240 [ 310.422298][ T6382] ? unwind_get_return_address+0x4d/0x90 [ 310.427765][ T6382] ? __kasan_check_write+0x14/0x20 [ 310.432719][ T6382] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 310.437582][ T6382] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 310.442609][ T6382] ? __local_bh_enable_ip+0x53/0x80 [ 310.447693][ T6382] ? local_bh_enable+0x1f/0x30 [ 310.452249][ T6382] ? lock_sock_nested+0x26a/0x300 [ 310.457104][ T6382] ? sock_init_data+0xc0/0xc0 [ 310.461620][ T6382] ? debug_smp_processor_id+0x17/0x20 [ 310.466824][ T6382] ? wait_woken+0x250/0x250 [ 310.471159][ T6382] ? __irq_exit_rcu+0x40/0x150 [ 310.475766][ T6382] ? irq_exit_rcu+0x9/0x10 [ 310.480012][ T6382] tipc_sendmsg+0x55/0x70 [ 310.484174][ T6382] ? tipc_recvmsg+0x13b0/0x13b0 [ 310.488864][ T6382] ____sys_sendmsg+0x59e/0x8f0 [ 310.493474][ T6382] ? __sys_sendmsg_sock+0x40/0x40 [ 310.498332][ T6382] ? import_iovec+0xe5/0x120 [ 310.502756][ T6382] ___sys_sendmsg+0x252/0x2e0 [ 310.507263][ T6382] ? __sys_sendmsg+0x280/0x280 [ 310.511868][ T6382] ? rw_verify_area+0x1c3/0x360 [ 310.516555][ T6382] ? __fdget+0x1bc/0x240 [ 310.520631][ T6382] __se_sys_sendmsg+0x1b1/0x280 [ 310.525320][ T6382] ? __x64_sys_sendmsg+0x90/0x90 [ 310.530094][ T6382] ? ksys_write+0x260/0x2c0 [ 310.534434][ T6382] ? debug_smp_processor_id+0x17/0x20 [ 310.539675][ T6382] __x64_sys_sendmsg+0x7b/0x90 [ 310.544235][ T6382] do_syscall_64+0x34/0x70 [ 310.548493][ T6382] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 310.554210][ T6382] RIP: 0033:0x7fd7ce091ef9 [ 310.558466][ T6382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.577906][ T6382] RSP: 002b:00007fd7ccd0c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.586147][ T6382] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 310.593958][ T6382] RDX: 0000000020014809 RSI: 00000000200005c0 RDI: 0000000000000006 [ 310.601772][ T6382] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 310.609581][ T6382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.617392][ T6382] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 311.339176][ T6399] device veth0_vlan left promiscuous mode [ 311.483774][ T6399] device veth0_vlan entered promiscuous mode [ 311.838547][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 311.877345][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 311.884827][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 312.225734][ T6433] bond_slave_1: mtu less than device minimum [ 312.517606][ T6435] device veth0_vlan left promiscuous mode [ 312.633596][ T6435] device veth0_vlan entered promiscuous mode [ 312.814252][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 312.831336][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 312.856773][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 312.900704][ T6446] device veth0_vlan left promiscuous mode [ 313.001177][ T6446] device veth0_vlan entered promiscuous mode [ 313.470265][ T6476] bond_slave_1: mtu less than device minimum [ 313.697781][ T6481] FAULT_INJECTION: forcing a failure. [ 313.697781][ T6481] name failslab, interval 1, probability 0, space 0, times 0 [ 313.800421][ T6481] CPU: 0 PID: 6481 Comm: syz.1.2076 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 313.811525][ T6481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 313.821412][ T6481] Call Trace: [ 313.824556][ T6481] dump_stack_lvl+0x1e2/0x24b [ 313.829066][ T6481] ? bfq_pos_tree_add_move+0x43b/0x43b [ 313.834356][ T6481] dump_stack+0x15/0x17 [ 313.838343][ T6481] should_fail+0x3c6/0x510 [ 313.842592][ T6481] ? copy_signal+0x55/0x610 [ 313.846940][ T6481] __should_failslab+0xa4/0xe0 [ 313.851536][ T6481] should_failslab+0x9/0x20 [ 313.855878][ T6481] kmem_cache_alloc+0x3d/0x2e0 [ 313.860475][ T6481] copy_signal+0x55/0x610 [ 313.864641][ T6481] copy_process+0x112d/0x3340 [ 313.869156][ T6481] ? proc_fail_nth_write+0x20b/0x290 [ 313.874276][ T6481] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 313.879223][ T6481] ? vfs_write+0x852/0xe70 [ 313.883470][ T6481] ? kmem_cache_free+0xa9/0x1e0 [ 313.888160][ T6481] kernel_clone+0x21e/0x9e0 [ 313.892494][ T6481] ? __kasan_check_write+0x14/0x20 [ 313.897448][ T6481] ? create_io_thread+0x1e0/0x1e0 [ 313.902310][ T6481] __x64_sys_clone+0x23f/0x290 [ 313.906906][ T6481] ? __do_sys_vfork+0x130/0x130 [ 313.911596][ T6481] ? debug_smp_processor_id+0x17/0x20 [ 313.916805][ T6481] do_syscall_64+0x34/0x70 [ 313.921056][ T6481] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 313.926781][ T6481] RIP: 0033:0x7f564fc0aef9 [ 313.931030][ T6481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.950562][ T6481] RSP: 002b:00007f564e884fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 313.958806][ T6481] RAX: ffffffffffffffda RBX: 00007f564fdc3f80 RCX: 00007f564fc0aef9 [ 313.966614][ T6481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 313.974429][ T6481] RBP: 00007f564e885090 R08: 0000000000000000 R09: 0000000000000000 [ 313.982241][ T6481] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 313.990055][ T6481] R13: 0000000000000001 R14: 00007f564fdc3f80 R15: 00007ffe85943878 [ 314.002604][ T6494] device veth0_vlan left promiscuous mode [ 314.124202][ T6494] device veth0_vlan entered promiscuous mode [ 314.700628][ T6523] bpf_get_probe_write_proto: 4 callbacks suppressed [ 314.700639][ T6523] syz.1.2084[6523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 314.715347][ T6523] syz.1.2084[6523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 314.855381][ T6518] device veth0_vlan left promiscuous mode [ 315.011962][ T6518] device veth0_vlan entered promiscuous mode [ 315.247764][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 315.262294][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 315.277335][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 316.268928][ T6569] syz.3.2104[6569] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 316.290181][ T6569] syz.3.2104[6569] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 316.489239][ T6579] device veth0_vlan left promiscuous mode [ 316.752212][ T6579] device veth0_vlan entered promiscuous mode [ 317.080174][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 317.112101][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 317.188582][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 317.287079][ T6604] syz.3.2116[6604] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 317.287140][ T6604] syz.3.2116[6604] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 318.114518][ T6637] bond_slave_1: mtu less than device minimum [ 318.269208][ T6645] syz.3.2130[6645] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 318.269272][ T6645] syz.3.2130[6645] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 318.296968][ T6635] device veth0_vlan left promiscuous mode [ 318.316675][ T6635] device veth0_vlan entered promiscuous mode [ 318.323560][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 318.336920][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 318.385218][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 318.786293][ T6665] syz.3.2137[6665] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 318.786380][ T6665] syz.3.2137[6665] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.373683][ T6676] bond_slave_1: mtu less than device minimum [ 319.809743][ T6715] bpf_get_probe_write_proto: 2 callbacks suppressed [ 319.809753][ T6715] syz.3.2156[6715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.825486][ T6715] syz.3.2156[6715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.959567][ T6719] bond_slave_1: mtu less than device minimum [ 320.108992][ T6732] FAULT_INJECTION: forcing a failure. [ 320.108992][ T6732] name failslab, interval 1, probability 0, space 0, times 0 [ 320.123253][ T6732] CPU: 0 PID: 6732 Comm: syz.3.2163 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 320.134430][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 320.144322][ T6732] Call Trace: [ 320.147463][ T6732] dump_stack_lvl+0x1e2/0x24b [ 320.151965][ T6732] ? panic+0x812/0x812 [ 320.155867][ T6732] ? bfq_pos_tree_add_move+0x43b/0x43b [ 320.161162][ T6732] dump_stack+0x15/0x17 [ 320.165152][ T6732] should_fail+0x3c6/0x510 [ 320.169409][ T6732] ? __get_vm_area_node+0x116/0x470 [ 320.174439][ T6732] __should_failslab+0xa4/0xe0 [ 320.179044][ T6732] should_failslab+0x9/0x20 [ 320.183382][ T6732] kmem_cache_alloc_trace+0x3a/0x2e0 [ 320.188509][ T6732] __get_vm_area_node+0x116/0x470 [ 320.193361][ T6732] __vmalloc_node_range+0xdc/0x7c0 [ 320.198312][ T6732] ? bpf_check+0x1c6/0xf2b0 [ 320.202696][ T6732] ? kasan_poison+0x5d/0x70 [ 320.206987][ T6732] ? __kasan_kmalloc_large+0xad/0xc0 [ 320.212115][ T6732] ? bpf_check+0x1c6/0xf2b0 [ 320.216447][ T6732] vzalloc+0x78/0x90 [ 320.220178][ T6732] ? bpf_check+0x1c6/0xf2b0 [ 320.224518][ T6732] bpf_check+0x1c6/0xf2b0 [ 320.228693][ T6732] ? __irq_exit_rcu+0x40/0x150 [ 320.233285][ T6732] ? irq_exit_rcu+0x9/0x10 [ 320.237543][ T6732] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 320.243527][ T6732] ? 0xffffffffa0018c48 [ 320.247521][ T6732] ? bpf_get_btf_vmlinux+0x60/0x60 [ 320.252522][ T6732] ? __kernel_text_address+0x9b/0x110 [ 320.257688][ T6732] ? unwind_get_return_address+0x4d/0x90 [ 320.263154][ T6732] ? arch_stack_walk+0xf3/0x140 [ 320.267838][ T6732] ? stack_trace_save+0x113/0x1c0 [ 320.272685][ T6732] ? stack_trace_snprint+0xf0/0xf0 [ 320.277634][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.282922][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.288218][ T6732] ? ____kasan_kmalloc+0xed/0x110 [ 320.293076][ T6732] ? ____kasan_kmalloc+0xdb/0x110 [ 320.297937][ T6732] ? __kasan_kmalloc+0x9/0x10 [ 320.302642][ T6732] ? kmem_cache_alloc_trace+0x18a/0x2e0 [ 320.308006][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.313299][ T6732] ? security_bpf_prog_alloc+0x62/0x90 [ 320.318597][ T6732] ? __se_sys_bpf+0x9f8c/0x11cb0 [ 320.323359][ T6732] ? __x64_sys_bpf+0x7b/0x90 [ 320.327789][ T6732] ? do_syscall_64+0x34/0x70 [ 320.332217][ T6732] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 320.338134][ T6732] ? __kasan_kmalloc+0x9/0x10 [ 320.342627][ T6732] ? kmem_cache_alloc_trace+0x18a/0x2e0 [ 320.348011][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.353306][ T6732] __se_sys_bpf+0x107a2/0x11cb0 [ 320.357994][ T6732] ? perf_prepare_sample+0x1af0/0x1af0 [ 320.363288][ T6732] ? irq_exit_rcu+0x9/0x10 [ 320.367537][ T6732] ? __x64_sys_bpf+0x90/0x90 [ 320.371965][ T6732] ? __this_cpu_preempt_check+0x13/0x20 [ 320.377346][ T6732] ? __perf_event_account_interrupt+0x18f/0x2c0 [ 320.383421][ T6732] ? cpu_clock_event_read+0x50/0x50 [ 320.388458][ T6732] ? timerqueue_add+0x24c/0x270 [ 320.393143][ T6732] ? enqueue_hrtimer+0xad/0x200 [ 320.397829][ T6732] ? __hrtimer_run_queues+0x438/0xa50 [ 320.403034][ T6732] ? __hrtimer_run_queues+0x9ea/0xa50 [ 320.408385][ T6732] ? ktime_get+0x10e/0x140 [ 320.412621][ T6732] ? lapic_next_event+0x5f/0x70 [ 320.417311][ T6732] ? clockevents_program_event+0x214/0x2c0 [ 320.422945][ T6732] ? hrtimer_interrupt+0x6a8/0x8b0 [ 320.427904][ T6732] ? debug_smp_processor_id+0x17/0x20 [ 320.433159][ T6732] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 320.439025][ T6732] __x64_sys_bpf+0x7b/0x90 [ 320.443255][ T6732] do_syscall_64+0x34/0x70 [ 320.447514][ T6732] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 320.453236][ T6732] RIP: 0033:0x7f109fe49ef9 [ 320.457490][ T6732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.477019][ T6732] RSP: 002b:00007f109eac4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 320.485344][ T6732] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 320.493153][ T6732] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000005 [ 320.500968][ T6732] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 320.508776][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 320.516587][ T6732] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 320.528586][ T6732] syz.3.2163: vmalloc: allocation failure: 560 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0 [ 320.556774][ T6732] CPU: 1 PID: 6732 Comm: syz.3.2163 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 320.567864][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 320.577846][ T6732] Call Trace: [ 320.580978][ T6732] dump_stack_lvl+0x1e2/0x24b [ 320.585486][ T6732] ? wake_up_klogd+0xb8/0xf0 [ 320.589908][ T6732] ? bfq_pos_tree_add_move+0x43b/0x43b [ 320.595208][ T6732] ? pr_cont_kernfs_name+0xf0/0x100 [ 320.600243][ T6732] dump_stack+0x15/0x17 [ 320.604233][ T6732] warn_alloc+0x21a/0x390 [ 320.608404][ T6732] ? __irq_exit_rcu+0x40/0x150 [ 320.612999][ T6732] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 320.618377][ T6732] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 320.624019][ T6732] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 320.630013][ T6732] ? __vmalloc_node_range+0x270/0x7c0 [ 320.635220][ T6732] __vmalloc_node_range+0x287/0x7c0 [ 320.640338][ T6732] ? kasan_poison+0x5d/0x70 [ 320.644675][ T6732] ? __kasan_kmalloc_large+0xad/0xc0 [ 320.649795][ T6732] ? bpf_check+0x1c6/0xf2b0 [ 320.654133][ T6732] vzalloc+0x78/0x90 [ 320.657868][ T6732] ? bpf_check+0x1c6/0xf2b0 [ 320.662379][ T6732] bpf_check+0x1c6/0xf2b0 [ 320.666557][ T6732] ? __irq_exit_rcu+0x40/0x150 [ 320.671144][ T6732] ? irq_exit_rcu+0x9/0x10 [ 320.675401][ T6732] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 320.681391][ T6732] ? 0xffffffffa0018c48 [ 320.685379][ T6732] ? bpf_get_btf_vmlinux+0x60/0x60 [ 320.690326][ T6732] ? __kernel_text_address+0x9b/0x110 [ 320.695540][ T6732] ? unwind_get_return_address+0x4d/0x90 [ 320.701003][ T6732] ? arch_stack_walk+0xf3/0x140 [ 320.705690][ T6732] ? stack_trace_save+0x113/0x1c0 [ 320.710563][ T6732] ? stack_trace_snprint+0xf0/0xf0 [ 320.715510][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.720797][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.726129][ T6732] ? ____kasan_kmalloc+0xed/0x110 [ 320.730937][ T6732] ? ____kasan_kmalloc+0xdb/0x110 [ 320.735800][ T6732] ? __kasan_kmalloc+0x9/0x10 [ 320.740314][ T6732] ? kmem_cache_alloc_trace+0x18a/0x2e0 [ 320.745696][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.750989][ T6732] ? security_bpf_prog_alloc+0x62/0x90 [ 320.756285][ T6732] ? __se_sys_bpf+0x9f8c/0x11cb0 [ 320.761054][ T6732] ? __x64_sys_bpf+0x7b/0x90 [ 320.765482][ T6732] ? do_syscall_64+0x34/0x70 [ 320.769911][ T6732] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 320.775830][ T6732] ? __kasan_kmalloc+0x9/0x10 [ 320.780326][ T6732] ? kmem_cache_alloc_trace+0x18a/0x2e0 [ 320.785704][ T6732] ? selinux_bpf_prog_alloc+0x51/0x140 [ 320.791090][ T6732] __se_sys_bpf+0x107a2/0x11cb0 [ 320.795778][ T6732] ? perf_prepare_sample+0x1af0/0x1af0 [ 320.801075][ T6732] ? irq_exit_rcu+0x9/0x10 [ 320.805318][ T6732] ? __x64_sys_bpf+0x90/0x90 [ 320.809746][ T6732] ? __this_cpu_preempt_check+0x13/0x20 [ 320.815127][ T6732] ? __perf_event_account_interrupt+0x18f/0x2c0 [ 320.821206][ T6732] ? cpu_clock_event_read+0x50/0x50 [ 320.826245][ T6732] ? timerqueue_add+0x24c/0x270 [ 320.830927][ T6732] ? enqueue_hrtimer+0xad/0x200 [ 320.835610][ T6732] ? __hrtimer_run_queues+0x438/0xa50 [ 320.840817][ T6732] ? __hrtimer_run_queues+0x9ea/0xa50 [ 320.846027][ T6732] ? ktime_get+0x10e/0x140 [ 320.850280][ T6732] ? lapic_next_event+0x5f/0x70 [ 320.854965][ T6732] ? clockevents_program_event+0x214/0x2c0 [ 320.860672][ T6732] ? hrtimer_interrupt+0x6a8/0x8b0 [ 320.865559][ T6732] ? debug_smp_processor_id+0x17/0x20 [ 320.870764][ T6732] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 320.876665][ T6732] __x64_sys_bpf+0x7b/0x90 [ 320.880915][ T6732] do_syscall_64+0x34/0x70 [ 320.885171][ T6732] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 320.890897][ T6732] RIP: 0033:0x7f109fe49ef9 [ 320.895155][ T6732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.914587][ T6732] RSP: 002b:00007f109eac4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 320.922834][ T6732] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 320.930644][ T6732] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000005 [ 320.938455][ T6732] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 320.946266][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 320.954077][ T6732] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 320.988988][ T6732] Mem-Info: [ 320.992164][ T6732] active_anon:117 inactive_anon:7419 isolated_anon:0 [ 320.992164][ T6732] active_file:14599 inactive_file:9005 isolated_file:0 [ 320.992164][ T6732] unevictable:0 dirty:185 writeback:0 [ 320.992164][ T6732] slab_reclaimable:7020 slab_unreclaimable:72918 [ 320.992164][ T6732] mapped:21001 shmem:193 pagetables:510 bounce:0 [ 320.992164][ T6732] free:1579547 free_pcp:960 free_cma:0 [ 321.044043][ T6732] Node 0 active_anon:468kB inactive_anon:19676kB active_file:58396kB inactive_file:36020kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:84004kB dirty:740kB writeback:0kB shmem:772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4288kB all_unreclaimable? no [ 321.105840][ T6732] DMA32 free:2983352kB min:62624kB low:78280kB high:93936kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2984772kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:1420kB local_pcp:0kB free_cma:0kB [ 321.544591][ T6732] lowmem_reserve[]: 0 3941 3941 [ 321.625393][ T6732] Normal free:3346812kB min:84828kB low:106032kB high:127236kB reserved_highatomic:0KB active_anon:468kB inactive_anon:19780kB active_file:58404kB inactive_file:36020kB unevictable:0kB writepending:764kB present:5242880kB managed:4035856kB mlocked:0kB pagetables:2112kB bounce:0kB free_pcp:2544kB local_pcp:1080kB free_cma:0kB [ 321.816629][ T6732] lowmem_reserve[]: 0 0 0 [ 321.820824][ T6732] DMA32: 6*4kB (UM) 2*8kB (M) 3*16kB (M) 5*32kB (UM) 7*64kB (UM) 6*128kB (UM) 6*256kB (UM) 5*512kB (M) 6*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2983352kB [ 321.986776][ T6732] Normal: 1232*4kB (UME) 2858*8kB (UME) 1913*16kB (UME) 684*32kB (UME) 244*64kB (UME) 53*128kB (UME) 29*256kB (UME) 10*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 785*4096kB (M) = 3348000kB [ 322.016547][ T6732] 23799 total pagecache pages [ 322.086962][ T6732] 0 pages in swap cache [ 322.090951][ T6732] Swap cache stats: add 0, delete 0, find 0/0 [ 322.196156][ T6732] Free swap = 124996kB [ 322.200133][ T6732] Total swap = 124996kB [ 322.204123][ T6732] 2097051 pages RAM [ 322.316700][ T6732] 0 pages HighMem/MovableOnly [ 322.321205][ T6732] 341894 pages reserved [ 322.431423][ T6732] 0 pages cma reserved [ 322.529992][ T6775] syz.2.2177[6775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 322.530081][ T6775] syz.2.2177[6775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 322.918360][ T6793] device veth0_vlan left promiscuous mode [ 323.089351][ T6793] device veth0_vlan entered promiscuous mode [ 323.333298][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 323.366813][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 323.421102][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 323.819120][ T6807] device sit0 entered promiscuous mode [ 326.427932][ T6894] syz.1.2218[6894] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 326.427998][ T6894] syz.1.2218[6894] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 327.429151][ T6922] syz.1.2229[6922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 327.456344][ T6922] syz.1.2229[6922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 327.642192][ T6930] device veth0_vlan left promiscuous mode [ 327.796038][ T6930] device veth0_vlan entered promiscuous mode [ 327.963275][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 327.976431][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 327.991723][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 328.262175][ T6965] syz.0.2245[6965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 328.262240][ T6965] syz.0.2245[6965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 328.802014][ T6989] device veth0_vlan left promiscuous mode [ 329.096048][ T6989] device veth0_vlan entered promiscuous mode [ 329.897078][ T7029] device veth0_vlan left promiscuous mode [ 330.020659][ T7029] device veth0_vlan entered promiscuous mode [ 330.320672][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 330.330105][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 330.359630][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 332.004312][ T7110] device veth0_vlan left promiscuous mode [ 332.352880][ T7110] device veth0_vlan entered promiscuous mode [ 332.532535][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 332.579280][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 332.697070][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 332.707411][ T7118] device sit0 entered promiscuous mode [ 333.088646][ T7152] device veth0_vlan left promiscuous mode [ 333.166035][ T7152] device veth0_vlan entered promiscuous mode [ 333.405938][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 333.414186][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 333.421873][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 333.665960][ T7193] FAULT_INJECTION: forcing a failure. [ 333.665960][ T7193] name failslab, interval 1, probability 0, space 0, times 0 [ 333.936068][ T7193] CPU: 1 PID: 7193 Comm: syz.3.2330 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 333.947172][ T7193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 333.957062][ T7193] Call Trace: [ 333.960202][ T7193] dump_stack_lvl+0x1e2/0x24b [ 333.964705][ T7193] ? bfq_pos_tree_add_move+0x43b/0x43b [ 333.970009][ T7193] ? selinux_capable+0x2f1/0x430 [ 333.974774][ T7193] dump_stack+0x15/0x17 [ 333.978765][ T7193] should_fail+0x3c6/0x510 [ 333.983090][ T7193] ? btf_new_fd+0x112/0x9c0 [ 333.987362][ T7193] __should_failslab+0xa4/0xe0 [ 333.991961][ T7193] should_failslab+0x9/0x20 [ 333.996310][ T7193] kmem_cache_alloc_trace+0x3a/0x2e0 [ 334.001414][ T7193] btf_new_fd+0x112/0x9c0 [ 334.005581][ T7193] __se_sys_bpf+0x1aed/0x11cb0 [ 334.010181][ T7193] ? stack_trace_save+0x113/0x1c0 [ 334.015042][ T7193] ? terminate_walk+0x407/0x4f0 [ 334.019731][ T7193] ? stack_trace_snprint+0xf0/0xf0 [ 334.024686][ T7193] ? kmem_cache_free+0xa9/0x1e0 [ 334.029371][ T7193] ? kmem_cache_free+0xa9/0x1e0 [ 334.034049][ T7193] ? kasan_set_track+0x5d/0x70 [ 334.038648][ T7193] ? __x64_sys_bpf+0x90/0x90 [ 334.043075][ T7193] ? __kasan_slab_free+0x11/0x20 [ 334.047918][ T7193] ? slab_free_freelist_hook+0xc0/0x190 [ 334.053228][ T7193] ? kmem_cache_free+0xa9/0x1e0 [ 334.057913][ T7193] ? putname+0xe7/0x140 [ 334.061900][ T7193] ? do_sys_openat2+0x1fc/0x710 [ 334.066589][ T7193] ? __x64_sys_openat+0x243/0x290 [ 334.071450][ T7193] ? do_syscall_64+0x34/0x70 [ 334.075888][ T7193] ? _kstrtoull+0x3a0/0x4a0 [ 334.080219][ T7193] ? kstrtouint_from_user+0x20a/0x2a0 [ 334.085425][ T7193] ? kstrtol_from_user+0x310/0x310 [ 334.090399][ T7193] ? copy_from_kernel_nofault_allowed+0x9f/0xd0 [ 334.096448][ T7193] ? memset+0x35/0x40 [ 334.100267][ T7193] ? __fsnotify_parent+0x4b9/0x6c0 [ 334.105214][ T7193] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 334.111809][ T7193] ? proc_fail_nth_write+0x20b/0x290 [ 334.116930][ T7193] ? proc_fail_nth_read+0x210/0x210 [ 334.121964][ T7193] ? security_file_permission+0x86/0xb0 [ 334.127345][ T7193] ? rw_verify_area+0x1c3/0x360 [ 334.132032][ T7193] ? preempt_count_add+0x92/0x1a0 [ 334.136889][ T7193] ? vfs_write+0x852/0xe70 [ 334.141146][ T7193] ? kmem_cache_free+0x1c0/0x1e0 [ 334.146043][ T7193] ? kernel_write+0x3d0/0x3d0 [ 334.150610][ T7193] ? __kasan_check_write+0x14/0x20 [ 334.155488][ T7193] ? mutex_lock+0xa5/0x110 [ 334.159741][ T7193] ? mutex_trylock+0xa0/0xa0 [ 334.164167][ T7193] ? __kasan_check_write+0x14/0x20 [ 334.169121][ T7193] ? fput_many+0x160/0x1b0 [ 334.173376][ T7193] ? debug_smp_processor_id+0x17/0x20 [ 334.178577][ T7193] __x64_sys_bpf+0x7b/0x90 [ 334.182828][ T7193] do_syscall_64+0x34/0x70 [ 334.187211][ T7193] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 334.192920][ T7193] RIP: 0033:0x7f109fe49ef9 [ 334.197173][ T7193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.216612][ T7193] RSP: 002b:00007f109eac4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 334.224848][ T7193] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 334.232657][ T7193] RDX: 0000000000000020 RSI: 00000000200001c0 RDI: 0000000000000012 [ 334.240468][ T7193] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 334.248283][ T7193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.256090][ T7193] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 335.143462][ T7238] device veth0_vlan left promiscuous mode [ 335.212345][ T7238] device veth0_vlan entered promiscuous mode [ 335.338638][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 335.363554][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 335.379772][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 335.440569][ T7252] device veth0_vlan left promiscuous mode [ 335.496528][ T7257] syz.0.2353[7257] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 335.496591][ T7257] syz.0.2353[7257] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 335.578092][ T7252] device veth0_vlan entered promiscuous mode [ 335.879163][ T7277] device veth0_vlan left promiscuous mode [ 335.883987][ T7291] syz.0.2368[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 335.884840][ T7291] syz.0.2368[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 336.148408][ T7277] device veth0_vlan entered promiscuous mode [ 338.453351][ T7389] device veth0_vlan left promiscuous mode [ 338.640224][ T7389] device veth0_vlan entered promiscuous mode [ 338.733214][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 338.749845][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 338.825303][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 339.940417][ T7446] syz.1.2428[7446] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 339.940478][ T7446] syz.1.2428[7446] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 340.866116][ T7476] syz.4.2440[7476] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 340.966255][ T7476] syz.4.2440[7476] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.706006][ T7535] syz.1.2460[7535] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.787600][ T7535] syz.1.2460[7535] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 343.978667][ T7574] device veth0_vlan left promiscuous mode [ 344.049253][ T7574] device veth0_vlan entered promiscuous mode [ 344.075753][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 344.088150][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 344.106592][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 344.644233][ T7610] FAULT_INJECTION: forcing a failure. [ 344.644233][ T7610] name failslab, interval 1, probability 0, space 0, times 0 [ 344.787122][ T7610] CPU: 1 PID: 7610 Comm: syz.4.2486 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 344.798230][ T7610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 344.808119][ T7610] Call Trace: [ 344.811261][ T7610] dump_stack_lvl+0x1e2/0x24b [ 344.815765][ T7610] ? bfq_pos_tree_add_move+0x43b/0x43b [ 344.821060][ T7610] ? pfn_valid+0x1e0/0x1e0 [ 344.825310][ T7610] dump_stack+0x15/0x17 [ 344.829303][ T7610] should_fail+0x3c6/0x510 [ 344.833636][ T7610] ? vm_area_dup+0x26/0x270 [ 344.837896][ T7610] __should_failslab+0xa4/0xe0 [ 344.842495][ T7610] should_failslab+0x9/0x20 [ 344.846837][ T7610] kmem_cache_alloc+0x3d/0x2e0 [ 344.851431][ T7610] ? __kasan_check_read+0x11/0x20 [ 344.856295][ T7610] vm_area_dup+0x26/0x270 [ 344.860459][ T7610] copy_mm+0x8ac/0x13a0 [ 344.864453][ T7610] ? copy_signal+0x610/0x610 [ 344.868879][ T7610] ? __init_rwsem+0xd6/0x1c0 [ 344.873304][ T7610] ? copy_signal+0x4e3/0x610 [ 344.877730][ T7610] copy_process+0x1175/0x3340 [ 344.882244][ T7610] ? proc_fail_nth_write+0x20b/0x290 [ 344.887368][ T7610] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 344.892310][ T7610] ? vfs_write+0x852/0xe70 [ 344.896567][ T7610] ? kmem_cache_free+0x1c0/0x1e0 [ 344.901339][ T7610] kernel_clone+0x21e/0x9e0 [ 344.905677][ T7610] ? __kasan_check_write+0x14/0x20 [ 344.910625][ T7610] ? create_io_thread+0x1e0/0x1e0 [ 344.915482][ T7610] __x64_sys_clone+0x23f/0x290 [ 344.920077][ T7610] ? __do_sys_vfork+0x130/0x130 [ 344.924768][ T7610] ? debug_smp_processor_id+0x17/0x20 [ 344.929973][ T7610] do_syscall_64+0x34/0x70 [ 344.934229][ T7610] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 344.939955][ T7610] RIP: 0033:0x7fd7ce091ef9 [ 344.944206][ T7610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.963640][ T7610] RSP: 002b:00007fd7ccd0bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 344.971888][ T7610] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 344.979698][ T7610] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008001400 [ 344.987511][ T7610] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 344.995320][ T7610] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 345.003140][ T7610] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 345.382506][ T7636] syz.0.2497[7636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 345.382571][ T7636] syz.0.2497[7636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 345.472715][ T7641] device veth0_vlan left promiscuous mode [ 345.708015][ T7641] device veth0_vlan entered promiscuous mode [ 346.244504][ T7671] syz.1.2511[7671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 346.244575][ T7671] syz.1.2511[7671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 346.295434][ T7668] device veth0_vlan left promiscuous mode [ 346.506525][ T7668] device veth0_vlan entered promiscuous mode [ 346.632199][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 346.640930][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 346.727609][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 346.876104][ T7695] device veth0_vlan left promiscuous mode [ 346.898239][ T7701] syz.1.2522[7701] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 346.898300][ T7701] syz.1.2522[7701] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.103970][ T7695] device veth0_vlan entered promiscuous mode [ 347.707617][ T7734] syz.0.2533[7734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.707682][ T7734] syz.0.2533[7734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.756429][ T7740] FAULT_INJECTION: forcing a failure. [ 347.756429][ T7740] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 347.787705][ T7740] CPU: 0 PID: 7740 Comm: syz.0.2536 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 347.798788][ T7740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 347.808684][ T7740] Call Trace: [ 347.811821][ T7740] dump_stack_lvl+0x1e2/0x24b [ 347.816322][ T7740] ? bfq_pos_tree_add_move+0x43b/0x43b [ 347.821620][ T7740] dump_stack+0x15/0x17 [ 347.825617][ T7740] should_fail+0x3c6/0x510 [ 347.829871][ T7740] should_fail_usercopy+0x1a/0x20 [ 347.834732][ T7740] _copy_from_user+0x20/0xd0 [ 347.839157][ T7740] generic_map_update_batch+0x474/0x860 [ 347.844534][ T7740] ? generic_map_delete_batch+0x630/0x630 [ 347.850088][ T7740] ? generic_map_delete_batch+0x630/0x630 [ 347.855648][ T7740] bpf_map_do_batch+0x4c3/0x620 [ 347.860331][ T7740] __se_sys_bpf+0xc3c/0x11cb0 [ 347.864847][ T7740] ? stack_trace_save+0x113/0x1c0 [ 347.869706][ T7740] ? terminate_walk+0x407/0x4f0 [ 347.874390][ T7740] ? stack_trace_snprint+0xf0/0xf0 [ 347.879337][ T7740] ? kmem_cache_free+0xa9/0x1e0 [ 347.884027][ T7740] ? kmem_cache_free+0xa9/0x1e0 [ 347.888712][ T7740] ? kasan_set_track+0x5d/0x70 [ 347.893314][ T7740] ? __x64_sys_bpf+0x90/0x90 [ 347.897738][ T7740] ? __kasan_slab_free+0x11/0x20 [ 347.902511][ T7740] ? slab_free_freelist_hook+0xc0/0x190 [ 347.907898][ T7740] ? kmem_cache_free+0xa9/0x1e0 [ 347.912578][ T7740] ? putname+0xe7/0x140 [ 347.916567][ T7740] ? do_sys_openat2+0x1fc/0x710 [ 347.921256][ T7740] ? __x64_sys_openat+0x243/0x290 [ 347.926118][ T7740] ? do_syscall_64+0x34/0x70 [ 347.930571][ T7740] ? _kstrtoull+0x3a0/0x4a0 [ 347.934889][ T7740] ? kstrtouint_from_user+0x20a/0x2a0 [ 347.940091][ T7740] ? kstrtol_from_user+0x310/0x310 [ 347.945082][ T7740] ? copy_from_kernel_nofault_allowed+0x9f/0xd0 [ 347.951117][ T7740] ? memset+0x35/0x40 [ 347.954964][ T7740] ? __fsnotify_parent+0x4b9/0x6c0 [ 347.959887][ T7740] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 347.966478][ T7740] ? proc_fail_nth_write+0x20b/0x290 [ 347.971637][ T7740] ? proc_fail_nth_read+0x210/0x210 [ 347.976633][ T7740] ? security_file_permission+0x86/0xb0 [ 347.982015][ T7740] ? rw_verify_area+0x1c3/0x360 [ 347.986702][ T7740] ? preempt_count_add+0x92/0x1a0 [ 347.991560][ T7740] ? vfs_write+0x852/0xe70 [ 347.995816][ T7740] ? kmem_cache_free+0x1c0/0x1e0 [ 348.000587][ T7740] ? kernel_write+0x3d0/0x3d0 [ 348.005117][ T7740] ? __kasan_check_write+0x14/0x20 [ 348.010049][ T7740] ? mutex_lock+0xa5/0x110 [ 348.014343][ T7740] ? mutex_trylock+0xa0/0xa0 [ 348.018732][ T7740] ? __kasan_check_write+0x14/0x20 [ 348.023680][ T7740] ? fput_many+0x160/0x1b0 [ 348.027935][ T7740] ? debug_smp_processor_id+0x17/0x20 [ 348.033138][ T7740] __x64_sys_bpf+0x7b/0x90 [ 348.037391][ T7740] do_syscall_64+0x34/0x70 [ 348.041642][ T7740] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 348.047367][ T7740] RIP: 0033:0x7fad41929ef9 [ 348.051617][ T7740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.071063][ T7740] RSP: 002b:00007fad405a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 348.079302][ T7740] RAX: ffffffffffffffda RBX: 00007fad41ae2f80 RCX: 00007fad41929ef9 [ 348.087115][ T7740] RDX: 0000000000000038 RSI: 0000000020000200 RDI: 000000000000001a [ 348.094923][ T7740] RBP: 00007fad405a4090 R08: 0000000000000000 R09: 0000000000000000 [ 348.102730][ T7740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.110543][ T7740] R13: 0000000000000000 R14: 00007fad41ae2f80 R15: 00007ffda3f44a18 [ 349.045179][ T7770] device veth0_vlan left promiscuous mode [ 349.092793][ T7770] device veth0_vlan entered promiscuous mode [ 349.124370][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 349.132702][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 349.141572][ T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 349.156807][ T7772] device veth0_vlan left promiscuous mode [ 349.164486][ T7772] device veth0_vlan entered promiscuous mode [ 349.292821][ T7801] device veth0_vlan left promiscuous mode [ 349.419815][ T7801] device veth0_vlan entered promiscuous mode [ 349.975697][ T7817] device veth0_vlan left promiscuous mode [ 350.024016][ T7817] device veth0_vlan entered promiscuous mode [ 350.211323][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 350.255455][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 350.284357][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 351.274105][ T7889] syz.2.2596[7889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.274166][ T7889] syz.2.2596[7889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.362633][ T7893] device veth0_vlan left promiscuous mode [ 351.549819][ T7893] device veth0_vlan entered promiscuous mode [ 351.819888][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 351.841504][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 351.943319][ T503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 352.035833][ T7903] device veth0_vlan left promiscuous mode [ 352.147776][ T7903] device veth0_vlan entered promiscuous mode [ 353.244318][ T7964] FAULT_INJECTION: forcing a failure. [ 353.244318][ T7964] name failslab, interval 1, probability 0, space 0, times 0 [ 353.259469][ T7964] CPU: 1 PID: 7964 Comm: syz.3.2624 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 353.270552][ T7964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 353.280448][ T7964] Call Trace: [ 353.283679][ T7964] dump_stack_lvl+0x1e2/0x24b [ 353.288170][ T7964] ? bfq_pos_tree_add_move+0x43b/0x43b [ 353.293465][ T7964] dump_stack+0x15/0x17 [ 353.297457][ T7964] should_fail+0x3c6/0x510 [ 353.301714][ T7964] ? kvmalloc_node+0x82/0x130 [ 353.306233][ T7964] __should_failslab+0xa4/0xe0 [ 353.310824][ T7964] should_failslab+0x9/0x20 [ 353.315167][ T7964] __kmalloc+0x60/0x330 [ 353.319289][ T7964] kvmalloc_node+0x82/0x130 [ 353.323613][ T7964] btf_new_fd+0x2c3/0x9c0 [ 353.327754][ T7964] __se_sys_bpf+0x1aed/0x11cb0 [ 353.332417][ T7964] ? stack_trace_save+0x113/0x1c0 [ 353.337226][ T7964] ? terminate_walk+0x407/0x4f0 [ 353.341894][ T7964] ? stack_trace_snprint+0xf0/0xf0 [ 353.346845][ T7964] ? kmem_cache_free+0xa9/0x1e0 [ 353.351526][ T7964] ? kmem_cache_free+0xa9/0x1e0 [ 353.356216][ T7964] ? kasan_set_track+0x5d/0x70 [ 353.360817][ T7964] ? __x64_sys_bpf+0x90/0x90 [ 353.365244][ T7964] ? __kasan_slab_free+0x11/0x20 [ 353.370014][ T7964] ? slab_free_freelist_hook+0xc0/0x190 [ 353.375401][ T7964] ? kmem_cache_free+0xa9/0x1e0 [ 353.380085][ T7964] ? putname+0xe7/0x140 [ 353.384074][ T7964] ? do_sys_openat2+0x1fc/0x710 [ 353.388759][ T7964] ? __x64_sys_openat+0x243/0x290 [ 353.393620][ T7964] ? do_syscall_64+0x34/0x70 [ 353.398052][ T7964] ? _kstrtoull+0x3a0/0x4a0 [ 353.402387][ T7964] ? kstrtouint_from_user+0x20a/0x2a0 [ 353.407592][ T7964] ? kstrtol_from_user+0x310/0x310 [ 353.412540][ T7964] ? memset+0x35/0x40 [ 353.416365][ T7964] ? __fsnotify_parent+0x4b9/0x6c0 [ 353.421333][ T7964] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 353.427905][ T7964] ? proc_fail_nth_write+0x20b/0x290 [ 353.433028][ T7964] ? proc_fail_nth_read+0x210/0x210 [ 353.438151][ T7964] ? security_file_permission+0x86/0xb0 [ 353.443530][ T7964] ? rw_verify_area+0x1c3/0x360 [ 353.448218][ T7964] ? preempt_count_add+0x92/0x1a0 [ 353.453077][ T7964] ? vfs_write+0x852/0xe70 [ 353.457330][ T7964] ? kmem_cache_free+0xa9/0x1e0 [ 353.462016][ T7964] ? kernel_write+0x3d0/0x3d0 [ 353.466527][ T7964] ? __kasan_check_write+0x14/0x20 [ 353.471474][ T7964] ? mutex_lock+0xa5/0x110 [ 353.475726][ T7964] ? mutex_trylock+0xa0/0xa0 [ 353.480210][ T7964] ? __kasan_check_write+0x14/0x20 [ 353.485100][ T7964] ? fput_many+0x160/0x1b0 [ 353.489359][ T7964] ? debug_smp_processor_id+0x17/0x20 [ 353.494561][ T7964] __x64_sys_bpf+0x7b/0x90 [ 353.498814][ T7964] do_syscall_64+0x34/0x70 [ 353.503065][ T7964] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 353.508792][ T7964] RIP: 0033:0x7f109fe49ef9 [ 353.513047][ T7964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.532483][ T7964] RSP: 002b:00007f109eac4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 353.540728][ T7964] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 353.548547][ T7964] RDX: 0000000000000020 RSI: 00000000200001c0 RDI: 0000000000000012 [ 353.556355][ T7964] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 353.564163][ T7964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.572169][ T7964] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 353.611587][ T7956] device veth0_vlan left promiscuous mode [ 353.744037][ T7956] device veth0_vlan entered promiscuous mode [ 353.984276][ T7948] device veth0_vlan left promiscuous mode [ 354.013747][ T7948] device veth0_vlan entered promiscuous mode [ 354.028557][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 354.060037][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 354.107986][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 354.927990][ T8011] syz.4.2642[8011] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 354.928046][ T8011] syz.4.2642[8011] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.042181][ T8009] device veth0_vlan left promiscuous mode [ 355.358457][ T8009] device veth0_vlan entered promiscuous mode [ 355.760407][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 355.769283][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 355.777021][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 356.736443][ T8076] syz.0.2665[8076] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.736512][ T8076] syz.0.2665[8076] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.999081][ T8091] syz.2.2670[8091] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.071976][ T8091] syz.2.2670[8091] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.929303][ T8120] device veth0_vlan left promiscuous mode [ 358.126269][ T8120] device veth0_vlan entered promiscuous mode [ 358.563367][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 358.572201][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 358.591917][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 358.614096][ T8152] FAULT_INJECTION: forcing a failure. [ 358.614096][ T8152] name failslab, interval 1, probability 0, space 0, times 0 [ 358.646920][ T8152] CPU: 0 PID: 8152 Comm: syz.2.2695 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 358.658010][ T8152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 358.667899][ T8152] Call Trace: [ 358.671049][ T8152] dump_stack_lvl+0x1e2/0x24b [ 358.675541][ T8152] ? panic+0x812/0x812 [ 358.679446][ T8152] ? bfq_pos_tree_add_move+0x43b/0x43b [ 358.684739][ T8152] dump_stack+0x15/0x17 [ 358.688730][ T8152] should_fail+0x3c6/0x510 [ 358.693051][ T8152] ? __delayacct_tsk_init+0x2c/0xa0 [ 358.698022][ T8152] __should_failslab+0xa4/0xe0 [ 358.702620][ T8152] should_failslab+0x9/0x20 [ 358.706965][ T8152] kmem_cache_alloc+0x3d/0x2e0 [ 358.711561][ T8152] __delayacct_tsk_init+0x2c/0xa0 [ 358.716420][ T8152] copy_process+0x9e8/0x3340 [ 358.720850][ T8152] ? proc_fail_nth_write+0x20b/0x290 [ 358.725965][ T8152] ? proc_fail_nth_read+0x210/0x210 [ 358.731000][ T8152] ? rw_verify_area+0x1c3/0x360 [ 358.735683][ T8152] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 358.740633][ T8152] ? vfs_write+0x852/0xe70 [ 358.744888][ T8152] ? kmem_cache_free+0xa9/0x1e0 [ 358.749580][ T8152] kernel_clone+0x21e/0x9e0 [ 358.753916][ T8152] ? __kasan_check_write+0x14/0x20 [ 358.758862][ T8152] ? create_io_thread+0x1e0/0x1e0 [ 358.763720][ T8152] __x64_sys_clone+0x23f/0x290 [ 358.768320][ T8152] ? __do_sys_vfork+0x130/0x130 [ 358.773009][ T8152] ? debug_smp_processor_id+0x17/0x20 [ 358.778213][ T8152] do_syscall_64+0x34/0x70 [ 358.782472][ T8152] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 358.788195][ T8152] RIP: 0033:0x7f0f3d57fef9 [ 358.792451][ T8152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.811889][ T8152] RSP: 002b:00007f0f3c1f9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 358.820133][ T8152] RAX: ffffffffffffffda RBX: 00007f0f3d738f80 RCX: 00007f0f3d57fef9 [ 358.827941][ T8152] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000a004000 [ 358.835842][ T8152] RBP: 00007f0f3c1fa090 R08: 0000000020002d00 R09: 0000000020002d00 [ 358.843650][ T8152] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 358.851462][ T8152] R13: 0000000000000000 R14: 00007f0f3d738f80 R15: 00007ffe3d741f68 [ 359.735852][ T8188] device veth0_vlan left promiscuous mode [ 359.923759][ T8188] device veth0_vlan entered promiscuous mode [ 360.339053][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 360.362358][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 360.436414][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 361.024294][ T8233] device veth0_vlan left promiscuous mode [ 361.164502][ T8233] device veth0_vlan entered promiscuous mode [ 361.658965][ T8241] device veth0_vlan left promiscuous mode [ 361.704516][ T8245] syz.4.2728[8245] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 361.704578][ T8245] syz.4.2728[8245] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 361.759774][ T8241] device veth0_vlan entered promiscuous mode [ 362.148926][ T8258] syz.3.2731[8258] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.148991][ T8258] syz.3.2731[8258] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 363.026557][ T8290] device veth0_vlan left promiscuous mode [ 363.281388][ T8290] device veth0_vlan entered promiscuous mode [ 363.587363][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 363.595684][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 363.618594][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 363.737742][ T8308] device veth0_vlan left promiscuous mode [ 363.751766][ T8308] device veth0_vlan entered promiscuous mode [ 364.318659][ T8348] bond_slave_1: mtu less than device minimum [ 364.397802][ T8351] FAULT_INJECTION: forcing a failure. [ 364.397802][ T8351] name failslab, interval 1, probability 0, space 0, times 0 [ 364.431316][ T8351] CPU: 0 PID: 8351 Comm: syz.1.2765 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 364.442427][ T8351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 364.452302][ T8351] Call Trace: [ 364.455446][ T8351] dump_stack_lvl+0x1e2/0x24b [ 364.459953][ T8351] ? panic+0x812/0x812 [ 364.463852][ T8351] ? bfq_pos_tree_add_move+0x43b/0x43b [ 364.469143][ T8351] ? kstrtouint_from_user+0x20a/0x2a0 [ 364.474348][ T8351] ? kstrtol_from_user+0x310/0x310 [ 364.479295][ T8351] dump_stack+0x15/0x17 [ 364.483288][ T8351] should_fail+0x3c6/0x510 [ 364.487549][ T8351] ? kernfs_fop_write_iter+0x151/0x410 [ 364.492838][ T8351] __should_failslab+0xa4/0xe0 [ 364.497440][ T8351] should_failslab+0x9/0x20 [ 364.501778][ T8351] __kmalloc+0x60/0x330 [ 364.505768][ T8351] ? security_file_permission+0x7b/0xb0 [ 364.511158][ T8351] kernfs_fop_write_iter+0x151/0x410 [ 364.516271][ T8351] vfs_write+0xb4c/0xe70 [ 364.520349][ T8351] ? putname+0xe7/0x140 [ 364.524342][ T8351] ? __traceiter_kmem_cache_free+0x2e/0x50 [ 364.529984][ T8351] ? kernel_write+0x3d0/0x3d0 [ 364.534593][ T8351] ? mutex_trylock+0xa0/0xa0 [ 364.539069][ T8351] ? __fdget_pos+0x2e7/0x3a0 [ 364.543435][ T8351] ? ksys_write+0x77/0x2c0 [ 364.547695][ T8351] ksys_write+0x199/0x2c0 [ 364.551855][ T8351] ? __ia32_sys_read+0x90/0x90 [ 364.556459][ T8351] ? debug_smp_processor_id+0x17/0x20 [ 364.561664][ T8351] __x64_sys_write+0x7b/0x90 [ 364.566088][ T8351] do_syscall_64+0x34/0x70 [ 364.570343][ T8351] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 364.576070][ T8351] RIP: 0033:0x7f564fc0aef9 [ 364.580331][ T8351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.599763][ T8351] RSP: 002b:00007f564e864038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 364.608146][ T8351] RAX: ffffffffffffffda RBX: 00007f564fdc4058 RCX: 00007f564fc0aef9 [ 364.615903][ T8351] RDX: 0000000000000012 RSI: 0000000020000200 RDI: 0000000000000008 [ 364.623714][ T8351] RBP: 00007f564e864090 R08: 0000000000000000 R09: 0000000000000000 [ 364.631525][ T8351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.639353][ T8351] R13: 0000000000000000 R14: 00007f564fdc4058 R15: 00007ffe85943878 [ 364.887201][ T8357] device veth0_vlan left promiscuous mode [ 365.016021][ T8357] device veth0_vlan entered promiscuous mode [ 365.253570][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 365.262383][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 365.270257][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 368.347304][ T8467] syz.2.2809[8467] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 368.347432][ T8467] syz.2.2809[8467] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.695081][ T8509] device veth0_vlan left promiscuous mode [ 369.927365][ T8509] device veth0_vlan entered promiscuous mode [ 370.317950][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 370.346913][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 370.354355][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 370.722973][ T8530] device veth0_vlan left promiscuous mode [ 370.903653][ T8530] device veth0_vlan entered promiscuous mode [ 371.240676][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 371.267417][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 371.274773][ T3291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 372.930384][ T8612] device dummy0 entered promiscuous mode [ 374.832480][ T8715] FAULT_INJECTION: forcing a failure. [ 374.832480][ T8715] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 374.959789][ T8715] CPU: 0 PID: 8715 Comm: syz.4.2897 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 374.970888][ T8715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 374.980778][ T8715] Call Trace: [ 374.983920][ T8715] dump_stack_lvl+0x1e2/0x24b [ 374.988461][ T8715] ? bfq_pos_tree_add_move+0x43b/0x43b [ 374.993721][ T8715] ? kasan_check_range+0x1bc/0x2a0 [ 374.998661][ T8715] dump_stack+0x15/0x17 [ 375.002654][ T8715] should_fail+0x3c6/0x510 [ 375.006906][ T8715] should_fail_usercopy+0x1a/0x20 [ 375.011772][ T8715] _copy_from_user+0x20/0xd0 [ 375.016197][ T8715] __se_sys_bpf+0x232/0x11cb0 [ 375.020707][ T8715] ? __irq_exit_rcu+0x40/0x150 [ 375.025309][ T8715] ? irq_exit_rcu+0x9/0x10 [ 375.029561][ T8715] ? sysvec_apic_timer_interrupt+0xcb/0xe0 [ 375.035225][ T8715] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 375.041207][ T8715] ? __check_object_size+0x73/0x3c0 [ 375.046231][ T8715] ? __x64_sys_bpf+0x90/0x90 [ 375.050768][ T8715] ? should_fail+0x150/0x510 [ 375.055241][ T8715] ? __sanitizer_cov_trace_switch+0x56/0xe0 [ 375.060922][ T8715] ? _kstrtoull+0x3a0/0x4a0 [ 375.065257][ T8715] ? kstrtouint_from_user+0x20a/0x2a0 [ 375.070473][ T8715] ? kstrtol_from_user+0x310/0x310 [ 375.075398][ T8715] ? cpu_clock_event_read+0x50/0x50 [ 375.080447][ T8715] ? memset+0x35/0x40 [ 375.084262][ T8715] ? __fsnotify_parent+0x4b9/0x6c0 [ 375.089247][ T8715] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 375.095835][ T8715] ? proc_fail_nth_write+0x20b/0x290 [ 375.100943][ T8715] ? proc_fail_nth_read+0x210/0x210 [ 375.105961][ T8715] ? security_file_permission+0x86/0xb0 [ 375.111336][ T8715] ? rw_verify_area+0x1c3/0x360 [ 375.116030][ T8715] ? preempt_count_add+0x92/0x1a0 [ 375.120893][ T8715] ? vfs_write+0x852/0xe70 [ 375.125143][ T8715] ? __hrtimer_run_queues+0x438/0xa50 [ 375.130354][ T8715] ? kernel_write+0x3d0/0x3d0 [ 375.134926][ T8715] ? kvm_sched_clock_read+0x18/0x40 [ 375.139896][ T8715] ? sched_clock+0x3a/0x40 [ 375.144149][ T8715] ? sched_clock_cpu+0x1b/0x3b0 [ 375.148833][ T8715] ? sched_clock+0x3a/0x40 [ 375.153094][ T8715] ? __irq_exit_rcu+0x40/0x150 [ 375.157693][ T8715] __x64_sys_bpf+0x7b/0x90 [ 375.161946][ T8715] do_syscall_64+0x34/0x70 [ 375.166299][ T8715] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 375.172013][ T8715] RIP: 0033:0x7fd7ce091ef9 [ 375.176275][ T8715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.195723][ T8715] RSP: 002b:00007fd7ccd0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 375.203948][ T8715] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 375.211774][ T8715] RDX: 0000000000000020 RSI: 0000000020000280 RDI: 0000000000000012 [ 375.219579][ T8715] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 375.227469][ T8715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 375.235289][ T8715] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 377.880475][ T8814] FAULT_INJECTION: forcing a failure. [ 377.880475][ T8814] name failslab, interval 1, probability 0, space 0, times 0 [ 377.918959][ T8814] CPU: 1 PID: 8814 Comm: syz.4.2931 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 377.930066][ T8814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 377.939949][ T8814] Call Trace: [ 377.943090][ T8814] dump_stack_lvl+0x1e2/0x24b [ 377.947588][ T8814] ? panic+0x812/0x812 [ 377.951492][ T8814] ? bfq_pos_tree_add_move+0x43b/0x43b [ 377.956788][ T8814] dump_stack+0x15/0x17 [ 377.960778][ T8814] should_fail+0x3c6/0x510 [ 377.965032][ T8814] ? anon_vma_clone+0x9a/0x500 [ 377.969633][ T8814] __should_failslab+0xa4/0xe0 [ 377.974233][ T8814] should_failslab+0x9/0x20 [ 377.978597][ T8814] kmem_cache_alloc+0x3d/0x2e0 [ 377.983188][ T8814] anon_vma_clone+0x9a/0x500 [ 377.987677][ T8814] ? vm_area_dup+0x26/0x270 [ 377.991944][ T8814] anon_vma_fork+0x91/0x4e0 [ 377.996367][ T8814] ? anon_vma_name+0x4c/0x70 [ 378.000790][ T8814] ? vm_area_dup+0x1a1/0x270 [ 378.005216][ T8814] copy_mm+0x95a/0x13a0 [ 378.009237][ T8814] ? copy_signal+0x610/0x610 [ 378.013657][ T8814] ? __init_rwsem+0xd6/0x1c0 [ 378.018074][ T8814] ? copy_signal+0x4e3/0x610 [ 378.022496][ T8814] copy_process+0x1175/0x3340 [ 378.027008][ T8814] ? proc_fail_nth_write+0x20b/0x290 [ 378.032121][ T8814] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 378.037075][ T8814] ? vfs_write+0x852/0xe70 [ 378.041329][ T8814] ? kmem_cache_free+0x1c0/0x1e0 [ 378.046094][ T8814] kernel_clone+0x21e/0x9e0 [ 378.050435][ T8814] ? __kasan_check_write+0x14/0x20 [ 378.055380][ T8814] ? create_io_thread+0x1e0/0x1e0 [ 378.060312][ T8814] __x64_sys_clone+0x23f/0x290 [ 378.064843][ T8814] ? __do_sys_vfork+0x130/0x130 [ 378.069535][ T8814] ? debug_smp_processor_id+0x17/0x20 [ 378.074739][ T8814] do_syscall_64+0x34/0x70 [ 378.078990][ T8814] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 378.084716][ T8814] RIP: 0033:0x7fd7ce091ef9 [ 378.088973][ T8814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.108501][ T8814] RSP: 002b:00007fd7ccd0bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 378.116742][ T8814] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 378.124638][ T8814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008001400 [ 378.132451][ T8814] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 378.140262][ T8814] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 378.148073][ T8814] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 378.190882][ T24] audit: type=1400 audit(1725482280.070:139): avc: denied { create } for pid=8820 comm="syz.0.2935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 379.071072][ T8931] syz.2.2980[8931] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 379.071137][ T8931] syz.2.2980[8931] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 379.136265][ T8937] device sit0 left promiscuous mode [ 379.159338][ T8937] device sit0 entered promiscuous mode [ 380.384812][ T8989] device veth0_vlan left promiscuous mode [ 380.527670][ T8989] device veth0_vlan entered promiscuous mode [ 380.872693][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 380.886678][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 380.894028][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 385.573287][ T9173] FAULT_INJECTION: forcing a failure. [ 385.573287][ T9173] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 385.596107][ T9173] CPU: 1 PID: 9173 Comm: syz.3.3067 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 385.607223][ T9173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 385.617110][ T9173] Call Trace: [ 385.620247][ T9173] dump_stack_lvl+0x1e2/0x24b [ 385.624759][ T9173] ? bfq_pos_tree_add_move+0x43b/0x43b [ 385.630043][ T9173] ? stack_trace_snprint+0xf0/0xf0 [ 385.635084][ T9173] dump_stack+0x15/0x17 [ 385.639068][ T9173] should_fail+0x3c6/0x510 [ 385.643321][ T9173] should_fail_alloc_page+0x52/0x60 [ 385.648349][ T9173] __alloc_pages_nodemask+0x1b3/0xaf0 [ 385.653556][ T9173] ? __get_vm_area_node+0x156/0x470 [ 385.658589][ T9173] ? __vmalloc_node_range+0xdc/0x7c0 [ 385.663798][ T9173] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 385.669184][ T9173] ? _raw_spin_trylock_bh+0x190/0x190 [ 385.674391][ T9173] __get_free_pages+0xe/0x30 [ 385.678813][ T9173] kasan_populate_vmalloc_pte+0x39/0x130 [ 385.684284][ T9173] ? __apply_to_page_range+0x710/0x9e0 [ 385.689578][ T9173] __apply_to_page_range+0x720/0x9e0 [ 385.694695][ T9173] ? kasan_populate_vmalloc+0x70/0x70 [ 385.699904][ T9173] ? kasan_populate_vmalloc+0x70/0x70 [ 385.705108][ T9173] apply_to_page_range+0x3b/0x50 [ 385.709890][ T9173] kasan_populate_vmalloc+0x65/0x70 [ 385.714918][ T9173] alloc_vmap_area+0x1944/0x1a90 [ 385.719743][ T9173] ? vm_map_ram+0x9d0/0x9d0 [ 385.724032][ T9173] ? kmem_cache_alloc_trace+0x18a/0x2e0 [ 385.729434][ T9173] ? __get_vm_area_node+0x116/0x470 [ 385.734446][ T9173] __get_vm_area_node+0x156/0x470 [ 385.739308][ T9173] __vmalloc_node_range+0xdc/0x7c0 [ 385.744259][ T9173] ? copy_process+0x5c8/0x3340 [ 385.748854][ T9173] ? kmem_cache_alloc+0x168/0x2e0 [ 385.753750][ T9173] dup_task_struct+0x429/0xc30 [ 385.758315][ T9173] ? copy_process+0x5c8/0x3340 [ 385.762912][ T9173] copy_process+0x5c8/0x3340 [ 385.767344][ T9173] ? proc_fail_nth_write+0x20b/0x290 [ 385.772461][ T9173] ? proc_fail_nth_read+0x210/0x210 [ 385.777500][ T9173] ? security_file_permission+0x86/0xb0 [ 385.782876][ T9173] ? rw_verify_area+0x1c3/0x360 [ 385.787563][ T9173] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 385.792512][ T9173] ? vfs_write+0x852/0xe70 [ 385.796764][ T9173] ? kmem_cache_free+0x1c0/0x1e0 [ 385.801535][ T9173] kernel_clone+0x21e/0x9e0 [ 385.805875][ T9173] ? __kasan_check_write+0x14/0x20 [ 385.810821][ T9173] ? create_io_thread+0x1e0/0x1e0 [ 385.815683][ T9173] __x64_sys_clone+0x23f/0x290 [ 385.820282][ T9173] ? __do_sys_vfork+0x130/0x130 [ 385.824973][ T9173] ? debug_smp_processor_id+0x17/0x20 [ 385.830177][ T9173] do_syscall_64+0x34/0x70 [ 385.834435][ T9173] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 385.840157][ T9173] RIP: 0033:0x7f109fe49ef9 [ 385.844412][ T9173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.863850][ T9173] RSP: 002b:00007f109eac3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 385.872096][ T9173] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 385.879905][ T9173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000a004000 [ 385.887718][ T9173] RBP: 00007f109eac4090 R08: 0000000020002d00 R09: 0000000020002d00 [ 385.895526][ T9173] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 385.903341][ T9173] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 386.157151][ T24] audit: type=1400 audit(1725482288.020:140): avc: denied { create } for pid=9185 comm="syz.1.3074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 386.216501][ T9173] syz.3.3067: vmalloc: allocation failure: 32768 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0 [ 386.356206][ T9173] CPU: 0 PID: 9173 Comm: syz.3.3067 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 386.367316][ T9173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 386.377288][ T9173] Call Trace: [ 386.380422][ T9173] dump_stack_lvl+0x1e2/0x24b [ 386.384936][ T9173] ? wake_up_klogd+0xb8/0xf0 [ 386.389353][ T9173] ? bfq_pos_tree_add_move+0x43b/0x43b [ 386.394648][ T9173] ? pr_cont_kernfs_name+0xf0/0x100 [ 386.399687][ T9173] dump_stack+0x15/0x17 [ 386.403676][ T9173] warn_alloc+0x21a/0x390 [ 386.407839][ T9173] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 386.413221][ T9173] ? __get_vm_area_node+0x16c/0x470 [ 386.418347][ T9173] __vmalloc_node_range+0x287/0x7c0 [ 386.423289][ T9173] ? kmem_cache_alloc+0x168/0x2e0 [ 386.428150][ T9173] dup_task_struct+0x429/0xc30 [ 386.432746][ T9173] ? copy_process+0x5c8/0x3340 [ 386.437346][ T9173] copy_process+0x5c8/0x3340 [ 386.441775][ T9173] ? proc_fail_nth_write+0x20b/0x290 [ 386.446895][ T9173] ? proc_fail_nth_read+0x210/0x210 [ 386.451928][ T9173] ? security_file_permission+0x86/0xb0 [ 386.457307][ T9173] ? rw_verify_area+0x1c3/0x360 [ 386.461994][ T9173] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 386.466943][ T9173] ? vfs_write+0x852/0xe70 [ 386.471205][ T9173] ? kmem_cache_free+0x1c0/0x1e0 [ 386.475976][ T9173] kernel_clone+0x21e/0x9e0 [ 386.480312][ T9173] ? __kasan_check_write+0x14/0x20 [ 386.485258][ T9173] ? create_io_thread+0x1e0/0x1e0 [ 386.490118][ T9173] __x64_sys_clone+0x23f/0x290 [ 386.494715][ T9173] ? __do_sys_vfork+0x130/0x130 [ 386.499492][ T9173] ? debug_smp_processor_id+0x17/0x20 [ 386.504702][ T9173] do_syscall_64+0x34/0x70 [ 386.508952][ T9173] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 386.514675][ T9173] RIP: 0033:0x7f109fe49ef9 [ 386.518940][ T9173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 386.538384][ T9173] RSP: 002b:00007f109eac3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 386.546655][ T9173] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 386.554430][ T9173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000a004000 [ 386.562340][ T9173] RBP: 00007f109eac4090 R08: 0000000020002d00 R09: 0000000020002d00 [ 386.570133][ T9173] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 386.578045][ T9173] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 386.635722][ T9173] Mem-Info: [ 386.639048][ T9173] active_anon:93 inactive_anon:4863 isolated_anon:0 [ 386.639048][ T9173] active_file:16649 inactive_file:7427 isolated_file:0 [ 386.639048][ T9173] unevictable:0 dirty:150 writeback:0 [ 386.639048][ T9173] slab_reclaimable:7008 slab_unreclaimable:72740 [ 386.639048][ T9173] mapped:21067 shmem:169 pagetables:492 bounce:0 [ 386.639048][ T9173] free:1582228 free_pcp:1014 free_cma:0 [ 386.697112][ T9173] Node 0 active_anon:372kB inactive_anon:19452kB active_file:66596kB inactive_file:29708kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:84268kB dirty:600kB writeback:0kB shmem:676kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4384kB all_unreclaimable? no [ 386.737264][ T9173] DMA32 free:2983352kB min:62624kB low:78280kB high:93936kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2984772kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:1420kB local_pcp:0kB free_cma:0kB [ 386.784729][ T9173] lowmem_reserve[]: 0 3941 3941 [ 386.789831][ T9173] Normal free:3333288kB min:84828kB low:106032kB high:127236kB reserved_highatomic:0KB active_anon:372kB inactive_anon:19652kB active_file:66596kB inactive_file:29708kB unevictable:0kB writepending:600kB present:5242880kB managed:4035856kB mlocked:0kB pagetables:2264kB bounce:0kB free_pcp:1176kB local_pcp:720kB free_cma:0kB [ 386.820554][ T9173] lowmem_reserve[]: 0 0 0 [ 386.825168][ T9173] DMA32: 6*4kB (UM) 2*8kB (M) 3*16kB (M) 5*32kB (UM) 7*64kB (UM) 6*128kB (UM) 6*256kB (UM) 5*512kB (M) 6*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2983352kB [ 386.850546][ T9173] Normal: 885*4kB (UME) 1144*8kB (UE) 1968*16kB (UME) 714*32kB (UME) 209*64kB (UME) 62*128kB (UME) 41*256kB (UME) 14*512kB (UME) 12*1024kB (UME) 7*2048kB (UME) 781*4096kB (UM) = 3331604kB [ 386.888732][ T9173] 25970 total pagecache pages [ 386.900349][ T9173] 0 pages in swap cache [ 386.924569][ T9173] Swap cache stats: add 0, delete 0, find 0/0 [ 386.941208][ T9173] Free swap = 124996kB [ 386.950302][ T9173] Total swap = 124996kB [ 386.957630][ T9173] 2097051 pages RAM [ 386.965440][ T9173] 0 pages HighMem/MovableOnly [ 386.975522][ T9173] 341894 pages reserved [ 386.985261][ T9173] 0 pages cma reserved [ 388.094224][ T9253] syz.1.3097[9253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 388.094355][ T9253] syz.1.3097[9253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 389.804149][ T9280] bond_slave_1: mtu less than device minimum [ 392.561369][ T9431] FAULT_INJECTION: forcing a failure. [ 392.561369][ T9431] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 392.615519][ T9431] CPU: 1 PID: 9431 Comm: syz.2.3166 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 392.626629][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 392.636518][ T9431] Call Trace: [ 392.639659][ T9431] dump_stack_lvl+0x1e2/0x24b [ 392.644154][ T9431] ? bfq_pos_tree_add_move+0x43b/0x43b [ 392.649450][ T9431] dump_stack+0x15/0x17 [ 392.653446][ T9431] should_fail+0x3c6/0x510 [ 392.657712][ T9431] should_fail_usercopy+0x1a/0x20 [ 392.662571][ T9431] _copy_to_user+0x20/0x90 [ 392.666882][ T9431] simple_read_from_buffer+0xc7/0x150 [ 392.672020][ T9431] proc_fail_nth_read+0x1a3/0x210 [ 392.676884][ T9431] ? proc_fault_inject_write+0x390/0x390 [ 392.682371][ T9431] ? security_file_permission+0x86/0xb0 [ 392.687733][ T9431] ? rw_verify_area+0x1c3/0x360 [ 392.692408][ T9431] ? proc_fault_inject_write+0x390/0x390 [ 392.697876][ T9431] vfs_read+0x200/0xba0 [ 392.701874][ T9431] ? kernel_read+0x70/0x70 [ 392.706125][ T9431] ? __kasan_check_write+0x14/0x20 [ 392.711072][ T9431] ? mutex_lock+0xa5/0x110 [ 392.715319][ T9431] ? mutex_trylock+0xa0/0xa0 [ 392.719836][ T9431] ? __fdget_pos+0x2e7/0x3a0 [ 392.724262][ T9431] ? ksys_read+0x77/0x2c0 [ 392.728424][ T9431] ksys_read+0x199/0x2c0 [ 392.732504][ T9431] ? vfs_write+0xe70/0xe70 [ 392.736760][ T9431] ? debug_smp_processor_id+0x17/0x20 [ 392.741963][ T9431] __x64_sys_read+0x7b/0x90 [ 392.746461][ T9431] do_syscall_64+0x34/0x70 [ 392.750719][ T9431] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 392.756441][ T9431] RIP: 0033:0x7f0f3d57e93c [ 392.760697][ T9431] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 392.780220][ T9431] RSP: 002b:00007f0f3c1fa030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 392.788554][ T9431] RAX: ffffffffffffffda RBX: 00007f0f3d738f80 RCX: 00007f0f3d57e93c [ 392.796389][ T9431] RDX: 000000000000000f RSI: 00007f0f3c1fa0a0 RDI: 0000000000000006 [ 392.804258][ T9431] RBP: 00007f0f3c1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 392.812244][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.820057][ T9431] R13: 0000000000000000 R14: 00007f0f3d738f80 R15: 00007ffe3d741f68 [ 393.788126][ T9508] device veth0_vlan left promiscuous mode [ 393.807994][ T9508] device veth0_vlan entered promiscuous mode [ 393.827553][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 393.835463][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 393.856696][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 393.989283][ T9523] syz.4.3203[9523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 393.989345][ T9523] syz.4.3203[9523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 395.292592][ T9576] FAULT_INJECTION: forcing a failure. [ 395.292592][ T9576] name failslab, interval 1, probability 0, space 0, times 0 [ 395.526075][ T9576] CPU: 0 PID: 9576 Comm: syz.4.3224 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 395.537189][ T9576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 395.547078][ T9576] Call Trace: [ 395.550216][ T9576] dump_stack_lvl+0x1e2/0x24b [ 395.554728][ T9576] ? bfq_pos_tree_add_move+0x43b/0x43b [ 395.560015][ T9576] dump_stack+0x15/0x17 [ 395.564009][ T9576] should_fail+0x3c6/0x510 [ 395.568291][ T9576] ? kvmalloc_node+0x82/0x130 [ 395.572776][ T9576] __should_failslab+0xa4/0xe0 [ 395.577384][ T9576] should_failslab+0x9/0x20 [ 395.581721][ T9576] __kmalloc+0x60/0x330 [ 395.585710][ T9576] kvmalloc_node+0x82/0x130 [ 395.590107][ T9576] btf_new_fd+0x2c3/0x9c0 [ 395.594205][ T9576] __se_sys_bpf+0x1aed/0x11cb0 [ 395.598804][ T9576] ? stack_trace_save+0x113/0x1c0 [ 395.603876][ T9576] ? terminate_walk+0x407/0x4f0 [ 395.608519][ T9576] ? stack_trace_snprint+0xf0/0xf0 [ 395.613469][ T9576] ? kmem_cache_free+0xa9/0x1e0 [ 395.618158][ T9576] ? kmem_cache_free+0xa9/0x1e0 [ 395.622839][ T9576] ? kasan_set_track+0x5d/0x70 [ 395.627442][ T9576] ? __x64_sys_bpf+0x90/0x90 [ 395.631862][ T9576] ? __kasan_slab_free+0x11/0x20 [ 395.636726][ T9576] ? slab_free_freelist_hook+0xc0/0x190 [ 395.642161][ T9576] ? kmem_cache_free+0xa9/0x1e0 [ 395.646792][ T9576] ? putname+0xe7/0x140 [ 395.650784][ T9576] ? do_sys_openat2+0x1fc/0x710 [ 395.655469][ T9576] ? __x64_sys_openat+0x243/0x290 [ 395.660342][ T9576] ? do_syscall_64+0x34/0x70 [ 395.664763][ T9576] ? _kstrtoull+0x3a0/0x4a0 [ 395.669100][ T9576] ? kstrtouint_from_user+0x20a/0x2a0 [ 395.674306][ T9576] ? kstrtol_from_user+0x310/0x310 [ 395.679257][ T9576] ? memset+0x35/0x40 [ 395.683075][ T9576] ? __fsnotify_parent+0x4b9/0x6c0 [ 395.688037][ T9576] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 395.694617][ T9576] ? proc_fail_nth_write+0x20b/0x290 [ 395.699830][ T9576] ? proc_fail_nth_read+0x210/0x210 [ 395.704866][ T9576] ? security_file_permission+0x86/0xb0 [ 395.710246][ T9576] ? rw_verify_area+0x1c3/0x360 [ 395.714931][ T9576] ? preempt_count_add+0x92/0x1a0 [ 395.719793][ T9576] ? vfs_write+0x852/0xe70 [ 395.724064][ T9576] ? kmem_cache_free+0xa9/0x1e0 [ 395.728733][ T9576] ? kernel_write+0x3d0/0x3d0 [ 395.733247][ T9576] ? __kasan_check_write+0x14/0x20 [ 395.738197][ T9576] ? mutex_lock+0xa5/0x110 [ 395.742441][ T9576] ? mutex_trylock+0xa0/0xa0 [ 395.746958][ T9576] ? __kasan_check_write+0x14/0x20 [ 395.751957][ T9576] ? fput_many+0x160/0x1b0 [ 395.756164][ T9576] ? debug_smp_processor_id+0x17/0x20 [ 395.761369][ T9576] __x64_sys_bpf+0x7b/0x90 [ 395.765705][ T9576] do_syscall_64+0x34/0x70 [ 395.769960][ T9576] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 395.775686][ T9576] RIP: 0033:0x7fd7ce091ef9 [ 395.779944][ T9576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.799377][ T9576] RSP: 002b:00007fd7ccd0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 395.807710][ T9576] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 395.815518][ T9576] RDX: 0000000000000020 RSI: 00000000200001c0 RDI: 0000000000000012 [ 395.823331][ T9576] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 395.831231][ T9576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.839067][ T9576] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 404.025273][ T9817] device veth0_vlan left promiscuous mode [ 404.114524][ T9817] device veth0_vlan entered promiscuous mode [ 404.303598][ T587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 404.314654][ T587] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready [ 404.338198][ T587] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 405.164073][ T24] audit: type=1400 audit(1725482307.040:141): avc: denied { create } for pid=9844 comm="syz.2.3319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 406.788180][ T9887] FAULT_INJECTION: forcing a failure. [ 406.788180][ T9887] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 406.826207][ T9887] CPU: 0 PID: 9887 Comm: syz.2.3336 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 406.837315][ T9887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 406.847202][ T9887] Call Trace: [ 406.850338][ T9887] dump_stack_lvl+0x1e2/0x24b [ 406.854840][ T9887] ? panic+0x812/0x812 [ 406.858747][ T9887] ? bfq_pos_tree_add_move+0x43b/0x43b [ 406.864040][ T9887] ? vsnprintf+0x1b96/0x1c70 [ 406.868468][ T9887] dump_stack+0x15/0x17 [ 406.872457][ T9887] should_fail+0x3c6/0x510 [ 406.876711][ T9887] should_fail_usercopy+0x1a/0x20 [ 406.881591][ T9887] _copy_to_user+0x20/0x90 [ 406.885835][ T9887] bpf_verifier_vlog+0x1ab/0x330 [ 406.890606][ T9887] __btf_verifier_log+0xd1/0x120 [ 406.895375][ T9887] ? btf_parse_hdr+0x2c2/0x770 [ 406.899971][ T9887] ? btf_check_sec_info+0x4f0/0x4f0 [ 406.905006][ T9887] ? btf_parse_hdr+0x1d5/0x770 [ 406.909607][ T9887] ? memcpy+0x56/0x70 [ 406.913423][ T9887] btf_parse_hdr+0x317/0x770 [ 406.917852][ T9887] btf_new_fd+0x487/0x9c0 [ 406.922015][ T9887] __se_sys_bpf+0x1aed/0x11cb0 [ 406.926625][ T9887] ? stack_trace_save+0x113/0x1c0 [ 406.931479][ T9887] ? terminate_walk+0x407/0x4f0 [ 406.936165][ T9887] ? stack_trace_snprint+0xf0/0xf0 [ 406.941115][ T9887] ? kmem_cache_free+0xa9/0x1e0 [ 406.945805][ T9887] ? kmem_cache_free+0xa9/0x1e0 [ 406.950484][ T9887] ? kasan_set_track+0x5d/0x70 [ 406.955087][ T9887] ? __x64_sys_bpf+0x90/0x90 [ 406.959571][ T9887] ? __kasan_slab_free+0x11/0x20 [ 406.964288][ T9887] ? slab_free_freelist_hook+0xc0/0x190 [ 406.969668][ T9887] ? kmem_cache_free+0xa9/0x1e0 [ 406.974357][ T9887] ? putname+0xe7/0x140 [ 406.978345][ T9887] ? do_sys_openat2+0x1fc/0x710 [ 406.983028][ T9887] ? __x64_sys_openat+0x243/0x290 [ 406.987892][ T9887] ? do_syscall_64+0x34/0x70 [ 406.992319][ T9887] ? _kstrtoull+0x3a0/0x4a0 [ 406.996657][ T9887] ? kstrtouint_from_user+0x20a/0x2a0 [ 407.001862][ T9887] ? kstrtol_from_user+0x310/0x310 [ 407.006818][ T9887] ? memset+0x35/0x40 [ 407.010636][ T9887] ? __fsnotify_parent+0x4b9/0x6c0 [ 407.015574][ T9887] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 407.022168][ T9887] ? proc_fail_nth_write+0x20b/0x290 [ 407.027291][ T9887] ? proc_fail_nth_read+0x210/0x210 [ 407.032342][ T9887] ? security_file_permission+0x86/0xb0 [ 407.037729][ T9887] ? rw_verify_area+0x1c3/0x360 [ 407.042424][ T9887] ? preempt_count_add+0x92/0x1a0 [ 407.047258][ T9887] ? vfs_write+0x852/0xe70 [ 407.051509][ T9887] ? kmem_cache_free+0xa9/0x1e0 [ 407.056205][ T9887] ? kernel_write+0x3d0/0x3d0 [ 407.060714][ T9887] ? __kasan_check_write+0x14/0x20 [ 407.065662][ T9887] ? mutex_lock+0xa5/0x110 [ 407.069905][ T9887] ? mutex_trylock+0xa0/0xa0 [ 407.074336][ T9887] ? __kasan_check_write+0x14/0x20 [ 407.079309][ T9887] ? fput_many+0x160/0x1b0 [ 407.083545][ T9887] ? debug_smp_processor_id+0x17/0x20 [ 407.088745][ T9887] __x64_sys_bpf+0x7b/0x90 [ 407.093001][ T9887] do_syscall_64+0x34/0x70 [ 407.097264][ T9887] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 407.102973][ T9887] RIP: 0033:0x7f0f3d57fef9 [ 407.107229][ T9887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.126668][ T9887] RSP: 002b:00007f0f3c1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 407.134911][ T9887] RAX: ffffffffffffffda RBX: 00007f0f3d738f80 RCX: 00007f0f3d57fef9 [ 407.142725][ T9887] RDX: 0000000000000020 RSI: 00000000200001c0 RDI: 0000000000000012 [ 407.150531][ T9887] RBP: 00007f0f3c1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 407.158365][ T9887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 407.166178][ T9887] R13: 0000000000000000 R14: 00007f0f3d738f80 R15: 00007ffe3d741f68 [ 407.365718][ T9910] syz.4.3343[9910] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.365780][ T9910] syz.4.3343[9910] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.386963][ T9910] FAULT_INJECTION: forcing a failure. [ 407.386963][ T9910] name failslab, interval 1, probability 0, space 0, times 0 [ 407.538781][ T9913] syz.0.3344[9913] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.538848][ T9913] syz.0.3344[9913] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.587136][ T9910] CPU: 0 PID: 9910 Comm: syz.4.3343 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 407.609434][ T9910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 407.619318][ T9910] Call Trace: [ 407.622515][ T9910] dump_stack_lvl+0x1e2/0x24b [ 407.626959][ T9910] ? panic+0x812/0x812 [ 407.630865][ T9910] ? bfq_pos_tree_add_move+0x43b/0x43b [ 407.636206][ T9910] ? avc_has_perm+0x14d/0x400 [ 407.640763][ T9910] ? memcpy+0x56/0x70 [ 407.644586][ T9910] dump_stack+0x15/0x17 [ 407.648573][ T9910] should_fail+0x3c6/0x510 [ 407.652825][ T9910] ? __alloc_skb+0x80/0x510 [ 407.657173][ T9910] __should_failslab+0xa4/0xe0 [ 407.661763][ T9910] should_failslab+0x9/0x20 [ 407.666114][ T9910] kmem_cache_alloc+0x3d/0x2e0 [ 407.670712][ T9910] ? cmp_ex_search+0x79/0xa0 [ 407.675138][ T9910] __alloc_skb+0x80/0x510 [ 407.679305][ T9910] ? search_extable+0xaf/0xf0 [ 407.683822][ T9910] alloc_skb_with_frags+0xa1/0x570 [ 407.688825][ T9910] ? copy_user_enhanced_fast_string+0x27/0x40 [ 407.694669][ T9910] ? copy_user_enhanced_fast_string+0x27/0x40 [ 407.700577][ T9910] ? ex_handler_copy+0x43/0x100 [ 407.705323][ T9910] sock_alloc_send_pskb+0x915/0xa50 [ 407.710298][ T9910] ? sock_kzfree_s+0x60/0x60 [ 407.714718][ T9910] ? stack_trace_save+0x113/0x1c0 [ 407.719572][ T9910] ? terminate_walk+0x407/0x4f0 [ 407.724247][ T9910] ? stack_trace_snprint+0xf0/0xf0 [ 407.729279][ T9910] tun_get_user+0xe90/0x38f0 [ 407.733634][ T9910] ? _kstrtoull+0x3a0/0x4a0 [ 407.737969][ T9910] ? tun_do_read+0x1f60/0x1f60 [ 407.742565][ T9910] ? kstrtouint_from_user+0x20a/0x2a0 [ 407.747774][ T9910] ? kstrtol_from_user+0x310/0x310 [ 407.752719][ T9910] ? copy_user_enhanced_fast_string+0x29/0x40 [ 407.758621][ T9910] ? avc_policy_seqno+0x1b/0x70 [ 407.763302][ T9910] ? selinux_file_permission+0x2bb/0x560 [ 407.768773][ T9910] ? fsnotify_perm+0x67/0x4e0 [ 407.773287][ T9910] tun_chr_write_iter+0x1a8/0x250 [ 407.778147][ T9910] vfs_write+0xb4c/0xe70 [ 407.782226][ T9910] ? kernel_write+0x3d0/0x3d0 [ 407.786742][ T9910] ? __fdget_pos+0x209/0x3a0 [ 407.791162][ T9910] ? ksys_write+0x77/0x2c0 [ 407.795416][ T9910] ksys_write+0x199/0x2c0 [ 407.799584][ T9910] ? __ia32_sys_read+0x90/0x90 [ 407.804183][ T9910] ? debug_smp_processor_id+0x17/0x20 [ 407.809389][ T9910] __x64_sys_write+0x7b/0x90 [ 407.813814][ T9910] do_syscall_64+0x34/0x70 [ 407.818074][ T9910] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 407.823798][ T9910] RIP: 0033:0x7fd7ce091ef9 [ 407.828052][ T9910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.847492][ T9910] RSP: 002b:00007fd7ccd0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 407.855734][ T9910] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 407.863593][ T9910] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 00000000000000c8 [ 407.871358][ T9910] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 407.879167][ T9910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 407.886978][ T9910] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 409.958531][ T9964] syz.3.3363[9964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 409.958583][ T9964] syz.3.3363[9964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 411.334882][ T24] audit: type=1400 audit(1725482313.210:142): avc: denied { create } for pid=10019 comm="syz.2.3382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 412.780105][T10078] syz.4.3404[10078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 412.780168][T10078] syz.4.3404[10078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 414.022942][T10149] device sit0 left promiscuous mode [ 414.045880][T10149] device sit0 entered promiscuous mode [ 415.930978][T10227] syz.2.3463[10227] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 415.931076][T10227] syz.2.3463[10227] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 421.436921][T10442] FAULT_INJECTION: forcing a failure. [ 421.436921][T10442] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 421.486111][T10442] CPU: 0 PID: 10442 Comm: syz.1.3540 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 421.497558][T10442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 421.507452][T10442] Call Trace: [ 421.510586][T10442] dump_stack_lvl+0x1e2/0x24b [ 421.515082][T10442] ? bfq_pos_tree_add_move+0x43b/0x43b [ 421.520377][T10442] ? 0xffffffffa0018c48 [ 421.524374][T10442] ? stack_trace_save+0x1c0/0x1c0 [ 421.529291][T10442] ? __kernel_text_address+0x9b/0x110 [ 421.534437][T10442] dump_stack+0x15/0x17 [ 421.538435][T10442] should_fail+0x3c6/0x510 [ 421.542688][T10442] should_fail_alloc_page+0x52/0x60 [ 421.547717][T10442] __alloc_pages_nodemask+0x1b3/0xaf0 [ 421.552927][T10442] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 421.558313][T10442] handle_pte_fault+0x1782/0x3e30 [ 421.563166][T10442] ? vmf_allows_speculation+0x6f0/0x6f0 [ 421.568551][T10442] ? __this_cpu_preempt_check+0x13/0x20 [ 421.573929][T10442] handle_mm_fault+0x11d6/0x1a10 [ 421.578706][T10442] ? can_reuse_spf_vma+0xe0/0xe0 [ 421.583475][T10442] ? arch_stack_walk+0xf3/0x140 [ 421.588169][T10442] ? down_read_trylock+0x179/0x1d0 [ 421.593109][T10442] ? __init_rwsem+0x1c0/0x1c0 [ 421.597624][T10442] ? find_vma+0x30/0x150 [ 421.601703][T10442] exc_page_fault+0x2a6/0x5b0 [ 421.606217][T10442] asm_exc_page_fault+0x1e/0x30 [ 421.610906][T10442] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 421.617071][T10442] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 421.636589][T10442] RSP: 0018:ffffc900014af630 EFLAGS: 00050203 [ 421.642491][T10442] RAX: ffffffff82535101 RBX: 000000000000000f RCX: 0000000000000001 [ 421.650306][T10442] RDX: 0000000000000007 RSI: ffff88810e0f7214 RDI: 0000000020002880 [ 421.658114][T10442] RBP: ffffc900014af660 R08: 30203a636967616d R09: ffffed1021c1ee45 [ 421.665924][T10442] R10: 0000000000000000 R11: dffffc0000000001 R12: 00007ffffffff000 [ 421.673735][T10442] R13: 000000002000288f R14: ffff88810e0f7214 R15: 0000000020002880 [ 421.681610][T10442] ? _copy_to_user+0x51/0x90 [ 421.685983][T10442] ? _copy_to_user+0x78/0x90 [ 421.690406][T10442] bpf_verifier_vlog+0x1ab/0x330 [ 421.695178][T10442] __btf_verifier_log+0xd1/0x120 [ 421.699951][T10442] ? btf_parse_hdr+0x2c2/0x770 [ 421.704546][T10442] ? btf_check_sec_info+0x4f0/0x4f0 [ 421.709584][T10442] ? btf_parse_hdr+0x1d5/0x770 [ 421.714184][T10442] ? memcpy+0x56/0x70 [ 421.718000][T10442] btf_parse_hdr+0x317/0x770 [ 421.722429][T10442] btf_new_fd+0x487/0x9c0 [ 421.726599][T10442] __se_sys_bpf+0x1aed/0x11cb0 [ 421.731197][T10442] ? stack_trace_save+0x113/0x1c0 [ 421.736057][T10442] ? terminate_walk+0x407/0x4f0 [ 421.740739][T10442] ? stack_trace_snprint+0xf0/0xf0 [ 421.745692][T10442] ? kmem_cache_free+0xa9/0x1e0 [ 421.750375][T10442] ? kmem_cache_free+0xa9/0x1e0 [ 421.755063][T10442] ? kasan_set_track+0x5d/0x70 [ 421.759663][T10442] ? __x64_sys_bpf+0x90/0x90 [ 421.764085][T10442] ? __kasan_slab_free+0x11/0x20 [ 421.768863][T10442] ? slab_free_freelist_hook+0xc0/0x190 [ 421.774257][T10442] ? kmem_cache_free+0xa9/0x1e0 [ 421.778940][T10442] ? putname+0xe7/0x140 [ 421.782923][T10442] ? do_sys_openat2+0x1fc/0x710 [ 421.787608][T10442] ? __x64_sys_openat+0x243/0x290 [ 421.792471][T10442] ? do_syscall_64+0x34/0x70 [ 421.796898][T10442] ? _kstrtoull+0x3a0/0x4a0 [ 421.801239][T10442] ? kstrtouint_from_user+0x20a/0x2a0 [ 421.806442][T10442] ? kstrtol_from_user+0x310/0x310 [ 421.811390][T10442] ? memset+0x35/0x40 [ 421.815212][T10442] ? __fsnotify_parent+0x4b9/0x6c0 [ 421.820158][T10442] ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0 [ 421.826754][T10442] ? proc_fail_nth_write+0x20b/0x290 [ 421.831872][T10442] ? proc_fail_nth_read+0x210/0x210 [ 421.836909][T10442] ? security_file_permission+0x86/0xb0 [ 421.842289][T10442] ? rw_verify_area+0x1c3/0x360 [ 421.846976][T10442] ? preempt_count_add+0x92/0x1a0 [ 421.851833][T10442] ? vfs_write+0x852/0xe70 [ 421.856087][T10442] ? kmem_cache_free+0xa9/0x1e0 [ 421.860772][T10442] ? kernel_write+0x3d0/0x3d0 [ 421.865286][T10442] ? __kasan_check_write+0x14/0x20 [ 421.870234][T10442] ? mutex_lock+0xa5/0x110 [ 421.874484][T10442] ? mutex_trylock+0xa0/0xa0 [ 421.878915][T10442] ? __kasan_check_write+0x14/0x20 [ 421.883860][T10442] ? fput_many+0x160/0x1b0 [ 421.888120][T10442] ? debug_smp_processor_id+0x17/0x20 [ 421.893322][T10442] __x64_sys_bpf+0x7b/0x90 [ 421.897576][T10442] do_syscall_64+0x34/0x70 [ 421.901877][T10442] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 421.907557][T10442] RIP: 0033:0x7f564fc0aef9 [ 421.911808][T10442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.931247][T10442] RSP: 002b:00007f564e885038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 421.939491][T10442] RAX: ffffffffffffffda RBX: 00007f564fdc3f80 RCX: 00007f564fc0aef9 [ 421.947303][T10442] RDX: 0000000000000020 RSI: 00000000200001c0 RDI: 0000000000000012 [ 421.955112][T10442] RBP: 00007f564e885090 R08: 0000000000000000 R09: 0000000000000000 [ 421.962924][T10442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 421.970734][T10442] R13: 0000000000000000 R14: 00007f564fdc3f80 R15: 00007ffe85943878 [ 422.032433][T10453] syz.4.3545[10453] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 422.032498][T10453] syz.4.3545[10453] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 422.086110][T10459] syz.3.3546[10459] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 422.106342][T10459] syz.3.3546[10459] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 422.142791][T10459] FAULT_INJECTION: forcing a failure. [ 422.142791][T10459] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 422.173919][T10459] CPU: 1 PID: 10459 Comm: syz.3.3546 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 422.185133][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 422.194990][T10459] Call Trace: [ 422.198130][T10459] dump_stack_lvl+0x1e2/0x24b [ 422.202634][T10459] ? bfq_pos_tree_add_move+0x43b/0x43b [ 422.207927][T10459] dump_stack+0x15/0x17 [ 422.211915][T10459] should_fail+0x3c6/0x510 [ 422.216176][T10459] should_fail_alloc_page+0x52/0x60 [ 422.221214][T10459] __alloc_pages_nodemask+0x1b3/0xaf0 [ 422.226421][T10459] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 422.231896][T10459] kmalloc_order+0x4c/0x170 [ 422.236222][T10459] kmalloc_order_trace+0x18/0x90 [ 422.240995][T10459] ? alloc_skb_with_frags+0xa1/0x570 [ 422.246116][T10459] __kmalloc_track_caller+0x1dd/0x320 [ 422.251327][T10459] ? cmp_ex_search+0x79/0xa0 [ 422.255746][T10459] ? __alloc_skb+0x80/0x510 [ 422.260089][T10459] ? alloc_skb_with_frags+0xa1/0x570 [ 422.265391][T10459] __alloc_skb+0xbc/0x510 [ 422.269546][T10459] ? search_extable+0xaf/0xf0 [ 422.274058][T10459] alloc_skb_with_frags+0xa1/0x570 [ 422.279008][T10459] ? copy_user_enhanced_fast_string+0x27/0x40 [ 422.284909][T10459] ? copy_user_enhanced_fast_string+0x27/0x40 [ 422.290807][T10459] ? ex_handler_copy+0x43/0x100 [ 422.295495][T10459] sock_alloc_send_pskb+0x915/0xa50 [ 422.300547][T10459] ? sock_kzfree_s+0x60/0x60 [ 422.304954][T10459] ? stack_trace_save+0x113/0x1c0 [ 422.309822][T10459] ? terminate_walk+0x407/0x4f0 [ 422.314504][T10459] ? stack_trace_snprint+0xf0/0xf0 [ 422.319459][T10459] tun_get_user+0xe90/0x38f0 [ 422.323880][T10459] ? _kstrtoull+0x3a0/0x4a0 [ 422.328224][T10459] ? tun_do_read+0x1f60/0x1f60 [ 422.332814][T10459] ? kstrtouint_from_user+0x20a/0x2a0 [ 422.338076][T10459] ? kstrtol_from_user+0x310/0x310 [ 422.342971][T10459] ? copy_user_enhanced_fast_string+0x29/0x40 [ 422.348869][T10459] ? avc_policy_seqno+0x1b/0x70 [ 422.353555][T10459] ? selinux_file_permission+0x2bb/0x560 [ 422.359040][T10459] ? fsnotify_perm+0x67/0x4e0 [ 422.363538][T10459] tun_chr_write_iter+0x1a8/0x250 [ 422.368396][T10459] vfs_write+0xb4c/0xe70 [ 422.372474][T10459] ? kernel_write+0x3d0/0x3d0 [ 422.376993][T10459] ? __fdget_pos+0x209/0x3a0 [ 422.381412][T10459] ? ksys_write+0x77/0x2c0 [ 422.385668][T10459] ksys_write+0x199/0x2c0 [ 422.389834][T10459] ? __ia32_sys_read+0x90/0x90 [ 422.394439][T10459] ? debug_smp_processor_id+0x17/0x20 [ 422.399643][T10459] __x64_sys_write+0x7b/0x90 [ 422.404079][T10459] do_syscall_64+0x34/0x70 [ 422.408333][T10459] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 422.414055][T10459] RIP: 0033:0x7f109fe49ef9 [ 422.418304][T10459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.437757][T10459] RSP: 002b:00007f109eac4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 422.446083][T10459] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 422.453898][T10459] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 00000000000000c8 [ 422.461704][T10459] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 422.469703][T10459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.477484][T10459] R13: 0000000000000000 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 422.535443][T10473] FAULT_INJECTION: forcing a failure. [ 422.535443][T10473] name failslab, interval 1, probability 0, space 0, times 0 [ 422.566170][T10473] CPU: 1 PID: 10473 Comm: syz.3.3553 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 422.577424][T10473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 422.587251][T10473] Call Trace: [ 422.590475][T10473] dump_stack_lvl+0x1e2/0x24b [ 422.594978][T10473] ? bfq_pos_tree_add_move+0x43b/0x43b [ 422.600290][T10473] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 422.605662][T10473] dump_stack+0x15/0x17 [ 422.609654][T10473] should_fail+0x3c6/0x510 [ 422.613904][T10473] ? vm_area_dup+0x26/0x270 [ 422.618239][T10473] __should_failslab+0xa4/0xe0 [ 422.622834][T10473] should_failslab+0x9/0x20 [ 422.627175][T10473] kmem_cache_alloc+0x3d/0x2e0 [ 422.631774][T10473] ? down_read_killable+0x220/0x220 [ 422.636810][T10473] vm_area_dup+0x26/0x270 [ 422.640970][T10473] copy_mm+0x8ac/0x13a0 [ 422.644968][T10473] ? copy_signal+0x610/0x610 [ 422.649392][T10473] ? __init_rwsem+0xd6/0x1c0 [ 422.653815][T10473] ? copy_signal+0x4e3/0x610 [ 422.658244][T10473] copy_process+0x1175/0x3340 [ 422.662759][T10473] ? proc_fail_nth_write+0x20b/0x290 [ 422.667880][T10473] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 422.672822][T10473] ? vfs_write+0x852/0xe70 [ 422.677134][T10473] ? kmem_cache_free+0x1c0/0x1e0 [ 422.681850][T10473] kernel_clone+0x21e/0x9e0 [ 422.686189][T10473] ? __kasan_check_write+0x14/0x20 [ 422.691134][T10473] ? create_io_thread+0x1e0/0x1e0 [ 422.696000][T10473] __x64_sys_clone+0x23f/0x290 [ 422.700598][T10473] ? __do_sys_vfork+0x130/0x130 [ 422.705722][T10473] ? debug_smp_processor_id+0x17/0x20 [ 422.710925][T10473] do_syscall_64+0x34/0x70 [ 422.715178][T10473] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 422.720906][T10473] RIP: 0033:0x7f109fe49ef9 [ 422.725162][T10473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.744603][T10473] RSP: 002b:00007f109eac3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 422.752843][T10473] RAX: ffffffffffffffda RBX: 00007f10a0002f80 RCX: 00007f109fe49ef9 [ 422.760654][T10473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 422.768553][T10473] RBP: 00007f109eac4090 R08: 0000000000000000 R09: 0000000000000000 [ 422.776364][T10473] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 422.784176][T10473] R13: 0000000000000001 R14: 00007f10a0002f80 R15: 00007ffec327b4b8 [ 423.785500][T10530] FAULT_INJECTION: forcing a failure. [ 423.785500][T10530] name failslab, interval 1, probability 0, space 0, times 0 [ 423.806354][T10530] CPU: 1 PID: 10530 Comm: syz.4.3574 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 423.817549][T10530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 423.827438][T10530] Call Trace: [ 423.830569][T10530] dump_stack_lvl+0x1e2/0x24b [ 423.835064][T10530] ? panic+0x812/0x812 [ 423.838971][T10530] ? do_syscall_64+0x34/0x70 [ 423.843399][T10530] ? bfq_pos_tree_add_move+0x43b/0x43b [ 423.848698][T10530] dump_stack+0x15/0x17 [ 423.852691][T10530] should_fail+0x3c6/0x510 [ 423.856948][T10530] ? __get_vm_area_node+0x116/0x470 [ 423.861976][T10530] __should_failslab+0xa4/0xe0 [ 423.866573][T10530] should_failslab+0x9/0x20 [ 423.870914][T10530] kmem_cache_alloc_trace+0x3a/0x2e0 [ 423.876036][T10530] __get_vm_area_node+0x116/0x470 [ 423.880895][T10530] __vmalloc_node_range+0xdc/0x7c0 [ 423.885840][T10530] ? copy_process+0x5c8/0x3340 [ 423.890443][T10530] ? kmem_cache_alloc+0x168/0x2e0 [ 423.895299][T10530] dup_task_struct+0x429/0xc30 [ 423.899900][T10530] ? copy_process+0x5c8/0x3340 [ 423.904498][T10530] copy_process+0x5c8/0x3340 [ 423.908929][T10530] ? proc_fail_nth_write+0x20b/0x290 [ 423.914046][T10530] ? proc_fail_nth_read+0x210/0x210 [ 423.919084][T10530] ? __kasan_check_write+0x14/0x20 [ 423.924030][T10530] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 423.929322][T10530] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 423.934270][T10530] ? vfs_write+0x852/0xe70 [ 423.938529][T10530] ? kmem_cache_free+0x1c0/0x1e0 [ 423.943296][T10530] kernel_clone+0x21e/0x9e0 [ 423.947698][T10530] ? queue_map_pop_elem+0x390/0x390 [ 423.952672][T10530] ? create_io_thread+0x1e0/0x1e0 [ 423.957533][T10530] __x64_sys_clone+0x23f/0x290 [ 423.962129][T10530] ? __do_sys_vfork+0x130/0x130 [ 423.966823][T10530] ? __traceiter_sys_enter+0x2e/0x50 [ 423.971943][T10530] ? syscall_enter_from_user_mode+0x144/0x1a0 [ 423.977841][T10530] do_syscall_64+0x34/0x70 [ 423.982101][T10530] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 423.987823][T10530] RIP: 0033:0x7fd7ce091ef9 [ 423.992328][T10530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.011768][T10530] RSP: 002b:00007fd7ccd0bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 424.020086][T10530] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 424.027892][T10530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 424.035703][T10530] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 424.043514][T10530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 424.051352][T10530] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 424.074222][T10530] syz.4.3574: vmalloc: allocation failure: 32768 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 424.088145][T10530] CPU: 0 PID: 10530 Comm: syz.4.3574 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 424.099327][T10530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 424.109208][T10530] Call Trace: [ 424.112361][T10530] dump_stack_lvl+0x1e2/0x24b [ 424.116862][T10530] ? wake_up_klogd+0xb8/0xf0 [ 424.121289][T10530] ? bfq_pos_tree_add_move+0x43b/0x43b [ 424.126584][T10530] ? pr_cont_kernfs_name+0xf0/0x100 [ 424.131625][T10530] dump_stack+0x15/0x17 [ 424.135604][T10530] warn_alloc+0x21a/0x390 [ 424.139765][T10530] ? __get_vm_area_node+0x116/0x470 [ 424.144808][T10530] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 424.150192][T10530] ? __get_vm_area_node+0x34b/0x470 [ 424.155225][T10530] __vmalloc_node_range+0x287/0x7c0 [ 424.160253][T10530] ? kmem_cache_alloc+0x168/0x2e0 [ 424.165111][T10530] dup_task_struct+0x429/0xc30 [ 424.169706][T10530] ? copy_process+0x5c8/0x3340 [ 424.174305][T10530] copy_process+0x5c8/0x3340 [ 424.178740][T10530] ? proc_fail_nth_write+0x20b/0x290 [ 424.183861][T10530] ? proc_fail_nth_read+0x210/0x210 [ 424.188888][T10530] ? __kasan_check_write+0x14/0x20 [ 424.193831][T10530] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 424.199131][T10530] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 424.204075][T10530] ? vfs_write+0x852/0xe70 [ 424.208338][T10530] ? kmem_cache_free+0x1c0/0x1e0 [ 424.213101][T10530] kernel_clone+0x21e/0x9e0 [ 424.217539][T10530] ? queue_map_pop_elem+0x390/0x390 [ 424.222565][T10530] ? create_io_thread+0x1e0/0x1e0 [ 424.227435][T10530] __x64_sys_clone+0x23f/0x290 [ 424.232027][T10530] ? __do_sys_vfork+0x130/0x130 [ 424.236721][T10530] ? __traceiter_sys_enter+0x2e/0x50 [ 424.241889][T10530] ? syscall_enter_from_user_mode+0x144/0x1a0 [ 424.247732][T10530] do_syscall_64+0x34/0x70 [ 424.251985][T10530] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 424.257711][T10530] RIP: 0033:0x7fd7ce091ef9 [ 424.261963][T10530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.281424][T10530] RSP: 002b:00007fd7ccd0bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 424.289649][T10530] RAX: ffffffffffffffda RBX: 00007fd7ce24af80 RCX: 00007fd7ce091ef9 [ 424.297457][T10530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 424.305272][T10530] RBP: 00007fd7ccd0c090 R08: 0000000000000000 R09: 0000000000000000 [ 424.313080][T10530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 424.320890][T10530] R13: 0000000000000000 R14: 00007fd7ce24af80 R15: 00007ffc885ef6f8 [ 424.336697][T10530] Mem-Info: [ 424.339734][T10530] active_anon:110 inactive_anon:4862 isolated_anon:0 [ 424.339734][T10530] active_file:17166 inactive_file:8878 isolated_file:0 [ 424.339734][T10530] unevictable:0 dirty:285 writeback:0 [ 424.339734][T10530] slab_reclaimable:7185 slab_unreclaimable:73263 [ 424.339734][T10530] mapped:21044 shmem:201 pagetables:527 bounce:0 [ 424.339734][T10530] free:1579770 free_pcp:619 free_cma:0 [ 424.380836][T10530] Node 0 active_anon:440kB inactive_anon:19548kB active_file:68664kB inactive_file:35512kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:84176kB dirty:1140kB writeback:0kB shmem:804kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4704kB all_unreclaimable? no [ 424.416108][T10530] DMA32 free:2983352kB min:62624kB low:78280kB high:93936kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2984772kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:1420kB local_pcp:0kB free_cma:0kB [ 424.462908][T10530] lowmem_reserve[]: 0 3941 3941 [ 424.475461][T10530] Normal free:3333368kB min:84828kB low:106032kB high:127236kB reserved_highatomic:0KB active_anon:440kB inactive_anon:19748kB active_file:68664kB inactive_file:35512kB unevictable:0kB writepending:1140kB present:5242880kB managed:4035856kB mlocked:0kB pagetables:2108kB bounce:0kB free_pcp:1384kB local_pcp:1116kB free_cma:0kB [ 424.506428][T10530] lowmem_reserve[]: 0 0 0 [ 424.510681][T10530] DMA32: 6*4kB (UM) 2*8kB (M) 3*16kB (M) 5*32kB (UM) 7*64kB (UM) 6*128kB (UM) 6*256kB (UM) 5*512kB (M) 6*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2983352kB [ 424.533640][T10530] Normal: 682*4kB (ME) 2506*8kB (UME) 1964*16kB (UME) 715*32kB (UME) 297*64kB (UME) 64*128kB (UME) 21*256kB (UME) 16*512kB (UME) 11*1024kB (UME) 6*2048kB (UME) 779*4096kB (UM) = 3332184kB [ 424.557287][T10530] 26245 total pagecache pages [ 424.566441][T10530] 0 pages in swap cache [ 424.570645][T10530] Swap cache stats: add 0, delete 0, find 0/0 [ 424.595221][T10530] Free swap = 124996kB [ 424.616449][T10530] Total swap = 124996kB [ 424.621051][T10530] 2097051 pages RAM [ 424.624661][T10530] 0 pages HighMem/MovableOnly [ 424.638697][T10530] 341894 pages reserved [ 424.643582][ T24] audit: type=1400 audit(1725482326.520:143): avc: denied { create } for pid=10560 comm="syz.2.3585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 424.671960][T10530] 0 pages cma reserved [ 425.509156][T10588] FAULT_INJECTION: forcing a failure. [ 425.509156][T10588] name failslab, interval 1, probability 0, space 0, times 0 [ 425.597209][T10588] CPU: 1 PID: 10588 Comm: syz.1.3595 Tainted: G W 5.10.223-syzkaller-00011-g1c5354a314ea #0 [ 425.608408][T10588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 425.618292][T10588] Call Trace: [ 425.621425][T10588] dump_stack_lvl+0x1e2/0x24b [ 425.625925][T10588] ? panic+0x812/0x812 [ 425.629833][T10588] ? bfq_pos_tree_add_move+0x43b/0x43b [ 425.635160][T10588] ? ___ratelimit+0xb5/0x580 [ 425.639556][T10588] dump_stack+0x15/0x17 [ 425.643543][T10588] should_fail+0x3c6/0x510 [ 425.647797][T10588] ? htab_map_alloc+0x98/0x950 [ 425.652397][T10588] __should_failslab+0xa4/0xe0 [ 425.657002][T10588] should_failslab+0x9/0x20 [ 425.661337][T10588] kmem_cache_alloc_trace+0x3a/0x2e0 [ 425.666458][T10588] htab_map_alloc+0x98/0x950 [ 425.670884][T10588] ? htab_map_alloc_check+0x35f/0x460 [ 425.676181][T10588] __se_sys_bpf+0x620f/0x11cb0 [ 425.680841][T10588] ? perf_event_output_forward+0x14e/0x1b0 [ 425.686432][T10588] ? ktime_get+0x10e/0x140 [ 425.690673][T10588] ? perf_prepare_sample+0x1af0/0x1af0 [ 425.695972][T10588] ? __x64_sys_bpf+0x90/0x90 [ 425.700397][T10588] ? __this_cpu_preempt_check+0x13/0x20 [ 425.705777][T10588] ? __perf_event_account_interrupt+0x18f/0x2c0 [ 425.711851][T10588] ? hrtimer_forward+0x1a6/0x2c0 [ 425.716628][T10588] ? perf_swevent_hrtimer+0x4b8/0x560 [ 425.721830][T10588] ? cpu_clock_event_read+0x50/0x50 [ 425.726918][T10588] ? ctx_flexible_sched_in+0xa8/0x100 [ 425.732077][T10588] ? timerqueue_add+0x24c/0x270 [ 425.736761][T10588] ? enqueue_hrtimer+0xad/0x200 [ 425.741446][T10588] ? __hrtimer_run_queues+0x438/0xa50 [ 425.746657][T10588] ? __hrtimer_run_queues+0x9ea/0xa50 [ 425.751859][T10588] ? ktime_get+0x10e/0x140 [ 425.756119][T10588] ? lapic_next_event+0x5f/0x70 [ 425.760802][T10588] ? clockevents_program_event+0x214/0x2c0 [ 425.766443][T10588] ? hrtimer_interrupt+0x6a8/0x8b0 [ 425.771391][T10588] ? debug_smp_processor_id+0x17/0x20 [ 425.776599][T10588] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 425.782509][T10588] __x64_sys_bpf+0x7b/0x90 [ 425.786753][T10588] do_syscall_64+0x34/0x70 [ 425.791007][T10588] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 425.796729][T10588] RIP: 0033:0x7f564fc0aef9 [ 425.800984][T10588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.820431][T10588] RSP: 002b:00007f564e885038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 425.828666][T10588] RAX: ffffffffffffffda RBX: 00007f564fdc3f80 RCX: 00007f564fc0aef9 [ 425.836480][T10588] RDX: 0000000000000048 RSI: 0000000020000240 RDI: 0000000000000000 [ 425.844289][T10588] RBP: 00007f564e885090 R08: 0000000000000000 R09: 0000000000000000 [ 425.852101][T10588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.859913][T10588] R13: 0000000000000000 R14: 00007f564fdc3f80 R15: 00007ffe85943878 [ 429.042695][ T9970] device veth1_macvtap left promiscuous mode [ 429.048597][ T9970] device veth0_vlan left promiscuous mode [ 429.066218][ T9970] device veth1_macvtap left promiscuous mode [ 429.072063][ T9970] device veth0_vlan left promiscuous mode [ 429.080520][ T9970] device veth1_macvtap left promiscuous mode [ 429.087053][ T9970] device veth1_macvtap left promiscuous mode SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: repeatedly failed to execute the program proc=0 req=3619 state=3 status=67 (errno 32: Broken pipe) [ 432.029333][ T9970] device veth1_macvtap left promiscuous mode [ 432.035165][ T9970] device veth0_vlan left promiscuous mode