90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r2, 0x58}, 0x10) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  561.908349][T18766] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  561.916161][T18766] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  561.924062][T18766] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  561.931872][T18766] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  561.939682][T18766] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  561.947506][T18766]  </TASK>
06:58:57 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:58:57 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 8)

06:58:57 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x6, 0x43451)

06:58:57 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00700000, 0x0, 0x0, 0x0)

[  562.096120][T18792] FAULT_INJECTION: forcing a failure.
[  562.096120][T18792] name failslab, interval 1, probability 0, space 0, times 0
[  562.118722][T18792] CPU: 0 PID: 18792 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  562.130282][T18792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  562.140262][T18792] Call Trace:
[  562.143383][T18792]  <TASK>
[  562.146167][T18792]  dump_stack_lvl+0x151/0x1b7
[  562.150711][T18792]  ? io_uring_drop_tctx_refs+0x190/0x190
[  562.156160][T18792]  dump_stack+0x15/0x17
[  562.160133][T18792]  should_fail+0x3c6/0x510
[  562.164388][T18792]  __should_failslab+0xa4/0xe0
[  562.168989][T18792]  should_failslab+0x9/0x20
[  562.173329][T18792]  slab_pre_alloc_hook+0x37/0xd0
[  562.178100][T18792]  kmem_cache_alloc_trace+0x48/0x210
[  562.183219][T18792]  ? alloc_ucounts+0x15c/0x500
[  562.187825][T18792]  alloc_ucounts+0x15c/0x500
[  562.192247][T18792]  copy_creds+0x344/0x630
[  562.196414][T18792]  copy_process+0x7c3/0x3290
[  562.200847][T18792]  ? timerqueue_add+0x250/0x270
[  562.205526][T18792]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  562.210474][T18792]  ? enqueue_hrtimer+0xca/0x240
[  562.215159][T18792]  ? __hrtimer_run_queues+0x46b/0xad0
[  562.220368][T18792]  kernel_clone+0x21e/0x9e0
[  562.224706][T18792]  ? irqentry_exit+0x30/0x40
[  562.229136][T18792]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  562.234778][T18792]  ? create_io_thread+0x1e0/0x1e0
[  562.239638][T18792]  __x64_sys_clone+0x23f/0x290
[  562.244238][T18792]  ? __do_sys_vfork+0x130/0x130
[  562.248924][T18792]  ? debug_smp_processor_id+0x17/0x20
[  562.254131][T18792]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  562.260035][T18792]  ? exit_to_user_mode_prepare+0x39/0xa0
[  562.265502][T18792]  do_syscall_64+0x3d/0xb0
[  562.269751][T18792]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  562.275394][T18792]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  562.281124][T18792] RIP: 0033:0x7f7b6d82fda9
[  562.285378][T18792] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  562.304820][T18792] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  562.313060][T18792] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  562.320872][T18792] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  562.328685][T18792] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  562.336496][T18792] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
06:58:57 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00a002a0, 0x0, 0x0, 0x0)

[  562.344307][T18792] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  562.352122][T18792]  </TASK>
06:58:57 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x7, 0x43451)

06:58:57 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 9)

06:58:57 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x8, 0x43451)

06:58:57 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00f0ff1f, 0x0, 0x0, 0x0)

06:58:58 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x9, 0x43451)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff01000000, 0x0, 0x0, 0x0)

06:58:58 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xa, 0x43451)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff02000000, 0x0, 0x0, 0x0)

[  562.605232][T18812] FAULT_INJECTION: forcing a failure.
[  562.605232][T18812] name failslab, interval 1, probability 0, space 0, times 0
[  562.633105][T18812] CPU: 1 PID: 18812 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  562.644671][T18812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  562.654563][T18812] Call Trace:
[  562.657685][T18812]  <TASK>
[  562.660465][T18812]  dump_stack_lvl+0x151/0x1b7
[  562.665010][T18812]  ? io_uring_drop_tctx_refs+0x190/0x190
[  562.670535][T18812]  ? avc_has_perm_noaudit+0x348/0x430
[  562.675739][T18812]  dump_stack+0x15/0x17
[  562.679733][T18812]  should_fail+0x3c6/0x510
[  562.683986][T18812]  __should_failslab+0xa4/0xe0
[  562.688584][T18812]  ? dup_fd+0x72/0xb00
[  562.692488][T18812]  should_failslab+0x9/0x20
[  562.696835][T18812]  slab_pre_alloc_hook+0x37/0xd0
[  562.701686][T18812]  ? dup_fd+0x72/0xb00
[  562.705591][T18812]  kmem_cache_alloc+0x44/0x200
[  562.710217][T18812]  dup_fd+0x72/0xb00
[  562.713934][T18812]  ? avc_has_perm+0x16f/0x260
[  562.718444][T18812]  ? avc_has_perm_noaudit+0x430/0x430
[  562.723650][T18812]  copy_files+0xe6/0x200
[  562.727740][T18812]  ? dup_task_struct+0xc60/0xc60
[  562.732515][T18812]  ? security_task_alloc+0xf9/0x130
[  562.737537][T18812]  copy_process+0x1080/0x3290
[  562.742052][T18812]  ? timerqueue_add+0x250/0x270
[  562.746747][T18812]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  562.751689][T18812]  ? enqueue_hrtimer+0xca/0x240
[  562.756369][T18812]  ? __hrtimer_run_queues+0x46b/0xad0
[  562.761579][T18812]  kernel_clone+0x21e/0x9e0
[  562.765916][T18812]  ? irqentry_exit+0x30/0x40
[  562.770518][T18812]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  562.776335][T18812]  ? create_io_thread+0x1e0/0x1e0
[  562.781193][T18812]  __x64_sys_clone+0x23f/0x290
[  562.785806][T18812]  ? __do_sys_vfork+0x130/0x130
[  562.790829][T18812]  ? debug_smp_processor_id+0x17/0x20
[  562.796032][T18812]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  562.801935][T18812]  ? exit_to_user_mode_prepare+0x39/0xa0
[  562.807405][T18812]  do_syscall_64+0x3d/0xb0
[  562.811653][T18812]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  562.817294][T18812]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  562.823026][T18812] RIP: 0033:0x7f7b6d82fda9
[  562.827279][T18812] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  562.846818][T18812] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:58:58 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 10)

06:58:58 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  562.855396][T18812] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  562.863219][T18812] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  562.871020][T18812] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  562.878836][T18812] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  562.886653][T18812] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  562.894467][T18812]  </TASK>
06:58:58 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086607, &(0x7f0000000040))
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000480)={r1}, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x5)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000880)='devices.allow\x00', 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r3, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@ifindex=r4, 0x14, 0x0, 0x6, &(0x7f00000002c0)=[0x0], 0x1, 0x0, &(0x7f0000000780)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r5=>0x0, 0xac, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x87, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000600)=@generic={&(0x7f00000005c0)='./file0\x00', 0x0, 0x201bcf783027ae97}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x9, &(0x7f0000000080)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x0, 0x3, 0x2, 0x3, 0x2, 0x2, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit, @alu={0x7, 0xca344a9694ae4ec8, 0xc, 0x1, 0x9, 0x30, 0x10}], &(0x7f0000000100)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x8, '\x00', r4, 0x28, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0xe, 0x7fffffff, 0xfff}, 0x10, r5, r6, 0x1, &(0x7f0000000640)=[r7, r0, r8, r0, r9, r0, r0, r0], &(0x7f0000000680)=[{0x1, 0x2, 0x1, 0x7}], 0x10, 0x7}, 0x90)
r10 = syz_clone(0xb3029000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x81, 0x38, 0x5, 0x3f, 0x0, 0x10000, 0x80002, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1f, 0x2}, 0x1, 0x5, 0x0, 0x0, 0x40, 0x6, 0x2, 0x0, 0x9, 0x0, 0x69}, r10, 0x8, 0xffffffffffffffff, 0x2)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff04000000, 0x0, 0x0, 0x0)

[  563.102283][T18835] FAULT_INJECTION: forcing a failure.
[  563.102283][T18835] name failslab, interval 1, probability 0, space 0, times 0
[  563.114763][T18835] CPU: 0 PID: 18835 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  563.126239][T18835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  563.136134][T18835] Call Trace:
[  563.139261][T18835]  <TASK>
[  563.142050][T18835]  dump_stack_lvl+0x151/0x1b7
[  563.146567][T18835]  ? io_uring_drop_tctx_refs+0x190/0x190
[  563.152046][T18835]  dump_stack+0x15/0x17
[  563.156012][T18835]  should_fail+0x3c6/0x510
[  563.160269][T18835]  __should_failslab+0xa4/0xe0
[  563.164866][T18835]  should_failslab+0x9/0x20
[  563.169222][T18835]  slab_pre_alloc_hook+0x37/0xd0
[  563.173981][T18835]  kmem_cache_alloc_trace+0x48/0x210
[  563.179097][T18835]  ? alloc_fdtable+0xaf/0x2a0
[  563.183612][T18835]  alloc_fdtable+0xaf/0x2a0
[  563.187951][T18835]  dup_fd+0x759/0xb00
[  563.191767][T18835]  ? avc_has_perm+0x16f/0x260
[  563.196286][T18835]  copy_files+0xe6/0x200
[  563.200364][T18835]  ? perf_event_attrs+0x30/0x30
[  563.205047][T18835]  ? dup_task_struct+0xc60/0xc60
[  563.209819][T18835]  ? security_task_alloc+0xf9/0x130
[  563.214853][T18835]  copy_process+0x1080/0x3290
[  563.219369][T18835]  ? proc_fail_nth_write+0x20b/0x290
[  563.224487][T18835]  ? fsnotify_perm+0x6a/0x5d0
[  563.229000][T18835]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  563.233958][T18835]  ? vfs_write+0x9ec/0x1110
[  563.238294][T18835]  kernel_clone+0x21e/0x9e0
[  563.242626][T18835]  ? file_end_write+0x1c0/0x1c0
[  563.247317][T18835]  ? create_io_thread+0x1e0/0x1e0
[  563.252174][T18835]  ? mutex_unlock+0xb2/0x260
[  563.256603][T18835]  ? __mutex_lock_slowpath+0x10/0x10
[  563.261724][T18835]  __x64_sys_clone+0x23f/0x290
[  563.266323][T18835]  ? __do_sys_vfork+0x130/0x130
[  563.271007][T18835]  ? ksys_write+0x260/0x2c0
[  563.275350][T18835]  ? debug_smp_processor_id+0x17/0x20
[  563.280554][T18835]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  563.286472][T18835]  ? exit_to_user_mode_prepare+0x39/0xa0
[  563.291928][T18835]  do_syscall_64+0x3d/0xb0
[  563.296180][T18835]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  563.301904][T18835] RIP: 0033:0x7f7b6d82fda9
[  563.306160][T18835] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  563.325689][T18835] RSP: 002b:00007f7b6c54e078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  563.333933][T18835] RAX: ffffffffffffffda RBX: 00007f7b6d95e1f0 RCX: 00007f7b6d82fda9
[  563.341746][T18835] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:58:58 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xb, 0x43451)

06:58:58 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 11)

06:58:58 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086607, &(0x7f0000000040)) (async)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000480)={r1}, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x5) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000880)='devices.allow\x00', 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r3, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@ifindex=r4, 0x14, 0x0, 0x6, &(0x7f00000002c0)=[0x0], 0x1, 0x0, &(0x7f0000000780)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0]}, 0x40) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r5=>0x0, 0xac, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x87, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4) (async)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000600)=@generic={&(0x7f00000005c0)='./file0\x00', 0x0, 0x201bcf783027ae97}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x9, &(0x7f0000000080)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x0, 0x3, 0x2, 0x3, 0x2, 0x2, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit, @alu={0x7, 0xca344a9694ae4ec8, 0xc, 0x1, 0x9, 0x30, 0x10}], &(0x7f0000000100)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x8, '\x00', r4, 0x28, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0xe, 0x7fffffff, 0xfff}, 0x10, r5, r6, 0x1, &(0x7f0000000640)=[r7, r0, r8, r0, r9, r0, r0, r0], &(0x7f0000000680)=[{0x1, 0x2, 0x1, 0x7}], 0x10, 0x7}, 0x90) (async)
r10 = syz_clone(0xb3029000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x81, 0x38, 0x5, 0x3f, 0x0, 0x10000, 0x80002, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1f, 0x2}, 0x1, 0x5, 0x0, 0x0, 0x40, 0x6, 0x2, 0x0, 0x9, 0x0, 0x69}, r10, 0x8, 0xffffffffffffffff, 0x2)

[  563.349553][T18835] RBP: 00007f7b6c54e120 R08: 0000000000000000 R09: 0000000000000000
[  563.357368][T18835] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  563.365179][T18835] R13: 000000000000006e R14: 00007f7b6d95e1f0 R15: 00007ffc8feb0768
[  563.373020][T18835]  </TASK>
06:58:58 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xc, 0x43451)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff07000000, 0x0, 0x0, 0x0)

06:58:58 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086607, &(0x7f0000000040))
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000480)={r1}, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x5)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000880)='devices.allow\x00', 0x2, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000880)='devices.allow\x00', 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r3, 0x58, &(0x7f0000000200)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r3, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@ifindex=r4, 0x14, 0x0, 0x6, &(0x7f00000002c0)=[0x0], 0x1, 0x0, &(0x7f0000000780)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0]}, 0x40) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@ifindex=r4, 0x14, 0x0, 0x6, &(0x7f00000002c0)=[0x0], 0x1, 0x0, &(0x7f0000000780)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0xac, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r5=>0x0, 0xac, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x87, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580), 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000600)=@generic={&(0x7f00000005c0)='./file0\x00', 0x0, 0x201bcf783027ae97}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x9, &(0x7f0000000080)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x0, 0x3, 0x2, 0x3, 0x2, 0x2, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit, @alu={0x7, 0xca344a9694ae4ec8, 0xc, 0x1, 0x9, 0x30, 0x10}], &(0x7f0000000100)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x8, '\x00', r4, 0x28, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0xe, 0x7fffffff, 0xfff}, 0x10, r5, r6, 0x1, &(0x7f0000000640)=[r7, r0, r8, r0, r9, r0, r0, r0], &(0x7f0000000680)=[{0x1, 0x2, 0x1, 0x7}], 0x10, 0x7}, 0x90)
r10 = syz_clone(0xb3029000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x81, 0x38, 0x5, 0x3f, 0x0, 0x10000, 0x80002, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1f, 0x2}, 0x1, 0x5, 0x0, 0x0, 0x40, 0x6, 0x2, 0x0, 0x9, 0x0, 0x69}, r10, 0x8, 0xffffffffffffffff, 0x2) (async)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x81, 0x38, 0x5, 0x3f, 0x0, 0x10000, 0x80002, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1f, 0x2}, 0x1, 0x5, 0x0, 0x0, 0x40, 0x6, 0x2, 0x0, 0x9, 0x0, 0x69}, r10, 0x8, 0xffffffffffffffff, 0x2)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff08000000, 0x0, 0x0, 0x0)

06:58:58 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xd, 0x43451)

06:58:58 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1a, 0xf56, 0x9, 0x5, 0x1c18, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x5, 0x0, 0x2}, 0x48)

06:58:58 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff09000000, 0x0, 0x0, 0x0)

[  563.504794][T18854] FAULT_INJECTION: forcing a failure.
[  563.504794][T18854] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  563.548233][T18854] CPU: 0 PID: 18854 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  563.559798][T18854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  563.569689][T18854] Call Trace:
[  563.572807][T18854]  <TASK>
[  563.575586][T18854]  dump_stack_lvl+0x151/0x1b7
[  563.580099][T18854]  ? io_uring_drop_tctx_refs+0x190/0x190
[  563.585567][T18854]  ? __stack_depot_save+0x34/0x470
[  563.590517][T18854]  dump_stack+0x15/0x17
[  563.594506][T18854]  should_fail+0x3c6/0x510
[  563.598762][T18854]  should_fail_alloc_page+0x5a/0x80
[  563.603803][T18854]  prepare_alloc_pages+0x15c/0x700
[  563.608740][T18854]  ? __alloc_pages+0x8f0/0x8f0
[  563.613344][T18854]  ? __alloc_pages_bulk+0xe40/0xe40
[  563.618378][T18854]  __alloc_pages+0x18c/0x8f0
[  563.622801][T18854]  ? prep_new_page+0x110/0x110
[  563.627420][T18854]  __vmalloc_node_range+0x482/0x8d0
[  563.632446][T18854]  dup_task_struct+0x416/0xc60
[  563.637038][T18854]  ? copy_process+0x5c4/0x3290
[  563.641635][T18854]  ? __kasan_check_write+0x14/0x20
[  563.646584][T18854]  copy_process+0x5c4/0x3290
[  563.651023][T18854]  ? timerqueue_add+0x250/0x270
[  563.655696][T18854]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  563.660651][T18854]  ? enqueue_hrtimer+0xca/0x240
[  563.665330][T18854]  ? __hrtimer_run_queues+0x46b/0xad0
[  563.670550][T18854]  kernel_clone+0x21e/0x9e0
[  563.674879][T18854]  ? create_io_thread+0x1e0/0x1e0
[  563.679747][T18854]  ? clockevents_program_event+0x22f/0x300
[  563.685384][T18854]  __x64_sys_clone+0x23f/0x290
[  563.689994][T18854]  ? __do_sys_vfork+0x130/0x130
[  563.694673][T18854]  ? debug_smp_processor_id+0x17/0x20
[  563.699873][T18854]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  563.705778][T18854]  ? exit_to_user_mode_prepare+0x39/0xa0
[  563.711374][T18854]  do_syscall_64+0x3d/0xb0
[  563.715586][T18854]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  563.721757][T18854]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  563.727474][T18854] RIP: 0033:0x7f7b6d82fda9
[  563.731730][T18854] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  563.751165][T18854] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  563.759584][T18854] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  563.767395][T18854] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  563.775307][T18854] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  563.783117][T18854] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  563.790943][T18854] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:58:59 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1a, 0xf56, 0x9, 0x5, 0x1c18, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x5, 0x0, 0x2}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1a, 0xf56, 0x9, 0x5, 0x1c18, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x5, 0x0, 0x2}, 0x48) (async)

06:58:59 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff0f000000, 0x0, 0x0, 0x0)

[  563.798748][T18854]  </TASK>
06:58:59 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xe, 0x43451)

06:58:59 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1a, 0xf56, 0x9, 0x5, 0x1c18, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x5, 0x0, 0x2}, 0x48)

06:58:59 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff0fffffff, 0x0, 0x0, 0x0)

06:58:59 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 12)

06:58:59 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xf, 0x43451)

[  563.925104][T18895] FAULT_INJECTION: forcing a failure.
[  563.925104][T18895] name failslab, interval 1, probability 0, space 0, times 0
[  563.947275][T18895] CPU: 1 PID: 18895 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  563.958839][T18895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  563.968739][T18895] Call Trace:
[  563.971862][T18895]  <TASK>
06:58:59 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/14, 0xe, <r5=>0x0, &(0x7f0000000500)=""/76, 0x4c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x1a, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe1, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0x6, 0x5, 0x0, 0x4}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_idx={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7f}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0xf9, &(0x7f0000000240)=""/249, 0x41100, 0x4, '\x00', r3, 0x32, r4, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x0, 0xa, 0x3, 0x8}, 0x10, r5, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000600)=[{0x0, 0x4, 0x4, 0x3}, {0x2, 0x3, 0x6, 0x7}, {0x4, 0x3, 0x0, 0x5}], 0x10, 0x8}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  563.974641][T18895]  dump_stack_lvl+0x151/0x1b7
[  563.979152][T18895]  ? io_uring_drop_tctx_refs+0x190/0x190
[  563.984619][T18895]  dump_stack+0x15/0x17
[  563.988608][T18895]  should_fail+0x3c6/0x510
[  563.992867][T18895]  __should_failslab+0xa4/0xe0
[  563.997462][T18895]  should_failslab+0x9/0x20
[  564.001805][T18895]  slab_pre_alloc_hook+0x37/0xd0
[  564.006579][T18895]  __kmalloc+0x6d/0x270
[  564.010562][T18895]  ? kvmalloc_node+0x1f0/0x4d0
[  564.015167][T18895]  kvmalloc_node+0x1f0/0x4d0
[  564.019594][T18895]  ? vm_mmap+0xb0/0xb0
06:58:59 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  564.023502][T18895]  ? __kasan_kmalloc+0x9/0x10
[  564.028010][T18895]  ? kmem_cache_alloc_trace+0x115/0x210
[  564.033394][T18895]  ? alloc_fdtable+0xaf/0x2a0
[  564.038354][T18895]  alloc_fdtable+0x163/0x2a0
[  564.042781][T18895]  dup_fd+0x759/0xb00
[  564.046598][T18895]  ? avc_has_perm+0x16f/0x260
[  564.051116][T18895]  copy_files+0xe6/0x200
[  564.055186][T18895]  ? perf_event_attrs+0x30/0x30
[  564.059873][T18895]  ? dup_task_struct+0xc60/0xc60
[  564.064647][T18895]  ? security_task_alloc+0xf9/0x130
[  564.070034][T18895]  copy_process+0x1080/0x3290
[  564.074546][T18895]  ? timerqueue_add+0x250/0x270
[  564.079229][T18895]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  564.084177][T18895]  ? enqueue_hrtimer+0xca/0x240
[  564.088863][T18895]  ? __hrtimer_run_queues+0x46b/0xad0
[  564.094078][T18895]  kernel_clone+0x21e/0x9e0
[  564.098415][T18895]  ? create_io_thread+0x1e0/0x1e0
[  564.103273][T18895]  ? clockevents_program_event+0x22f/0x300
[  564.108912][T18895]  __x64_sys_clone+0x23f/0x290
[  564.113513][T18895]  ? __do_sys_vfork+0x130/0x130
[  564.118211][T18895]  do_syscall_64+0x3d/0xb0
[  564.122450][T18895]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  564.128088][T18895]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  564.133824][T18895] RIP: 0033:0x7f7b6d82fda9
[  564.138074][T18895] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  564.157515][T18895] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  564.165770][T18895] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:58:59 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff1f000000, 0x0, 0x0, 0x0)

06:58:59 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/14, 0xe, <r5=>0x0, &(0x7f0000000500)=""/76, 0x4c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x1a, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe1, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0x6, 0x5, 0x0, 0x4}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_idx={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7f}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0xf9, &(0x7f0000000240)=""/249, 0x41100, 0x4, '\x00', r3, 0x32, r4, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x0, 0xa, 0x3, 0x8}, 0x10, r5, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000600)=[{0x0, 0x4, 0x4, 0x3}, {0x2, 0x3, 0x6, 0x7}, {0x4, 0x3, 0x0, 0x5}], 0x10, 0x8}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:58:59 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x10, 0x43451)

06:58:59 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 13)

[  564.173583][T18895] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  564.181385][T18895] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  564.189287][T18895] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  564.197094][T18895] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  564.204924][T18895]  </TASK>
06:58:59 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff1ffff000, 0x0, 0x0, 0x0)

[  564.269420][T18913] FAULT_INJECTION: forcing a failure.
[  564.269420][T18913] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  564.291143][T18913] CPU: 1 PID: 18913 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  564.302728][T18913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  564.312610][T18913] Call Trace:
[  564.315736][T18913]  <TASK>
[  564.318512][T18913]  dump_stack_lvl+0x151/0x1b7
[  564.323112][T18913]  ? io_uring_drop_tctx_refs+0x190/0x190
[  564.328581][T18913]  dump_stack+0x15/0x17
[  564.332566][T18913]  should_fail+0x3c6/0x510
[  564.336821][T18913]  should_fail_alloc_page+0x5a/0x80
[  564.341857][T18913]  prepare_alloc_pages+0x15c/0x700
[  564.346813][T18913]  ? __alloc_pages+0x8f0/0x8f0
[  564.351405][T18913]  ? __alloc_pages_bulk+0xe40/0xe40
[  564.356437][T18913]  __alloc_pages+0x18c/0x8f0
[  564.360862][T18913]  ? prep_new_page+0x110/0x110
[  564.365464][T18913]  __vmalloc_node_range+0x482/0x8d0
[  564.370498][T18913]  dup_task_struct+0x416/0xc60
[  564.375094][T18913]  ? copy_process+0x5c4/0x3290
[  564.379698][T18913]  copy_process+0x5c4/0x3290
[  564.384127][T18913]  ? timerqueue_add+0x250/0x270
[  564.388810][T18913]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  564.393758][T18913]  ? enqueue_hrtimer+0xca/0x240
[  564.398445][T18913]  ? __hrtimer_run_queues+0x46b/0xad0
[  564.403652][T18913]  kernel_clone+0x21e/0x9e0
[  564.408003][T18913]  ? create_io_thread+0x1e0/0x1e0
[  564.412849][T18913]  ? clockevents_program_event+0x22f/0x300
[  564.418493][T18913]  __x64_sys_clone+0x23f/0x290
[  564.423096][T18913]  ? __do_sys_vfork+0x130/0x130
[  564.427782][T18913]  do_syscall_64+0x3d/0xb0
[  564.432030][T18913]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  564.437675][T18913]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  564.443403][T18913] RIP: 0033:0x7f7b6d82fda9
[  564.447658][T18913] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
06:58:59 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f00000004c0)=""/14, 0xe, <r5=>0x0, &(0x7f0000000500)=""/76, 0x4c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x1a, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe1, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0x6, 0x5, 0x0, 0x4}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_idx={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7f}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0xf9, &(0x7f0000000240)=""/249, 0x41100, 0x4, '\x00', r3, 0x32, r4, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x0, 0xa, 0x3, 0x8}, 0x10, r5, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000600)=[{0x0, 0x4, 0x4, 0x3}, {0x2, 0x3, 0x6, 0x7}, {0x4, 0x3, 0x0, 0x5}], 0x10, 0x8}, 0x90) (async, rerun: 32)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 32)

06:58:59 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x11, 0x43451)

[  564.467097][T18913] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  564.475341][T18913] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  564.483153][T18913] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  564.490966][T18913] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  564.498775][T18913] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  564.506585][T18913] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  564.514401][T18913]  </TASK>
06:59:00 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 14)

06:59:00 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff20000000, 0x0, 0x0, 0x0)

[  564.577855][T18927] FAULT_INJECTION: forcing a failure.
[  564.577855][T18927] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  564.604335][T18927] CPU: 0 PID: 18927 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  564.615981][T18927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  564.625875][T18927] Call Trace:
[  564.628996][T18927]  <TASK>
[  564.631773][T18927]  dump_stack_lvl+0x151/0x1b7
[  564.636289][T18927]  ? io_uring_drop_tctx_refs+0x190/0x190
[  564.641768][T18927]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  564.647398][T18927]  dump_stack+0x15/0x17
[  564.651392][T18927]  should_fail+0x3c6/0x510
[  564.655641][T18927]  should_fail_alloc_page+0x5a/0x80
[  564.660677][T18927]  prepare_alloc_pages+0x15c/0x700
[  564.665627][T18927]  ? __alloc_pages+0x8f0/0x8f0
[  564.670226][T18927]  ? __alloc_pages_bulk+0xe40/0xe40
[  564.675256][T18927]  __alloc_pages+0x18c/0x8f0
[  564.679685][T18927]  ? prep_new_page+0x110/0x110
[  564.684290][T18927]  ? __kasan_kmalloc+0x9/0x10
[  564.688794][T18927]  ? __kmalloc+0x13a/0x270
[  564.693042][T18927]  ? __vmalloc_node_range+0x2d6/0x8d0
[  564.698253][T18927]  __vmalloc_node_range+0x482/0x8d0
[  564.703290][T18927]  dup_task_struct+0x416/0xc60
[  564.707889][T18927]  ? copy_process+0x5c4/0x3290
[  564.712491][T18927]  copy_process+0x5c4/0x3290
[  564.717042][T18927]  ? timerqueue_add+0x250/0x270
[  564.721716][T18927]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  564.726664][T18927]  ? enqueue_hrtimer+0xca/0x240
[  564.731347][T18927]  ? __hrtimer_run_queues+0x46b/0xad0
[  564.736559][T18927]  kernel_clone+0x21e/0x9e0
[  564.740901][T18927]  ? create_io_thread+0x1e0/0x1e0
[  564.745761][T18927]  ? clockevents_program_event+0x22f/0x300
[  564.751401][T18927]  __x64_sys_clone+0x23f/0x290
[  564.756012][T18927]  ? __do_sys_vfork+0x130/0x130
[  564.760695][T18927]  do_syscall_64+0x3d/0xb0
[  564.764942][T18927]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  564.770589][T18927]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  564.776327][T18927] RIP: 0033:0x7f7b6d82fda9
[  564.780567][T18927] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  564.800004][T18927] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  564.808257][T18927] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  564.816065][T18927] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:00 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x12, 0x43451)

[  564.823872][T18927] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  564.831682][T18927] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  564.839493][T18927] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  564.847327][T18927]  </TASK>
06:59:00 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x13, 0x43451)

06:59:00 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 15)

06:59:00 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff3f000000, 0x0, 0x0, 0x0)

[  564.919052][T18942] FAULT_INJECTION: forcing a failure.
[  564.919052][T18942] name failslab, interval 1, probability 0, space 0, times 0
[  564.938706][T18942] CPU: 0 PID: 18942 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  564.950271][T18942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  564.960164][T18942] Call Trace:
[  564.963294][T18942]  <TASK>
[  564.966065][T18942]  dump_stack_lvl+0x151/0x1b7
[  564.970577][T18942]  ? io_uring_drop_tctx_refs+0x190/0x190
[  564.976045][T18942]  dump_stack+0x15/0x17
[  564.980037][T18942]  should_fail+0x3c6/0x510
[  564.984291][T18942]  __should_failslab+0xa4/0xe0
[  564.988891][T18942]  ? prepare_creds+0x2f/0x6a0
[  564.993402][T18942]  should_failslab+0x9/0x20
[  564.997767][T18942]  slab_pre_alloc_hook+0x37/0xd0
[  565.002517][T18942]  ? prepare_creds+0x2f/0x6a0
[  565.007031][T18942]  kmem_cache_alloc+0x44/0x200
[  565.011639][T18942]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  565.016925][T18942]  prepare_creds+0x2f/0x6a0
[  565.021263][T18942]  copy_creds+0xf0/0x630
[  565.025341][T18942]  ? dup_task_struct+0x7e6/0xc60
[  565.030120][T18942]  copy_process+0x7c3/0x3290
[  565.034545][T18942]  ? __kasan_check_write+0x14/0x20
[  565.039924][T18942]  ? proc_fail_nth_write+0x20b/0x290
[  565.045043][T18942]  ? irqentry_exit+0x30/0x40
[  565.049469][T18942]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  565.055110][T18942]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  565.060060][T18942]  ? kernel_clone+0xb7/0x9e0
[  565.064488][T18942]  kernel_clone+0x21e/0x9e0
[  565.068826][T18942]  ? mutex_unlock+0xa5/0x260
[  565.073258][T18942]  ? create_io_thread+0x1e0/0x1e0
[  565.078114][T18942]  ? mutex_unlock+0xb2/0x260
[  565.082542][T18942]  ? __mutex_lock_slowpath+0x10/0x10
[  565.087662][T18942]  __x64_sys_clone+0x23f/0x290
[  565.092262][T18942]  ? __do_sys_vfork+0x130/0x130
[  565.096960][T18942]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  565.102763][T18942]  do_syscall_64+0x3d/0xb0
[  565.107247][T18942]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  565.112889][T18942]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  565.118620][T18942] RIP: 0033:0x7f7b6d82fda9
[  565.122870][T18942] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  565.142311][T18942] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  565.150556][T18942] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  565.158369][T18942] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:00 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:00 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x14, 0x43451)

[  565.166178][T18942] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  565.173989][T18942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  565.181798][T18942] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  565.189625][T18942]  </TASK>
06:59:00 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff40000000, 0x0, 0x0, 0x0)

06:59:00 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x15, 0x43451)

06:59:00 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff41000000, 0x0, 0x0, 0x0)

06:59:00 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 16)

06:59:00 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x16, 0x43451)

06:59:00 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffa00021e8, 0x0, 0x0, 0x0)

[  565.370772][T18982] FAULT_INJECTION: forcing a failure.
[  565.370772][T18982] name failslab, interval 1, probability 0, space 0, times 0
[  565.389391][T18982] CPU: 0 PID: 18982 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  565.400953][T18982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  565.410870][T18982] Call Trace:
[  565.413968][T18982]  <TASK>
[  565.416745][T18982]  dump_stack_lvl+0x151/0x1b7
[  565.421261][T18982]  ? io_uring_drop_tctx_refs+0x190/0x190
[  565.426730][T18982]  dump_stack+0x15/0x17
[  565.430717][T18982]  should_fail+0x3c6/0x510
[  565.434973][T18982]  __should_failslab+0xa4/0xe0
[  565.439572][T18982]  should_failslab+0x9/0x20
[  565.443909][T18982]  slab_pre_alloc_hook+0x37/0xd0
[  565.448688][T18982]  __kmalloc+0x6d/0x270
[  565.452676][T18982]  ? security_prepare_creds+0x4d/0x140
[  565.457974][T18982]  security_prepare_creds+0x4d/0x140
[  565.463095][T18982]  prepare_creds+0x472/0x6a0
[  565.467521][T18982]  copy_creds+0xf0/0x630
[  565.471597][T18982]  ? dup_task_struct+0x7e6/0xc60
[  565.476370][T18982]  copy_process+0x7c3/0x3290
[  565.480809][T18982]  ? irqentry_exit+0x30/0x40
[  565.485225][T18982]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  565.490972][T18982]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  565.495900][T18982]  ? kernel_clone+0xcd/0x9e0
[  565.500324][T18982]  ? kernel_clone+0x136/0x9e0
[  565.504843][T18982]  kernel_clone+0x21e/0x9e0
[  565.509179][T18982]  ? create_io_thread+0x1e0/0x1e0
[  565.514040][T18982]  ? clockevents_program_event+0x22f/0x300
[  565.519684][T18982]  __x64_sys_clone+0x23f/0x290
[  565.524286][T18982]  ? __do_sys_vfork+0x130/0x130
[  565.528969][T18982]  ? debug_smp_processor_id+0x17/0x20
[  565.534175][T18982]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  565.540079][T18982]  ? exit_to_user_mode_prepare+0x39/0xa0
[  565.545549][T18982]  do_syscall_64+0x3d/0xb0
[  565.549798][T18982]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  565.555440][T18982]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  565.561165][T18982] RIP: 0033:0x7f7b6d82fda9
[  565.565420][T18982] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  565.585556][T18982] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  565.593802][T18982] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  565.601611][T18982] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  565.609423][T18982] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:01 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x225aa00, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffa002a000, 0x0, 0x0, 0x0)

[  565.617242][T18982] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  565.625049][T18982] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  565.632864][T18982]  </TASK>
06:59:01 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x17, 0x43451)

06:59:01 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 17)

06:59:01 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x225aa00, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffe82100a0, 0x0, 0x0, 0x0)

06:59:01 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x18, 0x43451)

[  565.726886][T19000] FAULT_INJECTION: forcing a failure.
[  565.726886][T19000] name failslab, interval 1, probability 0, space 0, times 0
[  565.758534][T19000] CPU: 1 PID: 19000 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  565.770095][T19000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  565.780204][T19000] Call Trace:
[  565.783323][T19000]  <TASK>
[  565.786100][T19000]  dump_stack_lvl+0x151/0x1b7
[  565.790616][T19000]  ? io_uring_drop_tctx_refs+0x190/0x190
[  565.796094][T19000]  dump_stack+0x15/0x17
[  565.800072][T19000]  should_fail+0x3c6/0x510
[  565.804327][T19000]  __should_failslab+0xa4/0xe0
[  565.808928][T19000]  should_failslab+0x9/0x20
[  565.813264][T19000]  slab_pre_alloc_hook+0x37/0xd0
[  565.818039][T19000]  __kmalloc+0x6d/0x270
[  565.822030][T19000]  ? get_ucounts+0x48/0x80
[  565.826280][T19000]  ? security_prepare_creds+0x4d/0x140
[  565.831663][T19000]  security_prepare_creds+0x4d/0x140
[  565.836804][T19000]  prepare_creds+0x472/0x6a0
[  565.841211][T19000]  copy_creds+0xf0/0x630
[  565.845290][T19000]  ? copy_process+0x5fd/0x3290
[  565.849891][T19000]  copy_process+0x7c3/0x3290
[  565.854316][T19000]  ? __kasan_check_write+0x14/0x20
[  565.859279][T19000]  ? proc_fail_nth_write+0x20b/0x290
[  565.864395][T19000]  ? selinux_file_permission+0x2ba/0x570
[  565.869862][T19000]  ? fsnotify_perm+0x6a/0x5d0
[  565.874366][T19000]  ? __sanitizer_cov_trace_pc+0x3b/0x60
[  565.882180][T19000]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  565.887125][T19000]  ? vfs_write+0x9ec/0x1110
[  565.891467][T19000]  ? irqentry_exit+0x30/0x40
[  565.895978][T19000]  kernel_clone+0x21e/0x9e0
[  565.900324][T19000]  ? create_io_thread+0x1e0/0x1e0
[  565.905185][T19000]  ? mutex_unlock+0xb2/0x260
[  565.909606][T19000]  ? __mutex_lock_slowpath+0x10/0x10
[  565.914728][T19000]  __x64_sys_clone+0x23f/0x290
[  565.919327][T19000]  ? __do_sys_vfork+0x130/0x130
[  565.924018][T19000]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  565.929828][T19000]  do_syscall_64+0x3d/0xb0
[  565.934082][T19000]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  565.940244][T19000]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  565.945970][T19000] RIP: 0033:0x7f7b6d82fda9
[  565.950225][T19000] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  565.969663][T19000] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:01 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x225aa00, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffff5ffffff, 0x0, 0x0, 0x0)

06:59:01 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xc3, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0xd0, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)='%-5lx  \x00'}, 0x20)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r5, &(0x7f0000001880)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000900)=r2, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_process_wait\x00', r7}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xc, 0x2d, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call, @ldst={0x3, 0x3, 0x0, 0x3, 0x2, 0x10, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x9c}, @alu={0x7, 0x0, 0x4, 0x0, 0xb, 0x2, 0x10}, @ldst={0x3, 0x3, 0x3, 0x8, 0x2, 0xfffffffffffffff4, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000880)='GPL\x00', 0x35b, 0x2a, &(0x7f00000008c0)=""/42, 0x40f00, 0x20, '\x00', 0x0, 0x3, r6, 0x8, &(0x7f0000000940)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000980)={0x2, 0xc, 0x8, 0x2}, 0x10, r2, r9, 0x1, 0x0, &(0x7f00000009c0)=[{0x2, 0x5, 0x7, 0x8}], 0x10, 0x8000}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x254, 0x4, 0x1, 0x2, r0, 0x16, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, [@map_idx={0x18, 0x3, 0x5, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000040)='syzkaller\x00', 0xffff, 0x9b, &(0x7f0000000080)=""/155, 0x41000, 0x42, '\x00', r1, 0x25, r3, 0x8, &(0x7f0000000480)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[r0, r0, r0, r10], 0x0, 0x10, 0x4}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:01 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 18)

[  565.977909][T19000] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  565.985721][T19000] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  565.993531][T19000] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  566.001347][T19000] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  566.009155][T19000] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  566.016971][T19000]  </TASK>
06:59:01 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x19, 0x43451)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffffbffffff, 0x0, 0x0, 0x0)

06:59:01 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1a, 0x43451)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffffeffffff, 0x0, 0x0, 0x0)

06:59:01 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:01 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1b, 0x43451)

[  566.159938][T19018] FAULT_INJECTION: forcing a failure.
[  566.159938][T19018] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  566.210469][T19018] CPU: 1 PID: 19018 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  566.222028][T19018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  566.231926][T19018] Call Trace:
[  566.235044][T19018]  <TASK>
[  566.237823][T19018]  dump_stack_lvl+0x151/0x1b7
[  566.242339][T19018]  ? io_uring_drop_tctx_refs+0x190/0x190
[  566.247810][T19018]  ? __sched_text_start+0x8/0x8
[  566.252496][T19018]  dump_stack+0x15/0x17
[  566.256494][T19018]  should_fail+0x3c6/0x510
[  566.260738][T19018]  should_fail_alloc_page+0x5a/0x80
[  566.265768][T19018]  prepare_alloc_pages+0x15c/0x700
[  566.270719][T19018]  ? __alloc_pages_bulk+0xe40/0xe40
[  566.275751][T19018]  ? pcpu_memcg_post_alloc_hook+0x1b1/0x260
[  566.281483][T19018]  __alloc_pages+0x18c/0x8f0
[  566.285906][T19018]  ? prep_new_page+0x110/0x110
[  566.290502][T19018]  ? pcpu_alloc+0xda0/0x13e0
[  566.294944][T19018]  __get_free_pages+0x10/0x30
[  566.299443][T19018]  pgd_alloc+0x21/0x2c0
[  566.303435][T19018]  mm_init+0x5c7/0x970
[  566.307342][T19018]  copy_mm+0x1e3/0x13e0
[  566.311333][T19018]  ? irqentry_exit_cond_resched+0x2a/0x30
[  566.316890][T19018]  ? _raw_spin_lock+0xa4/0x1b0
[  566.321489][T19018]  ? copy_signal+0x610/0x610
[  566.325916][T19018]  ? __kasan_check_write+0x14/0x20
[  566.330860][T19018]  ? __init_rwsem+0xd6/0x1c0
[  566.335287][T19018]  ? copy_signal+0x4e3/0x610
[  566.339719][T19018]  copy_process+0x1149/0x3290
[  566.344233][T19018]  ? timerqueue_add+0x250/0x270
[  566.348914][T19018]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  566.353865][T19018]  kernel_clone+0x21e/0x9e0
[  566.358204][T19018]  ? create_io_thread+0x1e0/0x1e0
[  566.363069][T19018]  __x64_sys_clone+0x23f/0x290
[  566.367664][T19018]  ? __do_sys_vfork+0x130/0x130
[  566.372354][T19018]  ? debug_smp_processor_id+0x17/0x20
[  566.377571][T19018]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  566.383463][T19018]  ? exit_to_user_mode_prepare+0x39/0xa0
[  566.388926][T19018]  do_syscall_64+0x3d/0xb0
[  566.393183][T19018]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  566.398819][T19018]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  566.404552][T19018] RIP: 0033:0x7f7b6d82fda9
[  566.408815][T19018] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  566.428243][T19018] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  566.436930][T19018] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  566.444731][T19018] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  566.452543][T19018] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:01 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xc3, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0xd0, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)='%-5lx  \x00'}, 0x20) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r5, &(0x7f0000001880)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) (async)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000900)=r2, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_process_wait\x00', r7}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xc, 0x2d, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call, @ldst={0x3, 0x3, 0x0, 0x3, 0x2, 0x10, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x9c}, @alu={0x7, 0x0, 0x4, 0x0, 0xb, 0x2, 0x10}, @ldst={0x3, 0x3, 0x3, 0x8, 0x2, 0xfffffffffffffff4, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000880)='GPL\x00', 0x35b, 0x2a, &(0x7f00000008c0)=""/42, 0x40f00, 0x20, '\x00', 0x0, 0x3, r6, 0x8, &(0x7f0000000940)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000980)={0x2, 0xc, 0x8, 0x2}, 0x10, r2, r9, 0x1, 0x0, &(0x7f00000009c0)=[{0x2, 0x5, 0x7, 0x8}], 0x10, 0x8000}, 0x90) (async, rerun: 64)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x254, 0x4, 0x1, 0x2, r0, 0x16, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5, 0x4}, 0x48) (rerun: 64)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, [@map_idx={0x18, 0x3, 0x5, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000040)='syzkaller\x00', 0xffff, 0x9b, &(0x7f0000000080)=""/155, 0x41000, 0x42, '\x00', r1, 0x25, r3, 0x8, &(0x7f0000000480)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[r0, r0, r0, r10], 0x0, 0x10, 0x4}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffff0f0100, 0x0, 0x0, 0x0)

06:59:01 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 19)

[  566.460354][T19018] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  566.468168][T19018] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  566.475982][T19018]  </TASK>
06:59:01 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffffff0300, 0x0, 0x0, 0x0)

06:59:02 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1c, 0x43451)

06:59:02 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffffffffff0f, 0x0, 0x0, 0x0)

[  566.557138][T19047] FAULT_INJECTION: forcing a failure.
[  566.557138][T19047] name failslab, interval 1, probability 0, space 0, times 0
[  566.595968][T19047] CPU: 1 PID: 19047 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  566.607630][T19047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  566.617524][T19047] Call Trace:
[  566.620645][T19047]  <TASK>
[  566.623425][T19047]  dump_stack_lvl+0x151/0x1b7
[  566.627947][T19047]  ? io_uring_drop_tctx_refs+0x190/0x190
[  566.633406][T19047]  ? __kasan_check_read+0x11/0x20
[  566.638699][T19047]  ? preempt_schedule_irq+0xe7/0x140
[  566.643818][T19047]  dump_stack+0x15/0x17
[  566.647811][T19047]  should_fail+0x3c6/0x510
[  566.652066][T19047]  __should_failslab+0xa4/0xe0
[  566.656665][T19047]  ? vm_area_dup+0x26/0x230
[  566.661005][T19047]  should_failslab+0x9/0x20
[  566.665342][T19047]  slab_pre_alloc_hook+0x37/0xd0
[  566.670116][T19047]  ? vm_area_dup+0x26/0x230
[  566.674456][T19047]  kmem_cache_alloc+0x44/0x200
[  566.679057][T19047]  vm_area_dup+0x26/0x230
[  566.683221][T19047]  copy_mm+0x9a1/0x13e0
[  566.687224][T19047]  ? copy_signal+0x610/0x610
[  566.691646][T19047]  ? __init_rwsem+0xd6/0x1c0
[  566.696069][T19047]  ? copy_signal+0x4e3/0x610
[  566.700612][T19047]  copy_process+0x1149/0x3290
[  566.705125][T19047]  ? irqentry_exit+0x30/0x40
[  566.709547][T19047]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  566.714492][T19047]  ? kernel_clone+0xb7/0x9e0
[  566.718924][T19047]  kernel_clone+0x21e/0x9e0
[  566.723258][T19047]  ? create_io_thread+0x1e0/0x1e0
[  566.728120][T19047]  ? clockevents_program_event+0x22f/0x300
[  566.733762][T19047]  __x64_sys_clone+0x23f/0x290
[  566.738359][T19047]  ? __do_sys_vfork+0x130/0x130
[  566.743049][T19047]  ? debug_smp_processor_id+0x17/0x20
[  566.748256][T19047]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  566.754157][T19047]  ? exit_to_user_mode_prepare+0x39/0xa0
[  566.759625][T19047]  do_syscall_64+0x3d/0xb0
[  566.763876][T19047]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  566.769519][T19047]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  566.775333][T19047] RIP: 0033:0x7f7b6d82fda9
[  566.779585][T19047] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  566.799086][T19047] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:02 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xc3, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0xd0, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)='%-5lx  \x00'}, 0x20) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r5, &(0x7f0000001880)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) (async)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000900)=r2, 0x4) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_process_wait\x00', r7}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xc, 0x2d, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call, @ldst={0x3, 0x3, 0x0, 0x3, 0x2, 0x10, 0x8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x9c}, @alu={0x7, 0x0, 0x4, 0x0, 0xb, 0x2, 0x10}, @ldst={0x3, 0x3, 0x3, 0x8, 0x2, 0xfffffffffffffff4, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000880)='GPL\x00', 0x35b, 0x2a, &(0x7f00000008c0)=""/42, 0x40f00, 0x20, '\x00', 0x0, 0x3, r6, 0x8, &(0x7f0000000940)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000980)={0x2, 0xc, 0x8, 0x2}, 0x10, r2, r9, 0x1, 0x0, &(0x7f00000009c0)=[{0x2, 0x5, 0x7, 0x8}], 0x10, 0x8000}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x254, 0x4, 0x1, 0x2, r0, 0x16, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, [@map_idx={0x18, 0x3, 0x5, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000040)='syzkaller\x00', 0xffff, 0x9b, &(0x7f0000000080)=""/155, 0x41000, 0x42, '\x00', r1, 0x25, r3, 0x8, &(0x7f0000000480)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[r0, r0, r0, r10], 0x0, 0x10, 0x4}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:02 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 20)

[  566.807271][T19047] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  566.815083][T19047] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  566.822892][T19047] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  566.830703][T19047] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  566.838511][T19047] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  566.846332][T19047]  </TASK>
06:59:02 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1d, 0x43451)

06:59:02 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffffffffff5, 0x0, 0x0, 0x0)

[  566.883316][T19058] FAULT_INJECTION: forcing a failure.
[  566.883316][T19058] name failslab, interval 1, probability 0, space 0, times 0
[  566.897578][T19058] CPU: 1 PID: 19058 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  566.909135][T19058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  566.919041][T19058] Call Trace:
[  566.922148][T19058]  <TASK>
[  566.924925][T19058]  dump_stack_lvl+0x151/0x1b7
[  566.929441][T19058]  ? io_uring_drop_tctx_refs+0x190/0x190
[  566.934905][T19058]  ? avc_denied+0x1b0/0x1b0
[  566.939247][T19058]  dump_stack+0x15/0x17
[  566.943236][T19058]  should_fail+0x3c6/0x510
[  566.947493][T19058]  __should_failslab+0xa4/0xe0
[  566.952093][T19058]  ? vm_area_dup+0x26/0x230
[  566.956431][T19058]  should_failslab+0x9/0x20
[  566.960769][T19058]  slab_pre_alloc_hook+0x37/0xd0
[  566.965544][T19058]  ? vm_area_dup+0x26/0x230
[  566.969881][T19058]  kmem_cache_alloc+0x44/0x200
[  566.974482][T19058]  vm_area_dup+0x26/0x230
[  566.978654][T19058]  copy_mm+0x9a1/0x13e0
[  566.982643][T19058]  ? copy_signal+0x610/0x610
[  566.987070][T19058]  ? __init_rwsem+0xd6/0x1c0
[  566.991498][T19058]  ? copy_signal+0x4e3/0x610
[  566.995920][T19058]  copy_process+0x1149/0x3290
[  567.000534][T19058]  ? proc_fail_nth_write+0x20b/0x290
[  567.005642][T19058]  ? fsnotify_perm+0x6a/0x5d0
[  567.010157][T19058]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  567.015099][T19058]  ? vfs_write+0x9ec/0x1110
[  567.019443][T19058]  ? irqentry_exit+0x30/0x40
[  567.023871][T19058]  kernel_clone+0x21e/0x9e0
[  567.028221][T19058]  ? file_end_write+0x1c0/0x1c0
[  567.032894][T19058]  ? create_io_thread+0x1e0/0x1e0
[  567.037756][T19058]  ? mutex_unlock+0xb2/0x260
[  567.042180][T19058]  ? __mutex_lock_slowpath+0x10/0x10
[  567.047305][T19058]  __x64_sys_clone+0x23f/0x290
[  567.051904][T19058]  ? __do_sys_vfork+0x130/0x130
[  567.056592][T19058]  ? debug_smp_processor_id+0x17/0x20
[  567.061796][T19058]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  567.067699][T19058]  ? exit_to_user_mode_prepare+0x39/0xa0
[  567.073175][T19058]  do_syscall_64+0x3d/0xb0
[  567.077417][T19058]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  567.083157][T19058]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  567.088897][T19058] RIP: 0033:0x7f7b6d82fda9
[  567.093140][T19058] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  567.112576][T19058] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  567.120823][T19058] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:02 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffd7e)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
syz_clone(0x1400, &(0x7f0000000540)="735175111afb18d4f580d694a5d0e7c6374ac3341d18688716f1d8d57c13b9d0267c9c8b8f4adf6b3e3048e9a7ea76ac33fc2500ce22309de6b97393ebf082a5e93d5c04d1ee4ae7f4d9dd0d645e36bc11e5b280b15a7b79ac79ae45f88e03bd87cd40c459f143556369ed7bfa3148e456226f899d305c34622f44140479fb1699fe8b16b08079ada2436b52cfe942f3207155d05ff06258d27418ad41c107e924447f15cee9e471bc49adf29c222bd95144ff4c3946956dd419c3e4342a2b1afc4fc9a794a2c761a51fa72f1e6ea5e0a782a1f2a403cfe5968ee1ed14148f3c06b991313027", 0xe6, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000300)="03d86c5f903ac486cab844702d7720dc1ea31973e8ea954055dd79534a1f9aad7eec5f20665cd28491f46c2e045ffbd73313c66305000000dc0a776546f974e00900ae474819759fe87475d79379fd00255ac3d537f5119dfb7614392450c1bba7c23f80f0ad24f49421659c0cdfd27abea10f64c86ec519aea7f4b8287616bf2fb391e879471968025f33dfbb88083c6dd0f2348a610dff8bd861f10e254f04018bdc9797b3ba169d96cf596143e1b45646e6885f3929dfd4d4dd1194466125d1875f0ac5558717aa7b9c7af2df469d7105d512d411f68733715642a0ca748f72757d0fcce607ae1cdd495550eb0b9077d36adf7480901142024d00000000")
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0))
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000280)=""/82)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000e20a000000000000000000006a630000ffffffff18240000e4eb9e174797b21ce946542413ecc9f700c80088b7ec86259d28fb070cdfb54845abb4bdf472f7e6bff07caca7cecb9db958b762b85a9b1b7675d440d41d6898ecdf635bbd6676af0b09b13564cd4d7526d062f1ca1b95e6af79af5ab7a3b958ecfc5229cc8bfd55e8ac46ee90ec8c278d3567698f41fa020b0bf233d739ffd30c09fc725129e0c27cc2a139ae5bcdc6438e135891ad9cca688156521ce485852c25370c5aee674c044fb0916b6380a1787a5725d1c50860338abc5a6fec26", @ANYRES32=r1, @ANYRES64], &(0x7f0000000440)='GPL\x00', 0x7, 0xa9, &(0x7f0000000480)=""/169, 0x41000, 0xa, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000740)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x4, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)}, 0x90)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000200)=""/104)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x7f, 0x80, 0x3b, 0x20, 0x0, 0x800000, 0x10c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x2, @perf_config_ext={0x5500, 0x81}, 0x6090, 0x99b, 0x7, 0x9, 0x4, 0x9, 0x3, 0x0, 0x4}, r0, 0xd, r1, 0xa)

06:59:02 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:02 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 21)

[  567.128635][T19058] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  567.136469][T19058] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  567.144255][T19058] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  567.152068][T19058] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  567.159895][T19058]  </TASK>
06:59:02 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1e, 0x43451)

[  567.206468][T19077] FAULT_INJECTION: forcing a failure.
[  567.206468][T19077] name failslab, interval 1, probability 0, space 0, times 0
[  567.222233][T19077] CPU: 0 PID: 19077 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  567.233785][T19077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  567.244116][T19077] Call Trace:
[  567.247237][T19077]  <TASK>
[  567.250020][T19077]  dump_stack_lvl+0x151/0x1b7
[  567.254535][T19077]  ? io_uring_drop_tctx_refs+0x190/0x190
[  567.260020][T19077]  ? _raw_spin_unlock+0x4d/0x70
[  567.264685][T19077]  dump_stack+0x15/0x17
[  567.268672][T19077]  should_fail+0x3c6/0x510
[  567.272925][T19077]  __should_failslab+0xa4/0xe0
[  567.277528][T19077]  should_failslab+0x9/0x20
[  567.281866][T19077]  slab_pre_alloc_hook+0x37/0xd0
[  567.286639][T19077]  kmem_cache_alloc_trace+0x48/0x210
[  567.291759][T19077]  ? alloc_ucounts+0x15c/0x500
[  567.296382][T19077]  alloc_ucounts+0x15c/0x500
[  567.300786][T19077]  ? prepare_creds+0x486/0x6a0
[  567.305384][T19077]  copy_creds+0x344/0x630
[  567.309562][T19077]  copy_process+0x7c3/0x3290
[  567.313979][T19077]  ? timerqueue_add+0x250/0x270
[  567.318670][T19077]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  567.323616][T19077]  kernel_clone+0x21e/0x9e0
[  567.327967][T19077]  ? create_io_thread+0x1e0/0x1e0
[  567.332814][T19077]  __x64_sys_clone+0x23f/0x290
[  567.337412][T19077]  ? __do_sys_vfork+0x130/0x130
[  567.342101][T19077]  ? debug_smp_processor_id+0x17/0x20
[  567.347302][T19077]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  567.353206][T19077]  ? exit_to_user_mode_prepare+0x39/0xa0
[  567.358676][T19077]  do_syscall_64+0x3d/0xb0
[  567.362926][T19077]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  567.368569][T19077]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  567.374303][T19077] RIP: 0033:0x7f7b6d82fda9
[  567.378554][T19077] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  567.398003][T19077] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:02 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0)

06:59:02 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x21, 0x43451)

06:59:02 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffd7e)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
syz_clone(0x1400, &(0x7f0000000540)="735175111afb18d4f580d694a5d0e7c6374ac3341d18688716f1d8d57c13b9d0267c9c8b8f4adf6b3e3048e9a7ea76ac33fc2500ce22309de6b97393ebf082a5e93d5c04d1ee4ae7f4d9dd0d645e36bc11e5b280b15a7b79ac79ae45f88e03bd87cd40c459f143556369ed7bfa3148e456226f899d305c34622f44140479fb1699fe8b16b08079ada2436b52cfe942f3207155d05ff06258d27418ad41c107e924447f15cee9e471bc49adf29c222bd95144ff4c3946956dd419c3e4342a2b1afc4fc9a794a2c761a51fa72f1e6ea5e0a782a1f2a403cfe5968ee1ed14148f3c06b991313027", 0xe6, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000300)="03d86c5f903ac486cab844702d7720dc1ea31973e8ea954055dd79534a1f9aad7eec5f20665cd28491f46c2e045ffbd73313c66305000000dc0a776546f974e00900ae474819759fe87475d79379fd00255ac3d537f5119dfb7614392450c1bba7c23f80f0ad24f49421659c0cdfd27abea10f64c86ec519aea7f4b8287616bf2fb391e879471968025f33dfbb88083c6dd0f2348a610dff8bd861f10e254f04018bdc9797b3ba169d96cf596143e1b45646e6885f3929dfd4d4dd1194466125d1875f0ac5558717aa7b9c7af2df469d7105d512d411f68733715642a0ca748f72757d0fcce607ae1cdd495550eb0b9077d36adf7480901142024d00000000")
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0))
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000280)=""/82)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000e20a000000000000000000006a630000ffffffff18240000e4eb9e174797b21ce946542413ecc9f700c80088b7ec86259d28fb070cdfb54845abb4bdf472f7e6bff07caca7cecb9db958b762b85a9b1b7675d440d41d6898ecdf635bbd6676af0b09b13564cd4d7526d062f1ca1b95e6af79af5ab7a3b958ecfc5229cc8bfd55e8ac46ee90ec8c278d3567698f41fa020b0bf233d739ffd30c09fc725129e0c27cc2a139ae5bcdc6438e135891ad9cca688156521ce485852c25370c5aee674c044fb0916b6380a1787a5725d1c50860338abc5a6fec26", @ANYRES32=r1, @ANYRES64], &(0x7f0000000440)='GPL\x00', 0x7, 0xa9, &(0x7f0000000480)=""/169, 0x41000, 0xa, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000740)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x4, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)}, 0x90)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000200)=""/104)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x7f, 0x80, 0x3b, 0x20, 0x0, 0x800000, 0x10c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x2, @perf_config_ext={0x5500, 0x81}, 0x6090, 0x99b, 0x7, 0x9, 0x4, 0x9, 0x3, 0x0, 0x4}, r0, 0xd, r1, 0xa)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffd7e) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x1400, &(0x7f0000000540)="735175111afb18d4f580d694a5d0e7c6374ac3341d18688716f1d8d57c13b9d0267c9c8b8f4adf6b3e3048e9a7ea76ac33fc2500ce22309de6b97393ebf082a5e93d5c04d1ee4ae7f4d9dd0d645e36bc11e5b280b15a7b79ac79ae45f88e03bd87cd40c459f143556369ed7bfa3148e456226f899d305c34622f44140479fb1699fe8b16b08079ada2436b52cfe942f3207155d05ff06258d27418ad41c107e924447f15cee9e471bc49adf29c222bd95144ff4c3946956dd419c3e4342a2b1afc4fc9a794a2c761a51fa72f1e6ea5e0a782a1f2a403cfe5968ee1ed14148f3c06b991313027", 0xe6, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000300)="03d86c5f903ac486cab844702d7720dc1ea31973e8ea954055dd79534a1f9aad7eec5f20665cd28491f46c2e045ffbd73313c66305000000dc0a776546f974e00900ae474819759fe87475d79379fd00255ac3d537f5119dfb7614392450c1bba7c23f80f0ad24f49421659c0cdfd27abea10f64c86ec519aea7f4b8287616bf2fb391e879471968025f33dfbb88083c6dd0f2348a610dff8bd861f10e254f04018bdc9797b3ba169d96cf596143e1b45646e6885f3929dfd4d4dd1194466125d1875f0ac5558717aa7b9c7af2df469d7105d512d411f68733715642a0ca748f72757d0fcce607ae1cdd495550eb0b9077d36adf7480901142024d00000000") (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) (async)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0)) (async)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000280)=""/82) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000e20a000000000000000000006a630000ffffffff18240000e4eb9e174797b21ce946542413ecc9f700c80088b7ec86259d28fb070cdfb54845abb4bdf472f7e6bff07caca7cecb9db958b762b85a9b1b7675d440d41d6898ecdf635bbd6676af0b09b13564cd4d7526d062f1ca1b95e6af79af5ab7a3b958ecfc5229cc8bfd55e8ac46ee90ec8c278d3567698f41fa020b0bf233d739ffd30c09fc725129e0c27cc2a139ae5bcdc6438e135891ad9cca688156521ce485852c25370c5aee674c044fb0916b6380a1787a5725d1c50860338abc5a6fec26", @ANYRES32=r1, @ANYRES64], &(0x7f0000000440)='GPL\x00', 0x7, 0xa9, &(0x7f0000000480)=""/169, 0x41000, 0xa, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000740)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x4, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)}, 0x90) (async)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000200)=""/104) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x7f, 0x80, 0x3b, 0x20, 0x0, 0x800000, 0x10c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x2, @perf_config_ext={0x5500, 0x81}, 0x6090, 0x99b, 0x7, 0x9, 0x4, 0x9, 0x3, 0x0, 0x4}, r0, 0xd, r1, 0xa) (async)

[  567.406238][T19077] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  567.414056][T19077] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  567.421861][T19077] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  567.429809][T19077] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  567.437626][T19077] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  567.445439][T19077]  </TASK>
06:59:02 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 22)

06:59:02 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0)

06:59:02 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x22, 0x43451)

06:59:03 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x23, 0x43451)

[  567.509053][T19092] FAULT_INJECTION: forcing a failure.
[  567.509053][T19092] name failslab, interval 1, probability 0, space 0, times 0
[  567.558935][T19092] CPU: 0 PID: 19092 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  567.570503][T19092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  567.580398][T19092] Call Trace:
[  567.583516][T19092]  <TASK>
[  567.586304][T19092]  dump_stack_lvl+0x151/0x1b7
[  567.590841][T19092]  ? io_uring_drop_tctx_refs+0x190/0x190
[  567.596277][T19092]  ? __kasan_check_write+0x14/0x20
[  567.601224][T19092]  ? avc_has_perm_noaudit+0x348/0x430
[  567.606432][T19092]  dump_stack+0x15/0x17
[  567.610433][T19092]  should_fail+0x3c6/0x510
[  567.614781][T19092]  __should_failslab+0xa4/0xe0
[  567.619474][T19092]  ? dup_fd+0x72/0xb00
[  567.623369][T19092]  should_failslab+0x9/0x20
[  567.627709][T19092]  slab_pre_alloc_hook+0x37/0xd0
[  567.632484][T19092]  ? dup_fd+0x72/0xb00
[  567.636409][T19092]  kmem_cache_alloc+0x44/0x200
[  567.641000][T19092]  dup_fd+0x72/0xb00
[  567.644723][T19092]  ? avc_has_perm+0x16f/0x260
[  567.649236][T19092]  ? avc_has_perm_noaudit+0x430/0x430
[  567.654445][T19092]  copy_files+0xe6/0x200
[  567.658521][T19092]  ? perf_event_attrs+0x30/0x30
[  567.663210][T19092]  ? dup_task_struct+0xc60/0xc60
[  567.667998][T19092]  ? security_task_alloc+0xf9/0x130
[  567.673015][T19092]  copy_process+0x1080/0x3290
[  567.677537][T19092]  ? timerqueue_add+0x250/0x270
[  567.682220][T19092]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  567.687166][T19092]  ? enqueue_hrtimer+0xca/0x240
[  567.691858][T19092]  ? __hrtimer_run_queues+0x46b/0xad0
[  567.697060][T19092]  kernel_clone+0x21e/0x9e0
[  567.701398][T19092]  ? create_io_thread+0x1e0/0x1e0
[  567.706257][T19092]  ? clockevents_program_event+0x22f/0x300
[  567.711905][T19092]  __x64_sys_clone+0x23f/0x290
[  567.716761][T19092]  ? __do_sys_vfork+0x130/0x130
[  567.721455][T19092]  do_syscall_64+0x3d/0xb0
[  567.725701][T19092]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  567.731340][T19092]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  567.737069][T19092] RIP: 0033:0x7f7b6d82fda9
[  567.741333][T19092] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  567.760775][T19092] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  567.769008][T19092] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  567.776827][T19092] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  567.784647][T19092] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  567.792443][T19092] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  567.800258][T19092] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:59:03 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffd7e) (async)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
syz_clone(0x1400, &(0x7f0000000540)="735175111afb18d4f580d694a5d0e7c6374ac3341d18688716f1d8d57c13b9d0267c9c8b8f4adf6b3e3048e9a7ea76ac33fc2500ce22309de6b97393ebf082a5e93d5c04d1ee4ae7f4d9dd0d645e36bc11e5b280b15a7b79ac79ae45f88e03bd87cd40c459f143556369ed7bfa3148e456226f899d305c34622f44140479fb1699fe8b16b08079ada2436b52cfe942f3207155d05ff06258d27418ad41c107e924447f15cee9e471bc49adf29c222bd95144ff4c3946956dd419c3e4342a2b1afc4fc9a794a2c761a51fa72f1e6ea5e0a782a1f2a403cfe5968ee1ed14148f3c06b991313027", 0xe6, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000300)="03d86c5f903ac486cab844702d7720dc1ea31973e8ea954055dd79534a1f9aad7eec5f20665cd28491f46c2e045ffbd73313c66305000000dc0a776546f974e00900ae474819759fe87475d79379fd00255ac3d537f5119dfb7614392450c1bba7c23f80f0ad24f49421659c0cdfd27abea10f64c86ec519aea7f4b8287616bf2fb391e879471968025f33dfbb88083c6dd0f2348a610dff8bd861f10e254f04018bdc9797b3ba169d96cf596143e1b45646e6885f3929dfd4d4dd1194466125d1875f0ac5558717aa7b9c7af2df469d7105d512d411f68733715642a0ca748f72757d0fcce607ae1cdd495550eb0b9077d36adf7480901142024d00000000") (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0)) (async)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000280)=""/82)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000e20a000000000000000000006a630000ffffffff18240000e4eb9e174797b21ce946542413ecc9f700c80088b7ec86259d28fb070cdfb54845abb4bdf472f7e6bff07caca7cecb9db958b762b85a9b1b7675d440d41d6898ecdf635bbd6676af0b09b13564cd4d7526d062f1ca1b95e6af79af5ab7a3b958ecfc5229cc8bfd55e8ac46ee90ec8c278d3567698f41fa020b0bf233d739ffd30c09fc725129e0c27cc2a139ae5bcdc6438e135891ad9cca688156521ce485852c25370c5aee674c044fb0916b6380a1787a5725d1c50860338abc5a6fec26", @ANYRES32=r1, @ANYRES64], &(0x7f0000000440)='GPL\x00', 0x7, 0xa9, &(0x7f0000000480)=""/169, 0x41000, 0xa, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000740)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x4, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)}, 0x90) (async)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000200)=""/104) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x7f, 0x80, 0x3b, 0x20, 0x0, 0x800000, 0x10c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x2, @perf_config_ext={0x5500, 0x81}, 0x6090, 0x99b, 0x7, 0x9, 0x4, 0x9, 0x3, 0x0, 0x4}, r0, 0xd, r1, 0xa)

06:59:03 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 23)

06:59:03 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x24, 0x43451)

[  567.808080][T19092]  </TASK>
06:59:03 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="0020000000000000000000180100002000001d00000000002020207b1af8ff00000000bfa1f4d049943383d021ffdfa8ed0000000000408252cb06d5f5909ffd020000000000e0b6030000deab440000e6cb6ca013b31ac63d3911000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:03 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x3, 0x4d, 0x40, 0x80, 0x0, 0x78737fa4, 0x40020, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x8000, 0x8, 0x0, 0x3, 0x9, 0x3, 0x4000, 0x0, 0x9, 0x0, 0x40}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7f, 0x1, 0x5, 0x6, 0x0, 0x0, 0x400, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x100, 0xd84, 0x2, 0x8, 0x100000000, 0x191d, 0x8001, 0x0, 0x6, 0x0, 0xffffffff}, r0, 0xffffffffffffffff, r1, 0x0)

[  567.857366][T19121] FAULT_INJECTION: forcing a failure.
[  567.857366][T19121] name failslab, interval 1, probability 0, space 0, times 0
[  567.881312][T19121] CPU: 1 PID: 19121 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  567.892879][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  567.902777][T19121] Call Trace:
[  567.905900][T19121]  <TASK>
[  567.908677][T19121]  dump_stack_lvl+0x151/0x1b7
[  567.913188][T19121]  ? io_uring_drop_tctx_refs+0x190/0x190
[  567.918656][T19121]  ? avc_has_perm_noaudit+0x348/0x430
[  567.923863][T19121]  dump_stack+0x15/0x17
[  567.927854][T19121]  should_fail+0x3c6/0x510
[  567.932111][T19121]  __should_failslab+0xa4/0xe0
[  567.936712][T19121]  ? dup_fd+0x72/0xb00
[  567.940635][T19121]  should_failslab+0x9/0x20
[  567.944967][T19121]  slab_pre_alloc_hook+0x37/0xd0
[  567.949728][T19121]  ? dup_fd+0x72/0xb00
[  567.953639][T19121]  kmem_cache_alloc+0x44/0x200
[  567.958235][T19121]  dup_fd+0x72/0xb00
[  567.961966][T19121]  ? copy_process+0x1062/0x3290
[  567.966658][T19121]  copy_files+0xe6/0x200
[  567.970733][T19121]  ? perf_event_attrs+0x30/0x30
[  567.975418][T19121]  ? dup_task_struct+0xc60/0xc60
[  567.980190][T19121]  ? security_task_alloc+0xf9/0x130
[  567.985224][T19121]  copy_process+0x1080/0x3290
[  567.989742][T19121]  ? timerqueue_add+0x250/0x270
[  567.994421][T19121]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  567.999368][T19121]  ? enqueue_hrtimer+0xca/0x240
[  568.004054][T19121]  ? __hrtimer_run_queues+0x46b/0xad0
[  568.009265][T19121]  kernel_clone+0x21e/0x9e0
[  568.013606][T19121]  ? create_io_thread+0x1e0/0x1e0
[  568.018468][T19121]  ? clockevents_program_event+0x22f/0x300
[  568.024109][T19121]  __x64_sys_clone+0x23f/0x290
[  568.028705][T19121]  ? __do_sys_vfork+0x130/0x130
[  568.033397][T19121]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  568.039208][T19121]  do_syscall_64+0x3d/0xb0
[  568.043461][T19121]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  568.049101][T19121]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  568.054832][T19121] RIP: 0033:0x7f7b6d82fda9
[  568.059089][T19121] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  568.078521][T19121] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  568.086768][T19121] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  568.094581][T19121] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:03 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x25, 0x43451)

06:59:03 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 24)

[  568.102394][T19121] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  568.110201][T19121] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  568.118015][T19121] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  568.125831][T19121]  </TASK>
06:59:03 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="0020000000000000000000180100002000001d00000000002020207b1af8ff00000000bfa1f4d049943383d021ffdfa8ed0000000000408252cb06d5f5909ffd020000000000e0b6030000deab440000e6cb6ca013b31ac63d3911000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:03 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x3, 0x4d, 0x40, 0x80, 0x0, 0x78737fa4, 0x40020, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x8000, 0x8, 0x0, 0x3, 0x9, 0x3, 0x4000, 0x0, 0x9, 0x0, 0x40}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7f, 0x1, 0x5, 0x6, 0x0, 0x0, 0x400, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x100, 0xd84, 0x2, 0x8, 0x100000000, 0x191d, 0x8001, 0x0, 0x6, 0x0, 0xffffffff}, r0, 0xffffffffffffffff, r1, 0x0)

06:59:03 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x3, 0x4d, 0x40, 0x80, 0x0, 0x78737fa4, 0x40020, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x8000, 0x8, 0x0, 0x3, 0x9, 0x3, 0x4000, 0x0, 0x9, 0x0, 0x40}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7f, 0x1, 0x5, 0x6, 0x0, 0x0, 0x400, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x100, 0xd84, 0x2, 0x8, 0x100000000, 0x191d, 0x8001, 0x0, 0x6, 0x0, 0xffffffff}, r0, 0xffffffffffffffff, r1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x3, 0x4d, 0x40, 0x80, 0x0, 0x78737fa4, 0x40020, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x8000, 0x8, 0x0, 0x3, 0x9, 0x3, 0x4000, 0x0, 0x9, 0x0, 0x40}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7f, 0x1, 0x5, 0x6, 0x0, 0x0, 0x400, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x100, 0xd84, 0x2, 0x8, 0x100000000, 0x191d, 0x8001, 0x0, 0x6, 0x0, 0xffffffff}, r0, 0xffffffffffffffff, r1, 0x0) (async)

[  568.199966][T19135] FAULT_INJECTION: forcing a failure.
[  568.199966][T19135] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  568.213888][T19135] CPU: 0 PID: 19135 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  568.225439][T19135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  568.235335][T19135] Call Trace:
[  568.238459][T19135]  <TASK>
[  568.241239][T19135]  dump_stack_lvl+0x151/0x1b7
[  568.245748][T19135]  ? io_uring_drop_tctx_refs+0x190/0x190
[  568.251223][T19135]  dump_stack+0x15/0x17
[  568.255210][T19135]  should_fail+0x3c6/0x510
[  568.259463][T19135]  should_fail_alloc_page+0x5a/0x80
[  568.264498][T19135]  prepare_alloc_pages+0x15c/0x700
[  568.269443][T19135]  ? irqentry_exit+0x30/0x40
[  568.273876][T19135]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  568.279511][T19135]  ? __alloc_pages_bulk+0xe40/0xe40
[  568.284549][T19135]  __alloc_pages+0x18c/0x8f0
[  568.288974][T19135]  ? prep_new_page+0x110/0x110
[  568.293581][T19135]  get_zeroed_page+0x1b/0x40
[  568.298002][T19135]  __pud_alloc+0x8b/0x260
[  568.302164][T19135]  ? stack_trace_snprint+0xf0/0xf0
[  568.307110][T19135]  ? do_handle_mm_fault+0x2330/0x2330
[  568.312317][T19135]  ? __stack_depot_save+0x34/0x470
[  568.317263][T19135]  ? anon_vma_clone+0x9a/0x500
[  568.321862][T19135]  copy_page_range+0x2bcf/0x2f90
[  568.326641][T19135]  ? __kasan_slab_alloc+0xb1/0xe0
[  568.331497][T19135]  ? slab_post_alloc_hook+0x53/0x2c0
[  568.336618][T19135]  ? copy_mm+0xa3a/0x13e0
[  568.340785][T19135]  ? copy_process+0x1149/0x3290
[  568.345475][T19135]  ? kernel_clone+0x21e/0x9e0
[  568.349980][T19135]  ? __x64_sys_clone+0x23f/0x290
[  568.354754][T19135]  ? do_syscall_64+0x3d/0xb0
[  568.359188][T19135]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  568.365094][T19135]  ? pfn_valid+0x1e0/0x1e0
[  568.369361][T19135]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  568.375326][T19135]  ? up_write+0x38/0x1f0
[  568.379497][T19135]  copy_mm+0xc7e/0x13e0
[  568.383489][T19135]  ? copy_signal+0x610/0x610
[  568.387910][T19135]  ? __init_rwsem+0xd6/0x1c0
[  568.392338][T19135]  ? copy_signal+0x4e3/0x610
[  568.396766][T19135]  copy_process+0x1149/0x3290
[  568.401277][T19135]  ? irqentry_exit+0x30/0x40
[  568.405708][T19135]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  568.410659][T19135]  ? vfs_write+0xa1f/0x1110
[  568.414990][T19135]  ? __hrtimer_run_queues+0x46b/0xad0
[  568.420285][T19135]  kernel_clone+0x21e/0x9e0
[  568.424632][T19135]  ? file_end_write+0x1c0/0x1c0
[  568.429312][T19135]  ? create_io_thread+0x1e0/0x1e0
[  568.434170][T19135]  ? mutex_unlock+0xb2/0x260
[  568.438600][T19135]  ? __mutex_lock_slowpath+0x10/0x10
[  568.443722][T19135]  __x64_sys_clone+0x23f/0x290
[  568.448319][T19135]  ? __do_sys_vfork+0x130/0x130
[  568.453008][T19135]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  568.458825][T19135]  do_syscall_64+0x3d/0xb0
[  568.463073][T19135]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  568.468726][T19135]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  568.474442][T19135] RIP: 0033:0x7f7b6d82fda9
[  568.478697][T19135] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
06:59:04 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="0020000000000000000000180100002000001d00000000002020207b1af8ff00000000bfa1f4d049943383d021ffdfa8ed0000000000408252cb06d5f5909ffd020000000000e0b6030000deab440000e6cb6ca013b31ac63d3911000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="0020000000000000000000180100002000001d00000000002020207b1af8ff00000000bfa1f4d049943383d021ffdfa8ed0000000000408252cb06d5f5909ffd020000000000e0b6030000deab440000e6cb6ca013b31ac63d3911000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:04 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x26, 0x43451)

[  568.498138][T19135] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  568.506382][T19135] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  568.514193][T19135] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  568.522005][T19135] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  568.529907][T19135] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  568.537804][T19135] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  568.545618][T19135]  </TASK>
06:59:04 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x9, 0x7, 0x4, 0x823, 0xffffffffffffffff, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x0, &(0x7f0000000000), &(0x7f0000000040)='syzkaller\x00', 0x3, 0x6c, &(0x7f0000000080)=""/108, 0x41100, 0x4, '\x00', r0, 0x25, r1, 0x8, &(0x7f0000000200)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x3, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[r2, r3, 0x1, r4, 0xffffffffffffffff], &(0x7f00000003c0)=[{0x1, 0x2, 0xb, 0x1}], 0x10, 0x6}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:04 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 25)

06:59:04 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x2, 0x40, 0x0, 0x0, 0x410a, 0x2000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100000, 0x4, 0x2, 0x5, 0xadc5, 0x4, 0x4, 0x0, 0x1, 0x0, 0x3}, r1, 0x6, 0xffffffffffffffff, 0x1)

06:59:04 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x27, 0x43451)

[  568.636190][T19165] FAULT_INJECTION: forcing a failure.
[  568.636190][T19165] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  568.651052][T19165] CPU: 1 PID: 19165 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  568.662604][T19165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  568.672496][T19165] Call Trace:
[  568.675615][T19165]  <TASK>
[  568.678394][T19165]  dump_stack_lvl+0x151/0x1b7
[  568.682911][T19165]  ? io_uring_drop_tctx_refs+0x190/0x190
[  568.688380][T19165]  dump_stack+0x15/0x17
[  568.692367][T19165]  should_fail+0x3c6/0x510
[  568.696622][T19165]  should_fail_alloc_page+0x5a/0x80
[  568.701654][T19165]  prepare_alloc_pages+0x15c/0x700
[  568.706604][T19165]  ? __alloc_pages_bulk+0xe40/0xe40
[  568.711636][T19165]  __alloc_pages+0x18c/0x8f0
[  568.716063][T19165]  ? prep_new_page+0x110/0x110
[  568.720661][T19165]  ? __alloc_pages+0x27e/0x8f0
[  568.725262][T19165]  ? __kasan_check_write+0x14/0x20
[  568.730208][T19165]  ? _raw_spin_lock+0xa4/0x1b0
[  568.734897][T19165]  __pmd_alloc+0xb1/0x550
[  568.739064][T19165]  ? __pud_alloc+0x260/0x260
[  568.743489][T19165]  ? __pud_alloc+0x213/0x260
[  568.748006][T19165]  ? do_handle_mm_fault+0x2330/0x2330
[  568.753211][T19165]  ? __stack_depot_save+0x34/0x470
[  568.758158][T19165]  ? anon_vma_clone+0x9a/0x500
[  568.762762][T19165]  copy_page_range+0x2b3d/0x2f90
[  568.767530][T19165]  ? __kasan_slab_alloc+0xb1/0xe0
[  568.772390][T19165]  ? slab_post_alloc_hook+0x53/0x2c0
[  568.777544][T19165]  ? copy_mm+0xa3a/0x13e0
[  568.781676][T19165]  ? copy_process+0x1149/0x3290
[  568.786363][T19165]  ? kernel_clone+0x21e/0x9e0
[  568.790875][T19165]  ? do_syscall_64+0x3d/0xb0
[  568.795303][T19165]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  568.801215][T19165]  ? irqentry_exit+0x30/0x40
[  568.805632][T19165]  ? pfn_valid+0x1e0/0x1e0
[  568.809888][T19165]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  568.815881][T19165]  ? up_write+0x63/0x1f0
[  568.819956][T19165]  ? __kasan_check_write+0x14/0x20
[  568.824905][T19165]  copy_mm+0xc7e/0x13e0
[  568.828893][T19165]  ? irqentry_exit+0x30/0x40
[  568.833343][T19165]  ? copy_signal+0x610/0x610
[  568.837745][T19165]  ? __init_rwsem+0xd6/0x1c0
[  568.842172][T19165]  ? copy_signal+0x4e3/0x610
[  568.846602][T19165]  copy_process+0x1149/0x3290
[  568.851116][T19165]  ? irqentry_exit+0x30/0x40
[  568.855539][T19165]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  568.861178][T19165]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  568.866132][T19165]  kernel_clone+0x21e/0x9e0
[  568.870468][T19165]  ? create_io_thread+0x1e0/0x1e0
[  568.875338][T19165]  ? clockevents_program_event+0x22f/0x300
[  568.880975][T19165]  __x64_sys_clone+0x23f/0x290
[  568.885568][T19165]  ? __do_sys_vfork+0x130/0x130
[  568.890259][T19165]  ? debug_smp_processor_id+0x17/0x20
[  568.895461][T19165]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  568.901454][T19165]  ? exit_to_user_mode_prepare+0x39/0xa0
[  568.906921][T19165]  do_syscall_64+0x3d/0xb0
[  568.911170][T19165]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  568.916813][T19165]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  568.922540][T19165] RIP: 0033:0x7f7b6d82fda9
[  568.926800][T19165] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  568.946234][T19165] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  568.954479][T19165] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  568.962295][T19165] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  568.970102][T19165] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  568.977917][T19165] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:04 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x9, 0x7, 0x4, 0x823, 0xffffffffffffffff, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x0, &(0x7f0000000000), &(0x7f0000000040)='syzkaller\x00', 0x3, 0x6c, &(0x7f0000000080)=""/108, 0x41100, 0x4, '\x00', r0, 0x25, r1, 0x8, &(0x7f0000000200)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x3, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[r2, r3, 0x1, r4, 0xffffffffffffffff], &(0x7f00000003c0)=[{0x1, 0x2, 0xb, 0x1}], 0x10, 0x6}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:04 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:04 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x2, 0x40, 0x0, 0x0, 0x410a, 0x2000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100000, 0x4, 0x2, 0x5, 0xadc5, 0x4, 0x4, 0x0, 0x1, 0x0, 0x3}, r1, 0x6, 0xffffffffffffffff, 0x1) (async)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x2, 0x40, 0x0, 0x0, 0x410a, 0x2000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100000, 0x4, 0x2, 0x5, 0xadc5, 0x4, 0x4, 0x0, 0x1, 0x0, 0x3}, r1, 0x6, 0xffffffffffffffff, 0x1)

[  568.985730][T19165] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  568.993546][T19165]  </TASK>
06:59:04 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18) (async)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x9, 0x7, 0x4, 0x823, 0xffffffffffffffff, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x0, &(0x7f0000000000), &(0x7f0000000040)='syzkaller\x00', 0x3, 0x6c, &(0x7f0000000080)=""/108, 0x41100, 0x4, '\x00', r0, 0x25, r1, 0x8, &(0x7f0000000200)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x3, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[r2, r3, 0x1, r4, 0xffffffffffffffff], &(0x7f00000003c0)=[{0x1, 0x2, 0xb, 0x1}], 0x10, 0x6}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x0, &(0x7f0000000000), &(0x7f0000000040)='syzkaller\x00', 0x3, 0x6c, &(0x7f0000000080)=""/108, 0x41100, 0x4, '\x00', r0, 0x25, r1, 0x8, &(0x7f0000000200)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x3, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[r2, r3, 0x1, r4, 0xffffffffffffffff], &(0x7f00000003c0)=[{0x1, 0x2, 0xb, 0x1}], 0x10, 0x6}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:04 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x28, 0x43451)

06:59:04 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x2, 0x40, 0x0, 0x0, 0x410a, 0x2000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100000, 0x4, 0x2, 0x5, 0xadc5, 0x4, 0x4, 0x0, 0x1, 0x0, 0x3}, r1, 0x6, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
getpid() (async)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x2, 0x40, 0x0, 0x0, 0x410a, 0x2000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100000, 0x4, 0x2, 0x5, 0xadc5, 0x4, 0x4, 0x0, 0x1, 0x0, 0x3}, r1, 0x6, 0xffffffffffffffff, 0x1) (async)

06:59:04 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000c40)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000c80)=[0x0], 0x0, 0x40007a, &(0x7f0000000c80), 0x0, 0x10, &(0x7f00000008c0), &(0x7f0000000cc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000d80)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f00000009c0)=ANY=[@ANYRES8=r1], &(0x7f0000000200)='syzkaller\x00', 0xb0d9, 0xa7, &(0x7f00000002c0)=""/167, 0x40f00, 0x8, '\x00', r3, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0xb, 0x67f7, 0x8}, 0x10, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x90)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9e, 0x9e, 0xc, [@datasec={0xa, 0x8, 0x0, 0xf, 0x2, [{0x1, 0x8000, 0xfffffffc}, {0x1, 0xffff, 0x7fff}, {0x1, 0x6e, 0x96}, {0x4, 0x7, 0x1}, {0x3, 0xaf15, 0x100}, {0x4, 0x2000000, 0x5}, {0x4, 0x8, 0x1000}, {0x5, 0x0, 0x80000001}], "aa86"}, @ptr={0x29, 0x0, 0x0, 0x2, 0x1}, @ptr={0xf, 0x0, 0x0, 0x2, 0x1}, @restrict={0x9, 0x0, 0x0, 0xb, 0x3}, @const={0xc, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x2e, 0x5f, 0x30, 0x61, 0x61, 0x5f, 0x5f]}}, &(0x7f0000001540)=""/153, 0xc4, 0x99, 0x0, 0x900}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001600)={0x1, <r6=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x0, 0xfffff57d}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ldst={0x2, 0x1, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x4}, @generic={0x0, 0x2, 0x0, 0x3, 0xbd34}, @cb_func={0x18, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb3ab, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000540)=""/4096, 0x40f00, 0x58, '\x00', r3, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x2, 0x6, 0x14000000, 0x7ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001640)=[r5, r6, 0xffffffffffffffff], 0x0, 0x10, 0x1f}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:04 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 26)

06:59:04 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x29, 0x43451)

[  569.138425][T19198] FAULT_INJECTION: forcing a failure.
[  569.138425][T19198] name failslab, interval 1, probability 0, space 0, times 0
[  569.151111][T19198] CPU: 0 PID: 19198 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  569.162658][T19198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  569.172548][T19198] Call Trace:
[  569.175673][T19198]  <TASK>
[  569.178448][T19198]  dump_stack_lvl+0x151/0x1b7
[  569.182961][T19198]  ? io_uring_drop_tctx_refs+0x190/0x190
[  569.188438][T19198]  ? kasan_check_range+0x6f/0x2a0
[  569.193294][T19198]  dump_stack+0x15/0x17
[  569.197290][T19198]  should_fail+0x3c6/0x510
[  569.201539][T19198]  __should_failslab+0xa4/0xe0
[  569.206138][T19198]  should_failslab+0x9/0x20
[  569.210477][T19198]  slab_pre_alloc_hook+0x37/0xd0
[  569.215248][T19198]  __kmalloc+0x6d/0x270
[  569.219240][T19198]  ? kvmalloc_node+0x1f0/0x4d0
[  569.223845][T19198]  kvmalloc_node+0x1f0/0x4d0
[  569.228273][T19198]  ? vm_mmap+0xb0/0xb0
[  569.232172][T19198]  ? __kasan_kmalloc+0x9/0x10
[  569.236690][T19198]  ? kmem_cache_alloc_trace+0x115/0x210
[  569.242068][T19198]  ? alloc_fdtable+0xaf/0x2a0
[  569.246582][T19198]  alloc_fdtable+0x163/0x2a0
[  569.251007][T19198]  dup_fd+0x759/0xb00
[  569.254829][T19198]  copy_files+0xe6/0x200
[  569.258908][T19198]  ? perf_event_attrs+0x30/0x30
[  569.263591][T19198]  ? dup_task_struct+0xc60/0xc60
[  569.268368][T19198]  ? security_task_alloc+0xf9/0x130
[  569.273404][T19198]  copy_process+0x1080/0x3290
[  569.277919][T19198]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  569.282868][T19198]  kernel_clone+0x21e/0x9e0
[  569.287205][T19198]  ? create_io_thread+0x1e0/0x1e0
[  569.292061][T19198]  ? clockevents_program_event+0x22f/0x300
[  569.297708][T19198]  __x64_sys_clone+0x23f/0x290
[  569.302304][T19198]  ? __do_sys_vfork+0x130/0x130
[  569.306994][T19198]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  569.312805][T19198]  do_syscall_64+0x3d/0xb0
[  569.317056][T19198]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  569.322704][T19198]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  569.328428][T19198] RIP: 0033:0x7f7b6d82fda9
[  569.332683][T19198] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  569.352124][T19198] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  569.360368][T19198] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  569.368178][T19198] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  569.376001][T19198] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:04 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2a, 0x43451)

[  569.383801][T19198] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  569.391881][T19198] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  569.399694][T19198]  </TASK>
06:59:04 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 27)

06:59:04 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', r0, 0x4000, r1}, 0x18)

06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', r0, 0x4000, r1}, 0x18)

[  569.567562][T19217] FAULT_INJECTION: forcing a failure.
[  569.567562][T19217] name failslab, interval 1, probability 0, space 0, times 0
[  569.603070][T19217] CPU: 1 PID: 19217 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  569.614636][T19217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  569.624526][T19217] Call Trace:
[  569.627652][T19217]  <TASK>
[  569.630431][T19217]  dump_stack_lvl+0x151/0x1b7
[  569.634949][T19217]  ? io_uring_drop_tctx_refs+0x190/0x190
[  569.640675][T19217]  dump_stack+0x15/0x17
[  569.644661][T19217]  should_fail+0x3c6/0x510
[  569.648918][T19217]  __should_failslab+0xa4/0xe0
[  569.653514][T19217]  ? copy_fs_struct+0x4e/0x230
[  569.658244][T19217]  should_failslab+0x9/0x20
[  569.662572][T19217]  slab_pre_alloc_hook+0x37/0xd0
[  569.667352][T19217]  ? copy_fs_struct+0x4e/0x230
[  569.671940][T19217]  kmem_cache_alloc+0x44/0x200
[  569.676546][T19217]  copy_fs_struct+0x4e/0x230
[  569.680972][T19217]  copy_fs+0x71/0x140
[  569.684793][T19217]  copy_process+0x10ab/0x3290
[  569.689307][T19217]  ? timerqueue_add+0x250/0x270
[  569.693992][T19217]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  569.698940][T19217]  kernel_clone+0x21e/0x9e0
[  569.703298][T19217]  ? create_io_thread+0x1e0/0x1e0
[  569.708152][T19217]  __x64_sys_clone+0x23f/0x290
[  569.712741][T19217]  ? __do_sys_vfork+0x130/0x130
[  569.717433][T19217]  ? debug_smp_processor_id+0x17/0x20
[  569.722633][T19217]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  569.728535][T19217]  ? exit_to_user_mode_prepare+0x39/0xa0
[  569.734001][T19217]  do_syscall_64+0x3d/0xb0
[  569.738512][T19217]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  569.744157][T19217]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  569.749884][T19217] RIP: 0033:0x7f7b6d82fda9
[  569.754136][T19217] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  569.773608][T19217] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  569.781826][T19217] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  569.789641][T19217] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  569.797447][T19217] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  569.805262][T19217] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  569.813075][T19217] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  569.820887][T19217]  </TASK>
06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', r0, 0x4000, r1}, 0x18)

06:59:05 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000c40)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000c80)=[0x0], 0x0, 0x40007a, &(0x7f0000000c80), 0x0, 0x10, &(0x7f00000008c0), &(0x7f0000000cc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000d80)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f00000009c0)=ANY=[@ANYRES8=r1], &(0x7f0000000200)='syzkaller\x00', 0xb0d9, 0xa7, &(0x7f00000002c0)=""/167, 0x40f00, 0x8, '\x00', r3, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0xb, 0x67f7, 0x8}, 0x10, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9e, 0x9e, 0xc, [@datasec={0xa, 0x8, 0x0, 0xf, 0x2, [{0x1, 0x8000, 0xfffffffc}, {0x1, 0xffff, 0x7fff}, {0x1, 0x6e, 0x96}, {0x4, 0x7, 0x1}, {0x3, 0xaf15, 0x100}, {0x4, 0x2000000, 0x5}, {0x4, 0x8, 0x1000}, {0x5, 0x0, 0x80000001}], "aa86"}, @ptr={0x29, 0x0, 0x0, 0x2, 0x1}, @ptr={0xf, 0x0, 0x0, 0x2, 0x1}, @restrict={0x9, 0x0, 0x0, 0xb, 0x3}, @const={0xc, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x2e, 0x5f, 0x30, 0x61, 0x61, 0x5f, 0x5f]}}, &(0x7f0000001540)=""/153, 0xc4, 0x99, 0x0, 0x900}, 0x20) (async)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9e, 0x9e, 0xc, [@datasec={0xa, 0x8, 0x0, 0xf, 0x2, [{0x1, 0x8000, 0xfffffffc}, {0x1, 0xffff, 0x7fff}, {0x1, 0x6e, 0x96}, {0x4, 0x7, 0x1}, {0x3, 0xaf15, 0x100}, {0x4, 0x2000000, 0x5}, {0x4, 0x8, 0x1000}, {0x5, 0x0, 0x80000001}], "aa86"}, @ptr={0x29, 0x0, 0x0, 0x2, 0x1}, @ptr={0xf, 0x0, 0x0, 0x2, 0x1}, @restrict={0x9, 0x0, 0x0, 0xb, 0x3}, @const={0xc, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x2e, 0x5f, 0x30, 0x61, 0x61, 0x5f, 0x5f]}}, &(0x7f0000001540)=""/153, 0xc4, 0x99, 0x0, 0x900}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001600)={0x1, <r6=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x0, 0xfffff57d}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ldst={0x2, 0x1, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x4}, @generic={0x0, 0x2, 0x0, 0x3, 0xbd34}, @cb_func={0x18, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb3ab, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000540)=""/4096, 0x40f00, 0x58, '\x00', r3, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x2, 0x6, 0x14000000, 0x7ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001640)=[r5, r6, 0xffffffffffffffff], 0x0, 0x10, 0x1f}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:05 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:05 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2b, 0x43451)

06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:05 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 28)

[  570.092998][T19237] FAULT_INJECTION: forcing a failure.
[  570.092998][T19237] name failslab, interval 1, probability 0, space 0, times 0
[  570.105746][T19237] CPU: 0 PID: 19237 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  570.117300][T19237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  570.127191][T19237] Call Trace:
[  570.130322][T19237]  <TASK>
[  570.133088][T19237]  dump_stack_lvl+0x151/0x1b7
[  570.137603][T19237]  ? io_uring_drop_tctx_refs+0x190/0x190
[  570.143068][T19237]  ? copy_signal+0x2d/0x610
[  570.147415][T19237]  dump_stack+0x15/0x17
[  570.151406][T19237]  should_fail+0x3c6/0x510
[  570.155666][T19237]  __should_failslab+0xa4/0xe0
[  570.160257][T19237]  ? copy_signal+0x55/0x610
[  570.164592][T19237]  should_failslab+0x9/0x20
[  570.168932][T19237]  slab_pre_alloc_hook+0x37/0xd0
[  570.173716][T19237]  ? copy_signal+0x55/0x610
[  570.178046][T19237]  kmem_cache_alloc+0x44/0x200
[  570.182649][T19237]  copy_signal+0x55/0x610
[  570.186813][T19237]  copy_process+0x1101/0x3290
[  570.191330][T19237]  ? timerqueue_add+0x250/0x270
[  570.196027][T19237]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  570.200958][T19237]  ? enqueue_hrtimer+0xca/0x240
[  570.205652][T19237]  ? __hrtimer_run_queues+0x46b/0xad0
[  570.211001][T19237]  kernel_clone+0x21e/0x9e0
[  570.215331][T19237]  ? create_io_thread+0x1e0/0x1e0
[  570.220191][T19237]  ? clockevents_program_event+0x22f/0x300
[  570.225834][T19237]  __x64_sys_clone+0x23f/0x290
[  570.230435][T19237]  ? __do_sys_vfork+0x130/0x130
[  570.235123][T19237]  do_syscall_64+0x3d/0xb0
[  570.239367][T19237]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  570.245014][T19237]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  570.250738][T19237] RIP: 0033:0x7f7b6d82fda9
[  570.254990][T19237] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  570.274438][T19237] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  570.282679][T19237] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  570.290484][T19237] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  570.298299][T19237] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  570.306109][T19237] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  570.313921][T19237] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  570.321739][T19237]  </TASK>
06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:05 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa900000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xc000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x5}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x1, 0x2, 0xe837, 0x9959f0c0fc4449e4, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x4, 0x2}, 0x48)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7, 0xfff, 0x4, 0x400, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x6}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x4, [@func={0x1, 0x0, 0x0, 0xc, 0x3}, @enum={0x7, 0x5, 0x0, 0x6, 0x4, [{0xb, 0x1}, {0x0, 0x7}, {0xc, 0x6}, {0x4, 0x3}, {0x3, 0x2}]}, @typedef={0xf, 0x0, 0x0, 0x8, 0x3}, @const={0xd}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x1}]}, {0x0, [0x61, 0x30]}}, &(0x7f0000000800)=""/62, 0x84, 0x3e, 0x1, 0x39}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x6, <r8=>0x0}, 0x8)
r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000980)=@o_path={&(0x7f0000000940)='./file0\x00', 0x0, 0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xc, 0x26, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffff2ac, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x6, 0x1, 0x0, r4}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1000, 0xb2, &(0x7f00000005c0)=""/178, 0x40f00, 0x44, '\x00', r6, 0x2c, r7, 0x8, &(0x7f0000000880)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x7, 0x8, 0x7}, 0x10, r8, r9, 0x9, 0x0, &(0x7f00000009c0)=[{0x5, 0x5, 0x9, 0x4}, {0x4, 0x2, 0x9, 0x5}, {0x3, 0x4, 0x10, 0x4}, {0x2, 0x4, 0xf, 0x4}, {0x0, 0x2, 0x4, 0x3}, {0x4, 0x4, 0xe, 0xc}, {0x2, 0x3, 0xc, 0x3}, {0x3, 0x5, 0xd, 0x5}, {0x5, 0x2, 0x0, 0x3}], 0x10, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:06 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa900000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xc000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x5}, 0x48) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x1, 0x2, 0xe837, 0x9959f0c0fc4449e4, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x4, 0x2}, 0x48) (async)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7, 0xfff, 0x4, 0x400, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x6}, 0x48) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)=r0}, 0x20) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x4, [@func={0x1, 0x0, 0x0, 0xc, 0x3}, @enum={0x7, 0x5, 0x0, 0x6, 0x4, [{0xb, 0x1}, {0x0, 0x7}, {0xc, 0x6}, {0x4, 0x3}, {0x3, 0x2}]}, @typedef={0xf, 0x0, 0x0, 0x8, 0x3}, @const={0xd}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x1}]}, {0x0, [0x61, 0x30]}}, &(0x7f0000000800)=""/62, 0x84, 0x3e, 0x1, 0x39}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x6, <r8=>0x0}, 0x8)
r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000980)=@o_path={&(0x7f0000000940)='./file0\x00', 0x0, 0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xc, 0x26, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffff2ac, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x6, 0x1, 0x0, r4}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1000, 0xb2, &(0x7f00000005c0)=""/178, 0x40f00, 0x44, '\x00', r6, 0x2c, r7, 0x8, &(0x7f0000000880)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x7, 0x8, 0x7}, 0x10, r8, r9, 0x9, 0x0, &(0x7f00000009c0)=[{0x5, 0x5, 0x9, 0x4}, {0x4, 0x2, 0x9, 0x5}, {0x3, 0x4, 0x10, 0x4}, {0x2, 0x4, 0xf, 0x4}, {0x0, 0x2, 0x4, 0x3}, {0x4, 0x4, 0xe, 0xc}, {0x2, 0x3, 0xc, 0x3}, {0x3, 0x5, 0xd, 0x5}, {0x5, 0x2, 0x0, 0x3}], 0x10, 0x6}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:06 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa900000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xc000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x5}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x1, 0x2, 0xe837, 0x9959f0c0fc4449e4, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x4, 0x2}, 0x48)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7, 0xfff, 0x4, 0x400, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x6}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x4, [@func={0x1, 0x0, 0x0, 0xc, 0x3}, @enum={0x7, 0x5, 0x0, 0x6, 0x4, [{0xb, 0x1}, {0x0, 0x7}, {0xc, 0x6}, {0x4, 0x3}, {0x3, 0x2}]}, @typedef={0xf, 0x0, 0x0, 0x8, 0x3}, @const={0xd}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x1}]}, {0x0, [0x61, 0x30]}}, &(0x7f0000000800)=""/62, 0x84, 0x3e, 0x1, 0x39}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x6, <r8=>0x0}, 0x8)
r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000980)=@o_path={&(0x7f0000000940)='./file0\x00', 0x0, 0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xc, 0x26, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffff2ac, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x6, 0x1, 0x0, r4}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1000, 0xb2, &(0x7f00000005c0)=""/178, 0x40f00, 0x44, '\x00', r6, 0x2c, r7, 0x8, &(0x7f0000000880)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x7, 0x8, 0x7}, 0x10, r8, r9, 0x9, 0x0, &(0x7f00000009c0)=[{0x5, 0x5, 0x9, 0x4}, {0x4, 0x2, 0x9, 0x5}, {0x3, 0x4, 0x10, 0x4}, {0x2, 0x4, 0xf, 0x4}, {0x0, 0x2, 0x4, 0x3}, {0x4, 0x4, 0xe, 0xc}, {0x2, 0x3, 0xc, 0x3}, {0x3, 0x5, 0xd, 0x5}, {0x5, 0x2, 0x0, 0x3}], 0x10, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa900000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xc000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x5}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x1, 0x2, 0xe837, 0x9959f0c0fc4449e4, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x4, 0x2}, 0x48) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7, 0xfff, 0x4, 0x400, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x6}, 0x48) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, &(0x7f0000000080), &(0x7f00000001c0)=r0}, 0x20) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)}, 0x10) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x4, [@func={0x1, 0x0, 0x0, 0xc, 0x3}, @enum={0x7, 0x5, 0x0, 0x6, 0x4, [{0xb, 0x1}, {0x0, 0x7}, {0xc, 0x6}, {0x4, 0x3}, {0x3, 0x2}]}, @typedef={0xf, 0x0, 0x0, 0x8, 0x3}, @const={0xd}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x1}]}, {0x0, [0x61, 0x30]}}, &(0x7f0000000800)=""/62, 0x84, 0x3e, 0x1, 0x39}, 0x20) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x6}, 0x8) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000980)=@o_path={&(0x7f0000000940)='./file0\x00', 0x0, 0x0, r0}, 0x18) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xc, 0x26, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffff2ac, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x6, 0x1, 0x0, r4}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1000, 0xb2, &(0x7f00000005c0)=""/178, 0x40f00, 0x44, '\x00', r6, 0x2c, r7, 0x8, &(0x7f0000000880)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x7, 0x8, 0x7}, 0x10, r8, r9, 0x9, 0x0, &(0x7f00000009c0)=[{0x5, 0x5, 0x9, 0x4}, {0x4, 0x2, 0x9, 0x5}, {0x3, 0x4, 0x10, 0x4}, {0x2, 0x4, 0xf, 0x4}, {0x0, 0x2, 0x4, 0x3}, {0x4, 0x4, 0xe, 0xc}, {0x2, 0x3, 0xc, 0x3}, {0x3, 0x5, 0xd, 0x5}, {0x5, 0x2, 0x0, 0x3}], 0x10, 0x6}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:06 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 29)

[  570.764910][T19282] FAULT_INJECTION: forcing a failure.
[  570.764910][T19282] name failslab, interval 1, probability 0, space 0, times 0
[  570.830091][T19282] CPU: 1 PID: 19282 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  570.841655][T19282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  570.851540][T19282] Call Trace:
[  570.854666][T19282]  <TASK>
[  570.857648][T19282]  dump_stack_lvl+0x151/0x1b7
[  570.862148][T19282]  ? io_uring_drop_tctx_refs+0x190/0x190
[  570.867618][T19282]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  570.873259][T19282]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  570.879242][T19282]  dump_stack+0x15/0x17
[  570.883234][T19282]  should_fail+0x3c6/0x510
[  570.887491][T19282]  __should_failslab+0xa4/0xe0
[  570.892093][T19282]  ? copy_signal+0x55/0x610
[  570.896428][T19282]  should_failslab+0x9/0x20
[  570.900767][T19282]  slab_pre_alloc_hook+0x37/0xd0
[  570.905543][T19282]  ? copy_signal+0x55/0x610
[  570.909880][T19282]  kmem_cache_alloc+0x44/0x200
[  570.914486][T19282]  ? _raw_spin_unlock_irq+0x49/0x70
[  570.919517][T19282]  copy_signal+0x55/0x610
[  570.923681][T19282]  copy_process+0x1101/0x3290
[  570.928201][T19282]  ? timerqueue_add+0x250/0x270
[  570.932882][T19282]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  570.937830][T19282]  ? enqueue_hrtimer+0xca/0x240
[  570.942635][T19282]  ? __hrtimer_run_queues+0x46b/0xad0
[  570.947845][T19282]  kernel_clone+0x21e/0x9e0
[  570.952183][T19282]  ? irqentry_exit+0x30/0x40
[  570.956605][T19282]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  570.962243][T19282]  ? create_io_thread+0x1e0/0x1e0
[  570.967111][T19282]  __x64_sys_clone+0x23f/0x290
[  570.971706][T19282]  ? __do_sys_vfork+0x130/0x130
[  570.976394][T19282]  ? debug_smp_processor_id+0x17/0x20
[  570.981599][T19282]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  570.987502][T19282]  ? exit_to_user_mode_prepare+0x39/0xa0
[  570.992969][T19282]  do_syscall_64+0x3d/0xb0
[  570.997344][T19282]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  571.002954][T19282]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  571.008680][T19282] RIP: 0033:0x7f7b6d82fda9
[  571.012933][T19282] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  571.032380][T19282] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  571.040617][T19282] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  571.048427][T19282] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  571.056242][T19282] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  571.064049][T19282] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  571.071864][T19282] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:59:06 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r0}, 0x10) (async)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000c40)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000c80)=[0x0], 0x0, 0x40007a, &(0x7f0000000c80), 0x0, 0x10, &(0x7f00000008c0), &(0x7f0000000cc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000d80)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f00000009c0)=ANY=[@ANYRES8=r1], &(0x7f0000000200)='syzkaller\x00', 0xb0d9, 0xa7, &(0x7f00000002c0)=""/167, 0x40f00, 0x8, '\x00', r3, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0xb, 0x67f7, 0x8}, 0x10, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x90) (async, rerun: 32)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9e, 0x9e, 0xc, [@datasec={0xa, 0x8, 0x0, 0xf, 0x2, [{0x1, 0x8000, 0xfffffffc}, {0x1, 0xffff, 0x7fff}, {0x1, 0x6e, 0x96}, {0x4, 0x7, 0x1}, {0x3, 0xaf15, 0x100}, {0x4, 0x2000000, 0x5}, {0x4, 0x8, 0x1000}, {0x5, 0x0, 0x80000001}], "aa86"}, @ptr={0x29, 0x0, 0x0, 0x2, 0x1}, @ptr={0xf, 0x0, 0x0, 0x2, 0x1}, @restrict={0x9, 0x0, 0x0, 0xb, 0x3}, @const={0xc, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x2e, 0x5f, 0x30, 0x61, 0x61, 0x5f, 0x5f]}}, &(0x7f0000001540)=""/153, 0xc4, 0x99, 0x0, 0x900}, 0x20) (rerun: 32)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001600)={0x1, <r6=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x0, 0xfffff57d}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ldst={0x2, 0x1, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x4}, @generic={0x0, 0x2, 0x0, 0x3, 0xbd34}, @cb_func={0x18, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb3ab, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000540)=""/4096, 0x40f00, 0x58, '\x00', r3, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x2, 0x6, 0x14000000, 0x7ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001640)=[r5, r6, 0xffffffffffffffff], 0x0, 0x10, 0x1f}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async, rerun: 32)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 32)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:06 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 30)

06:59:06 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2c, 0x43451)

06:59:06 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x12}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0506617, &(0x7f0000000040)=0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
close(r4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002b40)={r4, 0x0, 0x1000, 0x6b, &(0x7f0000000a00)="5a595b0d1d4ebf10c61b8fb7bc050abc6c3b8361ae1be22d1855626ffc4e1c8a34e438099330d9a427ee2310fad1dc1da13173e9929c5f5f8983f3e5fadd57f04c3629891fd44aad6014fd7fe4daba066d9b180cbb0ce59b1ca581dd68729eec468dbf6440ae2e22e0097bc69e11e4275160e27e278cd1011c03b0acb803ff5a3cac662fc9c2e4f87b7f1f8cc220489a88fcfbd31376713275a8cecec15e5ed04273ad0e408070a6761ee461f55fd036b06621d0bd813fc240078f208a969c42e5eb96396b71961f9e53a30a571a9169c532572932e93de2b6e9d8d0327473ea5f7cac3e2621e94b70d7ca0641030da4e308c0c226461d75c5e77790d2857bd0f6298820c178d15975b1b6ee6da2005b44aaca837ff73fbad1ce524cb39765986255f8eecdcb361f88426f41ce1529abf161f6e27ceb19577b24b93d5f62789232a067b35bd829841b97ba65cbbcedbe1721ec9da4a168f2fe5797f9cba174fde015434829b342eddcf6aa22b1e6859d1966ecb3723235787b08ab99a2605efe529bb62fb16f320e8a0eaca308ec0fec5a63dfdb23e84a8cda18609ba1cb253000fb0b2ffd4d09bc8255eff1a527426d5402b4a9988e2f63947655d4b73220d0113ac3395cc63af2b81b9da271309b76a1c708bc13335df851c201f89658264003ab4dc59086cf780f78e583ebe12601c4bf0b8d4ceeb5f5e0a518b98d99a743168ddc9243b0b808d8a7668b0b28a22867a81040ee95c794c8f2f587a104d355484beb7629d7c4b86f3ccc0e1b22a2fea0b9ceca4138425913664d9f6892401de0b72f74636d6c12ca28254da6e08bec83021e92f55e80f9fca5714d72c62a4718732f09ec64b22e0e8d0f53ffd55de1396376f2630be05a433f66a770cd71b981516f80e44bd75d669f18a56b7f7dff30c68548cc11cebc927df4a78160dc5b2384ecfeaf6d95aaa0d89745765bd293cc1908c63ce2e8266203335764431388fa1466f457c7b10f6d103cf4e69c597231f3b8eac52dc756f669c856a5718bd72307f7d27ff82bd877714fc319dff3ae3cff7f603b01b84421dd46a7e149b1687471cd4b0ebd952c13c4060e195dd058aa375d99138372f81067c7f021a76b8713fde27bb284b565e86bfd4da1336e99879f741d5f66b97aa1470dfe828f0c027a4df7f5ec2a83b330dd6d8fa376362425a07956ba81e231f941b9f7d321b081150b23e00bc7b7f5aab394deef73226ff1e2f7ae012b1e83fd60d9c2eb656dc036315244bd9a2a699db28034bc9a78631b7834ec6cfda352811fdc7807e311b0a09779e120f696ea544ce2c0636e1ef47d0f2291a01760940238d163e6eb59b3a81061317a7ed0c51d0c26e43ee9e12deee7c8d9278d3f2c1718aadf54449bac0ee8236959f73c5265a20cd042b45ee53b02e21abac98405f1d80cf08e3e10f3a9482f7cad45be3a9a11cfecce23b6066a281b66da3d2029a26999be40392ee1926d70ba604e752a13ad0a3921bc1e0c4f1bb9f6af0f7d0628e96494a6c8737144d46505a32fdfc8f287caf8e0a890d0c185db44e3a22063594996fa284bba4db10132bd06728abad860ccc4207549182a254b1175d35c7fe8a03b36e2c3c86abadc582085c6e48dc0c96ef5e48d630e7a05fc937cfff33dd0ea52e9c7fdb7591a4aec9859d80f6d7ba66d825893cf95b3be2a6f3fa1f0938fc59a55878eb53767ad190ef552466e21128cd13844cc92171f02c53c5bd9130483b396b1afa3627e5e67ac24feeba6cc30be155ed243cb739331f07b27b4cecf59498e311e10816a270191874f7425de881d834c61d1dc0db10e6b5f966c203ecd68332fe2abb11bd11d732d8b4c8d3adf5e7f5a9aac60d54b5835e827a56b94dc03afaaac94421346ed39eedae7f57778ac7d739976b070c435a1065c7400a6392fac42921105428fd1e90178ce34275f57af58f8a365840f9b4640796b9a22a051ed6c8bfc5d160da1fd962b3944ebe6eedd69505d4f0a2ff9b8873f4185d4cdc8f185f18fdd5b71fbe8beffb3231a3d7af560fe21dcf993a1a7193b0909af349e40a40914e5a1d69e3637f7979a4624a38ac8a9fda7195e5c1b3a13d643cefbd47736a60403c36963bf5f67c477c585b870302a12bedbb34ad3a9c8506cc6a9a8c6f87082e462ed7552e61111081bb219adfc4f138e908cb8a2a9e7e3775db0ec046ea6147aec6fe288ea2f5b892d64b2a71d100f9a98e3aa44016cb864a6e4beb3c3f546ba49f9b5b22d247a0a0ea0ad45630891cf44f660a80273e0d8ce84693bbc848d20f9a040e2e7c4970e117525fdcff8997b2d5df5ac2722a2709dc01e98e987da36d3f4c9fb94b6a47f482cda72aa8a974c79d003510d1431622d4f7a95a5ddc1a1246f349de76707340d9fc5a99a15c1516337b6de8ade630c6db138a2411a4bd3de2c51a71aa4f6e2697cf9beb5ed213f0bece714099377803b825b854e9013b784727fe2e11ea1960d3df0b90599b57e08c0fde0bf52a49562176e7f6de8832d09c74ba3abb936cb13332b0059c80536a28d5cb4f3d7a4a1cdb507a03bb2877b3baa9baef5ef550589e98125483a382c99ef341fe4c3425f0de1fb6457c0738ef9ff8fcf42ec13849464f91d8607c1ba4e7aea30d9e2f34964582ede647489fcf74687e8f77799be61eb08b69c8e609ad1070b9f7953e5d6dc7aa955df7baab44d4bd0223774afdc50fc40793295e7b0812b2ab1233922385b4cdb841e3fccab926609f22bf40aa9dbd9cdee2e1b8e326659113af95b67ae6d3c4b073bab1a04e03520b75758128b6cc561909be57fcfe379729120853f1883ba6a6649b24b374cacea7d3f43d762662a5fc4d6abe01de67e2a072122a47663d52e75aa957711f003a8bbe07376bfd2dc0dce7d8fc57dc1aa6f65dfb4c3e600b173cf0a6eada60c41c393ab8a71ebc6703fd04a385aa0da98c5d5c2cb3323005e60b7cb4c3dfc95fcaf9386a83a07e5c5512c8f6a7e4e4143d339989259d92e3d2bf28d09eb23a7c3ccd141ebea0efc7e052b2e78021a88b0e831cfdbeef66e4def765cb1084d0ab490f5cfd4dd133a8e22c666ef164297f88fd28ff0d856c10faf036f795031aa37dd58d69d4430d908923f8db00f11a1f30e0b660ccdd82e44158972bc3c87d2a63cf8ff916a7924933a1b00d5274861d6e148d9f9c9b04b8a5d4a17761b52c4ac750748c50488455d2d15f0e1fec40750fdf79271a604b2e1bf04a2974d048d1b1c126e2956b215297fc88b6ce6db48a6e23299437fe4710a7e4ee9c862a3a912528909d5972d62fa6f29bd2cadb893f355cd27220aad6d21f68d605df0df13597aa7f463624060f117665181cb46bd93dd6ee62b3e9c1f5344bf14129788168ce77ef3ce5e6c0c593e84ba923f8eb10477bfa8e68db7c3041f40deb5f33ec5245ede2025e178e0f07238b095dea13d3ed474b91134ebf536f27987d97d0f4227c7d2bea2756dbbba2c350b30339eab9467b73ac9e7a88807e7f7b416ac065829db0683ffcb2fc336fab117d3570e8ede46b54ce56747f4cde91a97aa89749332f819bc89d619ad8b0490e0ff269d7eee5e98406bfd60d421e14b54bd8d912a114329ec9c1b81de7fd0ee2030cab35d9e55166ed6d7c4ee6130ba73a670c710695e398bacceeca9d29b1a346897461d1ca4720e49ee1ae8cc60b9db0863f9657e719510fe8571d7cce6cc38407bd75d3e619cc999d9c6168f67c1fbc893bb4a654ebde15ceb10782d22c24eda90583285f1c733b6b45f1e802948f268394bcf7498234a1ad1532803d469793856cdd78afa20a95449e1d640a73e84ee92749eecd15a1df41919b0476381e40628bf5315616064177ca3aae6adb93ff654db617765a9a225d7e3268e33156fb63135b7415aabe271f63a7db3ad57631f2161c31fd4168a2af9a2d517944f09aeed216c2304880995e097295c8f73093131d1d45b473535859bd66866606ffc63ce2e85391ca936ba744ac5f30942aa5cb79d5a999755a7d950fb58287c31909aeed29df1b23833555c1a76071db3904fbb5cf39323ec3712d1337715e2519bdacc6b4a63750306b703385296d18864864509f27a50d0c5204befef9557f22ee1a3dc622c98e70061405c1bf77b0b8ab17e396a840efb9dcbe317598ea9e774a021cc3e2441bf4655c73e751f9135c76a1769275132ee840c94a9d3eda6f9c050354f077b5bb7865b90386df50678947b8e3f4b3b94542ec38489fde96b684b7e8405dfd9370e8f30dd9be745cf11cb63f5f659151f7bd0c4e9d62af0eb5eec41c15e9f97948d27be15eed8c8911b2987bd2f4934f5c32b7f039b5255929aa33dcfdc653c1282fe1c2d24de4f5e1486a96a27586140a0a902e93880c0a52016016b467ba14fe33b0f2045c8424214db1a0f8204960b6fc20a6f09a67a98feb3b7ed394b512b64573572a5545960360e286cf77d8d8d629f2238e1b72284f2b92f39a2a84890bfa79ce539502050cb999ea9b445c0662494cf4dea2eb712af7322f79c560ef71d448be5cbe4b94785f0d89a864ab0b952bdccc69e0b5becca76424175a788edfc875dd2ab393aafa2c1530b7fb455383c14716c09658fb8555225d4c0c53d02c80ae322a20927315ed084c9537977fc81286184069fbbae49492130cc815436c9cf19a5c017d22e704c7eb55f4a71f2b28140d8c6353c4a752152461145aa945adaa722ae82ff0ed191f7183054cbe5b5a7d60053b31165cdcbb7de2268b20c23129f3c67ec2e17094037622e664fb7d90e34b1f65c5d924cc2c93c7ba6091f1404a2a1986635eea12fe488c295928761e9f30bdb0cb5c85d9add57f2319936c31d146cfed5c1652e4f70cc933c409d3798f7983e62cd52e065877047a6f8f99a79f0e9c4f24b6aa2ff2f7eea2f79fb2f3015bf5ce0c60be360bc44e4e9c0b3c009c1041835dce45150bb4c33eff859b31cd34dc241902ddd84652f6eac4d3d399e54cd8801e19a4307d05f3f44d438a093eefa7b30b30ea6fef1510878bb3743d6efa0f92531f076b3618a581eb342bad564c379adbdcbefc082cebcdba529780e127945bc3bb4dff1af92914cdafec31d5f302097ed685a5015fcf70a8bd975e68472e79982233031c1ae3837872ddde7fc756757d88c044a019502c5fbddde9723228abfed79bcd380f885af9bcc4a94083ef4edf9d091dffec0eefea814857e1718ea2b6aca4e060504af53723adfc5064cedbe7ae27b30bab748348b24d846b93c6180a5e22efa740a75ddb167bba4e8fa8f3f8a491e5aed68ca3c5bde5364a3ba14b541fc190bccb4c171762353e242a2bc3bb9cf9d80895df57b7fb70050020d9ee3915cc67b2d1a752f1271d108ec3ffb3f13910e66ff6cb54e3cf17c2b79b9de357839fe7e98789bb8320ef40f9d8eab5512fb66b9f4d632e10cb0ca18a80ffcb35c608d43cc01831213e23dea7b1cdfd474910604c57057ce4fa309a640013a47c94b38df1969766f060d02d76a8a12a348cb6d52618e308c6d50fdf68dbc8c3a8648d8820061df73b8ad5f1f6fea58c609629a0e19913e2f44f6a7f2b7b6c0f3fbcb6189f72f15bae45ebc5c7f6acbfb91389606e5276c6160954c7e026d381bd68422b293e81d97eb64320cf8af99be13f2a4f736f0b07efcc66c5d458161c52d2b7803e3affd5cc3bdc747707ec7ca7e9e97f762bee65ba73a40674f40787da0e81e0e4d1d993519b750f7e840706c3672c14eec74c06e28acebc2f2b03147aab6913de5e99b", &(0x7f0000001a00)=""/107, 0x4, 0x0, 0x1000, 0xae, &(0x7f0000001a80)="5b99bbc37c615c6cf317b613b5c3883a634c210528c52a3abfcc9d656b508de13ae4f3733aadd04f4d8192b7031dc06eb798d66305b52b07ef36f7a1bc31ee566f492a3021e232a64ae4f17764b04393be7eceddbaace4cf282561ba06694a0675095b51bd3c859d30bc7198b5a6947ae9534aa1abde192e07130623d74ead5b561b7786ef39a0945a4440cf66044e1fc26957b41e5ff48f3d7d48f46ac510a7dace244795ae1875cafc552f826f8637cfc525f0bca04b4a475a749c396e5a96bf0a77c4d2aea571493bdf605aaa3194cca59cfb11125895870047b43cfef35f1b18d8c595522459f1fd093449c1154e646d3658615272d5e351d3bd82f0bb90c9107ea6af26f70d9dd0c44c008bdca25a66667084edd87fbfd65958d0f17c57d8e3d57ffaa344e13a0fcfab034fe2e9a7b6110de96ac04221556dd1b34330527c1d97431953f11d841bafb180f2a92854eee1a2ccda14409b59817f23bac23efa7773a50f9bb9949a40ce71b7b9c6aa94b8d65cd4cf5067da1b378d78891b2581ed19baf97a2ebc37ae54075e1f17f8943534e1fc5e40ad9631afcbe1094c1a8c14cbe5e5abcd448d340a0480a44b59805dcf85270966c5d4ea6c3f874978e9d2dedfb62eece441f139122b5c2d6a25f74802a6d98c93032da6bb4a2c563b6a2ad28ac4687372ede10603b5ed57d47782ceacc0e22c3e898bfef6b9cd07d407f35ba42708df4f38424197551e471de709ccf32ea40beab4d5e5404314ca097b3951c92456e09513bf27259ad14d916576e630f3192fbcfc3132f7101b6f8554abf6a286cd57926d2de3481e03faede6e3ba0281df489d5c3e1607854b253305c110b25e0428460858516d3742acf4258a1c7d9b6a39d6786138a639c2449b018e872c110aa41f9de86dd23aab38f8d3be57511e6f25811df22f4f10394c758742be6556c32f058a9288a9137b249d0b985bf18592c97af56aeeef106ecaabc063dbae8dc1aca69782458321e61bc3613c1c7f8a95471aec55f75de9790989c0406fcef1e07920ee486e75214e7a75fdd38287a8235c03b06b2afa6d7afdfeaf46a616426ffba20885e12e7828543ea3cd184b60c7542a9693b6ddd0c378dddcf28090c5dd4a7d33f0b4459aed455fd620d64ddb36ae751d1306db6198c4adad7e4eacc6453e88aefa3b6740d231bee9c1e24e03d83f2c76be00a0ca0ebe8bb7f76260b2a8d6563b2c0363071128c78d6b2780364cdda806deb1aa3d28bf04cd09609c773faf1b108830e3a988a42e43b7a094157bcae640f3553f857ddb8a75f1559b6a7261420539a2e0d002e374ca7623613231d86fa0e41307ccce3e6398830c0100214c5e15353860a6ca35743f793937825c111481b2b9d3fbaa0141444f56d77804c304529aa9ffbb0991021ef67550cb502027b720f73a572b9b9402119f686c53f0a190e5752e7a12c5577e0c152c3e4bd5c176f3f120b6c2a13d1181accf7a4cac961bd0a6e23afe2e9ed524f4276952714eabdaabfe72f029b08aa8aa9ab54ea99c572416bcc9b86d3b2f7c2a0f8ef383c714adf0f43548a639b145650a57e328786eb75555bf112ba59583eb9104bd928a2b206c4677d21aa301df354cd617e1f0682e034c7b8bb9257ab33a53b5a7fcab4c438041fe190ef8da395926626c0d3814243b7442806bc26e2ff4d77ab310bd811c40282cf535e836da2882665b78e0c7f2514a4a79c363edb400a76b3af7c5bf4ddb7222ea653603c6a54b42277caffdef85f37e34a3d4ff9ca075479d86e1f781eaba39087e1844dd5ccc13fa55aab93fc90bb67bc8a72d5e0325fa36cee50b7fd4869c45bd85bb5abaa2edebf26d43bb761207d185037a2d013764c26798ec132e8f5b4388eedf45f3e607e2735f96194fcc4ded6626830c3053be12525a07811e8336c7b71c81d6926c7e89958c4cf5dc691c89874a06c991c5d1ac0dbf0c2595261937ef08971513b16e4e3bc67ae0660734bd32f1c3d72c1083858cff046f0a64e43f3867a3c85f0099f330aba587aac11330d7f7babc885dffa29884f614c40582000c22b9d190a67f51094bea847f483954bdc3545e5b5fce43037fbe799c8f720a7d906d4e5078e61b55084df03085fbc619a9eda35bbac60d0ebca2532e0b715abe18c554380be7a8e08c1a9a62babc1c7d488f683e8efeeb6af58fcc4796d9f4de602a395f03464695e31b43df7a50d2bafcfff5923dffffff741ffc8f71bd0812ca52d005793c28c6ba329613e998ed45a6e45595bf36270a2a7f8e54a7f8e881683823749da7aeb3e23f7db09996fb1e36299702d0b8544b0b7f3d16922bbdc698ccb3980b127d422990b207cf2547d6c52d8c3d7c03df9ce6a025dfd8f85d6dbc9a6e72e25f2c21e4231a2bd31d527b67e3cdd8eef31cba4458967cdf09b969883d1fc6df40271b073b4c6a8317aea5a1a5a462946412db346c57cbf61b54f7bea289aa3176b0346badc1c5181a2c2ff744a7a2061fe3c7a14bce312f9f09bff3e247cabd26d44522e1ddc7708bdd1c2d47ba2cb2bef76661a85bc28eb0f205b323b7eaa4e976cb31e7e017910f9c58cc152ae1cb3e3d0c5531f7b60265b608bdc3a540d4647caefd63a5f00da560dd1267f3454d17c209be3b1d504cf2170689834022a9b98bd2c36a48990a22c08fafc73b486fd47694be6213034dde5381d990e33af0bbaac18ec7f5501d63b0c040c6ceeafdce7a162f3cbe426313ad36b50a2172445f763e3300f0f22cc55e83f1c9cac230f4b1862966429e619ad56ffd3d763a567888a8063934ff996890047052cee5988c4ee7272dd17284bb07b63db7b955d0e39fd95515d25effb34e45bb96ce9a2db703af38dab726aa575294d2c0a3a83bf9508e6d29f58f445f760179af6aa5ca60bf583c37a6e349709700d5fed860ac03c74351e627a4fce26eb559117e16b9e8ecf58aab84708a9c8c2cc51a66a2c8e793465945627db1c87e60f6611e5f07e17339515091b061686478a3679fff2df6f74f24589ed80d686f5f95f2c2cf209523806190b1df72fe0121bae9263f8eb6695ab002418d541f995080cf22203aefbb1ee18a56670d26767b1311cb472725953449c54fa8db5159531b0ba0e0a86c69a1bec15497ea1547c7bc143e6869dfa793c6a616db345cb90b98954047f2aac393284450c72a572f29d123ebdaf816ce7777da34a197cc92cce4c9f43658b080857a7bf4ab575d210ae02908b0f95ad8e7d352058a43fdd3ba77a098929b57b395e703a5d599fec9ff3e99764ae6f27bc79488a22afaf71639a679606dc4bedffcafa8b11ec051da2c58e3bcaf8c691c58a34b709c8ab6cb84706dbc6cc2abae34912777921cba8871423d2cdc86dc26961a2f17013c3f8492c05d9352bd255d58f7801a2c88006d22824cdc66b89761556842a743ee0f57ce37e4caf17dccc2be8ba8b844f30b275614250ff785b69eb882867a640d6d0489e20757195fe92f537066169c9af257e2d75c2d4999333f2d0c075a5ebaaba4f78ef85cae3ce07466f5d9a963ba88dd929c7cd030039d6b515b1e946d2bdb1770ef9f0ee8a8722cfeb3351c98b4450248d7053b3995cfefb4856b6d2071b5e012d4aaec39a5aae1014e15f16625186cd1f7eddbef0b2400bacf1c033f3e290339520c7f0ed634d9a2f466fa27e601ae54f05fcf3150639835118207b1d10e9795c2267de9678f1954325a711bf3dd4a9e451415f76513391c5e86b7bcf293bc0221ade3f73c463562cdc0126172d33f599198be3f568568ae3f1f25170ef6b6c7340163954fa58ceb00ecb231df7b3b1de89d8793d811121c04ed256a0d716b1eb8328517d8f9efef091336dccc72e6a8f08206840f563953ab0e3e23040952ecd4992b4ddfbdb4a0bebde6cd5dbccd5fe0b437eb65a63a24693767fd8353d95d61be9d0a20bebc4ddcb185a194a2572b81bae7350e3ea675c303ddf7e90d991e5377e5e4a5ff71ad75da025835b97c9d27121356184d3ea7a864f126c3de2405663835cd99ceb828fe1fe32d966d52d45d3de67825a5ab507c290792f378ce921de59528e1d1e912b0052e5e0ef31977bfcbd776443f77eca738e5b518c797c23edea7b14f19a82020045c50babb93fa9c98f7c9e9b70dcaeb70ea0c59880de5d3f10582fe35811857f13de668e8230eaaf0b1f0ff6bfd2f3671883de8aa00ac8aa50a4a3e8746a3447c80422495e3ad5ce50f0cf3ff8f0a1e2115721c5005a60583d5c3aa6caf30d4c63ac724722cd539b100e3e440131ce36600d4dcb48a0443aba6b5b82765c6cc217b5a08aaaaed8371b623c1be773ed35716930f982b3932d8d3461f3d9216dcd99f77ea41f0707a81c17f17e42d7db4d039bd03dab00b9584c04f368cb4348151c8abafa071c0823668386b05201346938d0e09aedd42736b268fea51a35f8699c1bcd8f6c0a597591e2bf8d1856f7d1e26a014ef05ed21ab047d202541c502989f0ace85988fb019cdb2d64fd3773c23439a7abdf4e5061ba7cefdc35a0230e697d00e07ddfd45a32356e5976b939b5ea20ff4ff7ee63427da188018bf308aa88c7c1a334846c1a09d6f5e78a4a42afc3872d5e097055a3fdc4b5228625cca318287465baa963fc4c32b48131aee4ff9dd49beda3a60d69d474f89712b14099698df5018d173a2cb3e7fc6ca446ab4f28b88cc73c8622009888f1cb1ae81520a33e306f5401bbc385de39d58903e251bfda4813d2ec509a5cfa13dcc85eb3b9b9d9679d03991c0cd6f25f671b11d6be84f4bff88fed27f1f4188f62752fcc5cc3421b060d95ffc5aa134cd91c767626491abca7114141d7c3dc42b697efb4980775c59918d2c0034011dca5ecde92af3bf62e8f28afec7e5e767808e78d2962051d907cd915123ed94cc73a814d72b38798a48dc99fae2dacb0527cfa91b99c9bdb1020e763db10c9e1e57f70567696f5ea543b1f587246852ed890698c5a9874cf32d68db339d5208c50360f34ecdb53ddc1054417e884446c261ca2c71df8ddf4632e1e8e551878d46ba87a1628591d3808a50c55c18ac167d070c6e89e63434b01eaf21254730157c8fabbbcda2677d4f340b9c469e91fc084f4d8965045fe22117ad1267770989b4e150e869523c707a4b04d57d3d6782274d5b377e3fe74358f6a9768244354203476e662654db6044badb9a0c38d0a0c0715fa8a44002dc7becbbe28e95dffb55a958e733cb823e7a370a9c22b0c18438a97e934f3bf29e6e0359b20c352f1d526da1a2be65242e5a88e50f05bd497c7f1e16089a71edf55180098231540106c3d6ad3e263abf69d1a108fc98e8b589be4499bd07ff097a2c2adc40a5a0f21b283c5d7ed5e8ed21c7b1224ee24f452005895e63233464854ce3ed518621ab9a2c59cc5dc7d0829cd445b0c71d0c2b9f0d5e7ab72b0b120dedb4d39686fdb61c74f5abb199851ea60a91b6b57c64237c68a5f10886fe25efc4abdea1db0a62bd451b6a3cd95ee2a8a0fc520ee905be5812250d64f1ffea1bc0921d7777497ce649f292c5eb70cb700fcbbf0c978bcdc45fb4f6efb83087bf6639fbf6564495b33e19029ecdbf3ea75db91a81eb33648038212f4423ce6919b84b719b5def20e77aa95b9cfe378a3e9df7022c312c77b8147abf9e678a9a45dfbb61450c5f5e7d4a10e67e6afe0299bfc3941e9fad92c5312d54a887a7b11cc2622e35fccdead3541d1283e8fabf6b621fb5db078b885a9cb7b42f15f53ac72994437471cfe3", &(0x7f0000002a80)="9d368f5cadeece287de83461ecb1c2fb03e8f7908d349ee2bced7929ab4af70564e1219b6ab7519fa95abbef4fa3a57a8e705a20d212d3736cea53ce6ce97fc99840d53b3c01ff18ec5d291f51251e0f47db1c663e29da82e4375f719204139ac770ea83d26ba610577a8f245ff9ee56611bac1fa57b8ebfede453c7a149530b70c39220aed7f371d54295e8409e038ba267a32da160bf0acc82f8f5bd1962890a98965f3ee365bc21eed8c47248", 0x2, 0x0, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1d, 0x15, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0xb, 0x0, 0x9, 0x30, 0xfffffffffffffff0}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @exit, @generic={0x7a, 0x9, 0xa, 0x2, 0x4}, @alu={0x4, 0x0, 0x8, 0x7, 0x0, 0x20, 0xffffffffffffffff}, @map_fd={0x18, 0x2, 0x1, 0x0, r3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000940)='GPL\x00', 0x5, 0x5c, &(0x7f0000000b00)=""/92, 0x40f00, 0x1, '\x00', r2, 0x10, r4, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000b80)={0x5, 0xf, 0x4, 0x4c09}, 0x10, 0x0, r1, 0x2, &(0x7f0000000bc0)=[r3, r3, r3, r3, r0], &(0x7f0000000c00)=[{0x1, 0x3, 0x4, 0x1}, {0x2, 0x1, 0x9, 0x3}], 0x10, 0x401}, 0x90)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001ec0), 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c00)={0x11, 0xd, &(0x7f00000005c0)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x2}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x3}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x100000}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xc}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x3f}], &(0x7f0000000640)='GPL\x00', 0x5, 0x45, &(0x7f0000000680)=""/69, 0x41100, 0x60, '\x00', r2, 0x0, r4, 0x8, &(0x7f0000000780)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0x3, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000840)=[r3], &(0x7f0000002bc0)=[{0x5, 0x4, 0x3, 0x8}, {0x0, 0x4, 0xc, 0x7}, {0x5, 0x4, 0x4, 0xb}, {0x5, 0x5, 0x5, 0x2}], 0x10, 0x3}, 0x90)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0xa, [@volatile={0x6, 0x0, 0x0, 0x9, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x26, 0x0, 0x60}, @ptr={0xf, 0x0, 0x0, 0x2, 0x5}, @union={0xc, 0x7, 0x0, 0x5, 0x1, 0x8, [{0x1, 0x2, 0xfffffff8}, {0xe, 0x1}, {0x7, 0x1, 0x515b}, {0xb, 0x2, 0x1ff}, {0x4, 0x1}, {0x10, 0x3, 0x6}, {0xb, 0x0, 0x7fff}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0xe, 0x1}, {0x3, 0x3}, {0x6, 0x2}, {0xc, 0x1}, {0xf, 0x5}, {0xe}, {0xf, 0x4}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x61, 0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f0000000380)=""/4096, 0xee, 0x1000, 0x0, 0x1fe4}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={0xffffffffffffffff, 0x20, &(0x7f00000015c0)={&(0x7f0000001440)=""/71, 0x47, <r7=>0x0, &(0x7f00000014c0)=""/231, 0xe7}}, 0x10)
r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001680)=@generic={&(0x7f0000001640)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x1, 0x4, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x8}, @map_fd={0x18, 0x9}], &(0x7f0000000080)='GPL\x00', 0x1, 0x25, &(0x7f00000001c0)=""/37, 0x41000, 0x0, '\x00', r2, 0x1e, r6, 0x8, &(0x7f00000013c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000001400)={0x4, 0x0, 0xffff, 0x7}, 0x10, r7, r8, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1cf8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  571.079766][T19282]  </TASK>
06:59:06 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:06 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2d, 0x43451)

06:59:06 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x12}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0506617, &(0x7f0000000040)=0x1) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
close(r4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002b40)={r4, 0x0, 0x1000, 0x6b, &(0x7f0000000a00)="5a595b0d1d4ebf10c61b8fb7bc050abc6c3b8361ae1be22d1855626ffc4e1c8a34e438099330d9a427ee2310fad1dc1da13173e9929c5f5f8983f3e5fadd57f04c3629891fd44aad6014fd7fe4daba066d9b180cbb0ce59b1ca581dd68729eec468dbf6440ae2e22e0097bc69e11e4275160e27e278cd1011c03b0acb803ff5a3cac662fc9c2e4f87b7f1f8cc220489a88fcfbd31376713275a8cecec15e5ed04273ad0e408070a6761ee461f55fd036b06621d0bd813fc240078f208a969c42e5eb96396b71961f9e53a30a571a9169c532572932e93de2b6e9d8d0327473ea5f7cac3e2621e94b70d7ca0641030da4e308c0c226461d75c5e77790d2857bd0f6298820c178d15975b1b6ee6da2005b44aaca837ff73fbad1ce524cb39765986255f8eecdcb361f88426f41ce1529abf161f6e27ceb19577b24b93d5f62789232a067b35bd829841b97ba65cbbcedbe1721ec9da4a168f2fe5797f9cba174fde015434829b342eddcf6aa22b1e6859d1966ecb3723235787b08ab99a2605efe529bb62fb16f320e8a0eaca308ec0fec5a63dfdb23e84a8cda18609ba1cb253000fb0b2ffd4d09bc8255eff1a527426d5402b4a9988e2f63947655d4b73220d0113ac3395cc63af2b81b9da271309b76a1c708bc13335df851c201f89658264003ab4dc59086cf780f78e583ebe12601c4bf0b8d4ceeb5f5e0a518b98d99a743168ddc9243b0b808d8a7668b0b28a22867a81040ee95c794c8f2f587a104d355484beb7629d7c4b86f3ccc0e1b22a2fea0b9ceca4138425913664d9f6892401de0b72f74636d6c12ca28254da6e08bec83021e92f55e80f9fca5714d72c62a4718732f09ec64b22e0e8d0f53ffd55de1396376f2630be05a433f66a770cd71b981516f80e44bd75d669f18a56b7f7dff30c68548cc11cebc927df4a78160dc5b2384ecfeaf6d95aaa0d89745765bd293cc1908c63ce2e8266203335764431388fa1466f457c7b10f6d103cf4e69c597231f3b8eac52dc756f669c856a5718bd72307f7d27ff82bd877714fc319dff3ae3cff7f603b01b84421dd46a7e149b1687471cd4b0ebd952c13c4060e195dd058aa375d99138372f81067c7f021a76b8713fde27bb284b565e86bfd4da1336e99879f741d5f66b97aa1470dfe828f0c027a4df7f5ec2a83b330dd6d8fa376362425a07956ba81e231f941b9f7d321b081150b23e00bc7b7f5aab394deef73226ff1e2f7ae012b1e83fd60d9c2eb656dc036315244bd9a2a699db28034bc9a78631b7834ec6cfda352811fdc7807e311b0a09779e120f696ea544ce2c0636e1ef47d0f2291a01760940238d163e6eb59b3a81061317a7ed0c51d0c26e43ee9e12deee7c8d9278d3f2c1718aadf54449bac0ee8236959f73c5265a20cd042b45ee53b02e21abac98405f1d80cf08e3e10f3a9482f7cad45be3a9a11cfecce23b6066a281b66da3d2029a26999be40392ee1926d70ba604e752a13ad0a3921bc1e0c4f1bb9f6af0f7d0628e96494a6c8737144d46505a32fdfc8f287caf8e0a890d0c185db44e3a22063594996fa284bba4db10132bd06728abad860ccc4207549182a254b1175d35c7fe8a03b36e2c3c86abadc582085c6e48dc0c96ef5e48d630e7a05fc937cfff33dd0ea52e9c7fdb7591a4aec9859d80f6d7ba66d825893cf95b3be2a6f3fa1f0938fc59a55878eb53767ad190ef552466e21128cd13844cc92171f02c53c5bd9130483b396b1afa3627e5e67ac24feeba6cc30be155ed243cb739331f07b27b4cecf59498e311e10816a270191874f7425de881d834c61d1dc0db10e6b5f966c203ecd68332fe2abb11bd11d732d8b4c8d3adf5e7f5a9aac60d54b5835e827a56b94dc03afaaac94421346ed39eedae7f57778ac7d739976b070c435a1065c7400a6392fac42921105428fd1e90178ce34275f57af58f8a365840f9b4640796b9a22a051ed6c8bfc5d160da1fd962b3944ebe6eedd69505d4f0a2ff9b8873f4185d4cdc8f185f18fdd5b71fbe8beffb3231a3d7af560fe21dcf993a1a7193b0909af349e40a40914e5a1d69e3637f7979a4624a38ac8a9fda7195e5c1b3a13d643cefbd47736a60403c36963bf5f67c477c585b870302a12bedbb34ad3a9c8506cc6a9a8c6f87082e462ed7552e61111081bb219adfc4f138e908cb8a2a9e7e3775db0ec046ea6147aec6fe288ea2f5b892d64b2a71d100f9a98e3aa44016cb864a6e4beb3c3f546ba49f9b5b22d247a0a0ea0ad45630891cf44f660a80273e0d8ce84693bbc848d20f9a040e2e7c4970e117525fdcff8997b2d5df5ac2722a2709dc01e98e987da36d3f4c9fb94b6a47f482cda72aa8a974c79d003510d1431622d4f7a95a5ddc1a1246f349de76707340d9fc5a99a15c1516337b6de8ade630c6db138a2411a4bd3de2c51a71aa4f6e2697cf9beb5ed213f0bece714099377803b825b854e9013b784727fe2e11ea1960d3df0b90599b57e08c0fde0bf52a49562176e7f6de8832d09c74ba3abb936cb13332b0059c80536a28d5cb4f3d7a4a1cdb507a03bb2877b3baa9baef5ef550589e98125483a382c99ef341fe4c3425f0de1fb6457c0738ef9ff8fcf42ec13849464f91d8607c1ba4e7aea30d9e2f34964582ede647489fcf74687e8f77799be61eb08b69c8e609ad1070b9f7953e5d6dc7aa955df7baab44d4bd0223774afdc50fc40793295e7b0812b2ab1233922385b4cdb841e3fccab926609f22bf40aa9dbd9cdee2e1b8e326659113af95b67ae6d3c4b073bab1a04e03520b75758128b6cc561909be57fcfe379729120853f1883ba6a6649b24b374cacea7d3f43d762662a5fc4d6abe01de67e2a072122a47663d52e75aa957711f003a8bbe07376bfd2dc0dce7d8fc57dc1aa6f65dfb4c3e600b173cf0a6eada60c41c393ab8a71ebc6703fd04a385aa0da98c5d5c2cb3323005e60b7cb4c3dfc95fcaf9386a83a07e5c5512c8f6a7e4e4143d339989259d92e3d2bf28d09eb23a7c3ccd141ebea0efc7e052b2e78021a88b0e831cfdbeef66e4def765cb1084d0ab490f5cfd4dd133a8e22c666ef164297f88fd28ff0d856c10faf036f795031aa37dd58d69d4430d908923f8db00f11a1f30e0b660ccdd82e44158972bc3c87d2a63cf8ff916a7924933a1b00d5274861d6e148d9f9c9b04b8a5d4a17761b52c4ac750748c50488455d2d15f0e1fec40750fdf79271a604b2e1bf04a2974d048d1b1c126e2956b215297fc88b6ce6db48a6e23299437fe4710a7e4ee9c862a3a912528909d5972d62fa6f29bd2cadb893f355cd27220aad6d21f68d605df0df13597aa7f463624060f117665181cb46bd93dd6ee62b3e9c1f5344bf14129788168ce77ef3ce5e6c0c593e84ba923f8eb10477bfa8e68db7c3041f40deb5f33ec5245ede2025e178e0f07238b095dea13d3ed474b91134ebf536f27987d97d0f4227c7d2bea2756dbbba2c350b30339eab9467b73ac9e7a88807e7f7b416ac065829db0683ffcb2fc336fab117d3570e8ede46b54ce56747f4cde91a97aa89749332f819bc89d619ad8b0490e0ff269d7eee5e98406bfd60d421e14b54bd8d912a114329ec9c1b81de7fd0ee2030cab35d9e55166ed6d7c4ee6130ba73a670c710695e398bacceeca9d29b1a346897461d1ca4720e49ee1ae8cc60b9db0863f9657e719510fe8571d7cce6cc38407bd75d3e619cc999d9c6168f67c1fbc893bb4a654ebde15ceb10782d22c24eda90583285f1c733b6b45f1e802948f268394bcf7498234a1ad1532803d469793856cdd78afa20a95449e1d640a73e84ee92749eecd15a1df41919b0476381e40628bf5315616064177ca3aae6adb93ff654db617765a9a225d7e3268e33156fb63135b7415aabe271f63a7db3ad57631f2161c31fd4168a2af9a2d517944f09aeed216c2304880995e097295c8f73093131d1d45b473535859bd66866606ffc63ce2e85391ca936ba744ac5f30942aa5cb79d5a999755a7d950fb58287c31909aeed29df1b23833555c1a76071db3904fbb5cf39323ec3712d1337715e2519bdacc6b4a63750306b703385296d18864864509f27a50d0c5204befef9557f22ee1a3dc622c98e70061405c1bf77b0b8ab17e396a840efb9dcbe317598ea9e774a021cc3e2441bf4655c73e751f9135c76a1769275132ee840c94a9d3eda6f9c050354f077b5bb7865b90386df50678947b8e3f4b3b94542ec38489fde96b684b7e8405dfd9370e8f30dd9be745cf11cb63f5f659151f7bd0c4e9d62af0eb5eec41c15e9f97948d27be15eed8c8911b2987bd2f4934f5c32b7f039b5255929aa33dcfdc653c1282fe1c2d24de4f5e1486a96a27586140a0a902e93880c0a52016016b467ba14fe33b0f2045c8424214db1a0f8204960b6fc20a6f09a67a98feb3b7ed394b512b64573572a5545960360e286cf77d8d8d629f2238e1b72284f2b92f39a2a84890bfa79ce539502050cb999ea9b445c0662494cf4dea2eb712af7322f79c560ef71d448be5cbe4b94785f0d89a864ab0b952bdccc69e0b5becca76424175a788edfc875dd2ab393aafa2c1530b7fb455383c14716c09658fb8555225d4c0c53d02c80ae322a20927315ed084c9537977fc81286184069fbbae49492130cc815436c9cf19a5c017d22e704c7eb55f4a71f2b28140d8c6353c4a752152461145aa945adaa722ae82ff0ed191f7183054cbe5b5a7d60053b31165cdcbb7de2268b20c23129f3c67ec2e17094037622e664fb7d90e34b1f65c5d924cc2c93c7ba6091f1404a2a1986635eea12fe488c295928761e9f30bdb0cb5c85d9add57f2319936c31d146cfed5c1652e4f70cc933c409d3798f7983e62cd52e065877047a6f8f99a79f0e9c4f24b6aa2ff2f7eea2f79fb2f3015bf5ce0c60be360bc44e4e9c0b3c009c1041835dce45150bb4c33eff859b31cd34dc241902ddd84652f6eac4d3d399e54cd8801e19a4307d05f3f44d438a093eefa7b30b30ea6fef1510878bb3743d6efa0f92531f076b3618a581eb342bad564c379adbdcbefc082cebcdba529780e127945bc3bb4dff1af92914cdafec31d5f302097ed685a5015fcf70a8bd975e68472e79982233031c1ae3837872ddde7fc756757d88c044a019502c5fbddde9723228abfed79bcd380f885af9bcc4a94083ef4edf9d091dffec0eefea814857e1718ea2b6aca4e060504af53723adfc5064cedbe7ae27b30bab748348b24d846b93c6180a5e22efa740a75ddb167bba4e8fa8f3f8a491e5aed68ca3c5bde5364a3ba14b541fc190bccb4c171762353e242a2bc3bb9cf9d80895df57b7fb70050020d9ee3915cc67b2d1a752f1271d108ec3ffb3f13910e66ff6cb54e3cf17c2b79b9de357839fe7e98789bb8320ef40f9d8eab5512fb66b9f4d632e10cb0ca18a80ffcb35c608d43cc01831213e23dea7b1cdfd474910604c57057ce4fa309a640013a47c94b38df1969766f060d02d76a8a12a348cb6d52618e308c6d50fdf68dbc8c3a8648d8820061df73b8ad5f1f6fea58c609629a0e19913e2f44f6a7f2b7b6c0f3fbcb6189f72f15bae45ebc5c7f6acbfb91389606e5276c6160954c7e026d381bd68422b293e81d97eb64320cf8af99be13f2a4f736f0b07efcc66c5d458161c52d2b7803e3affd5cc3bdc747707ec7ca7e9e97f762bee65ba73a40674f40787da0e81e0e4d1d993519b750f7e840706c3672c14eec74c06e28acebc2f2b03147aab6913de5e99b", &(0x7f0000001a00)=""/107, 0x4, 0x0, 0x1000, 0xae, &(0x7f0000001a80)="5b99bbc37c615c6cf317b613b5c3883a634c210528c52a3abfcc9d656b508de13ae4f3733aadd04f4d8192b7031dc06eb798d66305b52b07ef36f7a1bc31ee566f492a3021e232a64ae4f17764b04393be7eceddbaace4cf282561ba06694a0675095b51bd3c859d30bc7198b5a6947ae9534aa1abde192e07130623d74ead5b561b7786ef39a0945a4440cf66044e1fc26957b41e5ff48f3d7d48f46ac510a7dace244795ae1875cafc552f826f8637cfc525f0bca04b4a475a749c396e5a96bf0a77c4d2aea571493bdf605aaa3194cca59cfb11125895870047b43cfef35f1b18d8c595522459f1fd093449c1154e646d3658615272d5e351d3bd82f0bb90c9107ea6af26f70d9dd0c44c008bdca25a66667084edd87fbfd65958d0f17c57d8e3d57ffaa344e13a0fcfab034fe2e9a7b6110de96ac04221556dd1b34330527c1d97431953f11d841bafb180f2a92854eee1a2ccda14409b59817f23bac23efa7773a50f9bb9949a40ce71b7b9c6aa94b8d65cd4cf5067da1b378d78891b2581ed19baf97a2ebc37ae54075e1f17f8943534e1fc5e40ad9631afcbe1094c1a8c14cbe5e5abcd448d340a0480a44b59805dcf85270966c5d4ea6c3f874978e9d2dedfb62eece441f139122b5c2d6a25f74802a6d98c93032da6bb4a2c563b6a2ad28ac4687372ede10603b5ed57d47782ceacc0e22c3e898bfef6b9cd07d407f35ba42708df4f38424197551e471de709ccf32ea40beab4d5e5404314ca097b3951c92456e09513bf27259ad14d916576e630f3192fbcfc3132f7101b6f8554abf6a286cd57926d2de3481e03faede6e3ba0281df489d5c3e1607854b253305c110b25e0428460858516d3742acf4258a1c7d9b6a39d6786138a639c2449b018e872c110aa41f9de86dd23aab38f8d3be57511e6f25811df22f4f10394c758742be6556c32f058a9288a9137b249d0b985bf18592c97af56aeeef106ecaabc063dbae8dc1aca69782458321e61bc3613c1c7f8a95471aec55f75de9790989c0406fcef1e07920ee486e75214e7a75fdd38287a8235c03b06b2afa6d7afdfeaf46a616426ffba20885e12e7828543ea3cd184b60c7542a9693b6ddd0c378dddcf28090c5dd4a7d33f0b4459aed455fd620d64ddb36ae751d1306db6198c4adad7e4eacc6453e88aefa3b6740d231bee9c1e24e03d83f2c76be00a0ca0ebe8bb7f76260b2a8d6563b2c0363071128c78d6b2780364cdda806deb1aa3d28bf04cd09609c773faf1b108830e3a988a42e43b7a094157bcae640f3553f857ddb8a75f1559b6a7261420539a2e0d002e374ca7623613231d86fa0e41307ccce3e6398830c0100214c5e15353860a6ca35743f793937825c111481b2b9d3fbaa0141444f56d77804c304529aa9ffbb0991021ef67550cb502027b720f73a572b9b9402119f686c53f0a190e5752e7a12c5577e0c152c3e4bd5c176f3f120b6c2a13d1181accf7a4cac961bd0a6e23afe2e9ed524f4276952714eabdaabfe72f029b08aa8aa9ab54ea99c572416bcc9b86d3b2f7c2a0f8ef383c714adf0f43548a639b145650a57e328786eb75555bf112ba59583eb9104bd928a2b206c4677d21aa301df354cd617e1f0682e034c7b8bb9257ab33a53b5a7fcab4c438041fe190ef8da395926626c0d3814243b7442806bc26e2ff4d77ab310bd811c40282cf535e836da2882665b78e0c7f2514a4a79c363edb400a76b3af7c5bf4ddb7222ea653603c6a54b42277caffdef85f37e34a3d4ff9ca075479d86e1f781eaba39087e1844dd5ccc13fa55aab93fc90bb67bc8a72d5e0325fa36cee50b7fd4869c45bd85bb5abaa2edebf26d43bb761207d185037a2d013764c26798ec132e8f5b4388eedf45f3e607e2735f96194fcc4ded6626830c3053be12525a07811e8336c7b71c81d6926c7e89958c4cf5dc691c89874a06c991c5d1ac0dbf0c2595261937ef08971513b16e4e3bc67ae0660734bd32f1c3d72c1083858cff046f0a64e43f3867a3c85f0099f330aba587aac11330d7f7babc885dffa29884f614c40582000c22b9d190a67f51094bea847f483954bdc3545e5b5fce43037fbe799c8f720a7d906d4e5078e61b55084df03085fbc619a9eda35bbac60d0ebca2532e0b715abe18c554380be7a8e08c1a9a62babc1c7d488f683e8efeeb6af58fcc4796d9f4de602a395f03464695e31b43df7a50d2bafcfff5923dffffff741ffc8f71bd0812ca52d005793c28c6ba329613e998ed45a6e45595bf36270a2a7f8e54a7f8e881683823749da7aeb3e23f7db09996fb1e36299702d0b8544b0b7f3d16922bbdc698ccb3980b127d422990b207cf2547d6c52d8c3d7c03df9ce6a025dfd8f85d6dbc9a6e72e25f2c21e4231a2bd31d527b67e3cdd8eef31cba4458967cdf09b969883d1fc6df40271b073b4c6a8317aea5a1a5a462946412db346c57cbf61b54f7bea289aa3176b0346badc1c5181a2c2ff744a7a2061fe3c7a14bce312f9f09bff3e247cabd26d44522e1ddc7708bdd1c2d47ba2cb2bef76661a85bc28eb0f205b323b7eaa4e976cb31e7e017910f9c58cc152ae1cb3e3d0c5531f7b60265b608bdc3a540d4647caefd63a5f00da560dd1267f3454d17c209be3b1d504cf2170689834022a9b98bd2c36a48990a22c08fafc73b486fd47694be6213034dde5381d990e33af0bbaac18ec7f5501d63b0c040c6ceeafdce7a162f3cbe426313ad36b50a2172445f763e3300f0f22cc55e83f1c9cac230f4b1862966429e619ad56ffd3d763a567888a8063934ff996890047052cee5988c4ee7272dd17284bb07b63db7b955d0e39fd95515d25effb34e45bb96ce9a2db703af38dab726aa575294d2c0a3a83bf9508e6d29f58f445f760179af6aa5ca60bf583c37a6e349709700d5fed860ac03c74351e627a4fce26eb559117e16b9e8ecf58aab84708a9c8c2cc51a66a2c8e793465945627db1c87e60f6611e5f07e17339515091b061686478a3679fff2df6f74f24589ed80d686f5f95f2c2cf209523806190b1df72fe0121bae9263f8eb6695ab002418d541f995080cf22203aefbb1ee18a56670d26767b1311cb472725953449c54fa8db5159531b0ba0e0a86c69a1bec15497ea1547c7bc143e6869dfa793c6a616db345cb90b98954047f2aac393284450c72a572f29d123ebdaf816ce7777da34a197cc92cce4c9f43658b080857a7bf4ab575d210ae02908b0f95ad8e7d352058a43fdd3ba77a098929b57b395e703a5d599fec9ff3e99764ae6f27bc79488a22afaf71639a679606dc4bedffcafa8b11ec051da2c58e3bcaf8c691c58a34b709c8ab6cb84706dbc6cc2abae34912777921cba8871423d2cdc86dc26961a2f17013c3f8492c05d9352bd255d58f7801a2c88006d22824cdc66b89761556842a743ee0f57ce37e4caf17dccc2be8ba8b844f30b275614250ff785b69eb882867a640d6d0489e20757195fe92f537066169c9af257e2d75c2d4999333f2d0c075a5ebaaba4f78ef85cae3ce07466f5d9a963ba88dd929c7cd030039d6b515b1e946d2bdb1770ef9f0ee8a8722cfeb3351c98b4450248d7053b3995cfefb4856b6d2071b5e012d4aaec39a5aae1014e15f16625186cd1f7eddbef0b2400bacf1c033f3e290339520c7f0ed634d9a2f466fa27e601ae54f05fcf3150639835118207b1d10e9795c2267de9678f1954325a711bf3dd4a9e451415f76513391c5e86b7bcf293bc0221ade3f73c463562cdc0126172d33f599198be3f568568ae3f1f25170ef6b6c7340163954fa58ceb00ecb231df7b3b1de89d8793d811121c04ed256a0d716b1eb8328517d8f9efef091336dccc72e6a8f08206840f563953ab0e3e23040952ecd4992b4ddfbdb4a0bebde6cd5dbccd5fe0b437eb65a63a24693767fd8353d95d61be9d0a20bebc4ddcb185a194a2572b81bae7350e3ea675c303ddf7e90d991e5377e5e4a5ff71ad75da025835b97c9d27121356184d3ea7a864f126c3de2405663835cd99ceb828fe1fe32d966d52d45d3de67825a5ab507c290792f378ce921de59528e1d1e912b0052e5e0ef31977bfcbd776443f77eca738e5b518c797c23edea7b14f19a82020045c50babb93fa9c98f7c9e9b70dcaeb70ea0c59880de5d3f10582fe35811857f13de668e8230eaaf0b1f0ff6bfd2f3671883de8aa00ac8aa50a4a3e8746a3447c80422495e3ad5ce50f0cf3ff8f0a1e2115721c5005a60583d5c3aa6caf30d4c63ac724722cd539b100e3e440131ce36600d4dcb48a0443aba6b5b82765c6cc217b5a08aaaaed8371b623c1be773ed35716930f982b3932d8d3461f3d9216dcd99f77ea41f0707a81c17f17e42d7db4d039bd03dab00b9584c04f368cb4348151c8abafa071c0823668386b05201346938d0e09aedd42736b268fea51a35f8699c1bcd8f6c0a597591e2bf8d1856f7d1e26a014ef05ed21ab047d202541c502989f0ace85988fb019cdb2d64fd3773c23439a7abdf4e5061ba7cefdc35a0230e697d00e07ddfd45a32356e5976b939b5ea20ff4ff7ee63427da188018bf308aa88c7c1a334846c1a09d6f5e78a4a42afc3872d5e097055a3fdc4b5228625cca318287465baa963fc4c32b48131aee4ff9dd49beda3a60d69d474f89712b14099698df5018d173a2cb3e7fc6ca446ab4f28b88cc73c8622009888f1cb1ae81520a33e306f5401bbc385de39d58903e251bfda4813d2ec509a5cfa13dcc85eb3b9b9d9679d03991c0cd6f25f671b11d6be84f4bff88fed27f1f4188f62752fcc5cc3421b060d95ffc5aa134cd91c767626491abca7114141d7c3dc42b697efb4980775c59918d2c0034011dca5ecde92af3bf62e8f28afec7e5e767808e78d2962051d907cd915123ed94cc73a814d72b38798a48dc99fae2dacb0527cfa91b99c9bdb1020e763db10c9e1e57f70567696f5ea543b1f587246852ed890698c5a9874cf32d68db339d5208c50360f34ecdb53ddc1054417e884446c261ca2c71df8ddf4632e1e8e551878d46ba87a1628591d3808a50c55c18ac167d070c6e89e63434b01eaf21254730157c8fabbbcda2677d4f340b9c469e91fc084f4d8965045fe22117ad1267770989b4e150e869523c707a4b04d57d3d6782274d5b377e3fe74358f6a9768244354203476e662654db6044badb9a0c38d0a0c0715fa8a44002dc7becbbe28e95dffb55a958e733cb823e7a370a9c22b0c18438a97e934f3bf29e6e0359b20c352f1d526da1a2be65242e5a88e50f05bd497c7f1e16089a71edf55180098231540106c3d6ad3e263abf69d1a108fc98e8b589be4499bd07ff097a2c2adc40a5a0f21b283c5d7ed5e8ed21c7b1224ee24f452005895e63233464854ce3ed518621ab9a2c59cc5dc7d0829cd445b0c71d0c2b9f0d5e7ab72b0b120dedb4d39686fdb61c74f5abb199851ea60a91b6b57c64237c68a5f10886fe25efc4abdea1db0a62bd451b6a3cd95ee2a8a0fc520ee905be5812250d64f1ffea1bc0921d7777497ce649f292c5eb70cb700fcbbf0c978bcdc45fb4f6efb83087bf6639fbf6564495b33e19029ecdbf3ea75db91a81eb33648038212f4423ce6919b84b719b5def20e77aa95b9cfe378a3e9df7022c312c77b8147abf9e678a9a45dfbb61450c5f5e7d4a10e67e6afe0299bfc3941e9fad92c5312d54a887a7b11cc2622e35fccdead3541d1283e8fabf6b621fb5db078b885a9cb7b42f15f53ac72994437471cfe3", &(0x7f0000002a80)="9d368f5cadeece287de83461ecb1c2fb03e8f7908d349ee2bced7929ab4af70564e1219b6ab7519fa95abbef4fa3a57a8e705a20d212d3736cea53ce6ce97fc99840d53b3c01ff18ec5d291f51251e0f47db1c663e29da82e4375f719204139ac770ea83d26ba610577a8f245ff9ee56611bac1fa57b8ebfede453c7a149530b70c39220aed7f371d54295e8409e038ba267a32da160bf0acc82f8f5bd1962890a98965f3ee365bc21eed8c47248", 0x2, 0x0, 0x1000}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1d, 0x15, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0xb, 0x0, 0x9, 0x30, 0xfffffffffffffff0}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @exit, @generic={0x7a, 0x9, 0xa, 0x2, 0x4}, @alu={0x4, 0x0, 0x8, 0x7, 0x0, 0x20, 0xffffffffffffffff}, @map_fd={0x18, 0x2, 0x1, 0x0, r3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000940)='GPL\x00', 0x5, 0x5c, &(0x7f0000000b00)=""/92, 0x40f00, 0x1, '\x00', r2, 0x10, r4, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000b80)={0x5, 0xf, 0x4, 0x4c09}, 0x10, 0x0, r1, 0x2, &(0x7f0000000bc0)=[r3, r3, r3, r3, r0], &(0x7f0000000c00)=[{0x1, 0x3, 0x4, 0x1}, {0x2, 0x1, 0x9, 0x3}], 0x10, 0x401}, 0x90)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001ec0), 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c00)={0x11, 0xd, &(0x7f00000005c0)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x2}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x3}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x100000}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xc}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x3f}], &(0x7f0000000640)='GPL\x00', 0x5, 0x45, &(0x7f0000000680)=""/69, 0x41100, 0x60, '\x00', r2, 0x0, r4, 0x8, &(0x7f0000000780)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0x3, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000840)=[r3], &(0x7f0000002bc0)=[{0x5, 0x4, 0x3, 0x8}, {0x0, 0x4, 0xc, 0x7}, {0x5, 0x4, 0x4, 0xb}, {0x5, 0x5, 0x5, 0x2}], 0x10, 0x3}, 0x90) (async)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0xa, [@volatile={0x6, 0x0, 0x0, 0x9, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x26, 0x0, 0x60}, @ptr={0xf, 0x0, 0x0, 0x2, 0x5}, @union={0xc, 0x7, 0x0, 0x5, 0x1, 0x8, [{0x1, 0x2, 0xfffffff8}, {0xe, 0x1}, {0x7, 0x1, 0x515b}, {0xb, 0x2, 0x1ff}, {0x4, 0x1}, {0x10, 0x3, 0x6}, {0xb, 0x0, 0x7fff}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0xe, 0x1}, {0x3, 0x3}, {0x6, 0x2}, {0xc, 0x1}, {0xf, 0x5}, {0xe}, {0xf, 0x4}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x61, 0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f0000000380)=""/4096, 0xee, 0x1000, 0x0, 0x1fe4}, 0x20) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={0xffffffffffffffff, 0x20, &(0x7f00000015c0)={&(0x7f0000001440)=""/71, 0x47, <r7=>0x0, &(0x7f00000014c0)=""/231, 0xe7}}, 0x10) (async)
r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001680)=@generic={&(0x7f0000001640)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x1, 0x4, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x8}, @map_fd={0x18, 0x9}], &(0x7f0000000080)='GPL\x00', 0x1, 0x25, &(0x7f00000001c0)=""/37, 0x41000, 0x0, '\x00', r2, 0x1e, r6, 0x8, &(0x7f00000013c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000001400)={0x4, 0x0, 0xffff, 0x7}, 0x10, r7, r8, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x90) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1cf8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:06 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r2}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x940e, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x28000000, 0x1}, 0x48)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ldst={0x2, 0x0, 0x1, 0x6, 0x3, 0x40, 0xfffffffffffffffc}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x50, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100)=[r0], &(0x7f0000000140)=[{0x2, 0x1, 0x8, 0x5}, {0x3, 0x2, 0xf, 0x4}, {0x2, 0x1, 0x2, 0x3}, {0x2, 0x3, 0x6, 0x1}, {0x0, 0x1, 0x5, 0xa}], 0x10, 0xe975}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  571.174777][T19295] FAULT_INJECTION: forcing a failure.
[  571.174777][T19295] name failslab, interval 1, probability 0, space 0, times 0
[  571.188198][T19295] CPU: 0 PID: 19295 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  571.199755][T19295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  571.209645][T19295] Call Trace:
[  571.212771][T19295]  <TASK>
[  571.215549][T19295]  dump_stack_lvl+0x151/0x1b7
[  571.220061][T19295]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  571.225703][T19295]  ? io_uring_drop_tctx_refs+0x190/0x190
[  571.231171][T19295]  ? __wake_up_klogd+0xd5/0x110
[  571.235856][T19295]  dump_stack+0x15/0x17
[  571.239847][T19295]  should_fail+0x3c6/0x510
[  571.244101][T19295]  __should_failslab+0xa4/0xe0
[  571.248700][T19295]  ? anon_vma_clone+0x9a/0x500
[  571.253303][T19295]  should_failslab+0x9/0x20
[  571.257641][T19295]  slab_pre_alloc_hook+0x37/0xd0
[  571.262420][T19295]  ? anon_vma_clone+0x9a/0x500
[  571.267013][T19295]  kmem_cache_alloc+0x44/0x200
[  571.271617][T19295]  anon_vma_clone+0x9a/0x500
[  571.276054][T19295]  anon_vma_fork+0x91/0x4e0
[  571.280381][T19295]  ? anon_vma_name+0x4c/0x70
[  571.284806][T19295]  ? vm_area_dup+0x17a/0x230
[  571.289234][T19295]  copy_mm+0xa3a/0x13e0
[  571.293225][T19295]  ? irqentry_exit+0x30/0x40
[  571.297657][T19295]  ? copy_signal+0x610/0x610
[  571.302098][T19295]  ? __init_rwsem+0xd6/0x1c0
[  571.306505][T19295]  ? copy_signal+0x4e3/0x610
[  571.310932][T19295]  copy_process+0x1149/0x3290
[  571.315447][T19295]  ? timerqueue_add+0x250/0x270
[  571.320140][T19295]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  571.325165][T19295]  ? enqueue_hrtimer+0xca/0x240
[  571.329850][T19295]  ? __hrtimer_run_queues+0x46b/0xad0
[  571.335063][T19295]  kernel_clone+0x21e/0x9e0
[  571.339403][T19295]  ? create_io_thread+0x1e0/0x1e0
[  571.344261][T19295]  ? clockevents_program_event+0x22f/0x300
[  571.349904][T19295]  __x64_sys_clone+0x23f/0x290
[  571.354510][T19295]  ? __do_sys_vfork+0x130/0x130
[  571.359190][T19295]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  571.365002][T19295]  do_syscall_64+0x3d/0xb0
[  571.369255][T19295]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  571.374902][T19295]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  571.380631][T19295] RIP: 0033:0x7f7b6d82fda9
[  571.384880][T19295] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  571.404323][T19295] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  571.412677][T19295] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:06 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2e, 0x43451)

06:59:06 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x12}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0506617, &(0x7f0000000040)=0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
close(r4) (async)
close(r4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002b40)={r4, 0x0, 0x1000, 0x6b, &(0x7f0000000a00)="5a595b0d1d4ebf10c61b8fb7bc050abc6c3b8361ae1be22d1855626ffc4e1c8a34e438099330d9a427ee2310fad1dc1da13173e9929c5f5f8983f3e5fadd57f04c3629891fd44aad6014fd7fe4daba066d9b180cbb0ce59b1ca581dd68729eec468dbf6440ae2e22e0097bc69e11e4275160e27e278cd1011c03b0acb803ff5a3cac662fc9c2e4f87b7f1f8cc220489a88fcfbd31376713275a8cecec15e5ed04273ad0e408070a6761ee461f55fd036b06621d0bd813fc240078f208a969c42e5eb96396b71961f9e53a30a571a9169c532572932e93de2b6e9d8d0327473ea5f7cac3e2621e94b70d7ca0641030da4e308c0c226461d75c5e77790d2857bd0f6298820c178d15975b1b6ee6da2005b44aaca837ff73fbad1ce524cb39765986255f8eecdcb361f88426f41ce1529abf161f6e27ceb19577b24b93d5f62789232a067b35bd829841b97ba65cbbcedbe1721ec9da4a168f2fe5797f9cba174fde015434829b342eddcf6aa22b1e6859d1966ecb3723235787b08ab99a2605efe529bb62fb16f320e8a0eaca308ec0fec5a63dfdb23e84a8cda18609ba1cb253000fb0b2ffd4d09bc8255eff1a527426d5402b4a9988e2f63947655d4b73220d0113ac3395cc63af2b81b9da271309b76a1c708bc13335df851c201f89658264003ab4dc59086cf780f78e583ebe12601c4bf0b8d4ceeb5f5e0a518b98d99a743168ddc9243b0b808d8a7668b0b28a22867a81040ee95c794c8f2f587a104d355484beb7629d7c4b86f3ccc0e1b22a2fea0b9ceca4138425913664d9f6892401de0b72f74636d6c12ca28254da6e08bec83021e92f55e80f9fca5714d72c62a4718732f09ec64b22e0e8d0f53ffd55de1396376f2630be05a433f66a770cd71b981516f80e44bd75d669f18a56b7f7dff30c68548cc11cebc927df4a78160dc5b2384ecfeaf6d95aaa0d89745765bd293cc1908c63ce2e8266203335764431388fa1466f457c7b10f6d103cf4e69c597231f3b8eac52dc756f669c856a5718bd72307f7d27ff82bd877714fc319dff3ae3cff7f603b01b84421dd46a7e149b1687471cd4b0ebd952c13c4060e195dd058aa375d99138372f81067c7f021a76b8713fde27bb284b565e86bfd4da1336e99879f741d5f66b97aa1470dfe828f0c027a4df7f5ec2a83b330dd6d8fa376362425a07956ba81e231f941b9f7d321b081150b23e00bc7b7f5aab394deef73226ff1e2f7ae012b1e83fd60d9c2eb656dc036315244bd9a2a699db28034bc9a78631b7834ec6cfda352811fdc7807e311b0a09779e120f696ea544ce2c0636e1ef47d0f2291a01760940238d163e6eb59b3a81061317a7ed0c51d0c26e43ee9e12deee7c8d9278d3f2c1718aadf54449bac0ee8236959f73c5265a20cd042b45ee53b02e21abac98405f1d80cf08e3e10f3a9482f7cad45be3a9a11cfecce23b6066a281b66da3d2029a26999be40392ee1926d70ba604e752a13ad0a3921bc1e0c4f1bb9f6af0f7d0628e96494a6c8737144d46505a32fdfc8f287caf8e0a890d0c185db44e3a22063594996fa284bba4db10132bd06728abad860ccc4207549182a254b1175d35c7fe8a03b36e2c3c86abadc582085c6e48dc0c96ef5e48d630e7a05fc937cfff33dd0ea52e9c7fdb7591a4aec9859d80f6d7ba66d825893cf95b3be2a6f3fa1f0938fc59a55878eb53767ad190ef552466e21128cd13844cc92171f02c53c5bd9130483b396b1afa3627e5e67ac24feeba6cc30be155ed243cb739331f07b27b4cecf59498e311e10816a270191874f7425de881d834c61d1dc0db10e6b5f966c203ecd68332fe2abb11bd11d732d8b4c8d3adf5e7f5a9aac60d54b5835e827a56b94dc03afaaac94421346ed39eedae7f57778ac7d739976b070c435a1065c7400a6392fac42921105428fd1e90178ce34275f57af58f8a365840f9b4640796b9a22a051ed6c8bfc5d160da1fd962b3944ebe6eedd69505d4f0a2ff9b8873f4185d4cdc8f185f18fdd5b71fbe8beffb3231a3d7af560fe21dcf993a1a7193b0909af349e40a40914e5a1d69e3637f7979a4624a38ac8a9fda7195e5c1b3a13d643cefbd47736a60403c36963bf5f67c477c585b870302a12bedbb34ad3a9c8506cc6a9a8c6f87082e462ed7552e61111081bb219adfc4f138e908cb8a2a9e7e3775db0ec046ea6147aec6fe288ea2f5b892d64b2a71d100f9a98e3aa44016cb864a6e4beb3c3f546ba49f9b5b22d247a0a0ea0ad45630891cf44f660a80273e0d8ce84693bbc848d20f9a040e2e7c4970e117525fdcff8997b2d5df5ac2722a2709dc01e98e987da36d3f4c9fb94b6a47f482cda72aa8a974c79d003510d1431622d4f7a95a5ddc1a1246f349de76707340d9fc5a99a15c1516337b6de8ade630c6db138a2411a4bd3de2c51a71aa4f6e2697cf9beb5ed213f0bece714099377803b825b854e9013b784727fe2e11ea1960d3df0b90599b57e08c0fde0bf52a49562176e7f6de8832d09c74ba3abb936cb13332b0059c80536a28d5cb4f3d7a4a1cdb507a03bb2877b3baa9baef5ef550589e98125483a382c99ef341fe4c3425f0de1fb6457c0738ef9ff8fcf42ec13849464f91d8607c1ba4e7aea30d9e2f34964582ede647489fcf74687e8f77799be61eb08b69c8e609ad1070b9f7953e5d6dc7aa955df7baab44d4bd0223774afdc50fc40793295e7b0812b2ab1233922385b4cdb841e3fccab926609f22bf40aa9dbd9cdee2e1b8e326659113af95b67ae6d3c4b073bab1a04e03520b75758128b6cc561909be57fcfe379729120853f1883ba6a6649b24b374cacea7d3f43d762662a5fc4d6abe01de67e2a072122a47663d52e75aa957711f003a8bbe07376bfd2dc0dce7d8fc57dc1aa6f65dfb4c3e600b173cf0a6eada60c41c393ab8a71ebc6703fd04a385aa0da98c5d5c2cb3323005e60b7cb4c3dfc95fcaf9386a83a07e5c5512c8f6a7e4e4143d339989259d92e3d2bf28d09eb23a7c3ccd141ebea0efc7e052b2e78021a88b0e831cfdbeef66e4def765cb1084d0ab490f5cfd4dd133a8e22c666ef164297f88fd28ff0d856c10faf036f795031aa37dd58d69d4430d908923f8db00f11a1f30e0b660ccdd82e44158972bc3c87d2a63cf8ff916a7924933a1b00d5274861d6e148d9f9c9b04b8a5d4a17761b52c4ac750748c50488455d2d15f0e1fec40750fdf79271a604b2e1bf04a2974d048d1b1c126e2956b215297fc88b6ce6db48a6e23299437fe4710a7e4ee9c862a3a912528909d5972d62fa6f29bd2cadb893f355cd27220aad6d21f68d605df0df13597aa7f463624060f117665181cb46bd93dd6ee62b3e9c1f5344bf14129788168ce77ef3ce5e6c0c593e84ba923f8eb10477bfa8e68db7c3041f40deb5f33ec5245ede2025e178e0f07238b095dea13d3ed474b91134ebf536f27987d97d0f4227c7d2bea2756dbbba2c350b30339eab9467b73ac9e7a88807e7f7b416ac065829db0683ffcb2fc336fab117d3570e8ede46b54ce56747f4cde91a97aa89749332f819bc89d619ad8b0490e0ff269d7eee5e98406bfd60d421e14b54bd8d912a114329ec9c1b81de7fd0ee2030cab35d9e55166ed6d7c4ee6130ba73a670c710695e398bacceeca9d29b1a346897461d1ca4720e49ee1ae8cc60b9db0863f9657e719510fe8571d7cce6cc38407bd75d3e619cc999d9c6168f67c1fbc893bb4a654ebde15ceb10782d22c24eda90583285f1c733b6b45f1e802948f268394bcf7498234a1ad1532803d469793856cdd78afa20a95449e1d640a73e84ee92749eecd15a1df41919b0476381e40628bf5315616064177ca3aae6adb93ff654db617765a9a225d7e3268e33156fb63135b7415aabe271f63a7db3ad57631f2161c31fd4168a2af9a2d517944f09aeed216c2304880995e097295c8f73093131d1d45b473535859bd66866606ffc63ce2e85391ca936ba744ac5f30942aa5cb79d5a999755a7d950fb58287c31909aeed29df1b23833555c1a76071db3904fbb5cf39323ec3712d1337715e2519bdacc6b4a63750306b703385296d18864864509f27a50d0c5204befef9557f22ee1a3dc622c98e70061405c1bf77b0b8ab17e396a840efb9dcbe317598ea9e774a021cc3e2441bf4655c73e751f9135c76a1769275132ee840c94a9d3eda6f9c050354f077b5bb7865b90386df50678947b8e3f4b3b94542ec38489fde96b684b7e8405dfd9370e8f30dd9be745cf11cb63f5f659151f7bd0c4e9d62af0eb5eec41c15e9f97948d27be15eed8c8911b2987bd2f4934f5c32b7f039b5255929aa33dcfdc653c1282fe1c2d24de4f5e1486a96a27586140a0a902e93880c0a52016016b467ba14fe33b0f2045c8424214db1a0f8204960b6fc20a6f09a67a98feb3b7ed394b512b64573572a5545960360e286cf77d8d8d629f2238e1b72284f2b92f39a2a84890bfa79ce539502050cb999ea9b445c0662494cf4dea2eb712af7322f79c560ef71d448be5cbe4b94785f0d89a864ab0b952bdccc69e0b5becca76424175a788edfc875dd2ab393aafa2c1530b7fb455383c14716c09658fb8555225d4c0c53d02c80ae322a20927315ed084c9537977fc81286184069fbbae49492130cc815436c9cf19a5c017d22e704c7eb55f4a71f2b28140d8c6353c4a752152461145aa945adaa722ae82ff0ed191f7183054cbe5b5a7d60053b31165cdcbb7de2268b20c23129f3c67ec2e17094037622e664fb7d90e34b1f65c5d924cc2c93c7ba6091f1404a2a1986635eea12fe488c295928761e9f30bdb0cb5c85d9add57f2319936c31d146cfed5c1652e4f70cc933c409d3798f7983e62cd52e065877047a6f8f99a79f0e9c4f24b6aa2ff2f7eea2f79fb2f3015bf5ce0c60be360bc44e4e9c0b3c009c1041835dce45150bb4c33eff859b31cd34dc241902ddd84652f6eac4d3d399e54cd8801e19a4307d05f3f44d438a093eefa7b30b30ea6fef1510878bb3743d6efa0f92531f076b3618a581eb342bad564c379adbdcbefc082cebcdba529780e127945bc3bb4dff1af92914cdafec31d5f302097ed685a5015fcf70a8bd975e68472e79982233031c1ae3837872ddde7fc756757d88c044a019502c5fbddde9723228abfed79bcd380f885af9bcc4a94083ef4edf9d091dffec0eefea814857e1718ea2b6aca4e060504af53723adfc5064cedbe7ae27b30bab748348b24d846b93c6180a5e22efa740a75ddb167bba4e8fa8f3f8a491e5aed68ca3c5bde5364a3ba14b541fc190bccb4c171762353e242a2bc3bb9cf9d80895df57b7fb70050020d9ee3915cc67b2d1a752f1271d108ec3ffb3f13910e66ff6cb54e3cf17c2b79b9de357839fe7e98789bb8320ef40f9d8eab5512fb66b9f4d632e10cb0ca18a80ffcb35c608d43cc01831213e23dea7b1cdfd474910604c57057ce4fa309a640013a47c94b38df1969766f060d02d76a8a12a348cb6d52618e308c6d50fdf68dbc8c3a8648d8820061df73b8ad5f1f6fea58c609629a0e19913e2f44f6a7f2b7b6c0f3fbcb6189f72f15bae45ebc5c7f6acbfb91389606e5276c6160954c7e026d381bd68422b293e81d97eb64320cf8af99be13f2a4f736f0b07efcc66c5d458161c52d2b7803e3affd5cc3bdc747707ec7ca7e9e97f762bee65ba73a40674f40787da0e81e0e4d1d993519b750f7e840706c3672c14eec74c06e28acebc2f2b03147aab6913de5e99b", &(0x7f0000001a00)=""/107, 0x4, 0x0, 0x1000, 0xae, &(0x7f0000001a80)="5b99bbc37c615c6cf317b613b5c3883a634c210528c52a3abfcc9d656b508de13ae4f3733aadd04f4d8192b7031dc06eb798d66305b52b07ef36f7a1bc31ee566f492a3021e232a64ae4f17764b04393be7eceddbaace4cf282561ba06694a0675095b51bd3c859d30bc7198b5a6947ae9534aa1abde192e07130623d74ead5b561b7786ef39a0945a4440cf66044e1fc26957b41e5ff48f3d7d48f46ac510a7dace244795ae1875cafc552f826f8637cfc525f0bca04b4a475a749c396e5a96bf0a77c4d2aea571493bdf605aaa3194cca59cfb11125895870047b43cfef35f1b18d8c595522459f1fd093449c1154e646d3658615272d5e351d3bd82f0bb90c9107ea6af26f70d9dd0c44c008bdca25a66667084edd87fbfd65958d0f17c57d8e3d57ffaa344e13a0fcfab034fe2e9a7b6110de96ac04221556dd1b34330527c1d97431953f11d841bafb180f2a92854eee1a2ccda14409b59817f23bac23efa7773a50f9bb9949a40ce71b7b9c6aa94b8d65cd4cf5067da1b378d78891b2581ed19baf97a2ebc37ae54075e1f17f8943534e1fc5e40ad9631afcbe1094c1a8c14cbe5e5abcd448d340a0480a44b59805dcf85270966c5d4ea6c3f874978e9d2dedfb62eece441f139122b5c2d6a25f74802a6d98c93032da6bb4a2c563b6a2ad28ac4687372ede10603b5ed57d47782ceacc0e22c3e898bfef6b9cd07d407f35ba42708df4f38424197551e471de709ccf32ea40beab4d5e5404314ca097b3951c92456e09513bf27259ad14d916576e630f3192fbcfc3132f7101b6f8554abf6a286cd57926d2de3481e03faede6e3ba0281df489d5c3e1607854b253305c110b25e0428460858516d3742acf4258a1c7d9b6a39d6786138a639c2449b018e872c110aa41f9de86dd23aab38f8d3be57511e6f25811df22f4f10394c758742be6556c32f058a9288a9137b249d0b985bf18592c97af56aeeef106ecaabc063dbae8dc1aca69782458321e61bc3613c1c7f8a95471aec55f75de9790989c0406fcef1e07920ee486e75214e7a75fdd38287a8235c03b06b2afa6d7afdfeaf46a616426ffba20885e12e7828543ea3cd184b60c7542a9693b6ddd0c378dddcf28090c5dd4a7d33f0b4459aed455fd620d64ddb36ae751d1306db6198c4adad7e4eacc6453e88aefa3b6740d231bee9c1e24e03d83f2c76be00a0ca0ebe8bb7f76260b2a8d6563b2c0363071128c78d6b2780364cdda806deb1aa3d28bf04cd09609c773faf1b108830e3a988a42e43b7a094157bcae640f3553f857ddb8a75f1559b6a7261420539a2e0d002e374ca7623613231d86fa0e41307ccce3e6398830c0100214c5e15353860a6ca35743f793937825c111481b2b9d3fbaa0141444f56d77804c304529aa9ffbb0991021ef67550cb502027b720f73a572b9b9402119f686c53f0a190e5752e7a12c5577e0c152c3e4bd5c176f3f120b6c2a13d1181accf7a4cac961bd0a6e23afe2e9ed524f4276952714eabdaabfe72f029b08aa8aa9ab54ea99c572416bcc9b86d3b2f7c2a0f8ef383c714adf0f43548a639b145650a57e328786eb75555bf112ba59583eb9104bd928a2b206c4677d21aa301df354cd617e1f0682e034c7b8bb9257ab33a53b5a7fcab4c438041fe190ef8da395926626c0d3814243b7442806bc26e2ff4d77ab310bd811c40282cf535e836da2882665b78e0c7f2514a4a79c363edb400a76b3af7c5bf4ddb7222ea653603c6a54b42277caffdef85f37e34a3d4ff9ca075479d86e1f781eaba39087e1844dd5ccc13fa55aab93fc90bb67bc8a72d5e0325fa36cee50b7fd4869c45bd85bb5abaa2edebf26d43bb761207d185037a2d013764c26798ec132e8f5b4388eedf45f3e607e2735f96194fcc4ded6626830c3053be12525a07811e8336c7b71c81d6926c7e89958c4cf5dc691c89874a06c991c5d1ac0dbf0c2595261937ef08971513b16e4e3bc67ae0660734bd32f1c3d72c1083858cff046f0a64e43f3867a3c85f0099f330aba587aac11330d7f7babc885dffa29884f614c40582000c22b9d190a67f51094bea847f483954bdc3545e5b5fce43037fbe799c8f720a7d906d4e5078e61b55084df03085fbc619a9eda35bbac60d0ebca2532e0b715abe18c554380be7a8e08c1a9a62babc1c7d488f683e8efeeb6af58fcc4796d9f4de602a395f03464695e31b43df7a50d2bafcfff5923dffffff741ffc8f71bd0812ca52d005793c28c6ba329613e998ed45a6e45595bf36270a2a7f8e54a7f8e881683823749da7aeb3e23f7db09996fb1e36299702d0b8544b0b7f3d16922bbdc698ccb3980b127d422990b207cf2547d6c52d8c3d7c03df9ce6a025dfd8f85d6dbc9a6e72e25f2c21e4231a2bd31d527b67e3cdd8eef31cba4458967cdf09b969883d1fc6df40271b073b4c6a8317aea5a1a5a462946412db346c57cbf61b54f7bea289aa3176b0346badc1c5181a2c2ff744a7a2061fe3c7a14bce312f9f09bff3e247cabd26d44522e1ddc7708bdd1c2d47ba2cb2bef76661a85bc28eb0f205b323b7eaa4e976cb31e7e017910f9c58cc152ae1cb3e3d0c5531f7b60265b608bdc3a540d4647caefd63a5f00da560dd1267f3454d17c209be3b1d504cf2170689834022a9b98bd2c36a48990a22c08fafc73b486fd47694be6213034dde5381d990e33af0bbaac18ec7f5501d63b0c040c6ceeafdce7a162f3cbe426313ad36b50a2172445f763e3300f0f22cc55e83f1c9cac230f4b1862966429e619ad56ffd3d763a567888a8063934ff996890047052cee5988c4ee7272dd17284bb07b63db7b955d0e39fd95515d25effb34e45bb96ce9a2db703af38dab726aa575294d2c0a3a83bf9508e6d29f58f445f760179af6aa5ca60bf583c37a6e349709700d5fed860ac03c74351e627a4fce26eb559117e16b9e8ecf58aab84708a9c8c2cc51a66a2c8e793465945627db1c87e60f6611e5f07e17339515091b061686478a3679fff2df6f74f24589ed80d686f5f95f2c2cf209523806190b1df72fe0121bae9263f8eb6695ab002418d541f995080cf22203aefbb1ee18a56670d26767b1311cb472725953449c54fa8db5159531b0ba0e0a86c69a1bec15497ea1547c7bc143e6869dfa793c6a616db345cb90b98954047f2aac393284450c72a572f29d123ebdaf816ce7777da34a197cc92cce4c9f43658b080857a7bf4ab575d210ae02908b0f95ad8e7d352058a43fdd3ba77a098929b57b395e703a5d599fec9ff3e99764ae6f27bc79488a22afaf71639a679606dc4bedffcafa8b11ec051da2c58e3bcaf8c691c58a34b709c8ab6cb84706dbc6cc2abae34912777921cba8871423d2cdc86dc26961a2f17013c3f8492c05d9352bd255d58f7801a2c88006d22824cdc66b89761556842a743ee0f57ce37e4caf17dccc2be8ba8b844f30b275614250ff785b69eb882867a640d6d0489e20757195fe92f537066169c9af257e2d75c2d4999333f2d0c075a5ebaaba4f78ef85cae3ce07466f5d9a963ba88dd929c7cd030039d6b515b1e946d2bdb1770ef9f0ee8a8722cfeb3351c98b4450248d7053b3995cfefb4856b6d2071b5e012d4aaec39a5aae1014e15f16625186cd1f7eddbef0b2400bacf1c033f3e290339520c7f0ed634d9a2f466fa27e601ae54f05fcf3150639835118207b1d10e9795c2267de9678f1954325a711bf3dd4a9e451415f76513391c5e86b7bcf293bc0221ade3f73c463562cdc0126172d33f599198be3f568568ae3f1f25170ef6b6c7340163954fa58ceb00ecb231df7b3b1de89d8793d811121c04ed256a0d716b1eb8328517d8f9efef091336dccc72e6a8f08206840f563953ab0e3e23040952ecd4992b4ddfbdb4a0bebde6cd5dbccd5fe0b437eb65a63a24693767fd8353d95d61be9d0a20bebc4ddcb185a194a2572b81bae7350e3ea675c303ddf7e90d991e5377e5e4a5ff71ad75da025835b97c9d27121356184d3ea7a864f126c3de2405663835cd99ceb828fe1fe32d966d52d45d3de67825a5ab507c290792f378ce921de59528e1d1e912b0052e5e0ef31977bfcbd776443f77eca738e5b518c797c23edea7b14f19a82020045c50babb93fa9c98f7c9e9b70dcaeb70ea0c59880de5d3f10582fe35811857f13de668e8230eaaf0b1f0ff6bfd2f3671883de8aa00ac8aa50a4a3e8746a3447c80422495e3ad5ce50f0cf3ff8f0a1e2115721c5005a60583d5c3aa6caf30d4c63ac724722cd539b100e3e440131ce36600d4dcb48a0443aba6b5b82765c6cc217b5a08aaaaed8371b623c1be773ed35716930f982b3932d8d3461f3d9216dcd99f77ea41f0707a81c17f17e42d7db4d039bd03dab00b9584c04f368cb4348151c8abafa071c0823668386b05201346938d0e09aedd42736b268fea51a35f8699c1bcd8f6c0a597591e2bf8d1856f7d1e26a014ef05ed21ab047d202541c502989f0ace85988fb019cdb2d64fd3773c23439a7abdf4e5061ba7cefdc35a0230e697d00e07ddfd45a32356e5976b939b5ea20ff4ff7ee63427da188018bf308aa88c7c1a334846c1a09d6f5e78a4a42afc3872d5e097055a3fdc4b5228625cca318287465baa963fc4c32b48131aee4ff9dd49beda3a60d69d474f89712b14099698df5018d173a2cb3e7fc6ca446ab4f28b88cc73c8622009888f1cb1ae81520a33e306f5401bbc385de39d58903e251bfda4813d2ec509a5cfa13dcc85eb3b9b9d9679d03991c0cd6f25f671b11d6be84f4bff88fed27f1f4188f62752fcc5cc3421b060d95ffc5aa134cd91c767626491abca7114141d7c3dc42b697efb4980775c59918d2c0034011dca5ecde92af3bf62e8f28afec7e5e767808e78d2962051d907cd915123ed94cc73a814d72b38798a48dc99fae2dacb0527cfa91b99c9bdb1020e763db10c9e1e57f70567696f5ea543b1f587246852ed890698c5a9874cf32d68db339d5208c50360f34ecdb53ddc1054417e884446c261ca2c71df8ddf4632e1e8e551878d46ba87a1628591d3808a50c55c18ac167d070c6e89e63434b01eaf21254730157c8fabbbcda2677d4f340b9c469e91fc084f4d8965045fe22117ad1267770989b4e150e869523c707a4b04d57d3d6782274d5b377e3fe74358f6a9768244354203476e662654db6044badb9a0c38d0a0c0715fa8a44002dc7becbbe28e95dffb55a958e733cb823e7a370a9c22b0c18438a97e934f3bf29e6e0359b20c352f1d526da1a2be65242e5a88e50f05bd497c7f1e16089a71edf55180098231540106c3d6ad3e263abf69d1a108fc98e8b589be4499bd07ff097a2c2adc40a5a0f21b283c5d7ed5e8ed21c7b1224ee24f452005895e63233464854ce3ed518621ab9a2c59cc5dc7d0829cd445b0c71d0c2b9f0d5e7ab72b0b120dedb4d39686fdb61c74f5abb199851ea60a91b6b57c64237c68a5f10886fe25efc4abdea1db0a62bd451b6a3cd95ee2a8a0fc520ee905be5812250d64f1ffea1bc0921d7777497ce649f292c5eb70cb700fcbbf0c978bcdc45fb4f6efb83087bf6639fbf6564495b33e19029ecdbf3ea75db91a81eb33648038212f4423ce6919b84b719b5def20e77aa95b9cfe378a3e9df7022c312c77b8147abf9e678a9a45dfbb61450c5f5e7d4a10e67e6afe0299bfc3941e9fad92c5312d54a887a7b11cc2622e35fccdead3541d1283e8fabf6b621fb5db078b885a9cb7b42f15f53ac72994437471cfe3", &(0x7f0000002a80)="9d368f5cadeece287de83461ecb1c2fb03e8f7908d349ee2bced7929ab4af70564e1219b6ab7519fa95abbef4fa3a57a8e705a20d212d3736cea53ce6ce97fc99840d53b3c01ff18ec5d291f51251e0f47db1c663e29da82e4375f719204139ac770ea83d26ba610577a8f245ff9ee56611bac1fa57b8ebfede453c7a149530b70c39220aed7f371d54295e8409e038ba267a32da160bf0acc82f8f5bd1962890a98965f3ee365bc21eed8c47248", 0x2, 0x0, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1d, 0x15, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0xb, 0x0, 0x9, 0x30, 0xfffffffffffffff0}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @exit, @generic={0x7a, 0x9, 0xa, 0x2, 0x4}, @alu={0x4, 0x0, 0x8, 0x7, 0x0, 0x20, 0xffffffffffffffff}, @map_fd={0x18, 0x2, 0x1, 0x0, r3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000940)='GPL\x00', 0x5, 0x5c, &(0x7f0000000b00)=""/92, 0x40f00, 0x1, '\x00', r2, 0x10, r4, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000b80)={0x5, 0xf, 0x4, 0x4c09}, 0x10, 0x0, r1, 0x2, &(0x7f0000000bc0)=[r3, r3, r3, r3, r0], &(0x7f0000000c00)=[{0x1, 0x3, 0x4, 0x1}, {0x2, 0x1, 0x9, 0x3}], 0x10, 0x401}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1d, 0x15, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0xb, 0x0, 0x9, 0x30, 0xfffffffffffffff0}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @exit, @generic={0x7a, 0x9, 0xa, 0x2, 0x4}, @alu={0x4, 0x0, 0x8, 0x7, 0x0, 0x20, 0xffffffffffffffff}, @map_fd={0x18, 0x2, 0x1, 0x0, r3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}]}, &(0x7f0000000940)='GPL\x00', 0x5, 0x5c, &(0x7f0000000b00)=""/92, 0x40f00, 0x1, '\x00', r2, 0x10, r4, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000b80)={0x5, 0xf, 0x4, 0x4c09}, 0x10, 0x0, r1, 0x2, &(0x7f0000000bc0)=[r3, r3, r3, r3, r0], &(0x7f0000000c00)=[{0x1, 0x3, 0x4, 0x1}, {0x2, 0x1, 0x9, 0x3}], 0x10, 0x401}, 0x90)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001ec0), 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c00)={0x11, 0xd, &(0x7f00000005c0)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x2}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x3}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x100000}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xc}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x3f}], &(0x7f0000000640)='GPL\x00', 0x5, 0x45, &(0x7f0000000680)=""/69, 0x41100, 0x60, '\x00', r2, 0x0, r4, 0x8, &(0x7f0000000780)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0x3, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000840)=[r3], &(0x7f0000002bc0)=[{0x5, 0x4, 0x3, 0x8}, {0x0, 0x4, 0xc, 0x7}, {0x5, 0x4, 0x4, 0xb}, {0x5, 0x5, 0x5, 0x2}], 0x10, 0x3}, 0x90)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0xa, [@volatile={0x6, 0x0, 0x0, 0x9, 0x5}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x26, 0x0, 0x60}, @ptr={0xf, 0x0, 0x0, 0x2, 0x5}, @union={0xc, 0x7, 0x0, 0x5, 0x1, 0x8, [{0x1, 0x2, 0xfffffff8}, {0xe, 0x1}, {0x7, 0x1, 0x515b}, {0xb, 0x2, 0x1ff}, {0x4, 0x1}, {0x10, 0x3, 0x6}, {0xb, 0x0, 0x7fff}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0xe, 0x1}, {0x3, 0x3}, {0x6, 0x2}, {0xc, 0x1}, {0xf, 0x5}, {0xe}, {0xf, 0x4}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x61, 0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f0000000380)=""/4096, 0xee, 0x1000, 0x0, 0x1fe4}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={0xffffffffffffffff, 0x20, &(0x7f00000015c0)={&(0x7f0000001440)=""/71, 0x47, <r7=>0x0, &(0x7f00000014c0)=""/231, 0xe7}}, 0x10)
r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001680)=@generic={&(0x7f0000001640)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x1, 0x4, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x8}, @map_fd={0x18, 0x9}], &(0x7f0000000080)='GPL\x00', 0x1, 0x25, &(0x7f00000001c0)=""/37, 0x41000, 0x0, '\x00', r2, 0x1e, r6, 0x8, &(0x7f00000013c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000001400)={0x4, 0x0, 0xffff, 0x7}, 0x10, r7, r8, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x1, 0x4, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x8}, @map_fd={0x18, 0x9}], &(0x7f0000000080)='GPL\x00', 0x1, 0x25, &(0x7f00000001c0)=""/37, 0x41000, 0x0, '\x00', r2, 0x1e, r6, 0x8, &(0x7f00000013c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000001400)={0x4, 0x0, 0xffff, 0x7}, 0x10, r7, r8, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1cf8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  571.420487][T19295] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  571.428297][T19295] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  571.436114][T19295] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  571.443930][T19295] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  571.451741][T19295]  </TASK>
06:59:06 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r2}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x940e, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x28000000, 0x1}, 0x48)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ldst={0x2, 0x0, 0x1, 0x6, 0x3, 0x40, 0xfffffffffffffffc}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x50, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100)=[r0], &(0x7f0000000140)=[{0x2, 0x1, 0x8, 0x5}, {0x3, 0x2, 0xf, 0x4}, {0x2, 0x1, 0x2, 0x3}, {0x2, 0x3, 0x6, 0x1}, {0x0, 0x1, 0x5, 0xa}], 0x10, 0xe975}, 0x90) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 64)

06:59:07 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000027000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2f, 0x43451)

06:59:07 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 31)

06:59:07 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000027000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x30, 0x43451)

06:59:07 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000027000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000027000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

[  571.654950][T19335] FAULT_INJECTION: forcing a failure.
[  571.654950][T19335] name failslab, interval 1, probability 0, space 0, times 0
[  571.683296][T19335] CPU: 0 PID: 19335 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  571.695143][T19335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  571.705016][T19335] Call Trace:
[  571.708147][T19335]  <TASK>
[  571.711003][T19335]  dump_stack_lvl+0x151/0x1b7
[  571.715515][T19335]  ? io_uring_drop_tctx_refs+0x190/0x190
[  571.720987][T19335]  dump_stack+0x15/0x17
[  571.724972][T19335]  should_fail+0x3c6/0x510
[  571.729236][T19335]  __should_failslab+0xa4/0xe0
[  571.733827][T19335]  ? anon_vma_clone+0x9a/0x500
[  571.738429][T19335]  should_failslab+0x9/0x20
[  571.742851][T19335]  slab_pre_alloc_hook+0x37/0xd0
[  571.747625][T19335]  ? anon_vma_clone+0x9a/0x500
[  571.752225][T19335]  kmem_cache_alloc+0x44/0x200
[  571.756840][T19335]  anon_vma_clone+0x9a/0x500
[  571.761254][T19335]  anon_vma_fork+0x91/0x4e0
[  571.765594][T19335]  ? anon_vma_name+0x4c/0x70
[  571.770106][T19335]  ? vm_area_dup+0x17a/0x230
[  571.774534][T19335]  copy_mm+0xa3a/0x13e0
[  571.778542][T19335]  ? copy_signal+0x610/0x610
[  571.782953][T19335]  ? __init_rwsem+0xd6/0x1c0
[  571.787377][T19335]  ? copy_signal+0x4e3/0x610
[  571.791932][T19335]  copy_process+0x1149/0x3290
[  571.796437][T19335]  ? proc_fail_nth_write+0x20b/0x290
[  571.801554][T19335]  ? fsnotify_perm+0x6a/0x5d0
[  571.806070][T19335]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  571.811013][T19335]  ? vfs_write+0x9ec/0x1110
[  571.815357][T19335]  ? __hrtimer_run_queues+0x46b/0xad0
[  571.820573][T19335]  kernel_clone+0x21e/0x9e0
[  571.824901][T19335]  ? irqentry_exit+0x30/0x40
[  571.829331][T19335]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  571.834973][T19335]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  571.840965][T19335]  ? create_io_thread+0x1e0/0x1e0
[  571.845823][T19335]  ? ksys_write+0x244/0x2c0
[  571.850159][T19335]  ? fput_many+0x17/0x1b0
[  571.854326][T19335]  __x64_sys_clone+0x23f/0x290
[  571.858929][T19335]  ? __do_sys_vfork+0x130/0x130
[  571.863625][T19335]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  571.869545][T19335]  do_syscall_64+0x3d/0xb0
[  571.873787][T19335]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  571.879478][T19335]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  571.885185][T19335] RIP: 0033:0x7f7b6d82fda9
[  571.889503][T19335] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  571.909158][T19335] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  571.917383][T19335] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  571.925192][T19335] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  571.933004][T19335] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  571.940905][T19335] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x31, 0x43451)

[  571.948715][T19335] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  571.956533][T19335]  </TASK>
06:59:07 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x0, 0x0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:07 executing program 1:
r0 = gettid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0x2, 0x9, 0x5, 0x40, 0x0, 0x10000, 0x100, 0xe, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000500), 0x1}, 0x12021, 0xffffffffffff8001, 0xff, 0x0, 0x7ff, 0x5, 0x3, 0x0, 0x0, 0x0, 0x5}, r0, 0xd, r1, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0x1, <r6=>0xffffffffffffffff}, 0x4)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0xff, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xf, 0x0, 0x8000}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r4, r5, r6, r7, 0xffffffffffffffff], 0x0, 0x10, 0xffff}, 0x90)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x32, 0x43451)

06:59:07 executing program 1:
r0 = gettid() (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0x2, 0x9, 0x5, 0x40, 0x0, 0x10000, 0x100, 0xe, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000500), 0x1}, 0x12021, 0xffffffffffff8001, 0xff, 0x0, 0x7ff, 0x5, 0x3, 0x0, 0x0, 0x0, 0x5}, r0, 0xd, r1, 0xc) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48) (async, rerun: 64)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5}, 0x48) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0x1, <r6=>0xffffffffffffffff}, 0x4) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180)) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0xff, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xf, 0x0, 0x8000}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r4, r5, r6, r7, 0xffffffffffffffff], 0x0, 0x10, 0xffff}, 0x90) (rerun: 64)

06:59:07 executing program 1:
r0 = gettid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0x2, 0x9, 0x5, 0x40, 0x0, 0x10000, 0x100, 0xe, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000500), 0x1}, 0x12021, 0xffffffffffff8001, 0xff, 0x0, 0x7ff, 0x5, 0x3, 0x0, 0x0, 0x0, 0x5}, r0, 0xd, r1, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0x1, <r6=>0xffffffffffffffff}, 0x4)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0xff, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xf, 0x0, 0x8000}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r4, r5, r6, r7, 0xffffffffffffffff], 0x0, 0x10, 0xffff}, 0x90)
gettid() (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040)) (async)
perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0x2, 0x9, 0x5, 0x40, 0x0, 0x10000, 0x100, 0xe, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000500), 0x1}, 0x12021, 0xffffffffffff8001, 0xff, 0x0, 0x7ff, 0x5, 0x3, 0x0, 0x0, 0x0, 0x5}, r0, 0xd, r1, 0xc) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5}, 0x48) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0x1}, 0x4) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0xff, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xf, 0x0, 0x8000}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r4, r5, r6, r7, 0xffffffffffffffff], 0x0, 0x10, 0xffff}, 0x90) (async)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x33, 0x43451)

06:59:07 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 32)

06:59:07 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1)
r1 = perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x3, 0x1, 0x3, 0x5, 0x0, 0x8, 0x8001, 0xa, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x2, @perf_config_ext={0x7}, 0x1000, 0x3, 0x8000, 0x3, 0x9, 0x8001, 0x7fff, 0x0, 0x81, 0x0, 0xffff}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0xf1, 0x6, 0x1, 0x58, 0x0, 0x10002, 0xc40, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1001, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x4910, 0x4, 0x2, 0x4, 0x3, 0x4, 0x3, 0x0, 0xfff, 0x0, 0x7}, r0, 0xf, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff002017ffb702000000008fbb9ccf7230822189c4bd9cd7dd0000b7030000deab04f4850000002d000000950000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x34, 0x43451)

[  572.175988][T19385] FAULT_INJECTION: forcing a failure.
[  572.175988][T19385] name failslab, interval 1, probability 0, space 0, times 0
[  572.213268][T19385] CPU: 0 PID: 19385 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  572.224832][T19385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  572.234725][T19385] Call Trace:
[  572.237843][T19385]  <TASK>
[  572.240626][T19385]  dump_stack_lvl+0x151/0x1b7
[  572.245136][T19385]  ? io_uring_drop_tctx_refs+0x190/0x190
[  572.250606][T19385]  dump_stack+0x15/0x17
[  572.254594][T19385]  should_fail+0x3c6/0x510
[  572.258849][T19385]  __should_failslab+0xa4/0xe0
[  572.263456][T19385]  ? anon_vma_clone+0x9a/0x500
[  572.268065][T19385]  should_failslab+0x9/0x20
[  572.272406][T19385]  slab_pre_alloc_hook+0x37/0xd0
[  572.277161][T19385]  ? anon_vma_clone+0x9a/0x500
[  572.281760][T19385]  kmem_cache_alloc+0x44/0x200
[  572.286370][T19385]  anon_vma_clone+0x9a/0x500
[  572.290790][T19385]  anon_vma_fork+0x91/0x4e0
[  572.295764][T19385]  copy_mm+0xa3a/0x13e0
[  572.299822][T19385]  ? copy_signal+0x610/0x610
[  572.304243][T19385]  ? __init_rwsem+0xd6/0x1c0
[  572.308666][T19385]  ? copy_signal+0x4e3/0x610
[  572.313092][T19385]  copy_process+0x1149/0x3290
[  572.317609][T19385]  ? timerqueue_add+0x250/0x270
[  572.322291][T19385]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  572.327238][T19385]  ? enqueue_hrtimer+0xca/0x240
[  572.331924][T19385]  ? __hrtimer_run_queues+0x46b/0xad0
[  572.337134][T19385]  kernel_clone+0x21e/0x9e0
[  572.341477][T19385]  ? create_io_thread+0x1e0/0x1e0
[  572.346337][T19385]  ? clockevents_program_event+0x22f/0x300
[  572.351975][T19385]  __x64_sys_clone+0x23f/0x290
[  572.356574][T19385]  ? __do_sys_vfork+0x130/0x130
[  572.361263][T19385]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  572.367077][T19385]  do_syscall_64+0x3d/0xb0
[  572.371328][T19385]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  572.376976][T19385]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  572.382702][T19385] RIP: 0033:0x7f7b6d82fda9
[  572.386954][T19385] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  572.406395][T19385] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  572.414642][T19385] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:07 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r2}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x940e, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x28000000, 0x1}, 0x48) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ldst={0x2, 0x0, 0x1, 0x6, 0x3, 0x40, 0xfffffffffffffffc}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x50, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100)=[r0], &(0x7f0000000140)=[{0x2, 0x1, 0x8, 0x5}, {0x3, 0x2, 0xf, 0x4}, {0x2, 0x1, 0x2, 0x3}, {0x2, 0x3, 0x6, 0x1}, {0x0, 0x1, 0x5, 0xa}], 0x10, 0xe975}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:07 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x35, 0x43451)

[  572.422450][T19385] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  572.430263][T19385] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  572.438073][T19385] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  572.445885][T19385] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  572.453701][T19385]  </TASK>
06:59:07 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

06:59:07 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 33)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x36, 0x43451)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x37, 0x43451)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x7e098595857e672c)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x38, 0x43451)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x39, 0x43451)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x7e098595857e672c) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3a, 0x43451)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x7e098595857e672c)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x7e098595857e672c) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3b, 0x43451)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

[  572.810238][T19445] FAULT_INJECTION: forcing a failure.
[  572.810238][T19445] name failslab, interval 1, probability 0, space 0, times 0
[  572.835314][T19445] CPU: 0 PID: 19445 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  572.846872][T19445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  572.856765][T19445] Call Trace:
[  572.859886][T19445]  <TASK>
[  572.862665][T19445]  dump_stack_lvl+0x151/0x1b7
[  572.867178][T19445]  ? io_uring_drop_tctx_refs+0x190/0x190
[  572.872659][T19445]  dump_stack+0x15/0x17
[  572.876640][T19445]  should_fail+0x3c6/0x510
[  572.880892][T19445]  __should_failslab+0xa4/0xe0
[  572.885497][T19445]  ? anon_vma_fork+0xf7/0x4e0
[  572.890009][T19445]  should_failslab+0x9/0x20
[  572.894345][T19445]  slab_pre_alloc_hook+0x37/0xd0
[  572.899118][T19445]  ? anon_vma_fork+0xf7/0x4e0
[  572.903718][T19445]  kmem_cache_alloc+0x44/0x200
[  572.908329][T19445]  anon_vma_fork+0xf7/0x4e0
[  572.912788][T19445]  ? anon_vma_name+0x4c/0x70
[  572.917215][T19445]  ? vm_area_dup+0x17a/0x230
[  572.921643][T19445]  copy_mm+0xa3a/0x13e0
[  572.925632][T19445]  ? copy_signal+0x610/0x610
[  572.930054][T19445]  ? __init_rwsem+0xd6/0x1c0
[  572.934480][T19445]  ? copy_signal+0x4e3/0x610
[  572.938903][T19445]  copy_process+0x1149/0x3290
[  572.943420][T19445]  ? timerqueue_add+0x250/0x270
[  572.948103][T19445]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  572.953053][T19445]  kernel_clone+0x21e/0x9e0
[  572.957396][T19445]  ? create_io_thread+0x1e0/0x1e0
[  572.962254][T19445]  __x64_sys_clone+0x23f/0x290
[  572.966852][T19445]  ? __do_sys_vfork+0x130/0x130
[  572.971542][T19445]  ? debug_smp_processor_id+0x17/0x20
[  572.976746][T19445]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  572.982647][T19445]  ? exit_to_user_mode_prepare+0x39/0xa0
[  572.988112][T19445]  do_syscall_64+0x3d/0xb0
[  572.992386][T19445]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  572.998012][T19445]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  573.003734][T19445] RIP: 0033:0x7f7b6d82fda9
[  573.008006][T19445] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  573.027434][T19445] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  573.035675][T19445] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  573.043490][T19445] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  573.051298][T19445] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3c, 0x43451)

06:59:08 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x0, 0x0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:08 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 34)

[  573.059109][T19445] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  573.066924][T19445] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  573.074739][T19445]  </TASK>
06:59:08 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1) (async)
write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1)
r1 = perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x3, 0x1, 0x3, 0x5, 0x0, 0x8, 0x8001, 0xa, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x2, @perf_config_ext={0x7}, 0x1000, 0x3, 0x8000, 0x3, 0x9, 0x8001, 0x7fff, 0x0, 0x81, 0x0, 0xffff}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0xf1, 0x6, 0x1, 0x58, 0x0, 0x10002, 0xc40, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1001, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x4910, 0x4, 0x2, 0x4, 0x3, 0x4, 0x3, 0x0, 0xfff, 0x0, 0x7}, r0, 0xf, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff002017ffb702000000008fbb9ccf7230822189c4bd9cd7dd0000b7030000deab04f4850000002d000000950000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff002017ffb702000000008fbb9ccf7230822189c4bd9cd7dd0000b7030000deab04f4850000002d000000950000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:08 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3d, 0x43451)

[  573.154116][T19460] FAULT_INJECTION: forcing a failure.
[  573.154116][T19460] name failslab, interval 1, probability 0, space 0, times 0
[  573.175181][T19460] CPU: 1 PID: 19460 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  573.186741][T19460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  573.196637][T19460] Call Trace:
[  573.199754][T19460]  <TASK>
[  573.202532][T19460]  dump_stack_lvl+0x151/0x1b7
[  573.207045][T19460]  ? io_uring_drop_tctx_refs+0x190/0x190
[  573.212522][T19460]  dump_stack+0x15/0x17
[  573.216505][T19460]  should_fail+0x3c6/0x510
[  573.220764][T19460]  __should_failslab+0xa4/0xe0
[  573.225363][T19460]  ? anon_vma_fork+0x1df/0x4e0
[  573.229964][T19460]  should_failslab+0x9/0x20
[  573.234298][T19460]  slab_pre_alloc_hook+0x37/0xd0
[  573.239075][T19460]  ? anon_vma_fork+0x1df/0x4e0
[  573.243671][T19460]  kmem_cache_alloc+0x44/0x200
[  573.248275][T19460]  anon_vma_fork+0x1df/0x4e0
[  573.252701][T19460]  copy_mm+0xa3a/0x13e0
[  573.256697][T19460]  ? copy_signal+0x610/0x610
[  573.261122][T19460]  ? __init_rwsem+0xd6/0x1c0
[  573.265547][T19460]  ? copy_signal+0x4e3/0x610
[  573.269977][T19460]  copy_process+0x1149/0x3290
[  573.274499][T19460]  ? _raw_spin_unlock+0x4d/0x70
[  573.279171][T19460]  ? perf_event_context_sched_in+0x4ea/0x5e0
[  573.284989][T19460]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  573.289946][T19460]  ? __perf_event_task_sched_in+0x219/0x2a0
[  573.295839][T19460]  kernel_clone+0x21e/0x9e0
[  573.300177][T19460]  ? create_io_thread+0x1e0/0x1e0
[  573.305033][T19460]  ? finish_task_switch+0x167/0x7b0
[  573.310076][T19460]  __x64_sys_clone+0x23f/0x290
[  573.314673][T19460]  ? __do_sys_vfork+0x130/0x130
[  573.319358][T19460]  ? switch_fpu_return+0x1ed/0x3d0
[  573.324305][T19460]  ? __kasan_check_read+0x11/0x20
[  573.329167][T19460]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  573.334636][T19460]  do_syscall_64+0x3d/0xb0
[  573.338897][T19460]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  573.344529][T19460]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  573.350256][T19460] RIP: 0033:0x7f7b6d82fda9
[  573.354510][T19460] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  573.373980][T19460] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  573.382201][T19460] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  573.390006][T19460] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:08 executing program 2:
syz_clone(0x4000400, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x1, 0x6, 0x6, 0x6, 0x0, 0x4, 0x2204, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0x1, 0x2}, 0x8000, 0x5, 0x7, 0x2, 0x6, 0x2, 0xd85, 0x0, 0x6, 0x0, 0x40}, 0x0, 0x3, 0xffffffffffffffff, 0x3)

06:59:08 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 35)

06:59:08 executing program 2:
syz_clone(0x4000400, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x1, 0x6, 0x6, 0x6, 0x0, 0x4, 0x2204, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0x1, 0x2}, 0x8000, 0x5, 0x7, 0x2, 0x6, 0x2, 0xd85, 0x0, 0x6, 0x0, 0x40}, 0x0, 0x3, 0xffffffffffffffff, 0x3) (rerun: 64)

06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3e, 0x43451)

[  573.397820][T19460] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  573.405634][T19460] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  573.413442][T19460] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  573.421260][T19460]  </TASK>
06:59:08 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x41, 0x43451)

[  573.497366][T19484] FAULT_INJECTION: forcing a failure.
[  573.497366][T19484] name failslab, interval 1, probability 0, space 0, times 0
[  573.525942][T19484] CPU: 1 PID: 19484 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  573.537507][T19484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  573.547424][T19484] Call Trace:
[  573.550519][T19484]  <TASK>
[  573.553311][T19484]  dump_stack_lvl+0x151/0x1b7
[  573.557811][T19484]  ? io_uring_drop_tctx_refs+0x190/0x190
[  573.563280][T19484]  dump_stack+0x15/0x17
[  573.567274][T19484]  should_fail+0x3c6/0x510
[  573.571523][T19484]  __should_failslab+0xa4/0xe0
[  573.576124][T19484]  ? anon_vma_clone+0x9a/0x500
[  573.580727][T19484]  should_failslab+0x9/0x20
[  573.585084][T19484]  slab_pre_alloc_hook+0x37/0xd0
[  573.589847][T19484]  ? anon_vma_clone+0x9a/0x500
[  573.594475][T19484]  kmem_cache_alloc+0x44/0x200
[  573.599043][T19484]  anon_vma_clone+0x9a/0x500
[  573.603468][T19484]  anon_vma_fork+0x91/0x4e0
[  573.607804][T19484]  ? anon_vma_name+0x4c/0x70
[  573.612230][T19484]  ? vm_area_dup+0x17a/0x230
[  573.616656][T19484]  copy_mm+0xa3a/0x13e0
[  573.620653][T19484]  ? copy_signal+0x610/0x610
[  573.625078][T19484]  ? __init_rwsem+0xd6/0x1c0
[  573.629511][T19484]  ? copy_signal+0x4e3/0x610
[  573.633936][T19484]  copy_process+0x1149/0x3290
[  573.638441][T19484]  ? proc_fail_nth_write+0x20b/0x290
[  573.643563][T19484]  ? vfs_write+0x340/0x1110
[  573.647912][T19484]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  573.652850][T19484]  ? vfs_write+0x9ec/0x1110
[  573.657191][T19484]  ? __hrtimer_run_queues+0x46b/0xad0
[  573.662406][T19484]  kernel_clone+0x21e/0x9e0
[  573.666736][T19484]  ? irqentry_exit+0x30/0x40
[  573.671159][T19484]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  573.676813][T19484]  ? create_io_thread+0x1e0/0x1e0
[  573.681668][T19484]  __x64_sys_clone+0x23f/0x290
[  573.686263][T19484]  ? __do_sys_vfork+0x130/0x130
[  573.690949][T19484]  ? ksys_write+0x260/0x2c0
[  573.695295][T19484]  ? debug_smp_processor_id+0x17/0x20
[  573.700500][T19484]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  573.706409][T19484]  ? exit_to_user_mode_prepare+0x39/0xa0
[  573.711869][T19484]  do_syscall_64+0x3d/0xb0
[  573.716117][T19484]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  573.721759][T19484]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  573.727485][T19484] RIP: 0033:0x7f7b6d82fda9
[  573.731739][T19484] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  573.751182][T19484] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  573.759426][T19484] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  573.767235][T19484] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  573.775048][T19484] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  573.782862][T19484] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  573.790669][T19484] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x42, 0x43451)

[  573.798491][T19484]  </TASK>
06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x43, 0x43451)

06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x44, 0x43451)

06:59:09 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 36)

06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x56, 0x43451)

06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x57, 0x43451)

[  574.049121][T19529] FAULT_INJECTION: forcing a failure.
[  574.049121][T19529] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  574.077302][T19529] CPU: 0 PID: 19529 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  574.088869][T19529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  574.098758][T19529] Call Trace:
[  574.101880][T19529]  <TASK>
[  574.104657][T19529]  dump_stack_lvl+0x151/0x1b7
[  574.109178][T19529]  ? io_uring_drop_tctx_refs+0x190/0x190
[  574.114640][T19529]  ? _raw_write_unlock_irqrestore+0x70/0x70
[  574.120373][T19529]  dump_stack+0x15/0x17
[  574.124362][T19529]  should_fail+0x3c6/0x510
[  574.128611][T19529]  should_fail_alloc_page+0x5a/0x80
[  574.133646][T19529]  prepare_alloc_pages+0x15c/0x700
[  574.138595][T19529]  ? __alloc_pages_bulk+0xe40/0xe40
[  574.143631][T19529]  __alloc_pages+0x18c/0x8f0
[  574.148142][T19529]  ? prep_new_page+0x110/0x110
[  574.152749][T19529]  get_zeroed_page+0x1b/0x40
[  574.157168][T19529]  __pud_alloc+0x8b/0x260
[  574.161333][T19529]  ? stack_trace_snprint+0xf0/0xf0
[  574.166286][T19529]  ? do_handle_mm_fault+0x2330/0x2330
[  574.171489][T19529]  ? __stack_depot_save+0x34/0x470
[  574.176433][T19529]  ? anon_vma_clone+0x9a/0x500
[  574.181036][T19529]  copy_page_range+0x2bcf/0x2f90
[  574.185842][T19529]  ? __kasan_slab_alloc+0xb1/0xe0
[  574.190668][T19529]  ? slab_post_alloc_hook+0x53/0x2c0
[  574.195788][T19529]  ? copy_mm+0xa3a/0x13e0
[  574.199954][T19529]  ? copy_process+0x1149/0x3290
[  574.204640][T19529]  ? kernel_clone+0x21e/0x9e0
[  574.209157][T19529]  ? __x64_sys_clone+0x23f/0x290
[  574.213929][T19529]  ? do_syscall_64+0x3d/0xb0
[  574.218361][T19529]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  574.224266][T19529]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  574.230248][T19529]  ? pfn_valid+0x1e0/0x1e0
[  574.234501][T19529]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  574.240748][T19529]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  574.246310][T19529]  ? __rb_insert_augmented+0x5de/0x610
[  574.251600][T19529]  copy_mm+0xc7e/0x13e0
[  574.255596][T19529]  ? copy_signal+0x610/0x610
[  574.260013][T19529]  ? __init_rwsem+0xd6/0x1c0
[  574.264439][T19529]  ? copy_signal+0x4e3/0x610
[  574.268871][T19529]  copy_process+0x1149/0x3290
[  574.273379][T19529]  ? proc_fail_nth_write+0x20b/0x290
[  574.278501][T19529]  ? fsnotify_perm+0x6a/0x5d0
[  574.283012][T19529]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  574.287958][T19529]  ? vfs_write+0x9ec/0x1110
[  574.292385][T19529]  ? __hrtimer_run_queues+0x46b/0xad0
[  574.297593][T19529]  kernel_clone+0x21e/0x9e0
[  574.301932][T19529]  ? file_end_write+0x1c0/0x1c0
[  574.306618][T19529]  ? create_io_thread+0x1e0/0x1e0
[  574.311485][T19529]  ? mutex_unlock+0xb2/0x260
[  574.315906][T19529]  ? __mutex_lock_slowpath+0x10/0x10
[  574.321026][T19529]  ? __fdget_pos+0x1b5/0x3a0
[  574.325454][T19529]  __x64_sys_clone+0x23f/0x290
[  574.330055][T19529]  ? __do_sys_vfork+0x130/0x130
[  574.334742][T19529]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  574.340556][T19529]  do_syscall_64+0x3d/0xb0
[  574.344808][T19529]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  574.350449][T19529]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  574.356179][T19529] RIP: 0033:0x7f7b6d82fda9
[  574.360434][T19529] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  574.379873][T19529] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  574.388115][T19529] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:09 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1) (async)
r1 = perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x3, 0x1, 0x3, 0x5, 0x0, 0x8, 0x8001, 0xa, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x2, @perf_config_ext={0x7}, 0x1000, 0x3, 0x8000, 0x3, 0x9, 0x8001, 0x7fff, 0x0, 0x81, 0x0, 0xffff}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0xf1, 0x6, 0x1, 0x58, 0x0, 0x10002, 0xc40, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1001, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x4910, 0x4, 0x2, 0x4, 0x3, 0x4, 0x3, 0x0, 0xfff, 0x0, 0x7}, r0, 0xf, r1, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff002017ffb702000000008fbb9ccf7230822189c4bd9cd7dd0000b7030000deab04f4850000002d000000950000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:09 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x0, 0x0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r2}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', 0x0, 0x36, r2, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001040)=[r1, r0, r2, r2, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', 0x0, 0x9, r2, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:09 executing program 2:
syz_clone(0x4000400, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x1, 0x6, 0x6, 0x6, 0x0, 0x4, 0x2204, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0x1, 0x2}, 0x8000, 0x5, 0x7, 0x2, 0x6, 0x2, 0xd85, 0x0, 0x6, 0x0, 0x40}, 0x0, 0x3, 0xffffffffffffffff, 0x3) (rerun: 32)

06:59:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x88, 0x43451)

[  574.396014][T19529] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  574.403827][T19529] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  574.411645][T19529] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  574.419448][T19529] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  574.427264][T19529]  </TASK>
06:59:09 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 37)

[  574.550010][T19557] FAULT_INJECTION: forcing a failure.
[  574.550010][T19557] name failslab, interval 1, probability 0, space 0, times 0
[  574.569202][T19557] CPU: 1 PID: 19557 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  574.580764][T19557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  574.590659][T19557] Call Trace:
[  574.593781][T19557]  <TASK>
[  574.596560][T19557]  dump_stack_lvl+0x151/0x1b7
[  574.601075][T19557]  ? io_uring_drop_tctx_refs+0x190/0x190
[  574.606550][T19557]  dump_stack+0x15/0x17
[  574.610530][T19557]  should_fail+0x3c6/0x510
[  574.614800][T19557]  __should_failslab+0xa4/0xe0
[  574.619385][T19557]  ? anon_vma_fork+0x1df/0x4e0
[  574.623985][T19557]  should_failslab+0x9/0x20
[  574.628330][T19557]  slab_pre_alloc_hook+0x37/0xd0
[  574.633100][T19557]  ? anon_vma_fork+0x1df/0x4e0
[  574.637699][T19557]  kmem_cache_alloc+0x44/0x200
[  574.642302][T19557]  anon_vma_fork+0x1df/0x4e0
[  574.646731][T19557]  copy_mm+0xa3a/0x13e0
[  574.650724][T19557]  ? copy_signal+0x610/0x610
[  574.655146][T19557]  ? __init_rwsem+0xd6/0x1c0
[  574.659568][T19557]  ? copy_signal+0x4e3/0x610
[  574.663994][T19557]  copy_process+0x1149/0x3290
[  574.668518][T19557]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  574.673459][T19557]  kernel_clone+0x21e/0x9e0
[  574.677799][T19557]  ? create_io_thread+0x1e0/0x1e0
[  574.682660][T19557]  ? clockevents_program_event+0x22f/0x300
[  574.688304][T19557]  __x64_sys_clone+0x23f/0x290
[  574.692900][T19557]  ? __do_sys_vfork+0x130/0x130
[  574.697593][T19557]  ? debug_smp_processor_id+0x17/0x20
[  574.702807][T19557]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  574.708701][T19557]  ? exit_to_user_mode_prepare+0x39/0xa0
[  574.714169][T19557]  do_syscall_64+0x3d/0xb0
[  574.718416][T19557]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  574.724057][T19557]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  574.729784][T19557] RIP: 0033:0x7f7b6d82fda9
[  574.734043][T19557] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  574.753480][T19557] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  574.761726][T19557] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  574.769539][T19557] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  574.777349][T19557] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  574.785162][T19557] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  574.792977][T19557] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:59:10 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x91, 0x43451)

[  574.800791][T19557]  </TASK>
06:59:10 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 38)

06:59:10 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x204, 0x43451)

06:59:10 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x300, 0x43451)

[  574.936114][T19600] FAULT_INJECTION: forcing a failure.
[  574.936114][T19600] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  574.950077][T19600] CPU: 0 PID: 19600 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  574.961631][T19600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  574.971525][T19600] Call Trace:
[  574.974645][T19600]  <TASK>
[  574.977427][T19600]  dump_stack_lvl+0x151/0x1b7
[  574.981938][T19600]  ? io_uring_drop_tctx_refs+0x190/0x190
[  574.987411][T19600]  dump_stack+0x15/0x17
[  574.991401][T19600]  should_fail+0x3c6/0x510
[  574.995651][T19600]  should_fail_alloc_page+0x5a/0x80
[  575.000684][T19600]  prepare_alloc_pages+0x15c/0x700
[  575.005636][T19600]  ? __alloc_pages_bulk+0xe40/0xe40
[  575.010670][T19600]  __alloc_pages+0x18c/0x8f0
[  575.015094][T19600]  ? prep_new_page+0x110/0x110
[  575.019703][T19600]  get_zeroed_page+0x1b/0x40
[  575.024117][T19600]  __pud_alloc+0x8b/0x260
[  575.028288][T19600]  ? stack_trace_snprint+0xf0/0xf0
[  575.033231][T19600]  ? do_handle_mm_fault+0x2330/0x2330
[  575.038442][T19600]  ? __stack_depot_save+0x34/0x470
[  575.043387][T19600]  ? anon_vma_clone+0x9a/0x500
[  575.047987][T19600]  copy_page_range+0x2bcf/0x2f90
[  575.052765][T19600]  ? __kasan_slab_alloc+0xb1/0xe0
[  575.057624][T19600]  ? slab_post_alloc_hook+0x53/0x2c0
[  575.062745][T19600]  ? copy_mm+0xa3a/0x13e0
[  575.066915][T19600]  ? copy_process+0x1149/0x3290
[  575.071594][T19600]  ? kernel_clone+0x21e/0x9e0
[  575.076120][T19600]  ? __x64_sys_clone+0x23f/0x290
[  575.080884][T19600]  ? do_syscall_64+0x3d/0xb0
[  575.085313][T19600]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  575.091217][T19600]  ? pfn_valid+0x1e0/0x1e0
[  575.095458][T19600]  ? rwsem_write_trylock+0x15b/0x290
[  575.100578][T19600]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  575.106839][T19600]  copy_mm+0xc7e/0x13e0
[  575.110827][T19600]  ? copy_signal+0x610/0x610
[  575.115247][T19600]  ? __init_rwsem+0xd6/0x1c0
[  575.119674][T19600]  ? copy_signal+0x4e3/0x610
[  575.124101][T19600]  copy_process+0x1149/0x3290
[  575.128618][T19600]  ? proc_fail_nth_write+0x20b/0x290
[  575.133740][T19600]  ? fsnotify_perm+0x6a/0x5d0
[  575.138251][T19600]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  575.143196][T19600]  ? vfs_write+0x9ec/0x1110
[  575.147540][T19600]  kernel_clone+0x21e/0x9e0
[  575.151873][T19600]  ? file_end_write+0x1c0/0x1c0
[  575.156564][T19600]  ? create_io_thread+0x1e0/0x1e0
[  575.161423][T19600]  ? mutex_unlock+0xb2/0x260
[  575.165857][T19600]  ? __mutex_lock_slowpath+0x10/0x10
[  575.170969][T19600]  __x64_sys_clone+0x23f/0x290
[  575.175568][T19600]  ? __do_sys_vfork+0x130/0x130
[  575.180253][T19600]  ? ksys_write+0x260/0x2c0
[  575.184598][T19600]  ? debug_smp_processor_id+0x17/0x20
[  575.189804][T19600]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  575.195703][T19600]  ? exit_to_user_mode_prepare+0x39/0xa0
[  575.201174][T19600]  do_syscall_64+0x3d/0xb0
[  575.205425][T19600]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  575.211175][T19600] RIP: 0033:0x7f7b6d82fda9
[  575.215408][T19600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  575.234845][T19600] RSP: 002b:00007f7b6c590078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  575.243090][T19600] RAX: ffffffffffffffda RBX: 00007f7b6d95e050 RCX: 00007f7b6d82fda9
[  575.250906][T19600] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  575.258720][T19600] RBP: 00007f7b6c590120 R08: 0000000000000000 R09: 0000000000000000
[  575.266528][T19600] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  575.274339][T19600] R13: 000000000000006e R14: 00007f7b6d95e050 R15: 00007ffc8feb0768
[  575.282157][T19600]  </TASK>
06:59:10 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 39)

06:59:10 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x31065080, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x10)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180))
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x8, 0x3b, 0x7, 0x7d, 0x0, 0x4da, 0x0, 0xd, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffbff, 0x1, @perf_config_ext={0x800, 0x5e0f}, 0x140, 0x16, 0x8, 0x2, 0x7, 0x0, 0xff, 0x0, 0x8, 0x0, 0x3}, 0x0, 0x4, r0, 0x8)

06:59:10 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x402, 0x43451)

[  575.360953][T19602] FAULT_INJECTION: forcing a failure.
[  575.360953][T19602] name failslab, interval 1, probability 0, space 0, times 0
[  575.379453][T19602] CPU: 1 PID: 19602 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  575.391017][T19602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  575.400919][T19602] Call Trace:
[  575.404032][T19602]  <TASK>
[  575.406837][T19602]  dump_stack_lvl+0x151/0x1b7
[  575.411323][T19602]  ? io_uring_drop_tctx_refs+0x190/0x190
[  575.416787][T19602]  ? avc_denied+0x1b0/0x1b0
[  575.421133][T19602]  dump_stack+0x15/0x17
[  575.425120][T19602]  should_fail+0x3c6/0x510
[  575.429372][T19602]  __should_failslab+0xa4/0xe0
[  575.433973][T19602]  ? vm_area_dup+0x26/0x230
[  575.438309][T19602]  should_failslab+0x9/0x20
[  575.442653][T19602]  slab_pre_alloc_hook+0x37/0xd0
[  575.447423][T19602]  ? vm_area_dup+0x26/0x230
[  575.451767][T19602]  kmem_cache_alloc+0x44/0x200
[  575.456366][T19602]  vm_area_dup+0x26/0x230
[  575.460533][T19602]  copy_mm+0x9a1/0x13e0
[  575.464526][T19602]  ? copy_signal+0x610/0x610
[  575.468953][T19602]  ? __init_rwsem+0xd6/0x1c0
[  575.473375][T19602]  ? copy_signal+0x4e3/0x610
[  575.477822][T19602]  copy_process+0x1149/0x3290
[  575.482319][T19602]  ? timerqueue_add+0x250/0x270
[  575.487002][T19602]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  575.491967][T19602]  ? enqueue_hrtimer+0xca/0x240
[  575.496636][T19602]  ? __hrtimer_run_queues+0x46b/0xad0
[  575.501848][T19602]  kernel_clone+0x21e/0x9e0
[  575.506185][T19602]  ? create_io_thread+0x1e0/0x1e0
[  575.511045][T19602]  ? clockevents_program_event+0x22f/0x300
[  575.516686][T19602]  __x64_sys_clone+0x23f/0x290
[  575.521287][T19602]  ? __do_sys_vfork+0x130/0x130
[  575.525974][T19602]  ? debug_smp_processor_id+0x17/0x20
[  575.531181][T19602]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  575.537084][T19602]  ? exit_to_user_mode_prepare+0x39/0xa0
[  575.542550][T19602]  do_syscall_64+0x3d/0xb0
[  575.546800][T19602]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  575.552443][T19602]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  575.558169][T19602] RIP: 0033:0x7f7b6d82fda9
[  575.562442][T19602] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  575.581870][T19602] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  575.590119][T19602] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  575.598007][T19602] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:11 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
r3 = syz_clone(0x2501080, &(0x7f0000000300)="1b5886e27f1427917c885714e65ed95b8f3ad21f968fede137321118941adc1502d90f4ba307c71628b63b6eb4a22bfc3ff0a7093630e2950774c4e010217af5b9bd5d151de098f2fd05c9822c42ee2cc103b55571ae6e4b492d97012ee1b2bffd3d0c22c714d5c6af67056b267ce24e5ec33d24eb2ddf16c940007a44f131d2010b3dd457af219ebae1e43380df86e6898f596fe8d8259abf117fef3b69e35fabcc59ddee806ebcaf83895a", 0xac, &(0x7f00000001c0), &(0x7f00000003c0), &(0x7f0000000400)="069bef8864a4818dfb1ef6f6c9275ec0a0ea96e193e51246cebea87af6fc268ac6bf1f6a16dfa069ada1a9e283ac4eb41b5cb08e6f4290350970a101bca80eaa398c64ede79e1b877d1151092fd19626115901402a16713d167965e535a07aa8875d82f179c15c23d479f3007357e44502c89f3fcb298408f3afc3c1afca9a1838438bf18d65cb78bf99574dcb3593c4d0f774f280886c8d44db70428be7ee11d76ce4ec6dcf9cff76cd8345bae005baa2c59be953173ce7d862bc96ada6cdf9aa84bb20")
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x2, 0x8b, 0x1, 0x3, 0x0, 0x6, 0x200, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x0, 0x7ca}, 0x108388, 0x5, 0x7718ac0, 0x5, 0xfffffffffffffffd, 0x9, 0x20}, r3, 0xd, r1, 0x1)

06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x31065080, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x10)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180))
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x8, 0x3b, 0x7, 0x7d, 0x0, 0x4da, 0x0, 0xd, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffbff, 0x1, @perf_config_ext={0x800, 0x5e0f}, 0x140, 0x16, 0x8, 0x2, 0x7, 0x0, 0xff, 0x0, 0x8, 0x0, 0x3}, 0x0, 0x4, r0, 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x31065080, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x10) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180)) (async)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x8, 0x3b, 0x7, 0x7d, 0x0, 0x4da, 0x0, 0xd, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffbff, 0x1, @perf_config_ext={0x800, 0x5e0f}, 0x140, 0x16, 0x8, 0x2, 0x7, 0x0, 0xff, 0x0, 0x8, 0x0, 0x3}, 0x0, 0x4, r0, 0x8) (async)

06:59:11 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:11 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 40)

[  575.605907][T19602] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  575.613721][T19602] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  575.621615][T19602] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  575.629435][T19602]  </TASK>
06:59:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x406, 0x43451)

[  575.706794][T19616] FAULT_INJECTION: forcing a failure.
[  575.706794][T19616] name failslab, interval 1, probability 0, space 0, times 0
[  575.728772][T19616] CPU: 0 PID: 19616 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  575.740328][T19616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  575.750222][T19616] Call Trace:
[  575.753347][T19616]  <TASK>
[  575.756124][T19616]  dump_stack_lvl+0x151/0x1b7
[  575.760642][T19616]  ? io_uring_drop_tctx_refs+0x190/0x190
[  575.766107][T19616]  ? avc_denied+0x1b0/0x1b0
[  575.770447][T19616]  dump_stack+0x15/0x17
[  575.774437][T19616]  should_fail+0x3c6/0x510
[  575.778705][T19616]  __should_failslab+0xa4/0xe0
[  575.783292][T19616]  ? vm_area_dup+0x26/0x230
[  575.787631][T19616]  should_failslab+0x9/0x20
[  575.791988][T19616]  slab_pre_alloc_hook+0x37/0xd0
[  575.796746][T19616]  ? vm_area_dup+0x26/0x230
[  575.801081][T19616]  kmem_cache_alloc+0x44/0x200
[  575.805688][T19616]  vm_area_dup+0x26/0x230
[  575.809851][T19616]  copy_mm+0x9a1/0x13e0
[  575.813847][T19616]  ? copy_signal+0x610/0x610
[  575.818282][T19616]  ? __init_rwsem+0xd6/0x1c0
[  575.822694][T19616]  ? copy_signal+0x4e3/0x610
[  575.827121][T19616]  copy_process+0x1149/0x3290
[  575.831636][T19616]  ? timerqueue_add+0x250/0x270
[  575.836322][T19616]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  575.841269][T19616]  ? enqueue_hrtimer+0xca/0x240
[  575.845952][T19616]  ? __hrtimer_run_queues+0x46b/0xad0
[  575.851178][T19616]  kernel_clone+0x21e/0x9e0
[  575.855504][T19616]  ? irqentry_exit+0x30/0x40
[  575.859927][T19616]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  575.865572][T19616]  ? create_io_thread+0x1e0/0x1e0
[  575.870434][T19616]  __x64_sys_clone+0x23f/0x290
[  575.875040][T19616]  ? __do_sys_vfork+0x130/0x130
[  575.879720][T19616]  ? debug_smp_processor_id+0x17/0x20
[  575.884922][T19616]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  575.890824][T19616]  ? exit_to_user_mode_prepare+0x39/0xa0
[  575.896293][T19616]  do_syscall_64+0x3d/0xb0
[  575.900545][T19616]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  575.906190][T19616]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  575.911915][T19616] RIP: 0033:0x7f7b6d82fda9
[  575.916182][T19616] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  575.935609][T19616] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  575.943857][T19616] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x31065080, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x10) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180)) (async)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x8, 0x3b, 0x7, 0x7d, 0x0, 0x4da, 0x0, 0xd, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffbff, 0x1, @perf_config_ext={0x800, 0x5e0f}, 0x140, 0x16, 0x8, 0x2, 0x7, 0x0, 0xff, 0x0, 0x8, 0x0, 0x3}, 0x0, 0x4, r0, 0x8)

06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x3202d000, 0x0, 0x2a, 0x0, 0x0, 0x0)

06:59:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x451, 0x43451)

06:59:11 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 41)

[  575.951670][T19616] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  575.959477][T19616] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  575.967302][T19616] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  575.975123][T19616] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  575.982924][T19616]  </TASK>
06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x3202d000, 0x0, 0x2a, 0x0, 0x0, 0x0)

06:59:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x500, 0x43451)

[  576.065541][T19638] FAULT_INJECTION: forcing a failure.
[  576.065541][T19638] name failslab, interval 1, probability 0, space 0, times 0
[  576.078553][T19638] CPU: 1 PID: 19638 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  576.090101][T19638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  576.099991][T19638] Call Trace:
[  576.103112][T19638]  <TASK>
[  576.105891][T19638]  dump_stack_lvl+0x151/0x1b7
[  576.110402][T19638]  ? io_uring_drop_tctx_refs+0x190/0x190
[  576.115874][T19638]  dump_stack+0x15/0x17
[  576.119864][T19638]  should_fail+0x3c6/0x510
[  576.124114][T19638]  __should_failslab+0xa4/0xe0
[  576.128715][T19638]  ? vm_area_dup+0x26/0x230
[  576.133056][T19638]  should_failslab+0x9/0x20
[  576.137395][T19638]  slab_pre_alloc_hook+0x37/0xd0
[  576.142170][T19638]  ? vm_area_dup+0x26/0x230
[  576.146507][T19638]  kmem_cache_alloc+0x44/0x200
[  576.151112][T19638]  vm_area_dup+0x26/0x230
[  576.155276][T19638]  copy_mm+0x9a1/0x13e0
[  576.159271][T19638]  ? copy_signal+0x610/0x610
[  576.163699][T19638]  ? __init_rwsem+0xd6/0x1c0
[  576.168120][T19638]  ? copy_signal+0x4e3/0x610
[  576.172551][T19638]  copy_process+0x1149/0x3290
[  576.177061][T19638]  ? proc_fail_nth_write+0x20b/0x290
[  576.182182][T19638]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  576.187128][T19638]  ? vfs_write+0x9ec/0x1110
[  576.191464][T19638]  ? __hrtimer_run_queues+0x46b/0xad0
[  576.196677][T19638]  kernel_clone+0x21e/0x9e0
[  576.201015][T19638]  ? file_end_write+0x1c0/0x1c0
[  576.205701][T19638]  ? create_io_thread+0x1e0/0x1e0
[  576.210560][T19638]  ? mutex_unlock+0xb2/0x260
[  576.214988][T19638]  ? __mutex_lock_slowpath+0x10/0x10
[  576.220109][T19638]  __x64_sys_clone+0x23f/0x290
[  576.224707][T19638]  ? __do_sys_vfork+0x130/0x130
[  576.229397][T19638]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  576.235210][T19638]  do_syscall_64+0x3d/0xb0
[  576.239463][T19638]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  576.245103][T19638]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  576.250834][T19638] RIP: 0033:0x7f7b6d82fda9
[  576.255090][T19638] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  576.274526][T19638] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  576.282774][T19638] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  576.290585][T19638] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  576.298394][T19638] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  576.306204][T19638] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:11 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) (async)
r3 = syz_clone(0x2501080, &(0x7f0000000300)="1b5886e27f1427917c885714e65ed95b8f3ad21f968fede137321118941adc1502d90f4ba307c71628b63b6eb4a22bfc3ff0a7093630e2950774c4e010217af5b9bd5d151de098f2fd05c9822c42ee2cc103b55571ae6e4b492d97012ee1b2bffd3d0c22c714d5c6af67056b267ce24e5ec33d24eb2ddf16c940007a44f131d2010b3dd457af219ebae1e43380df86e6898f596fe8d8259abf117fef3b69e35fabcc59ddee806ebcaf83895a", 0xac, &(0x7f00000001c0), &(0x7f00000003c0), &(0x7f0000000400)="069bef8864a4818dfb1ef6f6c9275ec0a0ea96e193e51246cebea87af6fc268ac6bf1f6a16dfa069ada1a9e283ac4eb41b5cb08e6f4290350970a101bca80eaa398c64ede79e1b877d1151092fd19626115901402a16713d167965e535a07aa8875d82f179c15c23d479f3007357e44502c89f3fcb298408f3afc3c1afca9a1838438bf18d65cb78bf99574dcb3593c4d0f774f280886c8d44db70428be7ee11d76ce4ec6dcf9cff76cd8345bae005baa2c59be953173ce7d862bc96ada6cdf9aa84bb20")
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x2, 0x8b, 0x1, 0x3, 0x0, 0x6, 0x200, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x0, 0x7ca}, 0x108388, 0x5, 0x7718ac0, 0x5, 0xfffffffffffffffd, 0x9, 0x20}, r3, 0xd, r1, 0x1)

06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x3202d000, 0x0, 0x2a, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x3202d000, 0x0, 0x2a, 0x0, 0x0, 0x0) (async)

06:59:11 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
r3 = syz_clone(0x2501080, &(0x7f0000000300)="1b5886e27f1427917c885714e65ed95b8f3ad21f968fede137321118941adc1502d90f4ba307c71628b63b6eb4a22bfc3ff0a7093630e2950774c4e010217af5b9bd5d151de098f2fd05c9822c42ee2cc103b55571ae6e4b492d97012ee1b2bffd3d0c22c714d5c6af67056b267ce24e5ec33d24eb2ddf16c940007a44f131d2010b3dd457af219ebae1e43380df86e6898f596fe8d8259abf117fef3b69e35fabcc59ddee806ebcaf83895a", 0xac, &(0x7f00000001c0), &(0x7f00000003c0), &(0x7f0000000400)="069bef8864a4818dfb1ef6f6c9275ec0a0ea96e193e51246cebea87af6fc268ac6bf1f6a16dfa069ada1a9e283ac4eb41b5cb08e6f4290350970a101bca80eaa398c64ede79e1b877d1151092fd19626115901402a16713d167965e535a07aa8875d82f179c15c23d479f3007357e44502c89f3fcb298408f3afc3c1afca9a1838438bf18d65cb78bf99574dcb3593c4d0f774f280886c8d44db70428be7ee11d76ce4ec6dcf9cff76cd8345bae005baa2c59be953173ce7d862bc96ada6cdf9aa84bb20")
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x2, 0x8b, 0x1, 0x3, 0x0, 0x6, 0x200, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x0, 0x7ca}, 0x108388, 0x5, 0x7718ac0, 0x5, 0xfffffffffffffffd, 0x9, 0x20}, r3, 0xd, r1, 0x1) (async)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x2, 0x8b, 0x1, 0x3, 0x0, 0x6, 0x200, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x0, 0x7ca}, 0x108388, 0x5, 0x7718ac0, 0x5, 0xfffffffffffffffd, 0x9, 0x20}, r3, 0xd, r1, 0x1)

[  576.314018][T19638] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  576.321831][T19638]  </TASK>
06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
getpid()

06:59:11 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002040000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d000000954cacfc65e5f8463a827506412d2ec66697c23f87645fcc72b2cfc90a5773d4724eca01b79c203c1ab0a47ac596d1718cf74e3fd7d529086d99235ae93fa153e495996579a17a6d260b30d2e701b94642c82e45f984402263c127e2311bc76787f3f7c27133e28738465418cc861d110c3e770f9e934852da5f2c9183971743627021a19904fd64274df10c3528371b1f9bf0f643ff35bd60f53dbf938fb4efbef2c46bceede4c391f355db5aa03edf1632ff6e08e9a62ac91094cdaf41c0aa0eac5dcb6b888256b76c1fecbf75e157b7ddb66a784f61fccb39c1cc9af430e747ccb78efd79344351740c2c3b3095a957ab8d343af846e5"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001980)={r0, 0xe0, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001440), 0x0, 0x39, &(0x7f0000001480)=[{}], 0x8, 0x10, &(0x7f00000014c0), &(0x7f0000001500), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000001540)}}, 0x10)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000016c0), 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001740)={0x1b, 0x0, 0x0, 0x7fffffff, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000017c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r6, &(0x7f0000000000), 0x165243)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r6, 0x1)
r7 = openat$cgroup_ro(r6, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000040)=ANY=[], 0x32600)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2a, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r9, &(0x7f0000000240)='(<', 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r9, &(0x7f00000000c0)="854e"}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000018c0)=@bpf_ext={0x1c, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x867, 0x0, 0x0, 0x0, 0x9}, [@generic={0x55, 0x4, 0x5, 0x7, 0x340}, @tail_call, @generic={0x8, 0x1, 0x3, 0x4e, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x1000, &(0x7f0000000400)=""/4096, 0x41100, 0x42, '\x00', r1, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001700)={0x1, 0x8, 0x10041, 0xfe0}, 0x10, 0x2a4ef, r0, 0x0, &(0x7f0000001880)=[r3, 0xffffffffffffffff, r4, r5, r6, r8, r9, 0xffffffffffffffff], 0x0, 0x10, 0x4}, 0x90)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x1783d200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r10, 0x2401, 0x2)
openat$cgroup_ro(r7, &(0x7f0000001440)='cpuacct.usage_all\x00', 0x0, 0x0)

06:59:11 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 32)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async, rerun: 32)
getpid()

06:59:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x600, 0x43451)

06:59:11 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 42)

06:59:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x604, 0x43451)

[  576.472996][T19673] FAULT_INJECTION: forcing a failure.
[  576.472996][T19673] name failslab, interval 1, probability 0, space 0, times 0
[  576.495769][T19673] CPU: 0 PID: 19673 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  576.507329][T19673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  576.517230][T19673] Call Trace:
[  576.520347][T19673]  <TASK>
[  576.523132][T19673]  dump_stack_lvl+0x151/0x1b7
[  576.527643][T19673]  ? io_uring_drop_tctx_refs+0x190/0x190
[  576.533132][T19673]  dump_stack+0x15/0x17
[  576.537107][T19673]  should_fail+0x3c6/0x510
[  576.541352][T19673]  __should_failslab+0xa4/0xe0
[  576.545956][T19673]  ? vm_area_dup+0x26/0x230
[  576.550291][T19673]  should_failslab+0x9/0x20
[  576.554669][T19673]  slab_pre_alloc_hook+0x37/0xd0
[  576.559405][T19673]  ? vm_area_dup+0x26/0x230
[  576.563745][T19673]  kmem_cache_alloc+0x44/0x200
[  576.568344][T19673]  vm_area_dup+0x26/0x230
06:59:11 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002040000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d000000954cacfc65e5f8463a827506412d2ec66697c23f87645fcc72b2cfc90a5773d4724eca01b79c203c1ab0a47ac596d1718cf74e3fd7d529086d99235ae93fa153e495996579a17a6d260b30d2e701b94642c82e45f984402263c127e2311bc76787f3f7c27133e28738465418cc861d110c3e770f9e934852da5f2c9183971743627021a19904fd64274df10c3528371b1f9bf0f643ff35bd60f53dbf938fb4efbef2c46bceede4c391f355db5aa03edf1632ff6e08e9a62ac91094cdaf41c0aa0eac5dcb6b888256b76c1fecbf75e157b7ddb66a784f61fccb39c1cc9af430e747ccb78efd79344351740c2c3b3095a957ab8d343af846e5"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001980)={r0, 0xe0, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001440), 0x0, 0x39, &(0x7f0000001480)=[{}], 0x8, 0x10, &(0x7f00000014c0), &(0x7f0000001500), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000001540)}}, 0x10) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000016c0), 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001740)={0x1b, 0x0, 0x0, 0x7fffffff, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000017c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r6, &(0x7f0000000000), 0x165243) (async)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r6, 0x1) (async)
r7 = openat$cgroup_ro(r6, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000040)=ANY=[], 0x32600) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2a, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r9, &(0x7f0000000240)='(<', 0x20000000}, 0x20) (async, rerun: 32)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r9, &(0x7f00000000c0)="854e"}, 0x20) (async, rerun: 32)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000018c0)=@bpf_ext={0x1c, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x867, 0x0, 0x0, 0x0, 0x9}, [@generic={0x55, 0x4, 0x5, 0x7, 0x340}, @tail_call, @generic={0x8, 0x1, 0x3, 0x4e, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x1000, &(0x7f0000000400)=""/4096, 0x41100, 0x42, '\x00', r1, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001700)={0x1, 0x8, 0x10041, 0xfe0}, 0x10, 0x2a4ef, r0, 0x0, &(0x7f0000001880)=[r3, 0xffffffffffffffff, r4, r5, r6, r8, r9, 0xffffffffffffffff], 0x0, 0x10, 0x4}, 0x90)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x1783d200, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_DISABLE(r10, 0x2401, 0x2) (async)
openat$cgroup_ro(r7, &(0x7f0000001440)='cpuacct.usage_all\x00', 0x0, 0x0)

06:59:12 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002040000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d000000954cacfc65e5f8463a827506412d2ec66697c23f87645fcc72b2cfc90a5773d4724eca01b79c203c1ab0a47ac596d1718cf74e3fd7d529086d99235ae93fa153e495996579a17a6d260b30d2e701b94642c82e45f984402263c127e2311bc76787f3f7c27133e28738465418cc861d110c3e770f9e934852da5f2c9183971743627021a19904fd64274df10c3528371b1f9bf0f643ff35bd60f53dbf938fb4efbef2c46bceede4c391f355db5aa03edf1632ff6e08e9a62ac91094cdaf41c0aa0eac5dcb6b888256b76c1fecbf75e157b7ddb66a784f61fccb39c1cc9af430e747ccb78efd79344351740c2c3b3095a957ab8d343af846e5"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001980)={r0, 0xe0, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001440), 0x0, 0x39, &(0x7f0000001480)=[{}], 0x8, 0x10, &(0x7f00000014c0), &(0x7f0000001500), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000001540)}}, 0x10) (async, rerun: 64)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000016c0), 0x4) (async, rerun: 64)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001740)={0x1b, 0x0, 0x0, 0x7fffffff, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3}, 0x48) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000017c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4) (async, rerun: 64)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r6, &(0x7f0000000000), 0x165243) (async, rerun: 32)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r6, 0x1) (async, rerun: 32)
r7 = openat$cgroup_ro(r6, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000040)=ANY=[], 0x32600) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2a, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r9, &(0x7f0000000240)='(<', 0x20000000}, 0x20) (async, rerun: 32)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r9, &(0x7f00000000c0)="854e"}, 0x20) (rerun: 32)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000018c0)=@bpf_ext={0x1c, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x867, 0x0, 0x0, 0x0, 0x9}, [@generic={0x55, 0x4, 0x5, 0x7, 0x340}, @tail_call, @generic={0x8, 0x1, 0x3, 0x4e, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x1000, &(0x7f0000000400)=""/4096, 0x41100, 0x42, '\x00', r1, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001700)={0x1, 0x8, 0x10041, 0xfe0}, 0x10, 0x2a4ef, r0, 0x0, &(0x7f0000001880)=[r3, 0xffffffffffffffff, r4, r5, r6, r8, r9, 0xffffffffffffffff], 0x0, 0x10, 0x4}, 0x90) (async)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x1783d200, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_DISABLE(r10, 0x2401, 0x2) (rerun: 64)
openat$cgroup_ro(r7, &(0x7f0000001440)='cpuacct.usage_all\x00', 0x0, 0x0)

[  576.572512][T19673]  copy_mm+0x9a1/0x13e0
[  576.576509][T19673]  ? copy_signal+0x610/0x610
[  576.580929][T19673]  ? __init_rwsem+0xd6/0x1c0
[  576.585356][T19673]  ? copy_signal+0x4e3/0x610
[  576.589789][T19673]  copy_process+0x1149/0x3290
[  576.594300][T19673]  ? timerqueue_add+0x250/0x270
[  576.598986][T19673]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  576.603933][T19673]  ? enqueue_hrtimer+0xca/0x240
[  576.608616][T19673]  ? __hrtimer_run_queues+0x46b/0xad0
[  576.613825][T19673]  kernel_clone+0x21e/0x9e0
[  576.618165][T19673]  ? create_io_thread+0x1e0/0x1e0
[  576.623033][T19673]  ? clockevents_program_event+0x22f/0x300
[  576.628668][T19673]  __x64_sys_clone+0x23f/0x290
[  576.633264][T19673]  ? __do_sys_vfork+0x130/0x130
[  576.637958][T19673]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  576.643769][T19673]  do_syscall_64+0x3d/0xb0
[  576.648030][T19673]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  576.653662][T19673]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  576.659392][T19673] RIP: 0033:0x7f7b6d82fda9
[  576.663645][T19673] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  576.683087][T19673] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  576.691328][T19673] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  576.699142][T19673] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  576.706952][T19673] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  576.714762][T19673] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x700, 0x43451)

[  576.722570][T19673] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  576.730389][T19673]  </TASK>
06:59:12 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 43)

[  576.816041][T19702] FAULT_INJECTION: forcing a failure.
[  576.816041][T19702] name failslab, interval 1, probability 0, space 0, times 0
[  576.828934][T19702] CPU: 0 PID: 19702 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  576.840482][T19702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  576.850375][T19702] Call Trace:
[  576.853507][T19702]  <TASK>
[  576.856276][T19702]  dump_stack_lvl+0x151/0x1b7
[  576.860791][T19702]  ? io_uring_drop_tctx_refs+0x190/0x190
[  576.866261][T19702]  dump_stack+0x15/0x17
[  576.870258][T19702]  should_fail+0x3c6/0x510
[  576.874632][T19702]  __should_failslab+0xa4/0xe0
[  576.879220][T19702]  ? anon_vma_clone+0x9a/0x500
[  576.883817][T19702]  should_failslab+0x9/0x20
[  576.888159][T19702]  slab_pre_alloc_hook+0x37/0xd0
[  576.892948][T19702]  ? anon_vma_clone+0x9a/0x500
[  576.897542][T19702]  kmem_cache_alloc+0x44/0x200
[  576.902262][T19702]  anon_vma_clone+0x9a/0x500
[  576.906645][T19702]  anon_vma_fork+0x91/0x4e0
[  576.910984][T19702]  ? anon_vma_name+0x4c/0x70
[  576.915409][T19702]  ? vm_area_dup+0x17a/0x230
[  576.919838][T19702]  copy_mm+0xa3a/0x13e0
[  576.923837][T19702]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  576.929820][T19702]  ? copy_signal+0x610/0x610
[  576.934242][T19702]  ? __init_rwsem+0xd6/0x1c0
[  576.938671][T19702]  ? copy_signal+0x4e3/0x610
[  576.943107][T19702]  copy_process+0x1149/0x3290
[  576.947616][T19702]  ? timerqueue_add+0x250/0x270
[  576.952383][T19702]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  576.957422][T19702]  ? enqueue_hrtimer+0xca/0x240
[  576.962102][T19702]  ? __hrtimer_run_queues+0x46b/0xad0
[  576.967314][T19702]  kernel_clone+0x21e/0x9e0
[  576.971651][T19702]  ? create_io_thread+0x1e0/0x1e0
[  576.976511][T19702]  ? clockevents_program_event+0x22f/0x300
[  576.982264][T19702]  __x64_sys_clone+0x23f/0x290
[  576.986940][T19702]  ? __do_sys_vfork+0x130/0x130
[  576.991917][T19702]  do_syscall_64+0x3d/0xb0
[  576.996144][T19702]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  577.001783][T19702]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  577.007519][T19702] RIP: 0033:0x7f7b6d82fda9
[  577.011765][T19702] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  577.031208][T19702] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  577.039452][T19702] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  577.047266][T19702] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  577.055079][T19702] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:12 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x900, 0x43451)

[  577.062971][T19702] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  577.070779][T19702] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  577.078601][T19702]  </TASK>
06:59:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xa00, 0x43451)

06:59:12 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
getpid()
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
getpid() (async)

06:59:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xb00, 0x43451)

06:59:12 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 44)

06:59:12 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500fdffffff00000000004b64ffec850000007d00000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xffffffffffffffd9, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x8, 0x2, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0], <r3=>0x0, 0x8, &(0x7f00000004c0), 0x18, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1c, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="f7ff000072cf000000000000340800007fb0fcff0000000095000000000000006bd9a99a211eebacec134f2b5ba4b49400615909eb3afc099fe9b6db6a661ee8a873b7d9403366268416513df2a018bd290d3563198e6a8748575a27c7a54ad23b16e11730bca02d695564bcd4c932edc1"], 0x0, 0xa9, 0x0, 0x0, 0x0, 0x10, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x1, 0x11, 0x50}, 0x10, r3, r4, 0x0, &(0x7f0000000980)=[0x1, r5]}, 0x90)
sendmsg$unix(r4, &(0x7f00000004c0)={&(0x7f0000000400)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000640)="26c373c105270f0b55a596aaee1baa973a9f5a6bdfc8701b688310c43b1166d909a8d9e663a7a040ce2e211169ebc20aea56435c4c9a5574953364dd0e304feee1511d9ea1db67f4ffe0cf0eb8b69ab31639e4f18374dbae0a3f3e117c3e0cf5821b304ec4784ce5af8c91cb442b17b7b2244ff0b26f2d93ecf260554d1dbf5b73ed14477bd359c8bfdfb882a6d75bc88a2773fd1beffed6dc8608cc1d168fc2930dcf3310ecc17b468f432d90fafb61d317dd6990631080fd2d0d2ed69f96168ec8cd5292a05a3f56b28b260d5f", 0xce}, {&(0x7f0000000a80)="17f97b95a0bbaa3aa2bd22daa9699116ccb830b10ff783ec269835e5eb26f31dc6396ce8e4632af90cec86fd037f231c2d37db344d4532b9f1b0c19938eb2663cdcb7333856cb85b59b9e999b2cc28bc8a7d6c90b7b3d3a78441a98a031e068777d64ac7561a629e9e136bceda7704ca534dbf690a2f83969878", 0x7a}, {&(0x7f0000000b00)="77e5f9951407bfb09f7c1398675f183a701a8bc4e64633496af031dd9c88dc3828f17ab20bbf5d78e8b05331c833349b363ad4a7790f83ce86e6c18fdcb6004b5b5c4a40463ff767f3c80336333b6b7c08de11a90ea62bd2009dd5a534a7d53c6e0172d70cee0a451332bc1c78e5c0a6260a5c49422800c744c8c423aa7a66043d045b5bdca5738ae45e7374686007dc480fc40aec004d8e1cffd5fd8699d595222afea3dab9a0", 0xa7}], 0x3, 0x0, 0x0, 0x20000001}, 0x20048000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x101, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0x4, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x9}, @alu={0x7, 0x0, 0x9, 0x5, 0x9, 0x80, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000000040)='GPL\x00', 0x5, 0xad, &(0x7f0000000080)=""/173, 0x41000, 0x50, '\x00', r2, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x3, 0x0, 0xc8d}, 0x10, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000200)=[r0, r0, r0], &(0x7f0000000240), 0x10, 0x4}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xc00, 0x43451)

[  577.388504][T19738] FAULT_INJECTION: forcing a failure.
[  577.388504][T19738] name failslab, interval 1, probability 0, space 0, times 0
[  577.404153][T19738] CPU: 1 PID: 19738 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  577.415704][T19738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  577.425596][T19738] Call Trace:
[  577.428723][T19738]  <TASK>
[  577.431494][T19738]  dump_stack_lvl+0x151/0x1b7
[  577.436006][T19738]  ? io_uring_drop_tctx_refs+0x190/0x190
[  577.441480][T19738]  dump_stack+0x15/0x17
[  577.445467][T19738]  should_fail+0x3c6/0x510
[  577.449730][T19738]  __should_failslab+0xa4/0xe0
[  577.454319][T19738]  ? anon_vma_fork+0x1df/0x4e0
[  577.458934][T19738]  should_failslab+0x9/0x20
[  577.463258][T19738]  slab_pre_alloc_hook+0x37/0xd0
[  577.468032][T19738]  ? anon_vma_fork+0x1df/0x4e0
[  577.472634][T19738]  kmem_cache_alloc+0x44/0x200
[  577.477233][T19738]  anon_vma_fork+0x1df/0x4e0
[  577.481662][T19738]  copy_mm+0xa3a/0x13e0
[  577.485654][T19738]  ? copy_signal+0x610/0x610
[  577.490080][T19738]  ? __init_rwsem+0xd6/0x1c0
[  577.494514][T19738]  ? copy_signal+0x4e3/0x610
[  577.498931][T19738]  copy_process+0x1149/0x3290
[  577.503457][T19738]  ? irqentry_exit+0x30/0x40
[  577.507872][T19738]  ? proc_fail_nth_read+0x210/0x210
[  577.512905][T19738]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  577.517853][T19738]  ? vfs_write+0x9ec/0x1110
[  577.522204][T19738]  ? __hrtimer_run_queues+0x46b/0xad0
[  577.527406][T19738]  kernel_clone+0x21e/0x9e0
[  577.531741][T19738]  ? file_end_write+0x1c0/0x1c0
[  577.536432][T19738]  ? create_io_thread+0x1e0/0x1e0
[  577.541289][T19738]  ? mutex_unlock+0xb2/0x260
[  577.545713][T19738]  ? __mutex_lock_slowpath+0x10/0x10
[  577.550833][T19738]  __x64_sys_clone+0x23f/0x290
[  577.555434][T19738]  ? __do_sys_vfork+0x130/0x130
[  577.560123][T19738]  do_syscall_64+0x3d/0xb0
[  577.564460][T19738]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  577.570101][T19738]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  577.575831][T19738] RIP: 0033:0x7f7b6d82fda9
[  577.580084][T19738] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  577.599527][T19738] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  577.607774][T19738] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  577.615619][T19738] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  577.623410][T19738] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  577.631206][T19738] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:13 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
gettid()

06:59:13 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 32)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500fdffffff00000000004b64ffec850000007d00000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xffffffffffffffd9, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x8, 0x2, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0], <r3=>0x0, 0x8, &(0x7f00000004c0), 0x18, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1c, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="f7ff000072cf000000000000340800007fb0fcff0000000095000000000000006bd9a99a211eebacec134f2b5ba4b49400615909eb3afc099fe9b6db6a661ee8a873b7d9403366268416513df2a018bd290d3563198e6a8748575a27c7a54ad23b16e11730bca02d695564bcd4c932edc1"], 0x0, 0xa9, 0x0, 0x0, 0x0, 0x10, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x1, 0x11, 0x50}, 0x10, r3, r4, 0x0, &(0x7f0000000980)=[0x1, r5]}, 0x90) (async)
sendmsg$unix(r4, &(0x7f00000004c0)={&(0x7f0000000400)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000640)="26c373c105270f0b55a596aaee1baa973a9f5a6bdfc8701b688310c43b1166d909a8d9e663a7a040ce2e211169ebc20aea56435c4c9a5574953364dd0e304feee1511d9ea1db67f4ffe0cf0eb8b69ab31639e4f18374dbae0a3f3e117c3e0cf5821b304ec4784ce5af8c91cb442b17b7b2244ff0b26f2d93ecf260554d1dbf5b73ed14477bd359c8bfdfb882a6d75bc88a2773fd1beffed6dc8608cc1d168fc2930dcf3310ecc17b468f432d90fafb61d317dd6990631080fd2d0d2ed69f96168ec8cd5292a05a3f56b28b260d5f", 0xce}, {&(0x7f0000000a80)="17f97b95a0bbaa3aa2bd22daa9699116ccb830b10ff783ec269835e5eb26f31dc6396ce8e4632af90cec86fd037f231c2d37db344d4532b9f1b0c19938eb2663cdcb7333856cb85b59b9e999b2cc28bc8a7d6c90b7b3d3a78441a98a031e068777d64ac7561a629e9e136bceda7704ca534dbf690a2f83969878", 0x7a}, {&(0x7f0000000b00)="77e5f9951407bfb09f7c1398675f183a701a8bc4e64633496af031dd9c88dc3828f17ab20bbf5d78e8b05331c833349b363ad4a7790f83ce86e6c18fdcb6004b5b5c4a40463ff767f3c80336333b6b7c08de11a90ea62bd2009dd5a534a7d53c6e0172d70cee0a451332bc1c78e5c0a6260a5c49422800c744c8c423aa7a66043d045b5bdca5738ae45e7374686007dc480fc40aec004d8e1cffd5fd8699d595222afea3dab9a0", 0xa7}], 0x3, 0x0, 0x0, 0x20000001}, 0x20048000) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x101, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0x4, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x9}, @alu={0x7, 0x0, 0x9, 0x5, 0x9, 0x80, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000000040)='GPL\x00', 0x5, 0xad, &(0x7f0000000080)=""/173, 0x41000, 0x50, '\x00', r2, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x3, 0x0, 0xc8d}, 0x10, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000200)=[r0, r0, r0], &(0x7f0000000240), 0x10, 0x4}, 0x90) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 64)

06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xd00, 0x43451)

[  577.639016][T19738] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  577.646845][T19738]  </TASK>
06:59:13 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 45)

06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xe00, 0x43451)

[  577.740873][T19751] FAULT_INJECTION: forcing a failure.
[  577.740873][T19751] name failslab, interval 1, probability 0, space 0, times 0
[  577.775173][T19751] CPU: 0 PID: 19751 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  577.787167][T19751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  577.797067][T19751] Call Trace:
[  577.800188][T19751]  <TASK>
[  577.802958][T19751]  dump_stack_lvl+0x151/0x1b7
[  577.807473][T19751]  ? io_uring_drop_tctx_refs+0x190/0x190
[  577.812942][T19751]  dump_stack+0x15/0x17
[  577.816936][T19751]  should_fail+0x3c6/0x510
[  577.821188][T19751]  __should_failslab+0xa4/0xe0
[  577.825790][T19751]  ? anon_vma_clone+0x9a/0x500
[  577.830389][T19751]  should_failslab+0x9/0x20
[  577.835077][T19751]  slab_pre_alloc_hook+0x37/0xd0
[  577.839848][T19751]  ? anon_vma_clone+0x9a/0x500
[  577.844448][T19751]  kmem_cache_alloc+0x44/0x200
[  577.849066][T19751]  anon_vma_clone+0x9a/0x500
[  577.853474][T19751]  anon_vma_fork+0x91/0x4e0
[  577.857812][T19751]  ? anon_vma_name+0x4c/0x70
[  577.862239][T19751]  ? vm_area_dup+0x17a/0x230
[  577.866675][T19751]  copy_mm+0xa3a/0x13e0
[  577.870661][T19751]  ? copy_signal+0x610/0x610
[  577.875107][T19751]  ? __init_rwsem+0xd6/0x1c0
[  577.879514][T19751]  ? copy_signal+0x4e3/0x610
[  577.883951][T19751]  copy_process+0x1149/0x3290
[  577.888451][T19751]  ? timerqueue_add+0x250/0x270
[  577.893138][T19751]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  577.898101][T19751]  ? enqueue_hrtimer+0xca/0x240
[  577.902772][T19751]  ? __hrtimer_run_queues+0x46b/0xad0
[  577.908004][T19751]  kernel_clone+0x21e/0x9e0
[  577.912323][T19751]  ? create_io_thread+0x1e0/0x1e0
[  577.917187][T19751]  ? clockevents_program_event+0x22f/0x300
[  577.922825][T19751]  __x64_sys_clone+0x23f/0x290
[  577.927510][T19751]  ? __do_sys_vfork+0x130/0x130
[  577.932200][T19751]  do_syscall_64+0x3d/0xb0
[  577.936447][T19751]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  577.942090][T19751]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  577.947817][T19751] RIP: 0033:0x7f7b6d82fda9
[  577.952072][T19751] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  577.971514][T19751] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  577.979759][T19751] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:13 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  577.987566][T19751] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  577.995464][T19751] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  578.003287][T19751] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  578.011097][T19751] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  578.019082][T19751]  </TASK>
06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xf00, 0x43451)

06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1100, 0x43451)

06:59:13 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 46)

06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1200, 0x43451)

06:59:13 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
gettid()

[  578.204036][T19779] FAULT_INJECTION: forcing a failure.
[  578.204036][T19779] name failslab, interval 1, probability 0, space 0, times 0
[  578.229600][T19779] CPU: 1 PID: 19779 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  578.241164][T19779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  578.251054][T19779] Call Trace:
[  578.254179][T19779]  <TASK>
[  578.256959][T19779]  dump_stack_lvl+0x151/0x1b7
[  578.261469][T19779]  ? io_uring_drop_tctx_refs+0x190/0x190
[  578.266938][T19779]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  578.272931][T19779]  dump_stack+0x15/0x17
[  578.276923][T19779]  should_fail+0x3c6/0x510
[  578.281173][T19779]  __should_failslab+0xa4/0xe0
[  578.285770][T19779]  ? anon_vma_fork+0xf7/0x4e0
[  578.290287][T19779]  should_failslab+0x9/0x20
[  578.294623][T19779]  slab_pre_alloc_hook+0x37/0xd0
[  578.299405][T19779]  ? anon_vma_fork+0xf7/0x4e0
[  578.303912][T19779]  kmem_cache_alloc+0x44/0x200
[  578.308514][T19779]  anon_vma_fork+0xf7/0x4e0
[  578.312855][T19779]  ? anon_vma_name+0x4c/0x70
[  578.317277][T19779]  ? vm_area_dup+0x17a/0x230
[  578.321709][T19779]  copy_mm+0xa3a/0x13e0
[  578.325705][T19779]  ? copy_signal+0x610/0x610
[  578.330132][T19779]  ? __init_rwsem+0xd6/0x1c0
[  578.334558][T19779]  ? copy_signal+0x4e3/0x610
[  578.338988][T19779]  copy_process+0x1149/0x3290
[  578.343497][T19779]  ? timerqueue_add+0x250/0x270
[  578.348184][T19779]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  578.353130][T19779]  ? enqueue_hrtimer+0xca/0x240
[  578.357814][T19779]  ? __hrtimer_run_queues+0x46b/0xad0
[  578.363023][T19779]  kernel_clone+0x21e/0x9e0
[  578.367367][T19779]  ? create_io_thread+0x1e0/0x1e0
[  578.372310][T19779]  ? clockevents_program_event+0x22f/0x300
[  578.378040][T19779]  __x64_sys_clone+0x23f/0x290
[  578.382640][T19779]  ? __do_sys_vfork+0x130/0x130
[  578.387335][T19779]  do_syscall_64+0x3d/0xb0
[  578.391578][T19779]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  578.397221][T19779]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  578.402957][T19779] RIP: 0033:0x7f7b6d82fda9
[  578.407198][T19779] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  578.426640][T19779] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  578.434883][T19779] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  578.442695][T19779] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1300, 0x43451)

06:59:13 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
gettid() (async)
gettid()

[  578.450505][T19779] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  578.458316][T19779] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  578.466135][T19779] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  578.473962][T19779]  </TASK>
06:59:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1400, 0x43451)

06:59:14 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deaf44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500fdffffff00000000004b64ffec850000007d00000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xffffffffffffffd9, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x8, 0x2, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0], <r3=>0x0, 0x8, &(0x7f00000004c0), 0x18, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1c, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="f7ff000072cf000000000000340800007fb0fcff0000000095000000000000006bd9a99a211eebacec134f2b5ba4b49400615909eb3afc099fe9b6db6a661ee8a873b7d9403366268416513df2a018bd290d3563198e6a8748575a27c7a54ad23b16e11730bca02d695564bcd4c932edc1"], 0x0, 0xa9, 0x0, 0x0, 0x0, 0x10, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x1, 0x11, 0x50}, 0x10, r3, r4, 0x0, &(0x7f0000000980)=[0x1, r5]}, 0x90)
sendmsg$unix(r4, &(0x7f00000004c0)={&(0x7f0000000400)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000640)="26c373c105270f0b55a596aaee1baa973a9f5a6bdfc8701b688310c43b1166d909a8d9e663a7a040ce2e211169ebc20aea56435c4c9a5574953364dd0e304feee1511d9ea1db67f4ffe0cf0eb8b69ab31639e4f18374dbae0a3f3e117c3e0cf5821b304ec4784ce5af8c91cb442b17b7b2244ff0b26f2d93ecf260554d1dbf5b73ed14477bd359c8bfdfb882a6d75bc88a2773fd1beffed6dc8608cc1d168fc2930dcf3310ecc17b468f432d90fafb61d317dd6990631080fd2d0d2ed69f96168ec8cd5292a05a3f56b28b260d5f", 0xce}, {&(0x7f0000000a80)="17f97b95a0bbaa3aa2bd22daa9699116ccb830b10ff783ec269835e5eb26f31dc6396ce8e4632af90cec86fd037f231c2d37db344d4532b9f1b0c19938eb2663cdcb7333856cb85b59b9e999b2cc28bc8a7d6c90b7b3d3a78441a98a031e068777d64ac7561a629e9e136bceda7704ca534dbf690a2f83969878", 0x7a}, {&(0x7f0000000b00)="77e5f9951407bfb09f7c1398675f183a701a8bc4e64633496af031dd9c88dc3828f17ab20bbf5d78e8b05331c833349b363ad4a7790f83ce86e6c18fdcb6004b5b5c4a40463ff767f3c80336333b6b7c08de11a90ea62bd2009dd5a534a7d53c6e0172d70cee0a451332bc1c78e5c0a6260a5c49422800c744c8c423aa7a66043d045b5bdca5738ae45e7374686007dc480fc40aec004d8e1cffd5fd8699d595222afea3dab9a0", 0xa7}], 0x3, 0x0, 0x0, 0x20000001}, 0x20048000) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x101, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0x4, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x9}, @alu={0x7, 0x0, 0x9, 0x5, 0x9, 0x80, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000000040)='GPL\x00', 0x5, 0xad, &(0x7f0000000080)=""/173, 0x41000, 0x50, '\x00', r2, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x3, 0x0, 0xc8d}, 0x10, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000200)=[r0, r0, r0], &(0x7f0000000240), 0x10, 0x4}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:14 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 47)

06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1500, 0x43451)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x2}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x0, 0x9e, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x34, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x1, <r5=>0x0}, 0x8)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xf, &(0x7f0000000200)=@raw=[@generic={0x3, 0xd, 0xb, 0x8, 0x9}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xf}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_fd={0x18, 0xb, 0x1, 0x0, r3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @generic={0x80, 0x3, 0x1, 0x2d4, 0x9}], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x37, &(0x7f00000002c0)=""/55, 0x41000, 0x30, '\x00', r4, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x3, 0x8, 0x6}, 0x10, r5, r6, 0x5, &(0x7f0000000740)=[r0], &(0x7f0000000780)=[{0x1, 0x5, 0x7}, {0x0, 0x5, 0x7, 0x9}, {0x4, 0x5, 0x8, 0x3}, {0x5, 0x1, 0xc, 0xb}, {0x2, 0x2, 0x7}], 0x10, 0x8}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:14 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deaf44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deaf44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1600, 0x43451)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x2}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x0, 0x9e, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x34, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x1, <r5=>0x0}, 0x8)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xf, &(0x7f0000000200)=@raw=[@generic={0x3, 0xd, 0xb, 0x8, 0x9}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xf}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_fd={0x18, 0xb, 0x1, 0x0, r3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @generic={0x80, 0x3, 0x1, 0x2d4, 0x9}], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x37, &(0x7f00000002c0)=""/55, 0x41000, 0x30, '\x00', r4, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x3, 0x8, 0x6}, 0x10, r5, r6, 0x5, &(0x7f0000000740)=[r0], &(0x7f0000000780)=[{0x1, 0x5, 0x7}, {0x0, 0x5, 0x7, 0x9}, {0x4, 0x5, 0x8, 0x3}, {0x5, 0x1, 0xc, 0xb}, {0x2, 0x2, 0x7}], 0x10, 0x8}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:14 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deaf44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  578.655992][T19824] FAULT_INJECTION: forcing a failure.
[  578.655992][T19824] name failslab, interval 1, probability 0, space 0, times 0
[  578.698642][T19824] CPU: 1 PID: 19824 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  578.710205][T19824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  578.720093][T19824] Call Trace:
[  578.723217][T19824]  <TASK>
[  578.725993][T19824]  dump_stack_lvl+0x151/0x1b7
[  578.730508][T19824]  ? io_uring_drop_tctx_refs+0x190/0x190
[  578.735976][T19824]  dump_stack+0x15/0x17
[  578.739969][T19824]  should_fail+0x3c6/0x510
[  578.744229][T19824]  __should_failslab+0xa4/0xe0
[  578.748877][T19824]  ? anon_vma_fork+0x1df/0x4e0
[  578.753420][T19824]  should_failslab+0x9/0x20
[  578.757757][T19824]  slab_pre_alloc_hook+0x37/0xd0
[  578.762545][T19824]  ? anon_vma_fork+0x1df/0x4e0
[  578.767133][T19824]  kmem_cache_alloc+0x44/0x200
[  578.771884][T19824]  anon_vma_fork+0x1df/0x4e0
[  578.776246][T19824]  copy_mm+0xa3a/0x13e0
[  578.780237][T19824]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  578.786235][T19824]  ? copy_signal+0x610/0x610
[  578.790660][T19824]  ? __init_rwsem+0xd6/0x1c0
[  578.795080][T19824]  ? copy_signal+0x4e3/0x610
[  578.799513][T19824]  copy_process+0x1149/0x3290
[  578.804023][T19824]  ? irqentry_exit+0x30/0x40
[  578.808448][T19824]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  578.813397][T19824]  ? kernel_clone+0x165/0x9e0
[  578.817995][T19824]  kernel_clone+0x21e/0x9e0
[  578.822333][T19824]  ? create_io_thread+0x1e0/0x1e0
[  578.827192][T19824]  ? clockevents_program_event+0x22f/0x300
[  578.832840][T19824]  __x64_sys_clone+0x23f/0x290
[  578.837443][T19824]  ? __do_sys_vfork+0x130/0x130
[  578.842127][T19824]  do_syscall_64+0x3d/0xb0
[  578.846376][T19824]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  578.852020][T19824]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  578.857752][T19824] RIP: 0033:0x7f7b6d82fda9
[  578.862004][T19824] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  578.881446][T19824] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  578.889692][T19824] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1700, 0x43451)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x2}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x0, 0x9e, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x34, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x1, <r5=>0x0}, 0x8) (async)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xf, &(0x7f0000000200)=@raw=[@generic={0x3, 0xd, 0xb, 0x8, 0x9}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xf}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_fd={0x18, 0xb, 0x1, 0x0, r3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @generic={0x80, 0x3, 0x1, 0x2d4, 0x9}], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x37, &(0x7f00000002c0)=""/55, 0x41000, 0x30, '\x00', r4, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x3, 0x8, 0x6}, 0x10, r5, r6, 0x5, &(0x7f0000000740)=[r0], &(0x7f0000000780)=[{0x1, 0x5, 0x7}, {0x0, 0x5, 0x7, 0x9}, {0x4, 0x5, 0x8, 0x3}, {0x5, 0x1, 0xc, 0xb}, {0x2, 0x2, 0x7}], 0x10, 0x8}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:14 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000580), 0x7, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r0, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0xb, [@const={0x10, 0x0, 0x0, 0xa, 0x1}, @enum={0xa, 0x3, 0x0, 0x6, 0x4, [{0x0, 0xe068}, {0x6, 0x7f}, {0x0, 0x16}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0xfffffff7, [{0x7, 0x3, 0x2}]}, @volatile={0x6}, @struct={0xa, 0x2, 0x0, 0x4, 0x1, 0x8, [{0x8, 0x1, 0x4}, {0x7, 0x4, 0xfffa}]}]}, {0x0, [0x5f, 0x5f, 0x61, 0x2e, 0x61, 0x5f, 0x5f, 0x2e, 0x5f]}}, &(0x7f0000000400)=""/201, 0x9b, 0xc9, 0x0, 0x3}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x40, 0x6, 0x8}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x4d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r3}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x43}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x80)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000003280)={0x9, 0xb, &(0x7f0000002d00)=ANY=[@ANYBLOB="180000000600000000000000ff0f0000a5505000ffffffff184418000400000000000000000000001800000009cc0000000000007f000000180000000900000000000000a508000009000004780000009500000000000000"], &(0x7f0000002d80)='syzkaller\x00', 0x15f3f2ff, 0x0, 0x0, 0x41100, 0xc47e261320a72d87, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f00000031c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000003200)={0x4, 0x0, 0x0, 0xffffffff}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000003240)=[0xffffffffffffffff, r5, r6, r3, r6], 0x0, 0x10, 0x2}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000580), 0x7, r7}, 0x38)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000f80)=@o_path={&(0x7f0000000f40)='./file0\x00', 0x0, 0x4000, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x15, 0x11, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000be01000000000000ff0f000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000006b702000014000000b70300000000000085000000830000008dbf090000000000005509010000000000950000000000000006000000000000008520000003000000bf91000000000000b7faffffffffffffff00000084000000b70000000000000000004daadcad9ab680de799479a0c0cf7dda9d9fd01c32a9a8725ebe55b4c3f4e6387b626dbdf9eee52a00b5b0ac9a556e18998a05d7276c987d52e181e267a6a6cf1d416b4070754c66e4642e86422289a904f26a2ec4ebf37f2bfd052f5a70be5ed922967864d6b16d09dc1e79ed819c3fa1c3fa7ea326d70c63a99ece42f9e8ec202b4d517ea6fcaca4c9ac1b2eabd656afa03d6d0d2772ec267ba337efb1673282f49f1f9a5688da4224865e60ae434e6eb7c9b412141901cbddc8acf6553eca24ee81fc4e8bb34024db2e9eada5a209184522e3151a648493bf2ea49c874bdfc3c10c44850d39655cb11e676603c9a0973d5f527a55aecee437df8de2ec9c722704263eea303ec942966d1a17149ba4e5429ada29f287b7be9de6ff10366925ecba6a162b1e2048edd1ed74274671877a56191769abb2b89772533ca97b05458b55af07a179d8e3122be7e9ad846a5abaa4a3bf5c756bca8226863f8289409a1b57ae4ec335a78448bfd38281ddd01ee3476771d1edc97d3cdc40667aa8298e6f76c34df53903bf39e7cd7bbbac7a4f17fc"], &(0x7f0000000bc0)='GPL\x00', 0x81, 0x1000, &(0x7f0000004340)=""/4096, 0x41100, 0x40, '\x00', 0x0, 0x16, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000f00)={0x2, 0x4, 0x3, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, &(0x7f0000000fc0)=[r8], &(0x7f0000001000)=[{0x4, 0x5, 0x8, 0xa}, {0x5, 0x3, 0x9, 0x1}, {0x4, 0x5, 0xa, 0xb}, {0x1, 0x5, 0x10, 0x9}]}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r7, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x4, '\x00', 0x0, r1, 0x4, 0x0, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0x16, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5b1, 0x0, 0x0, 0x0, 0x9}, [@printk={@x}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @ldst={0x3, 0x1, 0x0, 0x2, 0x9, 0x50, 0x4}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f0000000840)='GPL\x00', 0xfff, 0x1000, &(0x7f0000003340)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x10, 0xffffffff, 0x7}, 0x10, 0xffffffffffffffff, r6, 0x6, &(0x7f0000000980)=[r2, r2, r9], &(0x7f00000009c0)=[{0x2, 0x5, 0x9, 0x8}, {0x5, 0x1, 0x6, 0x4}, {0x0, 0x3, 0xf, 0x8}, {0x1, 0x3, 0xf, 0xa}, {0x0, 0x1, 0x7, 0xa}, {0x4, 0x3, 0xfff, 0x9}], 0x10, 0xfff}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x40106614, &(0x7f0000000040))
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
sendmsg$unix(r12, &(0x7f0000002c00)={&(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002b80)=[{&(0x7f0000000540)="74da39acfac2ee77b5ce5fcb920a698c7a79136a5f779c025e01145e394429871f45b07d98", 0x25}, {&(0x7f0000001800)="6157c6825940804438ba756b0d5a8cd3df89eefebde16201f3711162347dcc40616fa1f378293f950af0d594a10a32d6f1e85f381192492cc7846033834aac07f135903c67ecffefbd3d2068a69a862929777a4dc2afca5078532f94c10a2886fd42644a8123c5283c9278bbbfb0e066e7354ef950af7b790950bbbadccc1a72240a84fec26346c90bb61c3f93844adb1b5986", 0x93}, {&(0x7f00000018c0)="ca05365726f6cdb126f0e65b311be1299404b1e289f141d5bef538", 0x1b}, {&(0x7f0000001900)="88faf3a165da93d0a38b4470931f23d2f75cb072c5156d13bf9a71b215d8d22be80661bb82511bb10621ef64ea2acbe2605c167a67d3a888908ae00cb415d1a8cbed96d7492ca34c09a80d3debb4e5286199bfcfec066c1f3b69fc96dc976542ab870ad9c17213a15f4d3433dafabd6d67a44c0fd5620b953b2890cc18171bfa4ed257cb11b924630f2d821bf517967edeec41f963ed37420d7a7f43b6df5df2e30801d21c03960b3e592466dcfaf006ff4b37c511b10ba8a76f00f90996d75a8e9265a5d605b8ef7b1b5f25160e29d91f98473f71401dfe41c2f3217ee4a893ef217c2ed33401ca151f9852e8173a18e72654769653797fb4712d318c6114b6e2ee93d3da1eb05cab6c80f11fbd28187f8cd49fdf4bb67b52efbaced49c7e65c49cc80ab111976677cf1485152bb5c6160fe827b20cf2e079a0a06bf73283abe9e59d416b3d7c1f6582f1aefc2cc42790a5bb7f8bb6d040a8d4a9c0a4f8efde601d8a2639c148eb50b2d5f8061c97be4fc8a881500e6115210ef59670b36e37ca83cac0ea0e0e065829a0469b78e2ae04b75ed145252383daab2fe01d0a75cfc20774603f136bd0b84e0de19a7d61b732644d3a8c926ea365ca2d04f0cbf8aee7624c2b372314402573af6168aa894f84ce287095ab9a5af9aef2510e76473a6b68c40fc3d174a049eec9e4570e200f7fee113a6bf49da8659c49c2ca6365fdc8b276ccc9c5e83b89dcf82b73f0ab95daa716d06553d96f0c8bd368276eb779c7fa06ddf09a0693476d62dfd9599a40c90a66d4c0ce512aeac1ab2fde9c7998e1e0151f7ed802bf919f9087c6284d64d47ee94f23f42fbdf5247729ab2a814d228346215a1e8673ccec443ce0c8cbe63a108f503ca7d40886c165ebd0d9487fc4b0832ad36bc067361072dfc13b95cf94e1fd319492969f903936545b6d20ae9c9b8fa8fde8722d2be8e91a950232d76882d76167ab33a639b5e5ea7900bf0d3f3d3d0eac9f33cef09afe08fead3860523472218e42b84f68b640c87884a5d821db993a2aba0fa9877bcae768a4f52527ac6227fcfb13811bc93180c3b400041881c02e3d01ffdb02890225bcbb6965480077887dd46e8faa89d502c14b4b3a28404cecd51e42548a6cb1ea775047d6110e3a771e0e9847553b8fe0c381ec896145383909c29967498214934719b561bf3557ac72f758b631bfd01ce8dadf2f526852c46dd350db29751697e7d34200d9f623256c109ad96387bb19d95e2e8f83031a4162d30d4cd79a477b1685a05e8fadd73536c54c3907d77c691144e67fb43222686f10b2fc2181e732802095b153581b1a5ecd291a01d5a88d1384e092f4f3a81122af9783590fadec0710be0ed5e7bf8e1d0eb555dce6306ebb6ce403e31cf55c2f9d48117908fcdc405a32a98f80acdf5f4d3eea54b75ce7f1de74b82d9c0da13b68cbcccf29aaccfd256c336965bb4dc0aca565a5308df2f1b56950c7952bafab911594035aeb3dad4b9acf0851b0e2986f783b027cbdbf61be8bb33ed51dfe4992aee2351f20e6efe4916c787380a42ea66bfe039245dff7ac177d13350220715b33e19329ea440d9470b9d76938b81846425d66fdde3d059e4c09fbe0d413bf72a4e246c5669472739ef79ae9d7db10b3fef80e82ca2617901e813fa5cd560e3985ddd9975e42925ea9bafd9e81455d9ecea72199aa925c026db73499797539e541f60645118856df6b1ba38443e5b8f7b71d45befa7dc64f9083bf591293fadd75ec664ec5f1a9513c78e4e14e89efc63cd94aaf5c57496108ce441f29a9c8d17b6ad23ed2f1ea24b5dd3a04fd744d6f0f0481b51323ccbd32ab71a67368edf47a96ffa3388ba02915bc8539b7baf164e17d4a442263c15224bcaaa28bda9ca71900b7cc63266456e3b360a1fd1af95c13caab66a0e39af0e9a9ee39a1bda52d816e8806b8019a60115f7e8bbe80f5e0ebdd6b682bac8f59ce99f923550ed65b9bccc917e7558e4d745d183558f22258b9f91dd5a62a165ffd003dd223e09eaa1a487b23161140ccf2ddb797513f4e66f0b69caab4471d728efc234f62ef19ae79f81d373092659e0347ae58bee686d3bea47ec25febe7856eef1ebec6a5b9c6448fb88d39110366ae1f31978e485946177cc3e2b8d73690d1f0ab0749bd9aa1c35e5b31e2dd77df125b275f398877f1ec7c3f7bcce676cab7aad0e3152024e4f368142ea11b348bcb089231359076a249567c2f12f4f8842df9d97a96e7573a755b86462062bef4fbb33c5782eb28db926eb813b45504d90f104f6d423982c428e3f356329e090723520ea98662694b92279e15f9a9b603b1d8f5aa3a69120b74ef3857a6d8f82a28d7eaaa05ed7e4f969d4987d749131a01b3333634a184d13aee193dbc950ea7cb7674be7652860aa81edbc0020dbd574a0513bab7c39b814883df86efc2db8e2c65665c077b365b0be0f5fb753630b2a8fe27826c7d582ab5056ae556d15f857d08d9f69ad759b7be531183b451a121e8eec5feed9d82de23f01422254b36e04bcf8e2d4ca65c6848e4f706c43edfe59647f5a0d5726db8e8f3c1510322c5e2e65b2f13c9ce17dc0239260eab676ac40f8b61a4c42f6eec8fafa54121bc4634fd11da270485ad9314bf0be39e6ac3c7c340d366014abda34564ac8a059e7abab649154de190a991c9aa98077aff5b3cb295f982127456e3e291cad6a199d3ccc03612ac642ccef489bf335bba682a1ce6d37a7685a295974f4e6aadad3ca0f7cd615530512dfe989be655b9215785f850b9af157b1c7f0878312494c19c6eceb7c891d13aada3865fb4ec0b337e1baa272689bb6aded6d128d5f8dd510384a50fc1347f748ed61224d2db100f6c305d86badbfdd6398174ff39762894f51d93fea085163e3b037295bf9bc96a42bdc4dd6e1ef11c6654d660661b28982adde22c449fb3865b462c5d67b5203ceba834d10519f5b982945c6bbbc7601faecd19e44023efed1d75856953915e19584c1725a91924e49e2670f16ff1edc01649d622eaa00cee783ca91f84e078707b693265862d2b6d06749cfaddd83922ae8a274445c72e1288179f3a5ec1ddcb9a1e00c699b1a893bb67434f0f0654bd785c26d0222bfc61ad7d270607621e03b215af081dce976ad4f2277c8e3d88582a5ea94a5f633678e568122f16461e3d78a01fa7ac73cc3b4db81875970b92e32ba9438212d08ea9e92d6d6f715ccf26651e855942f86821f95f11013d1097a61e14fbd3fa78524f5d432992dbfa7935524d6799115a3dd9d9bd4cf675468a8b45d1e92a43ca266c52c260b65662905ec8dc86e154c70b31df86fb32c74c0bf29b70253cabfbb3cc123953af7d3e7bb1c1cfb508a93f108d70fc99767d76b6a94f3897e7b3d666cb41076f55e976b52ca0fbe01d188b757f5c31249ce1d6e49b355d4f8d949af6f985e277d621ec83a08d7299b2a5ea8b5d8174a64fdfa0e39912ce1c12a1c0b52d414f7b025bf2a4be81402067a3882c461f51c38cb29267bc7d6dcbf91d6ab0271366bcd11495b787b367113f43e175aacec94aa3faede8b711446056b959d7f8094141d7a9f2c5fa0e478f17fc8855313f817cbbd91f0a0bc65cebe6ae7349961f92faf857f732ee2c1664b58210f46ecf66bb5ab76fbb15a32104302be394eb7d601c00e2807909a6f0f80fb3ff35044224ea35ae33b394e26eec4815d33b9907f2aace0dd85b7822f8f7e018a8d2ec4e86398d26a5d271cf54ce558ebf7e4c90e291591146e0f96613160605a5f2cc201768d670110ee00a822724bdcb12d1c5888e8b520212cf43692f54a68a53788ee14d329d810c326ea656dad595d7a9d306def9e03eb93be52af4c52bc5a55454b241ebf448b3ba0858620a07af77a483c971486c2a02e225afd2512649d7b69cb06099a94eb76512daab560671f4fec16e03a965d7b982d5120af90861ec93604c9051ddfdb03e573517b242f9ea03af6787841df722bd20766409b546dd1d89460e8935df4f5d4cd661c418b989d9d6e195d2a1d5ad34b6c3c8b1a3f71ee2a496d5b40b7564a4b2ea720ae042a81e31b0935c927e5a19b368c72e407ef535f918f4e8dfa57f7a8c1eccf2586af73030781814879fdb25be37eedfb0cc995709ddd9069f9cd226ca503d59d02c12458e80cdbe380170d7bd90637becc8fcf157c1ba56d85ef4ae3f68a6da505a5765b2e291cb701933cd0124afff19e62247a56d7d5b6f97e708747d11a79b9191e65bc4072a61a97553b6e8757b957d2fd3d6a765531e50c63840753c66eb1d425c98138681862def44d8ac8d504092cf757368bde3494870cb51f125acbabd8f2ee2db4feb4482bc327e779cba3a6f40095572f3391684b4a02aec6f8273656df1844517231fed6703c45d16a4a68d6357a321858fc08a8dbe78171a820a7bf02723e66e7fa6d17073ec41016f933673e89fae6b6c7c9d8a21759f4e76a28a1514c7f4104be01193ac91f1d44f024dd9c696ecd3d08343b57f47c26719c245b717b826ddbc8619a57816c360f1580630556979b67cf2eb965345a9d9794f276204e4028fc82e34d617a73748bf822247a5ebeb70b870438a0322d07a3ebf9733b32a36c68ea250914e1c8b83164d8d5eb1fdc49a783c708a7fd6dd0d3246a74ff55c6433b855301f09a16fc9e3f13f95d13ee6462303925f5eeb2e8663e5183ba37c51629e21038456f545b750715f11e3e023c74334f73dc48ae182a46ab214c3d2c6ba60641867da4ffc3e96cb4b1c0aa1e4dfc172d7537ade6fb41d169a8c25c6a6caea677a0c63d1831022e4f70e5074b4374c7c5710c8a803f344687e3a234f273288649e5bab97daa803bc80a89f5ad67d462b2f6ee083f2b5ec088b27afa82bbe74a630776c430f740b11e1275cad8edae931ebbe586288ce403301246205fcd649fa4c0449bb0dd719f8445d5b1cd8ea6f6daeae63367329a1297a52771d0400f8584c69493a10b02a0a58ef3d90043d662a74765b9e5ae454435fd2ec32cb82d279ac4747103959f9fb4399a7b617ba0b164ade5f71484a193e48a448b3d0b1b63d375f61829b2ea04a0860e110f9add136090cf9d306ed52e202466da8e74e28eda94af3ac005c17229a86ea6b3819d8b12a51a84f8c632ab30ea8b51e276665ee611c2b266bc0f5afe610ff8d848a1433d8455e54f62fcbe07325f02cc49f7bce39898f3f44be2eb3a8878f964361480d193e8597075d1b692a712ce472f99c339333333e99975c7a6be3cad12dbb7fff33eff0835e927e8602094a421b0d81baa25eaa9964f86276a7eac410706952e7846d7ae809847aa30d58244f2d24ca80005a40540ac22bee0241e963f0d5833b0dcbb00ca22a726fc26fa8636dc0c47fd0ed8c1ffe4b3d5a73b43c66e94774be0fff8df0e9b3a8215d477eaa46dfe93fec628696ba07cd3c85ee9033238822fac83a8131fcd9ed387dbb8b18d7884f21c7572984571d3bdf40b44331425f8a99772920d1ba32a3bf728fe24e9ef06f09d034f3181870546949dfe69b644b69f84ec0075aadcfa60deb898d50ef23ab18b82e3ba40c46a12af2570514f407d4720cfd1470c1e929e1c76c5a5651a3c56175f38e82d59d296685341210c4346b74860d11a2f2b6aef70691aa709b1823f90c96c0749381767694527dfe79678ad8cb6a06ad8da961e0b0ca39eb42f9cef0422f0455910d40fa4badb3facd734ffaefe1dd320af6cab715b2ea1522657bb4b37a0fc080ad3c54", 0x1000}, {&(0x7f0000002900)="363e56f2af3d284f15ed3f7e3e7fd5b9383c3242c0c359bb9bc803abed", 0x1d}, {&(0x7f0000002940)="5694b54d98ee5098f9c05b31488ffd0c94341ce06f63117492e127e44628bb4b8f553db3c49723f58369ac609ab22de60fb415d936e0bf3a5a2ab32de6591945fa09aa07bae830a63b6232ae9d0d9293b74d1b89a057af42a3884e1aae6ecc9a87fdc159", 0x64}, {&(0x7f00000029c0)="0241915e29a4716000ed621cf57ebd00aa14cdd90bc367b2d793702a54f0b31d421ae5ff51370f3a523a762a22cd90b2347c63e7669407061e2ffbb04cfb3f6aebb6a45f61ea9b857f419ef436c3625aaa4b6cbc5d0a6740617d4c8b07e72fc8c70cb2ac766a6b779126f46aa7e32d221f77ca6771369be08317d0a264aea3a4fd6d52fe343e5de1613943bf11950ee8c2b40d4fb5252844e62aa28e1ac62e3e41c41f42a6b945a309927a5f364ef32ea4", 0xb1}, {&(0x7f0000002a80)="4a338a7861fd69b757ee3a131d17bd5497a7b6d01eb94f19bd84b12442f4cea607d44fee93cf5629d3e9366eaf230ed3d48b2ed7c38bdaf3eaf41c6ec76043306f338c9dc5b73f701551dbd9e13f7d76869869f9e4710f4de3210c4d365a5fcd3e6a58b592424decb66ca7ded1644670997d524a007684df332524a6365b8a3a699b17f5d6b786e022718d970ce24c09f5511e95560d52a7c8042a7a0ef7fd45895442a1997349726743c076ca6c34959d2476c296b22112ed7cdabd4a9caadb13fb9f7e88565a5fde2ef03fc5112d785e78c745501f30f49b7045631891eec975c990dbdfdaa0ce97dcff", 0xeb}], 0x8, 0x0, 0x0, 0x8}, 0x820)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001680)={0xffffffffffffffff, 0x20, &(0x7f0000001600)={&(0x7f0000001580)=""/13, 0xd, <r14=>0x0, &(0x7f00000015c0)=""/63, 0x3f}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0xc, 0x20, &(0x7f0000001340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000}, @ldst={0x0, 0x1, 0x2, 0x4, 0x4, 0xffffffffffffffc0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r12}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf9517d7c9848589e}}, @call={0x85, 0x0, 0x0, 0x36}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000001440)='GPL\x00', 0x8, 0x59, &(0x7f0000001480)=""/89, 0x40f00, 0x2, '\x00', r10, 0x38, r12, 0x8, &(0x7f0000001500)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001540)={0x0, 0xb, 0x5}, 0x10, r14, r4, 0x1, &(0x7f00000016c0)=[r5, r13, r11, r6], &(0x7f0000001700)=[{0x0, 0x5, 0x6}]}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_lsm={0x1d, 0x17, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x30000000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x78}, @jmp={0x5, 0x0, 0x9, 0xb, 0x5, 0x100, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0xc2}, @jmp={0x5, 0x1, 0xa, 0x6, 0x3, 0x80, 0x8}]}, &(0x7f0000000000)='GPL\x00', 0x400, 0xfb, &(0x7f0000000240)=""/251, 0x41000, 0x1, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x10, 0x8, 0x7f}, 0x10, r14, 0x0, 0x2, 0x0, &(0x7f0000000600)=[{0x2, 0x4, 0x10, 0x5}, {0x0, 0x5, 0x10, 0xc}]}, 0x90)
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x2000000000000159, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYRESOCT], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r15}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  578.897498][T19824] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  578.905309][T19824] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  578.913206][T19824] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  578.921017][T19824] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  578.928837][T19824]  </TASK>
06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000010c0)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfc, &(0x7f00000011c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001200), &(0x7f0000001240), 0x8, 0xe2, 0x8, 0x8, &(0x7f0000001280)}}, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001480)={&(0x7f0000001400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@const={0x0, 0x0, 0x0, 0xa, 0x4}, @ptr={0x7, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x30, 0x5f, 0x61, 0x5f, 0x61, 0x2e]}}, &(0x7f0000001440)=""/44, 0x38, 0x2c, 0x0, 0x8}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001540)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x12, &(0x7f0000001580)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc3}, @call={0x85, 0x0, 0x0, 0x54}], &(0x7f0000001640)='syzkaller\x00', 0x2, 0x2e, &(0x7f0000001680)=""/46, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000016c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x3, 0x4, 0x4}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001740)=[r0, r0, r0, r0], &(0x7f0000001780)=[{0x2, 0x4, 0x1, 0x5}, {0x1, 0x4, 0xc, 0x5}, {0x0, 0x5, 0x1, 0xa}, {0x4, 0x2, 0x0, 0x6}, {0x2, 0x2, 0x5, 0x8}, {0x5, 0x3, 0xa, 0xb}, {0x0, 0x4, 0xc, 0x8}, {0x5, 0x1, 0x2}, {0x3, 0x3, 0x6, 0x3}], 0x10, 0x8}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001980)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f0000001900), &(0x7f0000001940)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001a40)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f00000019c0), &(0x7f0000001a00)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x14, 0x7, &(0x7f0000001040)=@raw=[@exit, @ldst={0x1, 0x3, 0x2, 0xb, 0xb, 0x30, 0xffffffffffffffff}, @tail_call], &(0x7f0000001080)='GPL\x00', 0x20, 0x0, 0x0, 0x41000, 0x8, '\x00', r1, 0x36, r2, 0x8, &(0x7f00000014c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000001500)={0x5, 0x9, 0x7fff, 0x4}, 0x10, r3, r4, 0x6, &(0x7f0000001a80)=[r0, r0, r5, r0, r0, r0, r0, r6], &(0x7f0000001ac0)=[{0x3, 0x3, 0xa, 0x3}, {0x1, 0x4, 0x9, 0x8}, {0x1, 0x5, 0xe, 0x3}, {0x2, 0x3, 0xc, 0x1}, {0x2, 0x2, 0xc, 0x9}, {0x4, 0x4, 0x1, 0x2}], 0x10, 0x6}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001000)={r0, &(0x7f0000000000)="f95a413eabd5cee8f111d8b8bf3df54973e4ed0c6126bdbfe3ba8d68143eeccdffa3469aaa6460dcde3b9d9fa35f040fdb241076823ec035e26a93974c8ef10473991b0816e782f0ee46905cb875e47503dd0beb0c75cad520394954402fc325aaa9b0ae7c58f85d08c4a6816fb2b8ff574539e2ddbf45910f5150f81386590f133456279d7ed546c21c2744594cdbaa0c207008fbde9f29dd9e6d55b0fe18cd65ad21f70ed9a012c44b713f586df48a5237d5fb406eff3d97ca810207e6f436baa012ff68a24c846d659805392f422d82c1c87d303013cf20cbfa1b5e3f291f5d5a68ba5e58ac17d7f93b5bfac64e546a6b821210826eb31624365b7c544a0aff2fdbd20179ec4051db35fe0ae52cac069180a1f09d4571416ade2b5cfd69eb58aa4791df995fc5c7d206f2619a1cb671af089f50e23237c7849edda46c9847ddde64f3329c5ac51077ccd6a7af0de5417441957c23341f3fc3a859dd9989c087c72f6e9ede5837d46d4eb344889491d7222a166c7e7d9336e82e117142869a8ce5c53905c7705c6293686c23b298e2c73606bf5ed239144df5a41472cbeb9e3abe71fce166537fb47c39f46dfedaaba86df40e854410f3d1420de84caf23dfb62ef11e95eae09e9d5d4ce25a5dd9d548c7360e70dd8024f13d3ff5deecc1fe38151efeb002f3826dba86d68ae94f5c7e83bd88754156e9e5b27e330ee240ebe6537a56beb5abd13760743dda6fdccb265877ed058222a8ff14f94a1bca7d07244a84034ce1d6f40c00d67482366ed14de4ea88475cde3df8a2c2f02dff54a15552cf6e6ade27ef18f73e33d9c6aeb74a5107ae3439f99fcbb351f7dedbbd074082b3ed6a4a0c2530187c6896d2e3fca474d490955b9e3bf262d562f2315693351ebcd57bcc5a5bced388d171765262bf9d5b4778c6fc52c6f52ab4fa15b60c7ce23f1da7e1c2285bdd525d8a5641ef7b46a97d71ac3c73b9fed17a2330248455591c71667da118b877c47d9b05af7b25f010cededa7cefefee555f69b46ced099eeed48c4524434019819841b996ce1fa81e19dd502cd021db0f36d5a2b6b509a07acb6116531b3457f2d6a1026c9223bb4fbac5bef2429bb9637c24cfa6966b3957df8f51078f0e9719327a5ef800c8edc7b5335fb1f7c0071b34b4ab56cb2bb69f48e1f473b63633febdb77b53bf0cd765dff1d8913e144e53ba8823d0ade62523092721794a7a00b25bdd0b87c398c124a38aafbc4d8f0f44d865ffbe3ca7eb06b329f420660ef95537fd0ee7c8433dbd0db7ae0421e06db02c3e0abd2f4123908ee4d38b0cca93ccd26408fbf880bd77bb41db0102eb03362ff71316c8b6aab4485ccae411e107b21503b8c2fca77f7088efe410d701e68936bf229f3b60ea2916954e36de83575a791201973323105e4da6c55a7138e52ef3642c58d18d90a4008030d0e14c5bcf7c35af4e5f22feae0010720a245d42403f86c4e223c014dae4a5a55c8f9fe79cbed9fda4ee5da147c8bd0f76f9cd4d8cf81f3c5c3115e7ec78b826e11fb147dea51d0307d44ee83e148a37dd5969b5670c9ff7673a13862e24959ca9c99e888c2e2a64eef6055d12288b49c9785e744bce265a12ac0d1dc4708561a4c94d6584c60fd4d10c2091744e0f08311909d1e9823651af3d1a12ac28ebdf9d1c191ea089f3edc1078048d1c5c7dd7256c01c8baaad210f3b7b34aae1064d00311a676ccd02db0fbb3d8a3b4aa3fa06d673b66aa4465a4cf81a6354ec55493fdfaa89b8faac12855ed8bc32a2dc91a1fdd3ad0b558ec80e1316632e052f69eeb54e8a43b84aa51cd317370d16adbda489df1ed6f3ad5a34a4b83e6f157db18bc39c22bfdb4435400713d1e2b8be21954c7df547057246ebae8d4c76d30de152b7134fe6ceb1b60a7bda3401c9c9e4f703fac07eb348d4b81174c9b4a02bdd5211b15b8c080f0c8a8af66241f4e287df45820105b1fed0fb5a305d3da27993d9d81077a6c62c1f5bdb9ad5d3f8cf365864d0699a3871659ffcc2bfda554283bf684c078ea0fe8a10bb157ff29e007d1db26b6dd929adc39ba72ca351f8e64128ed57737869b535e5a8fd9fd83591c29b90415e40d1cdc017b7a7433e653ec46014cfc8ee67b22e228f36d8700c9a596b204c5ab6f7046942c681694a1676679e6c91a07f705e89c18ed08d1e6fe0306bd9b985ba3acb616ed27dcc7f69e192ce85919133d9ac7056db2329c75ef98e898ca925587ffde371a1f23de77806f5ff18a3d86e590709790ebeeb9a1c9968538b9c41434afb0987980c7f3582fa99c5445eca3db3639733db0f22cac4123602b054f19a13ccf1304b9fd046e6993f167f2c1ebfdeafa2bf58fb7725fab1f08da7259c6fc502895071c3864e8b1fb15609abaf0eb83c793aeee500d4648d20dd281eb3142e9865c5234243a3873baa46bc3af89c038e9cbaa1053fccdd42b0ba8661a3419ec4c8e2f2c6c20f5e96358ce9f6c6254fa59ecc38481c914e6e70dd69e6b94a25b9616b3da2e2005cec3875853fede4a9e4c570c30e522f12f4e8be5e881d4b2d916dc53cc37b6f24bde16286412653bc15db1cab5db9162364e768413cfb357933f868703f78151ca8396d3316621f059182414a5d24dfc309a8f2d3c5af2dfc22151d8f71ecf0c985871ea216e0fa8df017dd9ecf1a95e23f9f22a56234bdeb0d983bec1a7e3747769ef99fd313ccdf490df8431c818804082f8c9474742332249a504ca5714b33dc04a7a0f60b6a217b0d052aa5c450177016b450ca2962578cf48aafb89aa10042e0328e83abbb233b22f0bb858338860f1aefc8be40a99ad489f6eafe42e146711b88cafe08696ebe1fa47cc89abadf95ee9a5c5290ff96b5459b8ef82272d4d22dd92971745948afc91d80bc958101d90aeae0f21816926d806d9d67604b15531cd616d2018700627616c2dc9cb000e75971a3e581f7207d2d92c4ee9b1e55e7c5fb380a2a63e8a856889e49b085b0751459b98ecd59246ed448c3b4a83a552ba7148474451f8b86e4a4ed1d905cd1f9f161d827d11ac5ee5ee95b6b4e8476740d24b337950e6a5b63745f15e1dd31d6ff2aa3c42c93cac2baaeea8003fa8ef908472f6ce2ce2b3c9ea90f373f8ee49c2f9044e23955652b03a511a9db474bb0365a131a08ddc6eec0d099d2825fb4364491867f1ebe88156b6e8f8bcb6ad1c625991ce67d1e583c93e2f261243d9336fec2ad666dce6cf80e9067021625da90ebf8460b61493b10ef33808fcc87fff4af55f8dd86a3f1ae75ed60c4601dbcab1fc625d88e1ca42e272172dc333d8dc50da238b914a04bc94569dd84ecfa47367442686a0ad19dbf4965dbe080e98cc5c42fe2f255501c4a13932b81490c72e8ea9998a673763eeadf975715e3ba2f3ee9069da2bf72b1f94b2068698cb51ab25b77a2fe7a8d2fa10b0947148171e85edd4f61af6d0f4262c3d4b3d72bfd866a43334105e431244c04050c0f60c70337ecdc0ddf9adff140592e1afc2808136cbad1a724dcc7457d08a2742c3fbd86ead3dbbc48d8f3eb5e29acea170acad5522fe364994cfd08960eae8a1113d0720152ba0d910ab043f28de08764ad581a98de9fb8b8d18f4979fe38362b532d96f0453bc3706eb8d5309a9fec1b30cdc9e0263dd9a399aade149e3072e3fce72cd69be884668129f12e251120b5be79aea84ed7a14023835e6a6dc131783fcb9035d0d094f969a186e35ad85dfe5254bbba9feea1564b9e00e6689450c0024be57cd3ca8cb1bd05e3be577cfeb760f90e4b1500d99e29c0d528100efc04198d9d7324ff5d24f69b0a5c34cff8e233d759ad5a165a8c1255b799ea621e635ddb729ac3fdc10e5f08a0f995c7bab54ab6f2ab4b715053fe2665d5e5474cab58f90205cd92f9783ea2b6a466630dc3b0b632940f86125257424e4ed289c2cbf53ba0d57cd2a8912d16c0c344f92f8e0ba2c97a498226ef5f35ece29b9d17c7f291f44a282281f20e37bb4c1f0fe211739edecc4b5856cb4d35a6960033716f7ae4030e72acbdf76222bf49822dbb3e4eceae526fb7cf0284da668510177344f252b0ac6afb3e0e0e8f7b6cfbd4c4489e195c7b2e16dcf542a5b17617db672a8552496b0f97cc27fa3d4c75d3c859b1debef60543f9a31bce61340bdfca5931f5edbf1bee4db9ed3e74891b92ee92e8ff60c311b58c6968f5935a54c20fb078ccc09d1ddc3c08afdc2f9fcb2c16e3686fcfc45d345ca335859df27f90eddd9d7079f5dcb2e8130fc6b020b1f64db0d86072ab5d7d709174066e44c2adae788f35981410e470367f6199a512238660edc97ba5e408bed88dc25262c4c8510890550ed9b6565761c1cf51764511b69a3fd006fdaf1cd0465eba54b4c3ef943c21cff988b2a808a02ebf3893d043eb4b7b39503633f2d74609f56ab8cdf80d3ecf0ec0cf010c7d48d9b2c8cdf465987b209d0dea8e4c23b4109e580879a531001776340aa1b7f2874bae17d54c1503f698f74f3370a9e83a65d2d852eaa546ac55990a9592edc75f2444bf8f591d007f18aba3960df38f8edc709cdff6dcc466d1b48f9694e24a85d3097b77b42d200e02cd887a3c0c7d93544ddc1508607dd6e6b3554b9728c00e613a695c4afc8ea53e977ec40adc8b873ccf9cd831bff352ca66fde6d05cda94870f11cb7892a691ab668e466e273efd49d519328f7541e9bec93c1669e1cacc3795624bf88b8206524748ba2527a7aa5fe734265b8c5d61f338d20bcb421548850170f81b27fc57ecd8018e9739ba5af8710e87665905b641b6da26b3059a68731fb52dfdc6289b4972d83b1883336da80f9fab69917c5f6eb2925713b1ce16c34759a52789874273b5550055fa0dbed48055aed67f8772717dfb5da51d66e09d879122d4186185fa24475d0549bdcae4ffaa45a0709144726a5b500109329e9c6cec09dacba10c04eb100bc5abbf40c778bbf18e90944a945417f489d3d8a58d929951e9d0b92eb4a4aa5b8f91cbdcdcc26f743c1456c09a2b569ab3579679c5b158b76a1f51dc512a290f9b5cc642891b69658e88421f5d6b03ac23aa2fedd97875e45fa658a9598d8d994ac585ff51d588e2dbe5692076cb3c246d0e3ab6701007e51ca93d36c265e42f883bd38a4ef44532a6c9a08b8d85ec1273086f3abb911621abecbaf380bc5cbe2e71de272bc58279f64eceb9f1584c8e926fe4f43cf986e4bc1f2bbc2f75b04173e3f82dd017fc1d94bcc5a9116d3e07a85d9a3c7d0d1426f1c1cb02acc2b42e507c6370d508405f1be1563094bbf3486a8292967dadcc9eaa38ecb1e27f54ea9d24bd423cf57465ae0cccb88339f5b1c2b7320aeedf4e070791872d42e387879d720e3e7766e484f72f7c0fc7bf393c4956f0f0209c52c8913c946e6b3ec2648d42e573ea62914f932e862390e1c1bdf1e6e2994c04921e92ae9744ede6e540b9a13d843ab58e7d44dc7c3f5cafd925c10bd3e63aba31d3de698ba7b7f5904701f89577860de839a410fb079cc04cb48c63cf5a995fbfbec44c5b4bf21bcb5a39b105b810d5c4a696ecd579bcbcd2c59ff93e15bd8d107b0579542100391371b5391a44dc7120e17119811ef502807b83892b7d2e401018449013b28113fcd64063b793ae8c947b80f6780cb986e86834ebe4d7908a353d25437da0a36cf70ccb9df03aa61c58353027985b6474d7689b6b3b818a969b9cef364f3f6ed8394aabd076068b438e25878e04f8ab3d412da40352acc60988b89c58b477"}, 0x20)

06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1800, 0x43451)

06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1900, 0x43451)

06:59:14 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 48)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000010c0)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfc, &(0x7f00000011c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001200), &(0x7f0000001240), 0x8, 0xe2, 0x8, 0x8, &(0x7f0000001280)}}, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001480)={&(0x7f0000001400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@const={0x0, 0x0, 0x0, 0xa, 0x4}, @ptr={0x7, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x30, 0x5f, 0x61, 0x5f, 0x61, 0x2e]}}, &(0x7f0000001440)=""/44, 0x38, 0x2c, 0x0, 0x8}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001540)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x12, &(0x7f0000001580)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc3}, @call={0x85, 0x0, 0x0, 0x54}], &(0x7f0000001640)='syzkaller\x00', 0x2, 0x2e, &(0x7f0000001680)=""/46, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000016c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x3, 0x4, 0x4}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001740)=[r0, r0, r0, r0], &(0x7f0000001780)=[{0x2, 0x4, 0x1, 0x5}, {0x1, 0x4, 0xc, 0x5}, {0x0, 0x5, 0x1, 0xa}, {0x4, 0x2, 0x0, 0x6}, {0x2, 0x2, 0x5, 0x8}, {0x5, 0x3, 0xa, 0xb}, {0x0, 0x4, 0xc, 0x8}, {0x5, 0x1, 0x2}, {0x3, 0x3, 0x6, 0x3}], 0x10, 0x8}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001980)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f0000001900), &(0x7f0000001940)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001a40)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f00000019c0), &(0x7f0000001a00)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x14, 0x7, &(0x7f0000001040)=@raw=[@exit, @ldst={0x1, 0x3, 0x2, 0xb, 0xb, 0x30, 0xffffffffffffffff}, @tail_call], &(0x7f0000001080)='GPL\x00', 0x20, 0x0, 0x0, 0x41000, 0x8, '\x00', r1, 0x36, r2, 0x8, &(0x7f00000014c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000001500)={0x5, 0x9, 0x7fff, 0x4}, 0x10, r3, r4, 0x6, &(0x7f0000001a80)=[r0, r0, r5, r0, r0, r0, r0, r6], &(0x7f0000001ac0)=[{0x3, 0x3, 0xa, 0x3}, {0x1, 0x4, 0x9, 0x8}, {0x1, 0x5, 0xe, 0x3}, {0x2, 0x3, 0xc, 0x1}, {0x2, 0x2, 0xc, 0x9}, {0x4, 0x4, 0x1, 0x2}], 0x10, 0x6}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001000)={r0, &(0x7f0000000000)="f95a413eabd5cee8f111d8b8bf3df54973e4ed0c6126bdbfe3ba8d68143eeccdffa3469aaa6460dcde3b9d9fa35f040fdb241076823ec035e26a93974c8ef10473991b0816e782f0ee46905cb875e47503dd0beb0c75cad520394954402fc325aaa9b0ae7c58f85d08c4a6816fb2b8ff574539e2ddbf45910f5150f81386590f133456279d7ed546c21c2744594cdbaa0c207008fbde9f29dd9e6d55b0fe18cd65ad21f70ed9a012c44b713f586df48a5237d5fb406eff3d97ca810207e6f436baa012ff68a24c846d659805392f422d82c1c87d303013cf20cbfa1b5e3f291f5d5a68ba5e58ac17d7f93b5bfac64e546a6b821210826eb31624365b7c544a0aff2fdbd20179ec4051db35fe0ae52cac069180a1f09d4571416ade2b5cfd69eb58aa4791df995fc5c7d206f2619a1cb671af089f50e23237c7849edda46c9847ddde64f3329c5ac51077ccd6a7af0de5417441957c23341f3fc3a859dd9989c087c72f6e9ede5837d46d4eb344889491d7222a166c7e7d9336e82e117142869a8ce5c53905c7705c6293686c23b298e2c73606bf5ed239144df5a41472cbeb9e3abe71fce166537fb47c39f46dfedaaba86df40e854410f3d1420de84caf23dfb62ef11e95eae09e9d5d4ce25a5dd9d548c7360e70dd8024f13d3ff5deecc1fe38151efeb002f3826dba86d68ae94f5c7e83bd88754156e9e5b27e330ee240ebe6537a56beb5abd13760743dda6fdccb265877ed058222a8ff14f94a1bca7d07244a84034ce1d6f40c00d67482366ed14de4ea88475cde3df8a2c2f02dff54a15552cf6e6ade27ef18f73e33d9c6aeb74a5107ae3439f99fcbb351f7dedbbd074082b3ed6a4a0c2530187c6896d2e3fca474d490955b9e3bf262d562f2315693351ebcd57bcc5a5bced388d171765262bf9d5b4778c6fc52c6f52ab4fa15b60c7ce23f1da7e1c2285bdd525d8a5641ef7b46a97d71ac3c73b9fed17a2330248455591c71667da118b877c47d9b05af7b25f010cededa7cefefee555f69b46ced099eeed48c4524434019819841b996ce1fa81e19dd502cd021db0f36d5a2b6b509a07acb6116531b3457f2d6a1026c9223bb4fbac5bef2429bb9637c24cfa6966b3957df8f51078f0e9719327a5ef800c8edc7b5335fb1f7c0071b34b4ab56cb2bb69f48e1f473b63633febdb77b53bf0cd765dff1d8913e144e53ba8823d0ade62523092721794a7a00b25bdd0b87c398c124a38aafbc4d8f0f44d865ffbe3ca7eb06b329f420660ef95537fd0ee7c8433dbd0db7ae0421e06db02c3e0abd2f4123908ee4d38b0cca93ccd26408fbf880bd77bb41db0102eb03362ff71316c8b6aab4485ccae411e107b21503b8c2fca77f7088efe410d701e68936bf229f3b60ea2916954e36de83575a791201973323105e4da6c55a7138e52ef3642c58d18d90a4008030d0e14c5bcf7c35af4e5f22feae0010720a245d42403f86c4e223c014dae4a5a55c8f9fe79cbed9fda4ee5da147c8bd0f76f9cd4d8cf81f3c5c3115e7ec78b826e11fb147dea51d0307d44ee83e148a37dd5969b5670c9ff7673a13862e24959ca9c99e888c2e2a64eef6055d12288b49c9785e744bce265a12ac0d1dc4708561a4c94d6584c60fd4d10c2091744e0f08311909d1e9823651af3d1a12ac28ebdf9d1c191ea089f3edc1078048d1c5c7dd7256c01c8baaad210f3b7b34aae1064d00311a676ccd02db0fbb3d8a3b4aa3fa06d673b66aa4465a4cf81a6354ec55493fdfaa89b8faac12855ed8bc32a2dc91a1fdd3ad0b558ec80e1316632e052f69eeb54e8a43b84aa51cd317370d16adbda489df1ed6f3ad5a34a4b83e6f157db18bc39c22bfdb4435400713d1e2b8be21954c7df547057246ebae8d4c76d30de152b7134fe6ceb1b60a7bda3401c9c9e4f703fac07eb348d4b81174c9b4a02bdd5211b15b8c080f0c8a8af66241f4e287df45820105b1fed0fb5a305d3da27993d9d81077a6c62c1f5bdb9ad5d3f8cf365864d0699a3871659ffcc2bfda554283bf684c078ea0fe8a10bb157ff29e007d1db26b6dd929adc39ba72ca351f8e64128ed57737869b535e5a8fd9fd83591c29b90415e40d1cdc017b7a7433e653ec46014cfc8ee67b22e228f36d8700c9a596b204c5ab6f7046942c681694a1676679e6c91a07f705e89c18ed08d1e6fe0306bd9b985ba3acb616ed27dcc7f69e192ce85919133d9ac7056db2329c75ef98e898ca925587ffde371a1f23de77806f5ff18a3d86e590709790ebeeb9a1c9968538b9c41434afb0987980c7f3582fa99c5445eca3db3639733db0f22cac4123602b054f19a13ccf1304b9fd046e6993f167f2c1ebfdeafa2bf58fb7725fab1f08da7259c6fc502895071c3864e8b1fb15609abaf0eb83c793aeee500d4648d20dd281eb3142e9865c5234243a3873baa46bc3af89c038e9cbaa1053fccdd42b0ba8661a3419ec4c8e2f2c6c20f5e96358ce9f6c6254fa59ecc38481c914e6e70dd69e6b94a25b9616b3da2e2005cec3875853fede4a9e4c570c30e522f12f4e8be5e881d4b2d916dc53cc37b6f24bde16286412653bc15db1cab5db9162364e768413cfb357933f868703f78151ca8396d3316621f059182414a5d24dfc309a8f2d3c5af2dfc22151d8f71ecf0c985871ea216e0fa8df017dd9ecf1a95e23f9f22a56234bdeb0d983bec1a7e3747769ef99fd313ccdf490df8431c818804082f8c9474742332249a504ca5714b33dc04a7a0f60b6a217b0d052aa5c450177016b450ca2962578cf48aafb89aa10042e0328e83abbb233b22f0bb858338860f1aefc8be40a99ad489f6eafe42e146711b88cafe08696ebe1fa47cc89abadf95ee9a5c5290ff96b5459b8ef82272d4d22dd92971745948afc91d80bc958101d90aeae0f21816926d806d9d67604b15531cd616d2018700627616c2dc9cb000e75971a3e581f7207d2d92c4ee9b1e55e7c5fb380a2a63e8a856889e49b085b0751459b98ecd59246ed448c3b4a83a552ba7148474451f8b86e4a4ed1d905cd1f9f161d827d11ac5ee5ee95b6b4e8476740d24b337950e6a5b63745f15e1dd31d6ff2aa3c42c93cac2baaeea8003fa8ef908472f6ce2ce2b3c9ea90f373f8ee49c2f9044e23955652b03a511a9db474bb0365a131a08ddc6eec0d099d2825fb4364491867f1ebe88156b6e8f8bcb6ad1c625991ce67d1e583c93e2f261243d9336fec2ad666dce6cf80e9067021625da90ebf8460b61493b10ef33808fcc87fff4af55f8dd86a3f1ae75ed60c4601dbcab1fc625d88e1ca42e272172dc333d8dc50da238b914a04bc94569dd84ecfa47367442686a0ad19dbf4965dbe080e98cc5c42fe2f255501c4a13932b81490c72e8ea9998a673763eeadf975715e3ba2f3ee9069da2bf72b1f94b2068698cb51ab25b77a2fe7a8d2fa10b0947148171e85edd4f61af6d0f4262c3d4b3d72bfd866a43334105e431244c04050c0f60c70337ecdc0ddf9adff140592e1afc2808136cbad1a724dcc7457d08a2742c3fbd86ead3dbbc48d8f3eb5e29acea170acad5522fe364994cfd08960eae8a1113d0720152ba0d910ab043f28de08764ad581a98de9fb8b8d18f4979fe38362b532d96f0453bc3706eb8d5309a9fec1b30cdc9e0263dd9a399aade149e3072e3fce72cd69be884668129f12e251120b5be79aea84ed7a14023835e6a6dc131783fcb9035d0d094f969a186e35ad85dfe5254bbba9feea1564b9e00e6689450c0024be57cd3ca8cb1bd05e3be577cfeb760f90e4b1500d99e29c0d528100efc04198d9d7324ff5d24f69b0a5c34cff8e233d759ad5a165a8c1255b799ea621e635ddb729ac3fdc10e5f08a0f995c7bab54ab6f2ab4b715053fe2665d5e5474cab58f90205cd92f9783ea2b6a466630dc3b0b632940f86125257424e4ed289c2cbf53ba0d57cd2a8912d16c0c344f92f8e0ba2c97a498226ef5f35ece29b9d17c7f291f44a282281f20e37bb4c1f0fe211739edecc4b5856cb4d35a6960033716f7ae4030e72acbdf76222bf49822dbb3e4eceae526fb7cf0284da668510177344f252b0ac6afb3e0e0e8f7b6cfbd4c4489e195c7b2e16dcf542a5b17617db672a8552496b0f97cc27fa3d4c75d3c859b1debef60543f9a31bce61340bdfca5931f5edbf1bee4db9ed3e74891b92ee92e8ff60c311b58c6968f5935a54c20fb078ccc09d1ddc3c08afdc2f9fcb2c16e3686fcfc45d345ca335859df27f90eddd9d7079f5dcb2e8130fc6b020b1f64db0d86072ab5d7d709174066e44c2adae788f35981410e470367f6199a512238660edc97ba5e408bed88dc25262c4c8510890550ed9b6565761c1cf51764511b69a3fd006fdaf1cd0465eba54b4c3ef943c21cff988b2a808a02ebf3893d043eb4b7b39503633f2d74609f56ab8cdf80d3ecf0ec0cf010c7d48d9b2c8cdf465987b209d0dea8e4c23b4109e580879a531001776340aa1b7f2874bae17d54c1503f698f74f3370a9e83a65d2d852eaa546ac55990a9592edc75f2444bf8f591d007f18aba3960df38f8edc709cdff6dcc466d1b48f9694e24a85d3097b77b42d200e02cd887a3c0c7d93544ddc1508607dd6e6b3554b9728c00e613a695c4afc8ea53e977ec40adc8b873ccf9cd831bff352ca66fde6d05cda94870f11cb7892a691ab668e466e273efd49d519328f7541e9bec93c1669e1cacc3795624bf88b8206524748ba2527a7aa5fe734265b8c5d61f338d20bcb421548850170f81b27fc57ecd8018e9739ba5af8710e87665905b641b6da26b3059a68731fb52dfdc6289b4972d83b1883336da80f9fab69917c5f6eb2925713b1ce16c34759a52789874273b5550055fa0dbed48055aed67f8772717dfb5da51d66e09d879122d4186185fa24475d0549bdcae4ffaa45a0709144726a5b500109329e9c6cec09dacba10c04eb100bc5abbf40c778bbf18e90944a945417f489d3d8a58d929951e9d0b92eb4a4aa5b8f91cbdcdcc26f743c1456c09a2b569ab3579679c5b158b76a1f51dc512a290f9b5cc642891b69658e88421f5d6b03ac23aa2fedd97875e45fa658a9598d8d994ac585ff51d588e2dbe5692076cb3c246d0e3ab6701007e51ca93d36c265e42f883bd38a4ef44532a6c9a08b8d85ec1273086f3abb911621abecbaf380bc5cbe2e71de272bc58279f64eceb9f1584c8e926fe4f43cf986e4bc1f2bbc2f75b04173e3f82dd017fc1d94bcc5a9116d3e07a85d9a3c7d0d1426f1c1cb02acc2b42e507c6370d508405f1be1563094bbf3486a8292967dadcc9eaa38ecb1e27f54ea9d24bd423cf57465ae0cccb88339f5b1c2b7320aeedf4e070791872d42e387879d720e3e7766e484f72f7c0fc7bf393c4956f0f0209c52c8913c946e6b3ec2648d42e573ea62914f932e862390e1c1bdf1e6e2994c04921e92ae9744ede6e540b9a13d843ab58e7d44dc7c3f5cafd925c10bd3e63aba31d3de698ba7b7f5904701f89577860de839a410fb079cc04cb48c63cf5a995fbfbec44c5b4bf21bcb5a39b105b810d5c4a696ecd579bcbcd2c59ff93e15bd8d107b0579542100391371b5391a44dc7120e17119811ef502807b83892b7d2e401018449013b28113fcd64063b793ae8c947b80f6780cb986e86834ebe4d7908a353d25437da0a36cf70ccb9df03aa61c58353027985b6474d7689b6b3b818a969b9cef364f3f6ed8394aabd076068b438e25878e04f8ab3d412da40352acc60988b89c58b477"}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000010c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfc, &(0x7f00000011c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001200), &(0x7f0000001240), 0x8, 0xe2, 0x8, 0x8, &(0x7f0000001280)}}, 0x10) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001480)={&(0x7f0000001400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@const={0x0, 0x0, 0x0, 0xa, 0x4}, @ptr={0x7, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x30, 0x5f, 0x61, 0x5f, 0x61, 0x2e]}}, &(0x7f0000001440)=""/44, 0x38, 0x2c, 0x0, 0x8}, 0x20) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001540), 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x12, &(0x7f0000001580)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc3}, @call={0x85, 0x0, 0x0, 0x54}], &(0x7f0000001640)='syzkaller\x00', 0x2, 0x2e, &(0x7f0000001680)=""/46, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000016c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x3, 0x4, 0x4}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001740)=[r0, r0, r0, r0], &(0x7f0000001780)=[{0x2, 0x4, 0x1, 0x5}, {0x1, 0x4, 0xc, 0x5}, {0x0, 0x5, 0x1, 0xa}, {0x4, 0x2, 0x0, 0x6}, {0x2, 0x2, 0x5, 0x8}, {0x5, 0x3, 0xa, 0xb}, {0x0, 0x4, 0xc, 0x8}, {0x5, 0x1, 0x2}, {0x3, 0x3, 0x6, 0x3}], 0x10, 0x8}, 0x90) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001980)={{0x1}, &(0x7f0000001900), &(0x7f0000001940)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001a40)={{0x1}, &(0x7f00000019c0), &(0x7f0000001a00)}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x14, 0x7, &(0x7f0000001040)=@raw=[@exit, @ldst={0x1, 0x3, 0x2, 0xb, 0xb, 0x30, 0xffffffffffffffff}, @tail_call], &(0x7f0000001080)='GPL\x00', 0x20, 0x0, 0x0, 0x41000, 0x8, '\x00', r1, 0x36, r2, 0x8, &(0x7f00000014c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000001500)={0x5, 0x9, 0x7fff, 0x4}, 0x10, r3, r4, 0x6, &(0x7f0000001a80)=[r0, r0, r5, r0, r0, r0, r0, r6], &(0x7f0000001ac0)=[{0x3, 0x3, 0xa, 0x3}, {0x1, 0x4, 0x9, 0x8}, {0x1, 0x5, 0xe, 0x3}, {0x2, 0x3, 0xc, 0x1}, {0x2, 0x2, 0xc, 0x9}, {0x4, 0x4, 0x1, 0x2}], 0x10, 0x6}, 0x90) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001000)={r0, &(0x7f0000000000)="f95a413eabd5cee8f111d8b8bf3df54973e4ed0c6126bdbfe3ba8d68143eeccdffa3469aaa6460dcde3b9d9fa35f040fdb241076823ec035e26a93974c8ef10473991b0816e782f0ee46905cb875e47503dd0beb0c75cad520394954402fc325aaa9b0ae7c58f85d08c4a6816fb2b8ff574539e2ddbf45910f5150f81386590f133456279d7ed546c21c2744594cdbaa0c207008fbde9f29dd9e6d55b0fe18cd65ad21f70ed9a012c44b713f586df48a5237d5fb406eff3d97ca810207e6f436baa012ff68a24c846d659805392f422d82c1c87d303013cf20cbfa1b5e3f291f5d5a68ba5e58ac17d7f93b5bfac64e546a6b821210826eb31624365b7c544a0aff2fdbd20179ec4051db35fe0ae52cac069180a1f09d4571416ade2b5cfd69eb58aa4791df995fc5c7d206f2619a1cb671af089f50e23237c7849edda46c9847ddde64f3329c5ac51077ccd6a7af0de5417441957c23341f3fc3a859dd9989c087c72f6e9ede5837d46d4eb344889491d7222a166c7e7d9336e82e117142869a8ce5c53905c7705c6293686c23b298e2c73606bf5ed239144df5a41472cbeb9e3abe71fce166537fb47c39f46dfedaaba86df40e854410f3d1420de84caf23dfb62ef11e95eae09e9d5d4ce25a5dd9d548c7360e70dd8024f13d3ff5deecc1fe38151efeb002f3826dba86d68ae94f5c7e83bd88754156e9e5b27e330ee240ebe6537a56beb5abd13760743dda6fdccb265877ed058222a8ff14f94a1bca7d07244a84034ce1d6f40c00d67482366ed14de4ea88475cde3df8a2c2f02dff54a15552cf6e6ade27ef18f73e33d9c6aeb74a5107ae3439f99fcbb351f7dedbbd074082b3ed6a4a0c2530187c6896d2e3fca474d490955b9e3bf262d562f2315693351ebcd57bcc5a5bced388d171765262bf9d5b4778c6fc52c6f52ab4fa15b60c7ce23f1da7e1c2285bdd525d8a5641ef7b46a97d71ac3c73b9fed17a2330248455591c71667da118b877c47d9b05af7b25f010cededa7cefefee555f69b46ced099eeed48c4524434019819841b996ce1fa81e19dd502cd021db0f36d5a2b6b509a07acb6116531b3457f2d6a1026c9223bb4fbac5bef2429bb9637c24cfa6966b3957df8f51078f0e9719327a5ef800c8edc7b5335fb1f7c0071b34b4ab56cb2bb69f48e1f473b63633febdb77b53bf0cd765dff1d8913e144e53ba8823d0ade62523092721794a7a00b25bdd0b87c398c124a38aafbc4d8f0f44d865ffbe3ca7eb06b329f420660ef95537fd0ee7c8433dbd0db7ae0421e06db02c3e0abd2f4123908ee4d38b0cca93ccd26408fbf880bd77bb41db0102eb03362ff71316c8b6aab4485ccae411e107b21503b8c2fca77f7088efe410d701e68936bf229f3b60ea2916954e36de83575a791201973323105e4da6c55a7138e52ef3642c58d18d90a4008030d0e14c5bcf7c35af4e5f22feae0010720a245d42403f86c4e223c014dae4a5a55c8f9fe79cbed9fda4ee5da147c8bd0f76f9cd4d8cf81f3c5c3115e7ec78b826e11fb147dea51d0307d44ee83e148a37dd5969b5670c9ff7673a13862e24959ca9c99e888c2e2a64eef6055d12288b49c9785e744bce265a12ac0d1dc4708561a4c94d6584c60fd4d10c2091744e0f08311909d1e9823651af3d1a12ac28ebdf9d1c191ea089f3edc1078048d1c5c7dd7256c01c8baaad210f3b7b34aae1064d00311a676ccd02db0fbb3d8a3b4aa3fa06d673b66aa4465a4cf81a6354ec55493fdfaa89b8faac12855ed8bc32a2dc91a1fdd3ad0b558ec80e1316632e052f69eeb54e8a43b84aa51cd317370d16adbda489df1ed6f3ad5a34a4b83e6f157db18bc39c22bfdb4435400713d1e2b8be21954c7df547057246ebae8d4c76d30de152b7134fe6ceb1b60a7bda3401c9c9e4f703fac07eb348d4b81174c9b4a02bdd5211b15b8c080f0c8a8af66241f4e287df45820105b1fed0fb5a305d3da27993d9d81077a6c62c1f5bdb9ad5d3f8cf365864d0699a3871659ffcc2bfda554283bf684c078ea0fe8a10bb157ff29e007d1db26b6dd929adc39ba72ca351f8e64128ed57737869b535e5a8fd9fd83591c29b90415e40d1cdc017b7a7433e653ec46014cfc8ee67b22e228f36d8700c9a596b204c5ab6f7046942c681694a1676679e6c91a07f705e89c18ed08d1e6fe0306bd9b985ba3acb616ed27dcc7f69e192ce85919133d9ac7056db2329c75ef98e898ca925587ffde371a1f23de77806f5ff18a3d86e590709790ebeeb9a1c9968538b9c41434afb0987980c7f3582fa99c5445eca3db3639733db0f22cac4123602b054f19a13ccf1304b9fd046e6993f167f2c1ebfdeafa2bf58fb7725fab1f08da7259c6fc502895071c3864e8b1fb15609abaf0eb83c793aeee500d4648d20dd281eb3142e9865c5234243a3873baa46bc3af89c038e9cbaa1053fccdd42b0ba8661a3419ec4c8e2f2c6c20f5e96358ce9f6c6254fa59ecc38481c914e6e70dd69e6b94a25b9616b3da2e2005cec3875853fede4a9e4c570c30e522f12f4e8be5e881d4b2d916dc53cc37b6f24bde16286412653bc15db1cab5db9162364e768413cfb357933f868703f78151ca8396d3316621f059182414a5d24dfc309a8f2d3c5af2dfc22151d8f71ecf0c985871ea216e0fa8df017dd9ecf1a95e23f9f22a56234bdeb0d983bec1a7e3747769ef99fd313ccdf490df8431c818804082f8c9474742332249a504ca5714b33dc04a7a0f60b6a217b0d052aa5c450177016b450ca2962578cf48aafb89aa10042e0328e83abbb233b22f0bb858338860f1aefc8be40a99ad489f6eafe42e146711b88cafe08696ebe1fa47cc89abadf95ee9a5c5290ff96b5459b8ef82272d4d22dd92971745948afc91d80bc958101d90aeae0f21816926d806d9d67604b15531cd616d2018700627616c2dc9cb000e75971a3e581f7207d2d92c4ee9b1e55e7c5fb380a2a63e8a856889e49b085b0751459b98ecd59246ed448c3b4a83a552ba7148474451f8b86e4a4ed1d905cd1f9f161d827d11ac5ee5ee95b6b4e8476740d24b337950e6a5b63745f15e1dd31d6ff2aa3c42c93cac2baaeea8003fa8ef908472f6ce2ce2b3c9ea90f373f8ee49c2f9044e23955652b03a511a9db474bb0365a131a08ddc6eec0d099d2825fb4364491867f1ebe88156b6e8f8bcb6ad1c625991ce67d1e583c93e2f261243d9336fec2ad666dce6cf80e9067021625da90ebf8460b61493b10ef33808fcc87fff4af55f8dd86a3f1ae75ed60c4601dbcab1fc625d88e1ca42e272172dc333d8dc50da238b914a04bc94569dd84ecfa47367442686a0ad19dbf4965dbe080e98cc5c42fe2f255501c4a13932b81490c72e8ea9998a673763eeadf975715e3ba2f3ee9069da2bf72b1f94b2068698cb51ab25b77a2fe7a8d2fa10b0947148171e85edd4f61af6d0f4262c3d4b3d72bfd866a43334105e431244c04050c0f60c70337ecdc0ddf9adff140592e1afc2808136cbad1a724dcc7457d08a2742c3fbd86ead3dbbc48d8f3eb5e29acea170acad5522fe364994cfd08960eae8a1113d0720152ba0d910ab043f28de08764ad581a98de9fb8b8d18f4979fe38362b532d96f0453bc3706eb8d5309a9fec1b30cdc9e0263dd9a399aade149e3072e3fce72cd69be884668129f12e251120b5be79aea84ed7a14023835e6a6dc131783fcb9035d0d094f969a186e35ad85dfe5254bbba9feea1564b9e00e6689450c0024be57cd3ca8cb1bd05e3be577cfeb760f90e4b1500d99e29c0d528100efc04198d9d7324ff5d24f69b0a5c34cff8e233d759ad5a165a8c1255b799ea621e635ddb729ac3fdc10e5f08a0f995c7bab54ab6f2ab4b715053fe2665d5e5474cab58f90205cd92f9783ea2b6a466630dc3b0b632940f86125257424e4ed289c2cbf53ba0d57cd2a8912d16c0c344f92f8e0ba2c97a498226ef5f35ece29b9d17c7f291f44a282281f20e37bb4c1f0fe211739edecc4b5856cb4d35a6960033716f7ae4030e72acbdf76222bf49822dbb3e4eceae526fb7cf0284da668510177344f252b0ac6afb3e0e0e8f7b6cfbd4c4489e195c7b2e16dcf542a5b17617db672a8552496b0f97cc27fa3d4c75d3c859b1debef60543f9a31bce61340bdfca5931f5edbf1bee4db9ed3e74891b92ee92e8ff60c311b58c6968f5935a54c20fb078ccc09d1ddc3c08afdc2f9fcb2c16e3686fcfc45d345ca335859df27f90eddd9d7079f5dcb2e8130fc6b020b1f64db0d86072ab5d7d709174066e44c2adae788f35981410e470367f6199a512238660edc97ba5e408bed88dc25262c4c8510890550ed9b6565761c1cf51764511b69a3fd006fdaf1cd0465eba54b4c3ef943c21cff988b2a808a02ebf3893d043eb4b7b39503633f2d74609f56ab8cdf80d3ecf0ec0cf010c7d48d9b2c8cdf465987b209d0dea8e4c23b4109e580879a531001776340aa1b7f2874bae17d54c1503f698f74f3370a9e83a65d2d852eaa546ac55990a9592edc75f2444bf8f591d007f18aba3960df38f8edc709cdff6dcc466d1b48f9694e24a85d3097b77b42d200e02cd887a3c0c7d93544ddc1508607dd6e6b3554b9728c00e613a695c4afc8ea53e977ec40adc8b873ccf9cd831bff352ca66fde6d05cda94870f11cb7892a691ab668e466e273efd49d519328f7541e9bec93c1669e1cacc3795624bf88b8206524748ba2527a7aa5fe734265b8c5d61f338d20bcb421548850170f81b27fc57ecd8018e9739ba5af8710e87665905b641b6da26b3059a68731fb52dfdc6289b4972d83b1883336da80f9fab69917c5f6eb2925713b1ce16c34759a52789874273b5550055fa0dbed48055aed67f8772717dfb5da51d66e09d879122d4186185fa24475d0549bdcae4ffaa45a0709144726a5b500109329e9c6cec09dacba10c04eb100bc5abbf40c778bbf18e90944a945417f489d3d8a58d929951e9d0b92eb4a4aa5b8f91cbdcdcc26f743c1456c09a2b569ab3579679c5b158b76a1f51dc512a290f9b5cc642891b69658e88421f5d6b03ac23aa2fedd97875e45fa658a9598d8d994ac585ff51d588e2dbe5692076cb3c246d0e3ab6701007e51ca93d36c265e42f883bd38a4ef44532a6c9a08b8d85ec1273086f3abb911621abecbaf380bc5cbe2e71de272bc58279f64eceb9f1584c8e926fe4f43cf986e4bc1f2bbc2f75b04173e3f82dd017fc1d94bcc5a9116d3e07a85d9a3c7d0d1426f1c1cb02acc2b42e507c6370d508405f1be1563094bbf3486a8292967dadcc9eaa38ecb1e27f54ea9d24bd423cf57465ae0cccb88339f5b1c2b7320aeedf4e070791872d42e387879d720e3e7766e484f72f7c0fc7bf393c4956f0f0209c52c8913c946e6b3ec2648d42e573ea62914f932e862390e1c1bdf1e6e2994c04921e92ae9744ede6e540b9a13d843ab58e7d44dc7c3f5cafd925c10bd3e63aba31d3de698ba7b7f5904701f89577860de839a410fb079cc04cb48c63cf5a995fbfbec44c5b4bf21bcb5a39b105b810d5c4a696ecd579bcbcd2c59ff93e15bd8d107b0579542100391371b5391a44dc7120e17119811ef502807b83892b7d2e401018449013b28113fcd64063b793ae8c947b80f6780cb986e86834ebe4d7908a353d25437da0a36cf70ccb9df03aa61c58353027985b6474d7689b6b3b818a969b9cef364f3f6ed8394aabd076068b438e25878e04f8ab3d412da40352acc60988b89c58b477"}, 0x20) (async)

06:59:14 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:14 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000010c0)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfc, &(0x7f00000011c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001200), &(0x7f0000001240), 0x8, 0xe2, 0x8, 0x8, &(0x7f0000001280)}}, 0x10) (async)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001480)={&(0x7f0000001400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@const={0x0, 0x0, 0x0, 0xa, 0x4}, @ptr={0x7, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x30, 0x5f, 0x61, 0x5f, 0x61, 0x2e]}}, &(0x7f0000001440)=""/44, 0x38, 0x2c, 0x0, 0x8}, 0x20) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001540)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x12, &(0x7f0000001580)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc3}, @call={0x85, 0x0, 0x0, 0x54}], &(0x7f0000001640)='syzkaller\x00', 0x2, 0x2e, &(0x7f0000001680)=""/46, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000016c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x3, 0x4, 0x4}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000001740)=[r0, r0, r0, r0], &(0x7f0000001780)=[{0x2, 0x4, 0x1, 0x5}, {0x1, 0x4, 0xc, 0x5}, {0x0, 0x5, 0x1, 0xa}, {0x4, 0x2, 0x0, 0x6}, {0x2, 0x2, 0x5, 0x8}, {0x5, 0x3, 0xa, 0xb}, {0x0, 0x4, 0xc, 0x8}, {0x5, 0x1, 0x2}, {0x3, 0x3, 0x6, 0x3}], 0x10, 0x8}, 0x90) (async, rerun: 32)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001980)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f0000001900), &(0x7f0000001940)}, 0x20) (rerun: 32)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001a40)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f00000019c0), &(0x7f0000001a00)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x14, 0x7, &(0x7f0000001040)=@raw=[@exit, @ldst={0x1, 0x3, 0x2, 0xb, 0xb, 0x30, 0xffffffffffffffff}, @tail_call], &(0x7f0000001080)='GPL\x00', 0x20, 0x0, 0x0, 0x41000, 0x8, '\x00', r1, 0x36, r2, 0x8, &(0x7f00000014c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000001500)={0x5, 0x9, 0x7fff, 0x4}, 0x10, r3, r4, 0x6, &(0x7f0000001a80)=[r0, r0, r5, r0, r0, r0, r0, r6], &(0x7f0000001ac0)=[{0x3, 0x3, 0xa, 0x3}, {0x1, 0x4, 0x9, 0x8}, {0x1, 0x5, 0xe, 0x3}, {0x2, 0x3, 0xc, 0x1}, {0x2, 0x2, 0xc, 0x9}, {0x4, 0x4, 0x1, 0x2}], 0x10, 0x6}, 0x90) (async, rerun: 32)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001000)={r0, &(0x7f0000000000)="f95a413eabd5cee8f111d8b8bf3df54973e4ed0c6126bdbfe3ba8d68143eeccdffa3469aaa6460dcde3b9d9fa35f040fdb241076823ec035e26a93974c8ef10473991b0816e782f0ee46905cb875e47503dd0beb0c75cad520394954402fc325aaa9b0ae7c58f85d08c4a6816fb2b8ff574539e2ddbf45910f5150f81386590f133456279d7ed546c21c2744594cdbaa0c207008fbde9f29dd9e6d55b0fe18cd65ad21f70ed9a012c44b713f586df48a5237d5fb406eff3d97ca810207e6f436baa012ff68a24c846d659805392f422d82c1c87d303013cf20cbfa1b5e3f291f5d5a68ba5e58ac17d7f93b5bfac64e546a6b821210826eb31624365b7c544a0aff2fdbd20179ec4051db35fe0ae52cac069180a1f09d4571416ade2b5cfd69eb58aa4791df995fc5c7d206f2619a1cb671af089f50e23237c7849edda46c9847ddde64f3329c5ac51077ccd6a7af0de5417441957c23341f3fc3a859dd9989c087c72f6e9ede5837d46d4eb344889491d7222a166c7e7d9336e82e117142869a8ce5c53905c7705c6293686c23b298e2c73606bf5ed239144df5a41472cbeb9e3abe71fce166537fb47c39f46dfedaaba86df40e854410f3d1420de84caf23dfb62ef11e95eae09e9d5d4ce25a5dd9d548c7360e70dd8024f13d3ff5deecc1fe38151efeb002f3826dba86d68ae94f5c7e83bd88754156e9e5b27e330ee240ebe6537a56beb5abd13760743dda6fdccb265877ed058222a8ff14f94a1bca7d07244a84034ce1d6f40c00d67482366ed14de4ea88475cde3df8a2c2f02dff54a15552cf6e6ade27ef18f73e33d9c6aeb74a5107ae3439f99fcbb351f7dedbbd074082b3ed6a4a0c2530187c6896d2e3fca474d490955b9e3bf262d562f2315693351ebcd57bcc5a5bced388d171765262bf9d5b4778c6fc52c6f52ab4fa15b60c7ce23f1da7e1c2285bdd525d8a5641ef7b46a97d71ac3c73b9fed17a2330248455591c71667da118b877c47d9b05af7b25f010cededa7cefefee555f69b46ced099eeed48c4524434019819841b996ce1fa81e19dd502cd021db0f36d5a2b6b509a07acb6116531b3457f2d6a1026c9223bb4fbac5bef2429bb9637c24cfa6966b3957df8f51078f0e9719327a5ef800c8edc7b5335fb1f7c0071b34b4ab56cb2bb69f48e1f473b63633febdb77b53bf0cd765dff1d8913e144e53ba8823d0ade62523092721794a7a00b25bdd0b87c398c124a38aafbc4d8f0f44d865ffbe3ca7eb06b329f420660ef95537fd0ee7c8433dbd0db7ae0421e06db02c3e0abd2f4123908ee4d38b0cca93ccd26408fbf880bd77bb41db0102eb03362ff71316c8b6aab4485ccae411e107b21503b8c2fca77f7088efe410d701e68936bf229f3b60ea2916954e36de83575a791201973323105e4da6c55a7138e52ef3642c58d18d90a4008030d0e14c5bcf7c35af4e5f22feae0010720a245d42403f86c4e223c014dae4a5a55c8f9fe79cbed9fda4ee5da147c8bd0f76f9cd4d8cf81f3c5c3115e7ec78b826e11fb147dea51d0307d44ee83e148a37dd5969b5670c9ff7673a13862e24959ca9c99e888c2e2a64eef6055d12288b49c9785e744bce265a12ac0d1dc4708561a4c94d6584c60fd4d10c2091744e0f08311909d1e9823651af3d1a12ac28ebdf9d1c191ea089f3edc1078048d1c5c7dd7256c01c8baaad210f3b7b34aae1064d00311a676ccd02db0fbb3d8a3b4aa3fa06d673b66aa4465a4cf81a6354ec55493fdfaa89b8faac12855ed8bc32a2dc91a1fdd3ad0b558ec80e1316632e052f69eeb54e8a43b84aa51cd317370d16adbda489df1ed6f3ad5a34a4b83e6f157db18bc39c22bfdb4435400713d1e2b8be21954c7df547057246ebae8d4c76d30de152b7134fe6ceb1b60a7bda3401c9c9e4f703fac07eb348d4b81174c9b4a02bdd5211b15b8c080f0c8a8af66241f4e287df45820105b1fed0fb5a305d3da27993d9d81077a6c62c1f5bdb9ad5d3f8cf365864d0699a3871659ffcc2bfda554283bf684c078ea0fe8a10bb157ff29e007d1db26b6dd929adc39ba72ca351f8e64128ed57737869b535e5a8fd9fd83591c29b90415e40d1cdc017b7a7433e653ec46014cfc8ee67b22e228f36d8700c9a596b204c5ab6f7046942c681694a1676679e6c91a07f705e89c18ed08d1e6fe0306bd9b985ba3acb616ed27dcc7f69e192ce85919133d9ac7056db2329c75ef98e898ca925587ffde371a1f23de77806f5ff18a3d86e590709790ebeeb9a1c9968538b9c41434afb0987980c7f3582fa99c5445eca3db3639733db0f22cac4123602b054f19a13ccf1304b9fd046e6993f167f2c1ebfdeafa2bf58fb7725fab1f08da7259c6fc502895071c3864e8b1fb15609abaf0eb83c793aeee500d4648d20dd281eb3142e9865c5234243a3873baa46bc3af89c038e9cbaa1053fccdd42b0ba8661a3419ec4c8e2f2c6c20f5e96358ce9f6c6254fa59ecc38481c914e6e70dd69e6b94a25b9616b3da2e2005cec3875853fede4a9e4c570c30e522f12f4e8be5e881d4b2d916dc53cc37b6f24bde16286412653bc15db1cab5db9162364e768413cfb357933f868703f78151ca8396d3316621f059182414a5d24dfc309a8f2d3c5af2dfc22151d8f71ecf0c985871ea216e0fa8df017dd9ecf1a95e23f9f22a56234bdeb0d983bec1a7e3747769ef99fd313ccdf490df8431c818804082f8c9474742332249a504ca5714b33dc04a7a0f60b6a217b0d052aa5c450177016b450ca2962578cf48aafb89aa10042e0328e83abbb233b22f0bb858338860f1aefc8be40a99ad489f6eafe42e146711b88cafe08696ebe1fa47cc89abadf95ee9a5c5290ff96b5459b8ef82272d4d22dd92971745948afc91d80bc958101d90aeae0f21816926d806d9d67604b15531cd616d2018700627616c2dc9cb000e75971a3e581f7207d2d92c4ee9b1e55e7c5fb380a2a63e8a856889e49b085b0751459b98ecd59246ed448c3b4a83a552ba7148474451f8b86e4a4ed1d905cd1f9f161d827d11ac5ee5ee95b6b4e8476740d24b337950e6a5b63745f15e1dd31d6ff2aa3c42c93cac2baaeea8003fa8ef908472f6ce2ce2b3c9ea90f373f8ee49c2f9044e23955652b03a511a9db474bb0365a131a08ddc6eec0d099d2825fb4364491867f1ebe88156b6e8f8bcb6ad1c625991ce67d1e583c93e2f261243d9336fec2ad666dce6cf80e9067021625da90ebf8460b61493b10ef33808fcc87fff4af55f8dd86a3f1ae75ed60c4601dbcab1fc625d88e1ca42e272172dc333d8dc50da238b914a04bc94569dd84ecfa47367442686a0ad19dbf4965dbe080e98cc5c42fe2f255501c4a13932b81490c72e8ea9998a673763eeadf975715e3ba2f3ee9069da2bf72b1f94b2068698cb51ab25b77a2fe7a8d2fa10b0947148171e85edd4f61af6d0f4262c3d4b3d72bfd866a43334105e431244c04050c0f60c70337ecdc0ddf9adff140592e1afc2808136cbad1a724dcc7457d08a2742c3fbd86ead3dbbc48d8f3eb5e29acea170acad5522fe364994cfd08960eae8a1113d0720152ba0d910ab043f28de08764ad581a98de9fb8b8d18f4979fe38362b532d96f0453bc3706eb8d5309a9fec1b30cdc9e0263dd9a399aade149e3072e3fce72cd69be884668129f12e251120b5be79aea84ed7a14023835e6a6dc131783fcb9035d0d094f969a186e35ad85dfe5254bbba9feea1564b9e00e6689450c0024be57cd3ca8cb1bd05e3be577cfeb760f90e4b1500d99e29c0d528100efc04198d9d7324ff5d24f69b0a5c34cff8e233d759ad5a165a8c1255b799ea621e635ddb729ac3fdc10e5f08a0f995c7bab54ab6f2ab4b715053fe2665d5e5474cab58f90205cd92f9783ea2b6a466630dc3b0b632940f86125257424e4ed289c2cbf53ba0d57cd2a8912d16c0c344f92f8e0ba2c97a498226ef5f35ece29b9d17c7f291f44a282281f20e37bb4c1f0fe211739edecc4b5856cb4d35a6960033716f7ae4030e72acbdf76222bf49822dbb3e4eceae526fb7cf0284da668510177344f252b0ac6afb3e0e0e8f7b6cfbd4c4489e195c7b2e16dcf542a5b17617db672a8552496b0f97cc27fa3d4c75d3c859b1debef60543f9a31bce61340bdfca5931f5edbf1bee4db9ed3e74891b92ee92e8ff60c311b58c6968f5935a54c20fb078ccc09d1ddc3c08afdc2f9fcb2c16e3686fcfc45d345ca335859df27f90eddd9d7079f5dcb2e8130fc6b020b1f64db0d86072ab5d7d709174066e44c2adae788f35981410e470367f6199a512238660edc97ba5e408bed88dc25262c4c8510890550ed9b6565761c1cf51764511b69a3fd006fdaf1cd0465eba54b4c3ef943c21cff988b2a808a02ebf3893d043eb4b7b39503633f2d74609f56ab8cdf80d3ecf0ec0cf010c7d48d9b2c8cdf465987b209d0dea8e4c23b4109e580879a531001776340aa1b7f2874bae17d54c1503f698f74f3370a9e83a65d2d852eaa546ac55990a9592edc75f2444bf8f591d007f18aba3960df38f8edc709cdff6dcc466d1b48f9694e24a85d3097b77b42d200e02cd887a3c0c7d93544ddc1508607dd6e6b3554b9728c00e613a695c4afc8ea53e977ec40adc8b873ccf9cd831bff352ca66fde6d05cda94870f11cb7892a691ab668e466e273efd49d519328f7541e9bec93c1669e1cacc3795624bf88b8206524748ba2527a7aa5fe734265b8c5d61f338d20bcb421548850170f81b27fc57ecd8018e9739ba5af8710e87665905b641b6da26b3059a68731fb52dfdc6289b4972d83b1883336da80f9fab69917c5f6eb2925713b1ce16c34759a52789874273b5550055fa0dbed48055aed67f8772717dfb5da51d66e09d879122d4186185fa24475d0549bdcae4ffaa45a0709144726a5b500109329e9c6cec09dacba10c04eb100bc5abbf40c778bbf18e90944a945417f489d3d8a58d929951e9d0b92eb4a4aa5b8f91cbdcdcc26f743c1456c09a2b569ab3579679c5b158b76a1f51dc512a290f9b5cc642891b69658e88421f5d6b03ac23aa2fedd97875e45fa658a9598d8d994ac585ff51d588e2dbe5692076cb3c246d0e3ab6701007e51ca93d36c265e42f883bd38a4ef44532a6c9a08b8d85ec1273086f3abb911621abecbaf380bc5cbe2e71de272bc58279f64eceb9f1584c8e926fe4f43cf986e4bc1f2bbc2f75b04173e3f82dd017fc1d94bcc5a9116d3e07a85d9a3c7d0d1426f1c1cb02acc2b42e507c6370d508405f1be1563094bbf3486a8292967dadcc9eaa38ecb1e27f54ea9d24bd423cf57465ae0cccb88339f5b1c2b7320aeedf4e070791872d42e387879d720e3e7766e484f72f7c0fc7bf393c4956f0f0209c52c8913c946e6b3ec2648d42e573ea62914f932e862390e1c1bdf1e6e2994c04921e92ae9744ede6e540b9a13d843ab58e7d44dc7c3f5cafd925c10bd3e63aba31d3de698ba7b7f5904701f89577860de839a410fb079cc04cb48c63cf5a995fbfbec44c5b4bf21bcb5a39b105b810d5c4a696ecd579bcbcd2c59ff93e15bd8d107b0579542100391371b5391a44dc7120e17119811ef502807b83892b7d2e401018449013b28113fcd64063b793ae8c947b80f6780cb986e86834ebe4d7908a353d25437da0a36cf70ccb9df03aa61c58353027985b6474d7689b6b3b818a969b9cef364f3f6ed8394aabd076068b438e25878e04f8ab3d412da40352acc60988b89c58b477"}, 0x20) (rerun: 32)

06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1a00, 0x43451)

[  579.070697][T19856] FAULT_INJECTION: forcing a failure.
[  579.070697][T19856] name failslab, interval 1, probability 0, space 0, times 0
[  579.108726][T19856] CPU: 1 PID: 19856 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  579.120291][T19856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  579.130184][T19856] Call Trace:
[  579.133307][T19856]  <TASK>
[  579.136084][T19856]  dump_stack_lvl+0x151/0x1b7
[  579.140598][T19856]  ? io_uring_drop_tctx_refs+0x190/0x190
[  579.146066][T19856]  dump_stack+0x15/0x17
[  579.150054][T19856]  should_fail+0x3c6/0x510
[  579.154310][T19856]  __should_failslab+0xa4/0xe0
[  579.158908][T19856]  ? vm_area_dup+0x26/0x230
[  579.163254][T19856]  should_failslab+0x9/0x20
[  579.167585][T19856]  slab_pre_alloc_hook+0x37/0xd0
[  579.172361][T19856]  ? vm_area_dup+0x26/0x230
[  579.176698][T19856]  kmem_cache_alloc+0x44/0x200
[  579.181300][T19856]  vm_area_dup+0x26/0x230
[  579.185468][T19856]  copy_mm+0x9a1/0x13e0
[  579.189472][T19856]  ? irqentry_exit+0x30/0x40
[  579.193890][T19856]  ? copy_signal+0x610/0x610
[  579.198322][T19856]  ? __init_rwsem+0xd6/0x1c0
[  579.202738][T19856]  ? copy_signal+0x4e3/0x610
[  579.207165][T19856]  copy_process+0x1149/0x3290
[  579.211685][T19856]  ? timerqueue_add+0x250/0x270
[  579.216367][T19856]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  579.221310][T19856]  ? enqueue_hrtimer+0xca/0x240
[  579.226084][T19856]  ? __hrtimer_run_queues+0x46b/0xad0
[  579.231293][T19856]  kernel_clone+0x21e/0x9e0
[  579.235726][T19856]  ? create_io_thread+0x1e0/0x1e0
[  579.240583][T19856]  ? clockevents_program_event+0x22f/0x300
[  579.246226][T19856]  __x64_sys_clone+0x23f/0x290
[  579.250825][T19856]  ? __do_sys_vfork+0x130/0x130
[  579.255515][T19856]  do_syscall_64+0x3d/0xb0
[  579.259760][T19856]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  579.265401][T19856]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  579.271131][T19856] RIP: 0033:0x7f7b6d82fda9
[  579.275394][T19856] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  579.294824][T19856] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  579.303071][T19856] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  579.310881][T19856] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:14 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xb)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  579.318709][T19856] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  579.326505][T19856] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  579.334401][T19856] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  579.342221][T19856]  </TASK>
06:59:14 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1b00, 0x43451)

06:59:14 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 49)

06:59:14 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xb) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 64)

[  579.454344][T19890] FAULT_INJECTION: forcing a failure.
[  579.454344][T19890] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  579.471910][T19890] CPU: 1 PID: 19890 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  579.483483][T19890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  579.493382][T19890] Call Trace:
[  579.496504][T19890]  <TASK>
[  579.499276][T19890]  dump_stack_lvl+0x151/0x1b7
06:59:14 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000580), 0x7, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r0, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0xb, [@const={0x10, 0x0, 0x0, 0xa, 0x1}, @enum={0xa, 0x3, 0x0, 0x6, 0x4, [{0x0, 0xe068}, {0x6, 0x7f}, {0x0, 0x16}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0xfffffff7, [{0x7, 0x3, 0x2}]}, @volatile={0x6}, @struct={0xa, 0x2, 0x0, 0x4, 0x1, 0x8, [{0x8, 0x1, 0x4}, {0x7, 0x4, 0xfffa}]}]}, {0x0, [0x5f, 0x5f, 0x61, 0x2e, 0x61, 0x5f, 0x5f, 0x2e, 0x5f]}}, &(0x7f0000000400)=""/201, 0x9b, 0xc9, 0x0, 0x3}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x40, 0x6, 0x8}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x4d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r3}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x43}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x80) (async)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000003280)={0x9, 0xb, &(0x7f0000002d00)=ANY=[@ANYBLOB="180000000600000000000000ff0f0000a5505000ffffffff184418000400000000000000000000001800000009cc0000000000007f000000180000000900000000000000a508000009000004780000009500000000000000"], &(0x7f0000002d80)='syzkaller\x00', 0x15f3f2ff, 0x0, 0x0, 0x41100, 0xc47e261320a72d87, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f00000031c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000003200)={0x4, 0x0, 0x0, 0xffffffff}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000003240)=[0xffffffffffffffff, r5, r6, r3, r6], 0x0, 0x10, 0x2}, 0x90) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000580), 0x7, r7}, 0x38)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000f80)=@o_path={&(0x7f0000000f40)='./file0\x00', 0x0, 0x4000, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x15, 0x11, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000be01000000000000ff0f000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000006b702000014000000b70300000000000085000000830000008dbf090000000000005509010000000000950000000000000006000000000000008520000003000000bf91000000000000b7faffffffffffffff00000084000000b70000000000000000004daadcad9ab680de799479a0c0cf7dda9d9fd01c32a9a8725ebe55b4c3f4e6387b626dbdf9eee52a00b5b0ac9a556e18998a05d7276c987d52e181e267a6a6cf1d416b4070754c66e4642e86422289a904f26a2ec4ebf37f2bfd052f5a70be5ed922967864d6b16d09dc1e79ed819c3fa1c3fa7ea326d70c63a99ece42f9e8ec202b4d517ea6fcaca4c9ac1b2eabd656afa03d6d0d2772ec267ba337efb1673282f49f1f9a5688da4224865e60ae434e6eb7c9b412141901cbddc8acf6553eca24ee81fc4e8bb34024db2e9eada5a209184522e3151a648493bf2ea49c874bdfc3c10c44850d39655cb11e676603c9a0973d5f527a55aecee437df8de2ec9c722704263eea303ec942966d1a17149ba4e5429ada29f287b7be9de6ff10366925ecba6a162b1e2048edd1ed74274671877a56191769abb2b89772533ca97b05458b55af07a179d8e3122be7e9ad846a5abaa4a3bf5c756bca8226863f8289409a1b57ae4ec335a78448bfd38281ddd01ee3476771d1edc97d3cdc40667aa8298e6f76c34df53903bf39e7cd7bbbac7a4f17fc"], &(0x7f0000000bc0)='GPL\x00', 0x81, 0x1000, &(0x7f0000004340)=""/4096, 0x41100, 0x40, '\x00', 0x0, 0x16, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000f00)={0x2, 0x4, 0x3, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, &(0x7f0000000fc0)=[r8], &(0x7f0000001000)=[{0x4, 0x5, 0x8, 0xa}, {0x5, 0x3, 0x9, 0x1}, {0x4, 0x5, 0xa, 0xb}, {0x1, 0x5, 0x10, 0x9}]}, 0x90) (async, rerun: 32)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r7, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20) (async, rerun: 32)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x4, '\x00', 0x0, r1, 0x4, 0x0, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0x16, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5b1, 0x0, 0x0, 0x0, 0x9}, [@printk={@x}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @ldst={0x3, 0x1, 0x0, 0x2, 0x9, 0x50, 0x4}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f0000000840)='GPL\x00', 0xfff, 0x1000, &(0x7f0000003340)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x10, 0xffffffff, 0x7}, 0x10, 0xffffffffffffffff, r6, 0x6, &(0x7f0000000980)=[r2, r2, r9], &(0x7f00000009c0)=[{0x2, 0x5, 0x9, 0x8}, {0x5, 0x1, 0x6, 0x4}, {0x0, 0x3, 0xf, 0x8}, {0x1, 0x3, 0xf, 0xa}, {0x0, 0x1, 0x7, 0xa}, {0x4, 0x3, 0xfff, 0x9}], 0x10, 0xfff}, 0x90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10) (async)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x40106614, &(0x7f0000000040)) (async)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48) (async)
sendmsg$unix(r12, &(0x7f0000002c00)={&(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002b80)=[{&(0x7f0000000540)="74da39acfac2ee77b5ce5fcb920a698c7a79136a5f779c025e01145e394429871f45b07d98", 0x25}, {&(0x7f0000001800)="6157c6825940804438ba756b0d5a8cd3df89eefebde16201f3711162347dcc40616fa1f378293f950af0d594a10a32d6f1e85f381192492cc7846033834aac07f135903c67ecffefbd3d2068a69a862929777a4dc2afca5078532f94c10a2886fd42644a8123c5283c9278bbbfb0e066e7354ef950af7b790950bbbadccc1a72240a84fec26346c90bb61c3f93844adb1b5986", 0x93}, {&(0x7f00000018c0)="ca05365726f6cdb126f0e65b311be1299404b1e289f141d5bef538", 0x1b}, {&(0x7f0000001900)="88faf3a165da93d0a38b4470931f23d2f75cb072c5156d13bf9a71b215d8d22be80661bb82511bb10621ef64ea2acbe2605c167a67d3a888908ae00cb415d1a8cbed96d7492ca34c09a80d3debb4e5286199bfcfec066c1f3b69fc96dc976542ab870ad9c17213a15f4d3433dafabd6d67a44c0fd5620b953b2890cc18171bfa4ed257cb11b924630f2d821bf517967edeec41f963ed37420d7a7f43b6df5df2e30801d21c03960b3e592466dcfaf006ff4b37c511b10ba8a76f00f90996d75a8e9265a5d605b8ef7b1b5f25160e29d91f98473f71401dfe41c2f3217ee4a893ef217c2ed33401ca151f9852e8173a18e72654769653797fb4712d318c6114b6e2ee93d3da1eb05cab6c80f11fbd28187f8cd49fdf4bb67b52efbaced49c7e65c49cc80ab111976677cf1485152bb5c6160fe827b20cf2e079a0a06bf73283abe9e59d416b3d7c1f6582f1aefc2cc42790a5bb7f8bb6d040a8d4a9c0a4f8efde601d8a2639c148eb50b2d5f8061c97be4fc8a881500e6115210ef59670b36e37ca83cac0ea0e0e065829a0469b78e2ae04b75ed145252383daab2fe01d0a75cfc20774603f136bd0b84e0de19a7d61b732644d3a8c926ea365ca2d04f0cbf8aee7624c2b372314402573af6168aa894f84ce287095ab9a5af9aef2510e76473a6b68c40fc3d174a049eec9e4570e200f7fee113a6bf49da8659c49c2ca6365fdc8b276ccc9c5e83b89dcf82b73f0ab95daa716d06553d96f0c8bd368276eb779c7fa06ddf09a0693476d62dfd9599a40c90a66d4c0ce512aeac1ab2fde9c7998e1e0151f7ed802bf919f9087c6284d64d47ee94f23f42fbdf5247729ab2a814d228346215a1e8673ccec443ce0c8cbe63a108f503ca7d40886c165ebd0d9487fc4b0832ad36bc067361072dfc13b95cf94e1fd319492969f903936545b6d20ae9c9b8fa8fde8722d2be8e91a950232d76882d76167ab33a639b5e5ea7900bf0d3f3d3d0eac9f33cef09afe08fead3860523472218e42b84f68b640c87884a5d821db993a2aba0fa9877bcae768a4f52527ac6227fcfb13811bc93180c3b400041881c02e3d01ffdb02890225bcbb6965480077887dd46e8faa89d502c14b4b3a28404cecd51e42548a6cb1ea775047d6110e3a771e0e9847553b8fe0c381ec896145383909c29967498214934719b561bf3557ac72f758b631bfd01ce8dadf2f526852c46dd350db29751697e7d34200d9f623256c109ad96387bb19d95e2e8f83031a4162d30d4cd79a477b1685a05e8fadd73536c54c3907d77c691144e67fb43222686f10b2fc2181e732802095b153581b1a5ecd291a01d5a88d1384e092f4f3a81122af9783590fadec0710be0ed5e7bf8e1d0eb555dce6306ebb6ce403e31cf55c2f9d48117908fcdc405a32a98f80acdf5f4d3eea54b75ce7f1de74b82d9c0da13b68cbcccf29aaccfd256c336965bb4dc0aca565a5308df2f1b56950c7952bafab911594035aeb3dad4b9acf0851b0e2986f783b027cbdbf61be8bb33ed51dfe4992aee2351f20e6efe4916c787380a42ea66bfe039245dff7ac177d13350220715b33e19329ea440d9470b9d76938b81846425d66fdde3d059e4c09fbe0d413bf72a4e246c5669472739ef79ae9d7db10b3fef80e82ca2617901e813fa5cd560e3985ddd9975e42925ea9bafd9e81455d9ecea72199aa925c026db73499797539e541f60645118856df6b1ba38443e5b8f7b71d45befa7dc64f9083bf591293fadd75ec664ec5f1a9513c78e4e14e89efc63cd94aaf5c57496108ce441f29a9c8d17b6ad23ed2f1ea24b5dd3a04fd744d6f0f0481b51323ccbd32ab71a67368edf47a96ffa3388ba02915bc8539b7baf164e17d4a442263c15224bcaaa28bda9ca71900b7cc63266456e3b360a1fd1af95c13caab66a0e39af0e9a9ee39a1bda52d816e8806b8019a60115f7e8bbe80f5e0ebdd6b682bac8f59ce99f923550ed65b9bccc917e7558e4d745d183558f22258b9f91dd5a62a165ffd003dd223e09eaa1a487b23161140ccf2ddb797513f4e66f0b69caab4471d728efc234f62ef19ae79f81d373092659e0347ae58bee686d3bea47ec25febe7856eef1ebec6a5b9c6448fb88d39110366ae1f31978e485946177cc3e2b8d73690d1f0ab0749bd9aa1c35e5b31e2dd77df125b275f398877f1ec7c3f7bcce676cab7aad0e3152024e4f368142ea11b348bcb089231359076a249567c2f12f4f8842df9d97a96e7573a755b86462062bef4fbb33c5782eb28db926eb813b45504d90f104f6d423982c428e3f356329e090723520ea98662694b92279e15f9a9b603b1d8f5aa3a69120b74ef3857a6d8f82a28d7eaaa05ed7e4f969d4987d749131a01b3333634a184d13aee193dbc950ea7cb7674be7652860aa81edbc0020dbd574a0513bab7c39b814883df86efc2db8e2c65665c077b365b0be0f5fb753630b2a8fe27826c7d582ab5056ae556d15f857d08d9f69ad759b7be531183b451a121e8eec5feed9d82de23f01422254b36e04bcf8e2d4ca65c6848e4f706c43edfe59647f5a0d5726db8e8f3c1510322c5e2e65b2f13c9ce17dc0239260eab676ac40f8b61a4c42f6eec8fafa54121bc4634fd11da270485ad9314bf0be39e6ac3c7c340d366014abda34564ac8a059e7abab649154de190a991c9aa98077aff5b3cb295f982127456e3e291cad6a199d3ccc03612ac642ccef489bf335bba682a1ce6d37a7685a295974f4e6aadad3ca0f7cd615530512dfe989be655b9215785f850b9af157b1c7f0878312494c19c6eceb7c891d13aada3865fb4ec0b337e1baa272689bb6aded6d128d5f8dd510384a50fc1347f748ed61224d2db100f6c305d86badbfdd6398174ff39762894f51d93fea085163e3b037295bf9bc96a42bdc4dd6e1ef11c6654d660661b28982adde22c449fb3865b462c5d67b5203ceba834d10519f5b982945c6bbbc7601faecd19e44023efed1d75856953915e19584c1725a91924e49e2670f16ff1edc01649d622eaa00cee783ca91f84e078707b693265862d2b6d06749cfaddd83922ae8a274445c72e1288179f3a5ec1ddcb9a1e00c699b1a893bb67434f0f0654bd785c26d0222bfc61ad7d270607621e03b215af081dce976ad4f2277c8e3d88582a5ea94a5f633678e568122f16461e3d78a01fa7ac73cc3b4db81875970b92e32ba9438212d08ea9e92d6d6f715ccf26651e855942f86821f95f11013d1097a61e14fbd3fa78524f5d432992dbfa7935524d6799115a3dd9d9bd4cf675468a8b45d1e92a43ca266c52c260b65662905ec8dc86e154c70b31df86fb32c74c0bf29b70253cabfbb3cc123953af7d3e7bb1c1cfb508a93f108d70fc99767d76b6a94f3897e7b3d666cb41076f55e976b52ca0fbe01d188b757f5c31249ce1d6e49b355d4f8d949af6f985e277d621ec83a08d7299b2a5ea8b5d8174a64fdfa0e39912ce1c12a1c0b52d414f7b025bf2a4be81402067a3882c461f51c38cb29267bc7d6dcbf91d6ab0271366bcd11495b787b367113f43e175aacec94aa3faede8b711446056b959d7f8094141d7a9f2c5fa0e478f17fc8855313f817cbbd91f0a0bc65cebe6ae7349961f92faf857f732ee2c1664b58210f46ecf66bb5ab76fbb15a32104302be394eb7d601c00e2807909a6f0f80fb3ff35044224ea35ae33b394e26eec4815d33b9907f2aace0dd85b7822f8f7e018a8d2ec4e86398d26a5d271cf54ce558ebf7e4c90e291591146e0f96613160605a5f2cc201768d670110ee00a822724bdcb12d1c5888e8b520212cf43692f54a68a53788ee14d329d810c326ea656dad595d7a9d306def9e03eb93be52af4c52bc5a55454b241ebf448b3ba0858620a07af77a483c971486c2a02e225afd2512649d7b69cb06099a94eb76512daab560671f4fec16e03a965d7b982d5120af90861ec93604c9051ddfdb03e573517b242f9ea03af6787841df722bd20766409b546dd1d89460e8935df4f5d4cd661c418b989d9d6e195d2a1d5ad34b6c3c8b1a3f71ee2a496d5b40b7564a4b2ea720ae042a81e31b0935c927e5a19b368c72e407ef535f918f4e8dfa57f7a8c1eccf2586af73030781814879fdb25be37eedfb0cc995709ddd9069f9cd226ca503d59d02c12458e80cdbe380170d7bd90637becc8fcf157c1ba56d85ef4ae3f68a6da505a5765b2e291cb701933cd0124afff19e62247a56d7d5b6f97e708747d11a79b9191e65bc4072a61a97553b6e8757b957d2fd3d6a765531e50c63840753c66eb1d425c98138681862def44d8ac8d504092cf757368bde3494870cb51f125acbabd8f2ee2db4feb4482bc327e779cba3a6f40095572f3391684b4a02aec6f8273656df1844517231fed6703c45d16a4a68d6357a321858fc08a8dbe78171a820a7bf02723e66e7fa6d17073ec41016f933673e89fae6b6c7c9d8a21759f4e76a28a1514c7f4104be01193ac91f1d44f024dd9c696ecd3d08343b57f47c26719c245b717b826ddbc8619a57816c360f1580630556979b67cf2eb965345a9d9794f276204e4028fc82e34d617a73748bf822247a5ebeb70b870438a0322d07a3ebf9733b32a36c68ea250914e1c8b83164d8d5eb1fdc49a783c708a7fd6dd0d3246a74ff55c6433b855301f09a16fc9e3f13f95d13ee6462303925f5eeb2e8663e5183ba37c51629e21038456f545b750715f11e3e023c74334f73dc48ae182a46ab214c3d2c6ba60641867da4ffc3e96cb4b1c0aa1e4dfc172d7537ade6fb41d169a8c25c6a6caea677a0c63d1831022e4f70e5074b4374c7c5710c8a803f344687e3a234f273288649e5bab97daa803bc80a89f5ad67d462b2f6ee083f2b5ec088b27afa82bbe74a630776c430f740b11e1275cad8edae931ebbe586288ce403301246205fcd649fa4c0449bb0dd719f8445d5b1cd8ea6f6daeae63367329a1297a52771d0400f8584c69493a10b02a0a58ef3d90043d662a74765b9e5ae454435fd2ec32cb82d279ac4747103959f9fb4399a7b617ba0b164ade5f71484a193e48a448b3d0b1b63d375f61829b2ea04a0860e110f9add136090cf9d306ed52e202466da8e74e28eda94af3ac005c17229a86ea6b3819d8b12a51a84f8c632ab30ea8b51e276665ee611c2b266bc0f5afe610ff8d848a1433d8455e54f62fcbe07325f02cc49f7bce39898f3f44be2eb3a8878f964361480d193e8597075d1b692a712ce472f99c339333333e99975c7a6be3cad12dbb7fff33eff0835e927e8602094a421b0d81baa25eaa9964f86276a7eac410706952e7846d7ae809847aa30d58244f2d24ca80005a40540ac22bee0241e963f0d5833b0dcbb00ca22a726fc26fa8636dc0c47fd0ed8c1ffe4b3d5a73b43c66e94774be0fff8df0e9b3a8215d477eaa46dfe93fec628696ba07cd3c85ee9033238822fac83a8131fcd9ed387dbb8b18d7884f21c7572984571d3bdf40b44331425f8a99772920d1ba32a3bf728fe24e9ef06f09d034f3181870546949dfe69b644b69f84ec0075aadcfa60deb898d50ef23ab18b82e3ba40c46a12af2570514f407d4720cfd1470c1e929e1c76c5a5651a3c56175f38e82d59d296685341210c4346b74860d11a2f2b6aef70691aa709b1823f90c96c0749381767694527dfe79678ad8cb6a06ad8da961e0b0ca39eb42f9cef0422f0455910d40fa4badb3facd734ffaefe1dd320af6cab715b2ea1522657bb4b37a0fc080ad3c54", 0x1000}, {&(0x7f0000002900)="363e56f2af3d284f15ed3f7e3e7fd5b9383c3242c0c359bb9bc803abed", 0x1d}, {&(0x7f0000002940)="5694b54d98ee5098f9c05b31488ffd0c94341ce06f63117492e127e44628bb4b8f553db3c49723f58369ac609ab22de60fb415d936e0bf3a5a2ab32de6591945fa09aa07bae830a63b6232ae9d0d9293b74d1b89a057af42a3884e1aae6ecc9a87fdc159", 0x64}, {&(0x7f00000029c0)="0241915e29a4716000ed621cf57ebd00aa14cdd90bc367b2d793702a54f0b31d421ae5ff51370f3a523a762a22cd90b2347c63e7669407061e2ffbb04cfb3f6aebb6a45f61ea9b857f419ef436c3625aaa4b6cbc5d0a6740617d4c8b07e72fc8c70cb2ac766a6b779126f46aa7e32d221f77ca6771369be08317d0a264aea3a4fd6d52fe343e5de1613943bf11950ee8c2b40d4fb5252844e62aa28e1ac62e3e41c41f42a6b945a309927a5f364ef32ea4", 0xb1}, {&(0x7f0000002a80)="4a338a7861fd69b757ee3a131d17bd5497a7b6d01eb94f19bd84b12442f4cea607d44fee93cf5629d3e9366eaf230ed3d48b2ed7c38bdaf3eaf41c6ec76043306f338c9dc5b73f701551dbd9e13f7d76869869f9e4710f4de3210c4d365a5fcd3e6a58b592424decb66ca7ded1644670997d524a007684df332524a6365b8a3a699b17f5d6b786e022718d970ce24c09f5511e95560d52a7c8042a7a0ef7fd45895442a1997349726743c076ca6c34959d2476c296b22112ed7cdabd4a9caadb13fb9f7e88565a5fde2ef03fc5112d785e78c745501f30f49b7045631891eec975c990dbdfdaa0ce97dcff", 0xeb}], 0x8, 0x0, 0x0, 0x8}, 0x820) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001680)={0xffffffffffffffff, 0x20, &(0x7f0000001600)={&(0x7f0000001580)=""/13, 0xd, <r14=>0x0, &(0x7f00000015c0)=""/63, 0x3f}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0xc, 0x20, &(0x7f0000001340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000}, @ldst={0x0, 0x1, 0x2, 0x4, 0x4, 0xffffffffffffffc0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r12}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf9517d7c9848589e}}, @call={0x85, 0x0, 0x0, 0x36}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000001440)='GPL\x00', 0x8, 0x59, &(0x7f0000001480)=""/89, 0x40f00, 0x2, '\x00', r10, 0x38, r12, 0x8, &(0x7f0000001500)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001540)={0x0, 0xb, 0x5}, 0x10, r14, r4, 0x1, &(0x7f00000016c0)=[r5, r13, r11, r6], &(0x7f0000001700)=[{0x0, 0x5, 0x6}]}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_lsm={0x1d, 0x17, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x30000000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x78}, @jmp={0x5, 0x0, 0x9, 0xb, 0x5, 0x100, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0xc2}, @jmp={0x5, 0x1, 0xa, 0x6, 0x3, 0x80, 0x8}]}, &(0x7f0000000000)='GPL\x00', 0x400, 0xfb, &(0x7f0000000240)=""/251, 0x41000, 0x1, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x10, 0x8, 0x7f}, 0x10, r14, 0x0, 0x2, 0x0, &(0x7f0000000600)=[{0x2, 0x4, 0x10, 0x5}, {0x0, 0x5, 0x10, 0xc}]}, 0x90) (async, rerun: 64)
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x2000000000000159, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYRESOCT], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r15}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  579.503876][T19890]  ? io_uring_drop_tctx_refs+0x190/0x190
[  579.509343][T19890]  ? irqentry_exit+0x30/0x40
[  579.513769][T19890]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  579.519760][T19890]  dump_stack+0x15/0x17
[  579.523756][T19890]  should_fail+0x3c6/0x510
[  579.528007][T19890]  should_fail_alloc_page+0x5a/0x80
[  579.533040][T19890]  prepare_alloc_pages+0x15c/0x700
[  579.537995][T19890]  ? irqentry_exit+0x30/0x40
[  579.542419][T19890]  ? __alloc_pages_bulk+0xe40/0xe40
[  579.547455][T19890]  __alloc_pages+0x18c/0x8f0
[  579.551883][T19890]  ? prep_new_page+0x110/0x110
[  579.556479][T19890]  get_zeroed_page+0x1b/0x40
[  579.560906][T19890]  __pud_alloc+0x8b/0x260
[  579.565064][T19890]  ? stack_trace_snprint+0xf0/0xf0
[  579.570012][T19890]  ? do_handle_mm_fault+0x2330/0x2330
[  579.575220][T19890]  ? __stack_depot_save+0x34/0x470
[  579.580257][T19890]  ? anon_vma_clone+0x9a/0x500
[  579.584855][T19890]  copy_page_range+0x2bcf/0x2f90
[  579.589628][T19890]  ? __kasan_slab_alloc+0xb1/0xe0
[  579.594490][T19890]  ? slab_post_alloc_hook+0x53/0x2c0
[  579.599616][T19890]  ? copy_mm+0xa3a/0x13e0
[  579.603773][T19890]  ? copy_process+0x1149/0x3290
[  579.608462][T19890]  ? kernel_clone+0x21e/0x9e0
[  579.612973][T19890]  ? __x64_sys_clone+0x23f/0x290
[  579.617749][T19890]  ? do_syscall_64+0x3d/0xb0
[  579.622179][T19890]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  579.628091][T19890]  ? pfn_valid+0x1e0/0x1e0
[  579.632329][T19890]  ? irqentry_exit+0x30/0x40
[  579.636760][T19890]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  579.642401][T19890]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  579.647959][T19890]  ? __rb_insert_augmented+0x5de/0x610
[  579.653248][T19890]  ? __vma_link_rb+0x374/0x550
[  579.657850][T19890]  copy_mm+0xc7e/0x13e0
[  579.661842][T19890]  ? copy_signal+0x610/0x610
[  579.666265][T19890]  ? __init_rwsem+0xd6/0x1c0
[  579.670694][T19890]  ? copy_signal+0x4e3/0x610
[  579.675120][T19890]  copy_process+0x1149/0x3290
[  579.679636][T19890]  ? timerqueue_add+0x250/0x270
[  579.684320][T19890]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  579.689271][T19890]  ? enqueue_hrtimer+0xca/0x240
[  579.693952][T19890]  ? __hrtimer_run_queues+0x46b/0xad0
[  579.699167][T19890]  kernel_clone+0x21e/0x9e0
[  579.703502][T19890]  ? create_io_thread+0x1e0/0x1e0
[  579.708371][T19890]  ? clockevents_program_event+0x22f/0x300
[  579.714005][T19890]  __x64_sys_clone+0x23f/0x290
[  579.718605][T19890]  ? __do_sys_vfork+0x130/0x130
[  579.723295][T19890]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  579.729105][T19890]  do_syscall_64+0x3d/0xb0
[  579.733357][T19890]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  579.738998][T19890]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  579.744728][T19890] RIP: 0033:0x7f7b6d82fda9
[  579.748980][T19890] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  579.768428][T19890] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  579.776667][T19890] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  579.784482][T19890] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  579.792289][T19890] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1c00, 0x43451)

[  579.800109][T19890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  579.807913][T19890] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  579.815730][T19890]  </TASK>
06:59:15 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 50)

06:59:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1d00, 0x43451)

[  579.934845][T19910] FAULT_INJECTION: forcing a failure.
[  579.934845][T19910] name failslab, interval 1, probability 0, space 0, times 0
[  579.954653][T19910] CPU: 0 PID: 19910 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  579.966209][T19910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  579.976102][T19910] Call Trace:
[  579.979227][T19910]  <TASK>
[  579.982001][T19910]  dump_stack_lvl+0x151/0x1b7
[  579.986512][T19910]  ? io_uring_drop_tctx_refs+0x190/0x190
[  579.992166][T19910]  dump_stack+0x15/0x17
[  579.996158][T19910]  should_fail+0x3c6/0x510
[  580.000410][T19910]  __should_failslab+0xa4/0xe0
[  580.005011][T19910]  ? vm_area_dup+0x26/0x230
[  580.009348][T19910]  should_failslab+0x9/0x20
[  580.013693][T19910]  slab_pre_alloc_hook+0x37/0xd0
[  580.018462][T19910]  ? vm_area_dup+0x26/0x230
[  580.022804][T19910]  kmem_cache_alloc+0x44/0x200
[  580.027596][T19910]  vm_area_dup+0x26/0x230
[  580.031747][T19910]  copy_mm+0x9a1/0x13e0
[  580.035743][T19910]  ? copy_signal+0x610/0x610
[  580.040175][T19910]  ? __init_rwsem+0xd6/0x1c0
[  580.044591][T19910]  ? copy_signal+0x4e3/0x610
[  580.049021][T19910]  copy_process+0x1149/0x3290
[  580.053535][T19910]  ? timerqueue_add+0x250/0x270
[  580.058223][T19910]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  580.063425][T19910]  ? enqueue_hrtimer+0xca/0x240
[  580.068111][T19910]  ? __hrtimer_run_queues+0x46b/0xad0
[  580.073317][T19910]  kernel_clone+0x21e/0x9e0
[  580.077659][T19910]  ? create_io_thread+0x1e0/0x1e0
[  580.082518][T19910]  ? clockevents_program_event+0x22f/0x300
[  580.088161][T19910]  __x64_sys_clone+0x23f/0x290
[  580.092757][T19910]  ? __do_sys_vfork+0x130/0x130
[  580.097450][T19910]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  580.103261][T19910]  do_syscall_64+0x3d/0xb0
[  580.107513][T19910]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  580.113154][T19910]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  580.118881][T19910] RIP: 0033:0x7f7b6d82fda9
[  580.123135][T19910] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  580.142578][T19910] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  580.150910][T19910] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  580.158723][T19910] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  580.166548][T19910] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  580.174429][T19910] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1e00, 0x43451)

06:59:15 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 51)

[  580.182242][T19910] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  580.190058][T19910]  </TASK>
06:59:15 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1f00, 0x43451)

06:59:15 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xb)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xb) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

[  580.313990][T19923] FAULT_INJECTION: forcing a failure.
[  580.313990][T19923] name fail_page_alloc, interval 1, probability 0, space 0, times 0
06:59:15 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2000, 0x43451)

[  580.366911][T19923] CPU: 1 PID: 19923 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  580.378564][T19923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  580.388455][T19923] Call Trace:
[  580.391578][T19923]  <TASK>
[  580.394359][T19923]  dump_stack_lvl+0x151/0x1b7
[  580.398867][T19923]  ? io_uring_drop_tctx_refs+0x190/0x190
[  580.404340][T19923]  dump_stack+0x15/0x17
[  580.408356][T19923]  should_fail+0x3c6/0x510
[  580.412583][T19923]  should_fail_alloc_page+0x5a/0x80
[  580.417616][T19923]  prepare_alloc_pages+0x15c/0x700
[  580.422562][T19923]  ? __alloc_pages+0x8f0/0x8f0
[  580.427162][T19923]  ? __alloc_pages_bulk+0xe40/0xe40
[  580.432197][T19923]  __alloc_pages+0x18c/0x8f0
[  580.436624][T19923]  ? prep_new_page+0x110/0x110
[  580.441232][T19923]  ? copy_page_range+0xe6d/0x2f90
[  580.446084][T19923]  ? pte_alloc_one+0x62/0x1b0
[  580.450685][T19923]  pte_alloc_one+0x73/0x1b0
[  580.455021][T19923]  ? pfn_modify_allowed+0x2f0/0x2f0
[  580.460065][T19923]  __pte_alloc+0x86/0x350
[  580.464222][T19923]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  580.470214][T19923]  ? free_pgtables+0x280/0x280
[  580.474811][T19923]  ? add_mm_rss_vec+0xb0/0x240
[  580.479412][T19923]  copy_page_range+0x28a8/0x2f90
[  580.484184][T19923]  ? __kasan_slab_alloc+0xb1/0xe0
[  580.489053][T19923]  ? pfn_valid+0x1e0/0x1e0
[  580.493300][T19923]  ? __vma_link_rb+0x4c5/0x550
[  580.497897][T19923]  ? trace_raw_output_vm_unmapped_area+0x220/0x220
[  580.504235][T19923]  ? __rb_insert_augmented+0x76/0x610
[  580.509445][T19923]  copy_mm+0xc7e/0x13e0
[  580.513439][T19923]  ? copy_signal+0x610/0x610
[  580.517859][T19923]  ? __init_rwsem+0xd6/0x1c0
[  580.522291][T19923]  ? copy_signal+0x4e3/0x610
[  580.526712][T19923]  copy_process+0x1149/0x3290
[  580.531230][T19923]  ? timerqueue_add+0x250/0x270
[  580.535916][T19923]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  580.540858][T19923]  ? enqueue_hrtimer+0xca/0x240
[  580.545544][T19923]  ? __hrtimer_run_queues+0x46b/0xad0
[  580.550755][T19923]  kernel_clone+0x21e/0x9e0
[  580.555105][T19923]  ? irqentry_exit+0x30/0x40
[  580.559524][T19923]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  580.565162][T19923]  ? create_io_thread+0x1e0/0x1e0
[  580.570024][T19923]  __x64_sys_clone+0x23f/0x290
[  580.574622][T19923]  ? __do_sys_vfork+0x130/0x130
[  580.579321][T19923]  ? debug_smp_processor_id+0x17/0x20
[  580.584521][T19923]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  580.590421][T19923]  ? exit_to_user_mode_prepare+0x39/0xa0
[  580.595897][T19923]  do_syscall_64+0x3d/0xb0
[  580.600142][T19923]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  580.605790][T19923]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  580.611525][T19923] RIP: 0033:0x7f7b6d82fda9
[  580.615773][T19923] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  580.635203][T19923] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  580.643452][T19923] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  580.651262][T19923] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  580.659159][T19923] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:16 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000580), 0x7, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r0, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0xb, [@const={0x10, 0x0, 0x0, 0xa, 0x1}, @enum={0xa, 0x3, 0x0, 0x6, 0x4, [{0x0, 0xe068}, {0x6, 0x7f}, {0x0, 0x16}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0xfffffff7, [{0x7, 0x3, 0x2}]}, @volatile={0x6}, @struct={0xa, 0x2, 0x0, 0x4, 0x1, 0x8, [{0x8, 0x1, 0x4}, {0x7, 0x4, 0xfffa}]}]}, {0x0, [0x5f, 0x5f, 0x61, 0x2e, 0x61, 0x5f, 0x5f, 0x2e, 0x5f]}}, &(0x7f0000000400)=""/201, 0x9b, 0xc9, 0x0, 0x3}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x40, 0x6, 0x8}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x4d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r3}]}, &(0x7f0000000000)='GPL\x00'}, 0x80) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x43}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x80) (async, rerun: 32)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48) (async, rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000003280)={0x9, 0xb, &(0x7f0000002d00)=ANY=[@ANYBLOB="180000000600000000000000ff0f0000a5505000ffffffff184418000400000000000000000000001800000009cc0000000000007f000000180000000900000000000000a508000009000004780000009500000000000000"], &(0x7f0000002d80)='syzkaller\x00', 0x15f3f2ff, 0x0, 0x0, 0x41100, 0xc47e261320a72d87, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f00000031c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000003200)={0x4, 0x0, 0x0, 0xffffffff}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000003240)=[0xffffffffffffffff, r5, r6, r3, r6], 0x0, 0x10, 0x2}, 0x90) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x81, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000580), 0x7, r7}, 0x38)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000f80)=@o_path={&(0x7f0000000f40)='./file0\x00', 0x0, 0x4000, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x15, 0x11, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000be01000000000000ff0f000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000006b702000014000000b70300000000000085000000830000008dbf090000000000005509010000000000950000000000000006000000000000008520000003000000bf91000000000000b7faffffffffffffff00000084000000b70000000000000000004daadcad9ab680de799479a0c0cf7dda9d9fd01c32a9a8725ebe55b4c3f4e6387b626dbdf9eee52a00b5b0ac9a556e18998a05d7276c987d52e181e267a6a6cf1d416b4070754c66e4642e86422289a904f26a2ec4ebf37f2bfd052f5a70be5ed922967864d6b16d09dc1e79ed819c3fa1c3fa7ea326d70c63a99ece42f9e8ec202b4d517ea6fcaca4c9ac1b2eabd656afa03d6d0d2772ec267ba337efb1673282f49f1f9a5688da4224865e60ae434e6eb7c9b412141901cbddc8acf6553eca24ee81fc4e8bb34024db2e9eada5a209184522e3151a648493bf2ea49c874bdfc3c10c44850d39655cb11e676603c9a0973d5f527a55aecee437df8de2ec9c722704263eea303ec942966d1a17149ba4e5429ada29f287b7be9de6ff10366925ecba6a162b1e2048edd1ed74274671877a56191769abb2b89772533ca97b05458b55af07a179d8e3122be7e9ad846a5abaa4a3bf5c756bca8226863f8289409a1b57ae4ec335a78448bfd38281ddd01ee3476771d1edc97d3cdc40667aa8298e6f76c34df53903bf39e7cd7bbbac7a4f17fc"], &(0x7f0000000bc0)='GPL\x00', 0x81, 0x1000, &(0x7f0000004340)=""/4096, 0x41100, 0x40, '\x00', 0x0, 0x16, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000f00)={0x2, 0x4, 0x3, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, &(0x7f0000000fc0)=[r8], &(0x7f0000001000)=[{0x4, 0x5, 0x8, 0xa}, {0x5, 0x3, 0x9, 0x1}, {0x4, 0x5, 0xa, 0xb}, {0x1, 0x5, 0x10, 0x9}]}, 0x90) (async)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r7, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20) (async)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x4, '\x00', 0x0, r1, 0x4, 0x0, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0x16, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5b1, 0x0, 0x0, 0x0, 0x9}, [@printk={@x}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @ldst={0x3, 0x1, 0x0, 0x2, 0x9, 0x50, 0x4}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f0000000840)='GPL\x00', 0xfff, 0x1000, &(0x7f0000003340)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0x10, 0xffffffff, 0x7}, 0x10, 0xffffffffffffffff, r6, 0x6, &(0x7f0000000980)=[r2, r2, r9], &(0x7f00000009c0)=[{0x2, 0x5, 0x9, 0x8}, {0x5, 0x1, 0x6, 0x4}, {0x0, 0x3, 0xf, 0x8}, {0x1, 0x3, 0xf, 0xa}, {0x0, 0x1, 0x7, 0xa}, {0x4, 0x3, 0xfff, 0x9}], 0x10, 0xfff}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10) (async, rerun: 64)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async, rerun: 64)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x40106614, &(0x7f0000000040)) (async)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48) (async)
sendmsg$unix(r12, &(0x7f0000002c00)={&(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002b80)=[{&(0x7f0000000540)="74da39acfac2ee77b5ce5fcb920a698c7a79136a5f779c025e01145e394429871f45b07d98", 0x25}, {&(0x7f0000001800)="6157c6825940804438ba756b0d5a8cd3df89eefebde16201f3711162347dcc40616fa1f378293f950af0d594a10a32d6f1e85f381192492cc7846033834aac07f135903c67ecffefbd3d2068a69a862929777a4dc2afca5078532f94c10a2886fd42644a8123c5283c9278bbbfb0e066e7354ef950af7b790950bbbadccc1a72240a84fec26346c90bb61c3f93844adb1b5986", 0x93}, {&(0x7f00000018c0)="ca05365726f6cdb126f0e65b311be1299404b1e289f141d5bef538", 0x1b}, {&(0x7f0000001900)="88faf3a165da93d0a38b4470931f23d2f75cb072c5156d13bf9a71b215d8d22be80661bb82511bb10621ef64ea2acbe2605c167a67d3a888908ae00cb415d1a8cbed96d7492ca34c09a80d3debb4e5286199bfcfec066c1f3b69fc96dc976542ab870ad9c17213a15f4d3433dafabd6d67a44c0fd5620b953b2890cc18171bfa4ed257cb11b924630f2d821bf517967edeec41f963ed37420d7a7f43b6df5df2e30801d21c03960b3e592466dcfaf006ff4b37c511b10ba8a76f00f90996d75a8e9265a5d605b8ef7b1b5f25160e29d91f98473f71401dfe41c2f3217ee4a893ef217c2ed33401ca151f9852e8173a18e72654769653797fb4712d318c6114b6e2ee93d3da1eb05cab6c80f11fbd28187f8cd49fdf4bb67b52efbaced49c7e65c49cc80ab111976677cf1485152bb5c6160fe827b20cf2e079a0a06bf73283abe9e59d416b3d7c1f6582f1aefc2cc42790a5bb7f8bb6d040a8d4a9c0a4f8efde601d8a2639c148eb50b2d5f8061c97be4fc8a881500e6115210ef59670b36e37ca83cac0ea0e0e065829a0469b78e2ae04b75ed145252383daab2fe01d0a75cfc20774603f136bd0b84e0de19a7d61b732644d3a8c926ea365ca2d04f0cbf8aee7624c2b372314402573af6168aa894f84ce287095ab9a5af9aef2510e76473a6b68c40fc3d174a049eec9e4570e200f7fee113a6bf49da8659c49c2ca6365fdc8b276ccc9c5e83b89dcf82b73f0ab95daa716d06553d96f0c8bd368276eb779c7fa06ddf09a0693476d62dfd9599a40c90a66d4c0ce512aeac1ab2fde9c7998e1e0151f7ed802bf919f9087c6284d64d47ee94f23f42fbdf5247729ab2a814d228346215a1e8673ccec443ce0c8cbe63a108f503ca7d40886c165ebd0d9487fc4b0832ad36bc067361072dfc13b95cf94e1fd319492969f903936545b6d20ae9c9b8fa8fde8722d2be8e91a950232d76882d76167ab33a639b5e5ea7900bf0d3f3d3d0eac9f33cef09afe08fead3860523472218e42b84f68b640c87884a5d821db993a2aba0fa9877bcae768a4f52527ac6227fcfb13811bc93180c3b400041881c02e3d01ffdb02890225bcbb6965480077887dd46e8faa89d502c14b4b3a28404cecd51e42548a6cb1ea775047d6110e3a771e0e9847553b8fe0c381ec896145383909c29967498214934719b561bf3557ac72f758b631bfd01ce8dadf2f526852c46dd350db29751697e7d34200d9f623256c109ad96387bb19d95e2e8f83031a4162d30d4cd79a477b1685a05e8fadd73536c54c3907d77c691144e67fb43222686f10b2fc2181e732802095b153581b1a5ecd291a01d5a88d1384e092f4f3a81122af9783590fadec0710be0ed5e7bf8e1d0eb555dce6306ebb6ce403e31cf55c2f9d48117908fcdc405a32a98f80acdf5f4d3eea54b75ce7f1de74b82d9c0da13b68cbcccf29aaccfd256c336965bb4dc0aca565a5308df2f1b56950c7952bafab911594035aeb3dad4b9acf0851b0e2986f783b027cbdbf61be8bb33ed51dfe4992aee2351f20e6efe4916c787380a42ea66bfe039245dff7ac177d13350220715b33e19329ea440d9470b9d76938b81846425d66fdde3d059e4c09fbe0d413bf72a4e246c5669472739ef79ae9d7db10b3fef80e82ca2617901e813fa5cd560e3985ddd9975e42925ea9bafd9e81455d9ecea72199aa925c026db73499797539e541f60645118856df6b1ba38443e5b8f7b71d45befa7dc64f9083bf591293fadd75ec664ec5f1a9513c78e4e14e89efc63cd94aaf5c57496108ce441f29a9c8d17b6ad23ed2f1ea24b5dd3a04fd744d6f0f0481b51323ccbd32ab71a67368edf47a96ffa3388ba02915bc8539b7baf164e17d4a442263c15224bcaaa28bda9ca71900b7cc63266456e3b360a1fd1af95c13caab66a0e39af0e9a9ee39a1bda52d816e8806b8019a60115f7e8bbe80f5e0ebdd6b682bac8f59ce99f923550ed65b9bccc917e7558e4d745d183558f22258b9f91dd5a62a165ffd003dd223e09eaa1a487b23161140ccf2ddb797513f4e66f0b69caab4471d728efc234f62ef19ae79f81d373092659e0347ae58bee686d3bea47ec25febe7856eef1ebec6a5b9c6448fb88d39110366ae1f31978e485946177cc3e2b8d73690d1f0ab0749bd9aa1c35e5b31e2dd77df125b275f398877f1ec7c3f7bcce676cab7aad0e3152024e4f368142ea11b348bcb089231359076a249567c2f12f4f8842df9d97a96e7573a755b86462062bef4fbb33c5782eb28db926eb813b45504d90f104f6d423982c428e3f356329e090723520ea98662694b92279e15f9a9b603b1d8f5aa3a69120b74ef3857a6d8f82a28d7eaaa05ed7e4f969d4987d749131a01b3333634a184d13aee193dbc950ea7cb7674be7652860aa81edbc0020dbd574a0513bab7c39b814883df86efc2db8e2c65665c077b365b0be0f5fb753630b2a8fe27826c7d582ab5056ae556d15f857d08d9f69ad759b7be531183b451a121e8eec5feed9d82de23f01422254b36e04bcf8e2d4ca65c6848e4f706c43edfe59647f5a0d5726db8e8f3c1510322c5e2e65b2f13c9ce17dc0239260eab676ac40f8b61a4c42f6eec8fafa54121bc4634fd11da270485ad9314bf0be39e6ac3c7c340d366014abda34564ac8a059e7abab649154de190a991c9aa98077aff5b3cb295f982127456e3e291cad6a199d3ccc03612ac642ccef489bf335bba682a1ce6d37a7685a295974f4e6aadad3ca0f7cd615530512dfe989be655b9215785f850b9af157b1c7f0878312494c19c6eceb7c891d13aada3865fb4ec0b337e1baa272689bb6aded6d128d5f8dd510384a50fc1347f748ed61224d2db100f6c305d86badbfdd6398174ff39762894f51d93fea085163e3b037295bf9bc96a42bdc4dd6e1ef11c6654d660661b28982adde22c449fb3865b462c5d67b5203ceba834d10519f5b982945c6bbbc7601faecd19e44023efed1d75856953915e19584c1725a91924e49e2670f16ff1edc01649d622eaa00cee783ca91f84e078707b693265862d2b6d06749cfaddd83922ae8a274445c72e1288179f3a5ec1ddcb9a1e00c699b1a893bb67434f0f0654bd785c26d0222bfc61ad7d270607621e03b215af081dce976ad4f2277c8e3d88582a5ea94a5f633678e568122f16461e3d78a01fa7ac73cc3b4db81875970b92e32ba9438212d08ea9e92d6d6f715ccf26651e855942f86821f95f11013d1097a61e14fbd3fa78524f5d432992dbfa7935524d6799115a3dd9d9bd4cf675468a8b45d1e92a43ca266c52c260b65662905ec8dc86e154c70b31df86fb32c74c0bf29b70253cabfbb3cc123953af7d3e7bb1c1cfb508a93f108d70fc99767d76b6a94f3897e7b3d666cb41076f55e976b52ca0fbe01d188b757f5c31249ce1d6e49b355d4f8d949af6f985e277d621ec83a08d7299b2a5ea8b5d8174a64fdfa0e39912ce1c12a1c0b52d414f7b025bf2a4be81402067a3882c461f51c38cb29267bc7d6dcbf91d6ab0271366bcd11495b787b367113f43e175aacec94aa3faede8b711446056b959d7f8094141d7a9f2c5fa0e478f17fc8855313f817cbbd91f0a0bc65cebe6ae7349961f92faf857f732ee2c1664b58210f46ecf66bb5ab76fbb15a32104302be394eb7d601c00e2807909a6f0f80fb3ff35044224ea35ae33b394e26eec4815d33b9907f2aace0dd85b7822f8f7e018a8d2ec4e86398d26a5d271cf54ce558ebf7e4c90e291591146e0f96613160605a5f2cc201768d670110ee00a822724bdcb12d1c5888e8b520212cf43692f54a68a53788ee14d329d810c326ea656dad595d7a9d306def9e03eb93be52af4c52bc5a55454b241ebf448b3ba0858620a07af77a483c971486c2a02e225afd2512649d7b69cb06099a94eb76512daab560671f4fec16e03a965d7b982d5120af90861ec93604c9051ddfdb03e573517b242f9ea03af6787841df722bd20766409b546dd1d89460e8935df4f5d4cd661c418b989d9d6e195d2a1d5ad34b6c3c8b1a3f71ee2a496d5b40b7564a4b2ea720ae042a81e31b0935c927e5a19b368c72e407ef535f918f4e8dfa57f7a8c1eccf2586af73030781814879fdb25be37eedfb0cc995709ddd9069f9cd226ca503d59d02c12458e80cdbe380170d7bd90637becc8fcf157c1ba56d85ef4ae3f68a6da505a5765b2e291cb701933cd0124afff19e62247a56d7d5b6f97e708747d11a79b9191e65bc4072a61a97553b6e8757b957d2fd3d6a765531e50c63840753c66eb1d425c98138681862def44d8ac8d504092cf757368bde3494870cb51f125acbabd8f2ee2db4feb4482bc327e779cba3a6f40095572f3391684b4a02aec6f8273656df1844517231fed6703c45d16a4a68d6357a321858fc08a8dbe78171a820a7bf02723e66e7fa6d17073ec41016f933673e89fae6b6c7c9d8a21759f4e76a28a1514c7f4104be01193ac91f1d44f024dd9c696ecd3d08343b57f47c26719c245b717b826ddbc8619a57816c360f1580630556979b67cf2eb965345a9d9794f276204e4028fc82e34d617a73748bf822247a5ebeb70b870438a0322d07a3ebf9733b32a36c68ea250914e1c8b83164d8d5eb1fdc49a783c708a7fd6dd0d3246a74ff55c6433b855301f09a16fc9e3f13f95d13ee6462303925f5eeb2e8663e5183ba37c51629e21038456f545b750715f11e3e023c74334f73dc48ae182a46ab214c3d2c6ba60641867da4ffc3e96cb4b1c0aa1e4dfc172d7537ade6fb41d169a8c25c6a6caea677a0c63d1831022e4f70e5074b4374c7c5710c8a803f344687e3a234f273288649e5bab97daa803bc80a89f5ad67d462b2f6ee083f2b5ec088b27afa82bbe74a630776c430f740b11e1275cad8edae931ebbe586288ce403301246205fcd649fa4c0449bb0dd719f8445d5b1cd8ea6f6daeae63367329a1297a52771d0400f8584c69493a10b02a0a58ef3d90043d662a74765b9e5ae454435fd2ec32cb82d279ac4747103959f9fb4399a7b617ba0b164ade5f71484a193e48a448b3d0b1b63d375f61829b2ea04a0860e110f9add136090cf9d306ed52e202466da8e74e28eda94af3ac005c17229a86ea6b3819d8b12a51a84f8c632ab30ea8b51e276665ee611c2b266bc0f5afe610ff8d848a1433d8455e54f62fcbe07325f02cc49f7bce39898f3f44be2eb3a8878f964361480d193e8597075d1b692a712ce472f99c339333333e99975c7a6be3cad12dbb7fff33eff0835e927e8602094a421b0d81baa25eaa9964f86276a7eac410706952e7846d7ae809847aa30d58244f2d24ca80005a40540ac22bee0241e963f0d5833b0dcbb00ca22a726fc26fa8636dc0c47fd0ed8c1ffe4b3d5a73b43c66e94774be0fff8df0e9b3a8215d477eaa46dfe93fec628696ba07cd3c85ee9033238822fac83a8131fcd9ed387dbb8b18d7884f21c7572984571d3bdf40b44331425f8a99772920d1ba32a3bf728fe24e9ef06f09d034f3181870546949dfe69b644b69f84ec0075aadcfa60deb898d50ef23ab18b82e3ba40c46a12af2570514f407d4720cfd1470c1e929e1c76c5a5651a3c56175f38e82d59d296685341210c4346b74860d11a2f2b6aef70691aa709b1823f90c96c0749381767694527dfe79678ad8cb6a06ad8da961e0b0ca39eb42f9cef0422f0455910d40fa4badb3facd734ffaefe1dd320af6cab715b2ea1522657bb4b37a0fc080ad3c54", 0x1000}, {&(0x7f0000002900)="363e56f2af3d284f15ed3f7e3e7fd5b9383c3242c0c359bb9bc803abed", 0x1d}, {&(0x7f0000002940)="5694b54d98ee5098f9c05b31488ffd0c94341ce06f63117492e127e44628bb4b8f553db3c49723f58369ac609ab22de60fb415d936e0bf3a5a2ab32de6591945fa09aa07bae830a63b6232ae9d0d9293b74d1b89a057af42a3884e1aae6ecc9a87fdc159", 0x64}, {&(0x7f00000029c0)="0241915e29a4716000ed621cf57ebd00aa14cdd90bc367b2d793702a54f0b31d421ae5ff51370f3a523a762a22cd90b2347c63e7669407061e2ffbb04cfb3f6aebb6a45f61ea9b857f419ef436c3625aaa4b6cbc5d0a6740617d4c8b07e72fc8c70cb2ac766a6b779126f46aa7e32d221f77ca6771369be08317d0a264aea3a4fd6d52fe343e5de1613943bf11950ee8c2b40d4fb5252844e62aa28e1ac62e3e41c41f42a6b945a309927a5f364ef32ea4", 0xb1}, {&(0x7f0000002a80)="4a338a7861fd69b757ee3a131d17bd5497a7b6d01eb94f19bd84b12442f4cea607d44fee93cf5629d3e9366eaf230ed3d48b2ed7c38bdaf3eaf41c6ec76043306f338c9dc5b73f701551dbd9e13f7d76869869f9e4710f4de3210c4d365a5fcd3e6a58b592424decb66ca7ded1644670997d524a007684df332524a6365b8a3a699b17f5d6b786e022718d970ce24c09f5511e95560d52a7c8042a7a0ef7fd45895442a1997349726743c076ca6c34959d2476c296b22112ed7cdabd4a9caadb13fb9f7e88565a5fde2ef03fc5112d785e78c745501f30f49b7045631891eec975c990dbdfdaa0ce97dcff", 0xeb}], 0x8, 0x0, 0x0, 0x8}, 0x820)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001680)={0xffffffffffffffff, 0x20, &(0x7f0000001600)={&(0x7f0000001580)=""/13, 0xd, <r14=>0x0, &(0x7f00000015c0)=""/63, 0x3f}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0xc, 0x20, &(0x7f0000001340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000}, @ldst={0x0, 0x1, 0x2, 0x4, 0x4, 0xffffffffffffffc0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r12}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf9517d7c9848589e}}, @call={0x85, 0x0, 0x0, 0x36}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}]}, &(0x7f0000001440)='GPL\x00', 0x8, 0x59, &(0x7f0000001480)=""/89, 0x40f00, 0x2, '\x00', r10, 0x38, r12, 0x8, &(0x7f0000001500)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001540)={0x0, 0xb, 0x5}, 0x10, r14, r4, 0x1, &(0x7f00000016c0)=[r5, r13, r11, r6], &(0x7f0000001700)=[{0x0, 0x5, 0x6}]}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_lsm={0x1d, 0x17, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x30000000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x78}, @jmp={0x5, 0x0, 0x9, 0xb, 0x5, 0x100, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0xc2}, @jmp={0x5, 0x1, 0xa, 0x6, 0x3, 0x80, 0x8}]}, &(0x7f0000000000)='GPL\x00', 0x400, 0xfb, &(0x7f0000000240)=""/251, 0x41000, 0x1, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x10, 0x8, 0x7f}, 0x10, r14, 0x0, 0x2, 0x0, &(0x7f0000000600)=[{0x2, 0x4, 0x10, 0x5}, {0x0, 0x5, 0x10, 0xc}]}, 0x90) (async)
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x2000000000000159, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYRESOCT], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r15}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  580.666971][T19923] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  580.674899][T19923] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  580.682753][T19923]  </TASK>
06:59:16 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000440)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc6, &(0x7f00000004c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x44, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x1f, &(0x7f0000000240)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x81}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @generic={0x7, 0x5, 0x5, 0x8, 0x94}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x4}, @cb_func={0x18, 0xa}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x8, 0x1, 0x0, r3}, @call={0x85, 0x0, 0x0, 0xd1}], &(0x7f0000000140)='syzkaller\x00', 0x3f, 0x18, &(0x7f0000000180)=""/24, 0x41000, 0x50, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x8, 0x7, 0x3ff}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000840)=[r3, r3, r3, r3, r3], &(0x7f0000000980)=[{0x4, 0x4, 0x9, 0xb}, {0x3, 0x1, 0x1, 0x2}, {0x5, 0x3, 0xb, 0x9}, {0x3, 0x2, 0x8, 0x9}, {0x4, 0x1, 0x5}], 0x10, 0x1}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], <r5=>0x0, 0x22, &(0x7f00000002c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xd8, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pB    \x00'}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000006c0)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0xfffffffe, 0x58, &(0x7f0000000100)=""/88, 0x41100, 0x4, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0xf, 0x2, 0x400}, 0x10, r5, 0x0, 0x9, &(0x7f00000005c0)=[r6, r0, r0, r0, r7], &(0x7f0000000600)=[{0x1, 0x5, 0x2, 0x9}, {0x1, 0x1, 0xe, 0x6}, {0x2, 0x5, 0x6, 0x8}, {0x2, 0x4, 0x7, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x3, 0x3, 0x1, 0xb}, {0x3, 0x3, 0x4, 0x7}, {0x4, 0x3, 0xf, 0xc}, {0x5, 0x3, 0x8, 0x1}], 0x10, 0x4}, 0x90)

06:59:16 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 52)

06:59:16 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000440)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc6, &(0x7f00000004c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x44, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x1f, &(0x7f0000000240)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x81}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @generic={0x7, 0x5, 0x5, 0x8, 0x94}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x4}, @cb_func={0x18, 0xa}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x8, 0x1, 0x0, r3}, @call={0x85, 0x0, 0x0, 0xd1}], &(0x7f0000000140)='syzkaller\x00', 0x3f, 0x18, &(0x7f0000000180)=""/24, 0x41000, 0x50, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x8, 0x7, 0x3ff}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000840)=[r3, r3, r3, r3, r3], &(0x7f0000000980)=[{0x4, 0x4, 0x9, 0xb}, {0x3, 0x1, 0x1, 0x2}, {0x5, 0x3, 0xb, 0x9}, {0x3, 0x2, 0x8, 0x9}, {0x4, 0x1, 0x5}], 0x10, 0x1}, 0x90) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], <r5=>0x0, 0x22, &(0x7f00000002c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xd8, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async, rerun: 64)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pB    \x00'}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000006c0)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0xfffffffe, 0x58, &(0x7f0000000100)=""/88, 0x41100, 0x4, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0xf, 0x2, 0x400}, 0x10, r5, 0x0, 0x9, &(0x7f00000005c0)=[r6, r0, r0, r0, r7], &(0x7f0000000600)=[{0x1, 0x5, 0x2, 0x9}, {0x1, 0x1, 0xe, 0x6}, {0x2, 0x5, 0x6, 0x8}, {0x2, 0x4, 0x7, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x3, 0x3, 0x1, 0xb}, {0x3, 0x3, 0x4, 0x7}, {0x4, 0x3, 0xf, 0xc}, {0x5, 0x3, 0x8, 0x1}], 0x10, 0x4}, 0x90)

[  580.795740][T19945] FAULT_INJECTION: forcing a failure.
[  580.795740][T19945] name failslab, interval 1, probability 0, space 0, times 0
[  580.808465][T19945] CPU: 0 PID: 19945 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  580.820102][T19945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  580.829994][T19945] Call Trace:
[  580.833114][T19945]  <TASK>
[  580.835893][T19945]  dump_stack_lvl+0x151/0x1b7
[  580.840408][T19945]  ? io_uring_drop_tctx_refs+0x190/0x190
[  580.845878][T19945]  dump_stack+0x15/0x17
[  580.849870][T19945]  should_fail+0x3c6/0x510
[  580.854118][T19945]  __should_failslab+0xa4/0xe0
[  580.858717][T19945]  ? vm_area_dup+0x26/0x230
[  580.863057][T19945]  should_failslab+0x9/0x20
[  580.867398][T19945]  slab_pre_alloc_hook+0x37/0xd0
[  580.872171][T19945]  ? vm_area_dup+0x26/0x230
[  580.876510][T19945]  kmem_cache_alloc+0x44/0x200
[  580.881112][T19945]  vm_area_dup+0x26/0x230
[  580.885278][T19945]  copy_mm+0x9a1/0x13e0
[  580.889274][T19945]  ? copy_signal+0x610/0x610
[  580.893707][T19945]  ? __init_rwsem+0xd6/0x1c0
[  580.898126][T19945]  ? copy_signal+0x4e3/0x610
[  580.902555][T19945]  copy_process+0x1149/0x3290
[  580.907081][T19945]  ? timerqueue_add+0x250/0x270
[  580.911754][T19945]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  580.916699][T19945]  ? enqueue_hrtimer+0xca/0x240
[  580.921473][T19945]  ? __hrtimer_run_queues+0x46b/0xad0
[  580.926681][T19945]  kernel_clone+0x21e/0x9e0
[  580.931018][T19945]  ? create_io_thread+0x1e0/0x1e0
[  580.935879][T19945]  ? clockevents_program_event+0x22f/0x300
[  580.941522][T19945]  __x64_sys_clone+0x23f/0x290
[  580.946118][T19945]  ? __do_sys_vfork+0x130/0x130
[  580.950812][T19945]  do_syscall_64+0x3d/0xb0
[  580.955057][T19945]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  580.960700][T19945]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  580.966428][T19945] RIP: 0033:0x7f7b6d82fda9
[  580.970682][T19945] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  580.990385][T19945] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  580.998630][T19945] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  581.006440][T19945] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  581.014262][T19945] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  581.022066][T19945] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  581.029874][T19945] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  581.037690][T19945]  </TASK>
06:59:16 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2100, 0x43451)

06:59:16 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 53)

06:59:16 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000440)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc6, &(0x7f00000004c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x44, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x1f, &(0x7f0000000240)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x81}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x5}, @generic={0x7, 0x5, 0x5, 0x8, 0x94}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x4}, @cb_func={0x18, 0xa}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x8, 0x1, 0x0, r3}, @call={0x85, 0x0, 0x0, 0xd1}], &(0x7f0000000140)='syzkaller\x00', 0x3f, 0x18, &(0x7f0000000180)=""/24, 0x41000, 0x50, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0x8, 0x7, 0x3ff}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000840)=[r3, r3, r3, r3, r3], &(0x7f0000000980)=[{0x4, 0x4, 0x9, 0xb}, {0x3, 0x1, 0x1, 0x2}, {0x5, 0x3, 0xb, 0x9}, {0x3, 0x2, 0x8, 0x9}, {0x4, 0x1, 0x5}], 0x10, 0x1}, 0x90) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], <r5=>0x0, 0x22, &(0x7f00000002c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xd8, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pB    \x00'}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000006c0)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0xfffffffe, 0x58, &(0x7f0000000100)=""/88, 0x41100, 0x4, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0xf, 0x2, 0x400}, 0x10, r5, 0x0, 0x9, &(0x7f00000005c0)=[r6, r0, r0, r0, r7], &(0x7f0000000600)=[{0x1, 0x5, 0x2, 0x9}, {0x1, 0x1, 0xe, 0x6}, {0x2, 0x5, 0x6, 0x8}, {0x2, 0x4, 0x7, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x3, 0x3, 0x1, 0xb}, {0x3, 0x3, 0x4, 0x7}, {0x4, 0x3, 0xf, 0xc}, {0x5, 0x3, 0x8, 0x1}], 0x10, 0x4}, 0x90)

06:59:16 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x5306d080, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:16 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020009466d59febbc3efc99e0b481a424000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0xfffffffffffffdb7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0xa, [@int={0x1, 0x0, 0x0, 0x1, 0x0, 0x4b, 0x0, 0x16}]}, {0x0, [0x0, 0x0, 0x0, 0x30, 0x30, 0x0, 0x0, 0x61]}}, &(0x7f0000000440)=""/4096, 0x32, 0x1000, 0x1}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xe}, 0x80)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], <r6=>0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x4030582a, &(0x7f0000000040))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c80)={r5, 0xfffffffffffffeba, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000019c0), ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001a40)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001a80)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001ac0), &(0x7f0000001b00), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001cc0)=r6, 0x4)
write$cgroup_type(r7, &(0x7f0000000840), 0x9)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001d80)={r7}, 0x8)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001dc0)={0xffffffffffffffff, 0x3ff}, 0xc)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000001e00)=@bloom_filter={0x1e, 0x40, 0x1, 0x0, 0x4, r7, 0x0, '\x00', 0x0, r7, 0x5, 0x5, 0x3}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001ec0)={0x0, 0x1, &(0x7f0000000280)=@raw=[@jmp={0x5, 0x0, 0x8, 0xa, 0xf, 0x10, 0xffffffffffffffff}], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x1000, &(0x7f00000009c0)=""/4096, 0x40f00, 0x10, '\x00', r8, 0x0, r9, 0x8, &(0x7f0000001d00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0x4, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r10, 0xffffffffffffffff, r11, r12]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001580)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000001500), &(0x7f0000001540)='%-010d \x00'}, 0x20)
r14 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001600)=@o_path={&(0x7f00000015c0)='./file0\x00', 0x0, 0x8, r0}, 0x18)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=@bloom_filter={0x1e, 0x7, 0xfffffff8, 0xb25, 0x88, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x9}, 0x48)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000016c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x2}, 0x48)
r17 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0)
openat$cgroup_ro(r17, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r18 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001740)={0xffffffffffffffff, 0x80000000, 0x10}, 0xc)
r19 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48)
r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xec05, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001940)={0x6, 0x15, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x34cf, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@map_idx={0x18, 0x5e654d53ab434984, 0x5, 0x0, 0xd}, @exit, @map_fd={0x18, 0xa, 0x1, 0x0, r1}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', r2, 0x25, r3, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x2, 0xd, 0x9, 0x10000}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001880)=[r12, 0x1, r13, r14, r15, r16, r17, r18, r19, r20], &(0x7f00000018c0)=[{0x3, 0x4, 0xa, 0x4}, {0x5, 0x5, 0xb, 0x2}, {0x5, 0x1, 0x2, 0x6}, {0x1, 0x3, 0x4, 0x7}, {0x5, 0x5, 0xb, 0xb}], 0x10, 0xfffffffa}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  581.173729][T19975] FAULT_INJECTION: forcing a failure.
[  581.173729][T19975] name failslab, interval 1, probability 0, space 0, times 0
[  581.191051][T19975] CPU: 1 PID: 19975 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  581.202616][T19975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  581.212507][T19975] Call Trace:
[  581.215630][T19975]  <TASK>
[  581.218407][T19975]  dump_stack_lvl+0x151/0x1b7
[  581.222940][T19975]  ? io_uring_drop_tctx_refs+0x190/0x190
[  581.228392][T19975]  ? avc_denied+0x1b0/0x1b0
[  581.232734][T19975]  dump_stack+0x15/0x17
[  581.236722][T19975]  should_fail+0x3c6/0x510
[  581.240978][T19975]  __should_failslab+0xa4/0xe0
[  581.245575][T19975]  ? vm_area_dup+0x26/0x230
[  581.249918][T19975]  should_failslab+0x9/0x20
[  581.254255][T19975]  slab_pre_alloc_hook+0x37/0xd0
[  581.259031][T19975]  ? vm_area_dup+0x26/0x230
[  581.263366][T19975]  kmem_cache_alloc+0x44/0x200
[  581.267969][T19975]  vm_area_dup+0x26/0x230
[  581.272137][T19975]  copy_mm+0x9a1/0x13e0
[  581.276130][T19975]  ? copy_signal+0x610/0x610
[  581.280555][T19975]  ? __init_rwsem+0xd6/0x1c0
[  581.284982][T19975]  ? copy_signal+0x4e3/0x610
[  581.289405][T19975]  copy_process+0x1149/0x3290
[  581.293919][T19975]  ? timerqueue_add+0x250/0x270
[  581.298602][T19975]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  581.303554][T19975]  kernel_clone+0x21e/0x9e0
[  581.307893][T19975]  ? create_io_thread+0x1e0/0x1e0
[  581.312753][T19975]  __x64_sys_clone+0x23f/0x290
[  581.317349][T19975]  ? __do_sys_vfork+0x130/0x130
[  581.322037][T19975]  ? debug_smp_processor_id+0x17/0x20
[  581.327268][T19975]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  581.333229][T19975]  ? exit_to_user_mode_prepare+0x39/0xa0
[  581.338697][T19975]  do_syscall_64+0x3d/0xb0
[  581.342954][T19975]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  581.348593][T19975]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  581.354331][T19975] RIP: 0033:0x7f7b6d82fda9
[  581.358593][T19975] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  581.378015][T19975] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  581.386261][T19975] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  581.394072][T19975] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  581.401883][T19975] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  581.409693][T19975] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:16 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020009466d59febbc3efc99e0b481a424000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0xfffffffffffffdb7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0xa, [@int={0x1, 0x0, 0x0, 0x1, 0x0, 0x4b, 0x0, 0x16}]}, {0x0, [0x0, 0x0, 0x0, 0x30, 0x30, 0x0, 0x0, 0x61]}}, &(0x7f0000000440)=""/4096, 0x32, 0x1000, 0x1}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xe}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000780)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], <r6=>0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x4030582a, &(0x7f0000000040))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c80)={r5, 0xfffffffffffffeba, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000019c0), ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001a40)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001a80)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001ac0), &(0x7f0000001b00), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001cc0)=r6, 0x4) (async)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001cc0)=r6, 0x4)
write$cgroup_type(r7, &(0x7f0000000840), 0x9) (async)
write$cgroup_type(r7, &(0x7f0000000840), 0x9)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001d80)={r7}, 0x8)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001dc0)={0xffffffffffffffff, 0x3ff}, 0xc)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000001e00)=@bloom_filter={0x1e, 0x40, 0x1, 0x0, 0x4, r7, 0x0, '\x00', 0x0, r7, 0x5, 0x5, 0x3}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001ec0)={0x0, 0x1, &(0x7f0000000280)=@raw=[@jmp={0x5, 0x0, 0x8, 0xa, 0xf, 0x10, 0xffffffffffffffff}], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x1000, &(0x7f00000009c0)=""/4096, 0x40f00, 0x10, '\x00', r8, 0x0, r9, 0x8, &(0x7f0000001d00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0x4, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r10, 0xffffffffffffffff, r11, r12]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001ec0)={0x0, 0x1, &(0x7f0000000280)=@raw=[@jmp={0x5, 0x0, 0x8, 0xa, 0xf, 0x10, 0xffffffffffffffff}], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x1000, &(0x7f00000009c0)=""/4096, 0x40f00, 0x10, '\x00', r8, 0x0, r9, 0x8, &(0x7f0000001d00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0x4, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r10, 0xffffffffffffffff, r11, r12]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001580)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000001500), &(0x7f0000001540)='%-010d \x00'}, 0x20)
r14 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001600)=@o_path={&(0x7f00000015c0)='./file0\x00', 0x0, 0x8, r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001640)=@bloom_filter={0x1e, 0x7, 0xfffffff8, 0xb25, 0x88, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x9}, 0x48) (async)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=@bloom_filter={0x1e, 0x7, 0xfffffff8, 0xb25, 0x88, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x9}, 0x48)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000016c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) (async)
r17 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0)
openat$cgroup_ro(r17, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001740)={0xffffffffffffffff, 0x80000000, 0x10}, 0xc) (async)
r18 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001740)={0xffffffffffffffff, 0x80000000, 0x10}, 0xc)
r19 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xec05, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48) (async)
r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xec05, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001940)={0x6, 0x15, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x34cf, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@map_idx={0x18, 0x5e654d53ab434984, 0x5, 0x0, 0xd}, @exit, @map_fd={0x18, 0xa, 0x1, 0x0, r1}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', r2, 0x25, r3, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x2, 0xd, 0x9, 0x10000}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001880)=[r12, 0x1, r13, r14, r15, r16, r17, r18, r19, r20], &(0x7f00000018c0)=[{0x3, 0x4, 0xa, 0x4}, {0x5, 0x5, 0xb, 0x2}, {0x5, 0x1, 0x2, 0x6}, {0x1, 0x3, 0x4, 0x7}, {0x5, 0x5, 0xb, 0xb}], 0x10, 0xfffffffa}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:16 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x5306d080, 0x0, 0x0, 0x0, 0x0, 0x0)

[  581.417506][T19975] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  581.425322][T19975]  </TASK>
06:59:16 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 54)

06:59:16 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020009466d59febbc3efc99e0b481a424000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0xfffffffffffffdb7) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0xfffffffffffffdb7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f00000003c0)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0xa, [@int={0x1, 0x0, 0x0, 0x1, 0x0, 0x4b, 0x0, 0x16}]}, {0x0, [0x0, 0x0, 0x0, 0x30, 0x30, 0x0, 0x0, 0x61]}}, &(0x7f0000000440)=""/4096, 0x32, 0x1000, 0x1}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xe}, 0x80)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], <r6=>0x0, 0x8, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x4030582a, &(0x7f0000000040)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x4030582a, &(0x7f0000000040))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c80)={r5, 0xfffffffffffffeba, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000019c0), ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001a40)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000001a80)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001ac0), &(0x7f0000001b00), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001cc0)=r6, 0x4)
write$cgroup_type(r7, &(0x7f0000000840), 0x9)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001d80)={r7}, 0x8)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001dc0)={0xffffffffffffffff, 0x3ff}, 0xc) (async)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001dc0)={0xffffffffffffffff, 0x3ff}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000001e00)=@bloom_filter={0x1e, 0x40, 0x1, 0x0, 0x4, r7, 0x0, '\x00', 0x0, r7, 0x5, 0x5, 0x3}, 0x48) (async)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000001e00)=@bloom_filter={0x1e, 0x40, 0x1, 0x0, 0x4, r7, 0x0, '\x00', 0x0, r7, 0x5, 0x5, 0x3}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001ec0)={0x0, 0x1, &(0x7f0000000280)=@raw=[@jmp={0x5, 0x0, 0x8, 0xa, 0xf, 0x10, 0xffffffffffffffff}], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x1000, &(0x7f00000009c0)=""/4096, 0x40f00, 0x10, '\x00', r8, 0x0, r9, 0x8, &(0x7f0000001d00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0x4, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r10, 0xffffffffffffffff, r11, r12]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001580)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000001500), &(0x7f0000001540)='%-010d \x00'}, 0x20)
r14 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001600)=@o_path={&(0x7f00000015c0)='./file0\x00', 0x0, 0x8, r0}, 0x18)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=@bloom_filter={0x1e, 0x7, 0xfffffff8, 0xb25, 0x88, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x9}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000016c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x2}, 0x48) (async)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000016c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x2}, 0x48)
r17 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0)
openat$cgroup_ro(r17, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r18 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001740)={0xffffffffffffffff, 0x80000000, 0x10}, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48) (async)
r19 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48)
r20 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xec05, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001940)={0x6, 0x15, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x34cf, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@map_idx={0x18, 0x5e654d53ab434984, 0x5, 0x0, 0xd}, @exit, @map_fd={0x18, 0xa, 0x1, 0x0, r1}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', r2, 0x25, r3, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x2, 0xd, 0x9, 0x10000}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001880)=[r12, 0x1, r13, r14, r15, r16, r17, r18, r19, r20], &(0x7f00000018c0)=[{0x3, 0x4, 0xa, 0x4}, {0x5, 0x5, 0xb, 0x2}, {0x5, 0x1, 0x2, 0x6}, {0x1, 0x3, 0x4, 0x7}, {0x5, 0x5, 0xb, 0xb}], 0x10, 0xfffffffa}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001940)={0x6, 0x15, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x34cf, 0x0, 0x0, 0x0, 0x40}, {}, {}, [@map_idx={0x18, 0x5e654d53ab434984, 0x5, 0x0, 0xd}, @exit, @map_fd={0x18, 0xa, 0x1, 0x0, r1}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', r2, 0x25, r3, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x2, 0xd, 0x9, 0x10000}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001880)=[r12, 0x1, r13, r14, r15, r16, r17, r18, r19, r20], &(0x7f00000018c0)=[{0x3, 0x4, 0xa, 0x4}, {0x5, 0x5, 0xb, 0x2}, {0x5, 0x1, 0x2, 0x6}, {0x1, 0x3, 0x4, 0x7}, {0x5, 0x5, 0xb, 0xb}], 0x10, 0xfffffffa}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:16 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2200, 0x43451)

[  581.516432][T19991] FAULT_INJECTION: forcing a failure.
[  581.516432][T19991] name failslab, interval 1, probability 0, space 0, times 0
[  581.531013][T19991] CPU: 0 PID: 19991 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  581.542569][T19991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  581.552473][T19991] Call Trace:
[  581.555583][T19991]  <TASK>
[  581.558364][T19991]  dump_stack_lvl+0x151/0x1b7
[  581.562874][T19991]  ? io_uring_drop_tctx_refs+0x190/0x190
[  581.568348][T19991]  ? irqentry_exit+0x30/0x40
[  581.572861][T19991]  dump_stack+0x15/0x17
[  581.576850][T19991]  should_fail+0x3c6/0x510
[  581.581105][T19991]  __should_failslab+0xa4/0xe0
[  581.585696][T19991]  ? anon_vma_clone+0x9a/0x500
[  581.590299][T19991]  should_failslab+0x9/0x20
[  581.594639][T19991]  slab_pre_alloc_hook+0x37/0xd0
[  581.599417][T19991]  ? anon_vma_clone+0x9a/0x500
[  581.604016][T19991]  kmem_cache_alloc+0x44/0x200
[  581.608632][T19991]  anon_vma_clone+0x9a/0x500
[  581.613045][T19991]  anon_vma_fork+0x91/0x4e0
[  581.617389][T19991]  ? anon_vma_name+0x4c/0x70
[  581.621802][T19991]  ? vm_area_dup+0x17a/0x230
[  581.626228][T19991]  copy_mm+0xa3a/0x13e0
[  581.630309][T19991]  ? irqentry_exit+0x30/0x40
[  581.634739][T19991]  ? copy_signal+0x610/0x610
[  581.639163][T19991]  ? __init_rwsem+0xd6/0x1c0
[  581.643586][T19991]  ? copy_signal+0x4e3/0x610
[  581.648017][T19991]  copy_process+0x1149/0x3290
[  581.652530][T19991]  ? timerqueue_add+0x250/0x270
[  581.657214][T19991]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  581.662160][T19991]  ? enqueue_hrtimer+0xca/0x240
[  581.666857][T19991]  ? __hrtimer_run_queues+0x46b/0xad0
[  581.672070][T19991]  kernel_clone+0x21e/0x9e0
[  581.676409][T19991]  ? irqentry_exit+0x30/0x40
[  581.680823][T19991]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  581.686479][T19991]  ? create_io_thread+0x1e0/0x1e0
[  581.691339][T19991]  __x64_sys_clone+0x23f/0x290
[  581.695927][T19991]  ? __do_sys_vfork+0x130/0x130
[  581.700613][T19991]  ? debug_smp_processor_id+0x17/0x20
[  581.705826][T19991]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  581.711735][T19991]  ? exit_to_user_mode_prepare+0x39/0xa0
[  581.717193][T19991]  do_syscall_64+0x3d/0xb0
[  581.721444][T19991]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  581.727081][T19991]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  581.732819][T19991] RIP: 0033:0x7f7b6d82fda9
[  581.737166][T19991] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  581.756593][T19991] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:17 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x4e, 0x7, 0x20, 0x6, 0x0, 0x5, 0x500, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc5, 0x2, @perf_bp={&(0x7f0000000000), 0xe}, 0x10000, 0x400, 0xf8, 0x5, 0x4001de43, 0x2, 0xfffc, 0x0, 0x6, 0x0, 0xff}, 0x0, 0xe, r1, 0x2)

06:59:17 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x5306d080, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:17 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2300, 0x43451)

[  581.764836][T19991] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  581.772647][T19991] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  581.780482][T19991] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  581.788273][T19991] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  581.796081][T19991] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  581.803900][T19991]  </TASK>
06:59:17 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:17 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x4e, 0x7, 0x20, 0x6, 0x0, 0x5, 0x500, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc5, 0x2, @perf_bp={&(0x7f0000000000), 0xe}, 0x10000, 0x400, 0xf8, 0x5, 0x4001de43, 0x2, 0xfffc, 0x0, 0x6, 0x0, 0xff}, 0x0, 0xe, r1, 0x2)

06:59:17 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x4e, 0x7, 0x20, 0x6, 0x0, 0x5, 0x500, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc5, 0x2, @perf_bp={&(0x7f0000000000), 0xe}, 0x10000, 0x400, 0xf8, 0x5, 0x4001de43, 0x2, 0xfffc, 0x0, 0x6, 0x0, 0xff}, 0x0, 0xe, r1, 0x2)

06:59:17 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, <r5=>0x0}, 0x8)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r2, 0xe0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd6, &(0x7f0000000c00)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000c80), &(0x7f0000000cc0), 0x8, 0x2e, 0x8, 0x8, &(0x7f0000000d00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r4, 0xa, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r5, r1, 0x2, &(0x7f00000009c0)=[r2, r6, r2], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x3, 0x22, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@printk={@lu}, @generic={0x0, 0x6, 0x6, 0x9, 0x20}, @exit, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf5}}, @ldst={0x3, 0x2, 0x6, 0x2, 0xb, 0xffffffffffffffff, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000640)='GPL\x00', 0x100, 0x5b, &(0x7f0000000700)=""/91, 0x40f00, 0x40, '\x00', 0x0, 0x3, r7, 0x8, &(0x7f0000000780)={0x9, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xa, 0x3, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x9, &(0x7f0000000880), &(0x7f00000008c0)=[{0x1, 0x1, 0x2, 0x2}, {0x4, 0x4, 0x5, 0xc}, {0x2, 0x3, 0xd, 0x5}, {0x3, 0x2, 0xd, 0x9}, {0x1, 0x1, 0xb, 0x7}, {0x2, 0x1, 0x10, 0x3}, {0x2, 0x0, 0x7, 0x9}, {0x3, 0x2, 0x400, 0x6}, {0x0, 0x4, 0x1, 0x5}], 0x10, 0x10000}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r0, 0x20, &(0x7f0000000380)={&(0x7f0000000200)=""/208, 0xd0, <r9=>0x0, &(0x7f0000000300)=""/101, 0x65}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r3, <r10=>0xffffffffffffffff}, &(0x7f0000000e80), &(0x7f0000000ec0)=r1}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001240)=@bpf_lsm={0x1d, 0x22, &(0x7f0000000f40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2e7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x2, 0x1, 0x3, 0x2, 0x2, 0x30, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @alu={0x4, 0x1, 0x2, 0x1, 0x2, 0x50, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001080)='GPL\x00', 0x0, 0x73, &(0x7f00000010c0)=""/115, 0x41000, 0x2, '\x00', r4, 0x1b, r7, 0x8, &(0x7f0000001140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r9, 0x0, 0x6, &(0x7f0000001180)=[r7, r2, r3], &(0x7f00000011c0)=[{0x2, 0x1, 0x10, 0xa}, {0x5, 0x5, 0xb, 0x2}, {0x0, 0x2, 0xb, 0x6}, {0x1, 0x4, 0x8, 0xb}, {0x4, 0x5, 0xe, 0xc}, {0x2, 0x3, 0x8, 0x4}], 0x10, 0x4}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x12, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1}, @alu={0x7, 0x1, 0xa, 0x7, 0xb, 0x2, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x800, 0x79, &(0x7f0000000500)=""/121, 0x41000, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0x8, 0x8, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000600)=[{0x4, 0x4, 0xa, 0xb}, {0x5, 0x1, 0x2, 0x5}, {0x5, 0x3, 0x101, 0x2}, {0x2, 0x5, 0x3, 0x8}, {0x3, 0x4, 0xe, 0xa}, {0x3, 0x2, 0x3, 0xa}, {0x4, 0x2, 0x5, 0x2}, {0x2, 0x1, 0x1, 0x9}], 0x10, 0xffff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2d, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0xe6, &(0x7f0000000080)=""/230, 0x40f00, 0x40, '\x00', r4, 0x3, r7, 0x8, &(0x7f0000000180)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x1, 0x4, 0xfffffffa}, 0x10, r9, r11, 0x0, 0x0, 0x0, 0x10, 0x50}, 0x90)

06:59:17 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 55)

06:59:17 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2400, 0x43451)

06:59:17 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, <r5=>0x0}, 0x8) (async)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r2, 0xe0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd6, &(0x7f0000000c00)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000c80), &(0x7f0000000cc0), 0x8, 0x2e, 0x8, 0x8, &(0x7f0000000d00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r4, 0xa, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r5, r1, 0x2, &(0x7f00000009c0)=[r2, r6, r2], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x3, 0x22, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@printk={@lu}, @generic={0x0, 0x6, 0x6, 0x9, 0x20}, @exit, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf5}}, @ldst={0x3, 0x2, 0x6, 0x2, 0xb, 0xffffffffffffffff, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000640)='GPL\x00', 0x100, 0x5b, &(0x7f0000000700)=""/91, 0x40f00, 0x40, '\x00', 0x0, 0x3, r7, 0x8, &(0x7f0000000780)={0x9, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xa, 0x3, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x9, &(0x7f0000000880), &(0x7f00000008c0)=[{0x1, 0x1, 0x2, 0x2}, {0x4, 0x4, 0x5, 0xc}, {0x2, 0x3, 0xd, 0x5}, {0x3, 0x2, 0xd, 0x9}, {0x1, 0x1, 0xb, 0x7}, {0x2, 0x1, 0x10, 0x3}, {0x2, 0x0, 0x7, 0x9}, {0x3, 0x2, 0x400, 0x6}, {0x0, 0x4, 0x1, 0x5}], 0x10, 0x10000}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r0, 0x20, &(0x7f0000000380)={&(0x7f0000000200)=""/208, 0xd0, <r9=>0x0, &(0x7f0000000300)=""/101, 0x65}}, 0x10) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r3, <r10=>0xffffffffffffffff}, &(0x7f0000000e80), &(0x7f0000000ec0)=r1}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001240)=@bpf_lsm={0x1d, 0x22, &(0x7f0000000f40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2e7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x2, 0x1, 0x3, 0x2, 0x2, 0x30, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @alu={0x4, 0x1, 0x2, 0x1, 0x2, 0x50, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001080)='GPL\x00', 0x0, 0x73, &(0x7f00000010c0)=""/115, 0x41000, 0x2, '\x00', r4, 0x1b, r7, 0x8, &(0x7f0000001140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r9, 0x0, 0x6, &(0x7f0000001180)=[r7, r2, r3], &(0x7f00000011c0)=[{0x2, 0x1, 0x10, 0xa}, {0x5, 0x5, 0xb, 0x2}, {0x0, 0x2, 0xb, 0x6}, {0x1, 0x4, 0x8, 0xb}, {0x4, 0x5, 0xe, 0xc}, {0x2, 0x3, 0x8, 0x4}], 0x10, 0x4}, 0x90) (async)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x12, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1}, @alu={0x7, 0x1, 0xa, 0x7, 0xb, 0x2, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x800, 0x79, &(0x7f0000000500)=""/121, 0x41000, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0x8, 0x8, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000600)=[{0x4, 0x4, 0xa, 0xb}, {0x5, 0x1, 0x2, 0x5}, {0x5, 0x3, 0x101, 0x2}, {0x2, 0x5, 0x3, 0x8}, {0x3, 0x4, 0xe, 0xa}, {0x3, 0x2, 0x3, 0xa}, {0x4, 0x2, 0x5, 0x2}, {0x2, 0x1, 0x1, 0x9}], 0x10, 0xffff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2d, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0xe6, &(0x7f0000000080)=""/230, 0x40f00, 0x40, '\x00', r4, 0x3, r7, 0x8, &(0x7f0000000180)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x1, 0x4, 0xfffffffa}, 0x10, r9, r11, 0x0, 0x0, 0x0, 0x10, 0x50}, 0x90)

06:59:17 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x0, <r5=>0x0}, 0x8)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r2, 0xe0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd6, &(0x7f0000000c00)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000c80), &(0x7f0000000cc0), 0x8, 0x2e, 0x8, 0x8, &(0x7f0000000d00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r4, 0xa, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r5, r1, 0x2, &(0x7f00000009c0)=[r2, r6, r2], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x3, 0x22, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@printk={@lu}, @generic={0x0, 0x6, 0x6, 0x9, 0x20}, @exit, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf5}}, @ldst={0x3, 0x2, 0x6, 0x2, 0xb, 0xffffffffffffffff, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000640)='GPL\x00', 0x100, 0x5b, &(0x7f0000000700)=""/91, 0x40f00, 0x40, '\x00', 0x0, 0x3, r7, 0x8, &(0x7f0000000780)={0x9, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xa, 0x3, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x9, &(0x7f0000000880), &(0x7f00000008c0)=[{0x1, 0x1, 0x2, 0x2}, {0x4, 0x4, 0x5, 0xc}, {0x2, 0x3, 0xd, 0x5}, {0x3, 0x2, 0xd, 0x9}, {0x1, 0x1, 0xb, 0x7}, {0x2, 0x1, 0x10, 0x3}, {0x2, 0x0, 0x7, 0x9}, {0x3, 0x2, 0x400, 0x6}, {0x0, 0x4, 0x1, 0x5}], 0x10, 0x10000}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r0, 0x20, &(0x7f0000000380)={&(0x7f0000000200)=""/208, 0xd0, <r9=>0x0, &(0x7f0000000300)=""/101, 0x65}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r3, <r10=>0xffffffffffffffff}, &(0x7f0000000e80), &(0x7f0000000ec0)=r1}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001240)=@bpf_lsm={0x1d, 0x22, &(0x7f0000000f40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2e7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x2, 0x1, 0x3, 0x2, 0x2, 0x30, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @alu={0x4, 0x1, 0x2, 0x1, 0x2, 0x50, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001080)='GPL\x00', 0x0, 0x73, &(0x7f00000010c0)=""/115, 0x41000, 0x2, '\x00', r4, 0x1b, r7, 0x8, &(0x7f0000001140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r9, 0x0, 0x6, &(0x7f0000001180)=[r7, r2, r3], &(0x7f00000011c0)=[{0x2, 0x1, 0x10, 0xa}, {0x5, 0x5, 0xb, 0x2}, {0x0, 0x2, 0xb, 0x6}, {0x1, 0x4, 0x8, 0xb}, {0x4, 0x5, 0xe, 0xc}, {0x2, 0x3, 0x8, 0x4}], 0x10, 0x4}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x12, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1}, @alu={0x7, 0x1, 0xa, 0x7, 0xb, 0x2, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x800, 0x79, &(0x7f0000000500)=""/121, 0x41000, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0x8, 0x8, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000600)=[{0x4, 0x4, 0xa, 0xb}, {0x5, 0x1, 0x2, 0x5}, {0x5, 0x3, 0x101, 0x2}, {0x2, 0x5, 0x3, 0x8}, {0x3, 0x4, 0xe, 0xa}, {0x3, 0x2, 0x3, 0xa}, {0x4, 0x2, 0x5, 0x2}, {0x2, 0x1, 0x1, 0x9}], 0x10, 0xffff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2d, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0xe6, &(0x7f0000000080)=""/230, 0x40f00, 0x40, '\x00', r4, 0x3, r7, 0x8, &(0x7f0000000180)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x1, 0x4, 0xfffffffa}, 0x10, r9, r11, 0x0, 0x0, 0x0, 0x10, 0x50}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) (async)
bpf$ITER_CREATE(0xb, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0], 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900), 0x8) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r2, 0xe0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd6, &(0x7f0000000c00)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000c80), &(0x7f0000000cc0), 0x8, 0x2e, 0x8, 0x8, &(0x7f0000000d00)}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1e, 0x12, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd235}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@generic={0x8, 0x8, 0x4, 0xfffb, 0x4}, @map_fd={0x18, 0x9, 0x1, 0x0, r3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0xa4, 0xfd, &(0x7f0000000480)=""/253, 0x40f00, 0x44, '\x00', r4, 0xa, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x1, 0x10, 0x1f, 0x4}, 0x10, r5, r1, 0x2, &(0x7f00000009c0)=[r2, r6, r2], &(0x7f0000000a00)=[{0x0, 0x2, 0x10, 0xf}, {0x2, 0x3, 0xb, 0xc}]}, 0x90) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={0xffffffffffffffff, 0x4, 0x10}, 0xc) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x3, 0x22, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@printk={@lu}, @generic={0x0, 0x6, 0x6, 0x9, 0x20}, @exit, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf5}}, @ldst={0x3, 0x2, 0x6, 0x2, 0xb, 0xffffffffffffffff, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000640)='GPL\x00', 0x100, 0x5b, &(0x7f0000000700)=""/91, 0x40f00, 0x40, '\x00', 0x0, 0x3, r7, 0x8, &(0x7f0000000780)={0x9, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xa, 0x3, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x9, &(0x7f0000000880), &(0x7f00000008c0)=[{0x1, 0x1, 0x2, 0x2}, {0x4, 0x4, 0x5, 0xc}, {0x2, 0x3, 0xd, 0x5}, {0x3, 0x2, 0xd, 0x9}, {0x1, 0x1, 0xb, 0x7}, {0x2, 0x1, 0x10, 0x3}, {0x2, 0x0, 0x7, 0x9}, {0x3, 0x2, 0x400, 0x6}, {0x0, 0x4, 0x1, 0x5}], 0x10, 0x10000}, 0x90) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r0, 0x20, &(0x7f0000000380)={&(0x7f0000000200)=""/208, 0xd0, 0x0, &(0x7f0000000300)=""/101, 0x65}}, 0x10) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r3}, &(0x7f0000000e80), &(0x7f0000000ec0)=r1}, 0x20) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001240)=@bpf_lsm={0x1d, 0x22, &(0x7f0000000f40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2e7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x2, 0x1, 0x3, 0x2, 0x2, 0x30, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @alu={0x4, 0x1, 0x2, 0x1, 0x2, 0x50, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001080)='GPL\x00', 0x0, 0x73, &(0x7f00000010c0)=""/115, 0x41000, 0x2, '\x00', r4, 0x1b, r7, 0x8, &(0x7f0000001140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r9, 0x0, 0x6, &(0x7f0000001180)=[r7, r2, r3], &(0x7f00000011c0)=[{0x2, 0x1, 0x10, 0xa}, {0x5, 0x5, 0xb, 0x2}, {0x0, 0x2, 0xb, 0x6}, {0x1, 0x4, 0x8, 0xb}, {0x4, 0x5, 0xe, 0xc}, {0x2, 0x3, 0x8, 0x4}], 0x10, 0x4}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x12, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18000, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1}, @alu={0x7, 0x1, 0xa, 0x7, 0xb, 0x2, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x800, 0x79, &(0x7f0000000500)=""/121, 0x41000, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0x8, 0x8, 0x1000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000600)=[{0x4, 0x4, 0xa, 0xb}, {0x5, 0x1, 0x2, 0x5}, {0x5, 0x3, 0x101, 0x2}, {0x2, 0x5, 0x3, 0x8}, {0x3, 0x4, 0xe, 0xa}, {0x3, 0x2, 0x3, 0xa}, {0x4, 0x2, 0x5, 0x2}, {0x2, 0x1, 0x1, 0x9}], 0x10, 0xffff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2d, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0xe6, &(0x7f0000000080)=""/230, 0x40f00, 0x40, '\x00', r4, 0x3, r7, 0x8, &(0x7f0000000180)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x1, 0x4, 0xfffffffa}, 0x10, r9, r11, 0x0, 0x0, 0x0, 0x10, 0x50}, 0x90) (async)

06:59:17 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000240)}, 0x20)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x41, 0x2, 0x3, 0x1400, r0, 0x20, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x0, 0xd}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r8, &(0x7f0000000000), 0x248800)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0x0, 0xd2, 0x18}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xf, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x7ff}, [@map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x4}, @func, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000340)='GPL\x00', 0x80000000, 0x3, &(0x7f0000000440)=""/3, 0x41100, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0x3, 0x3, 0xb56}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000680)=[r1, 0x1], &(0x7f00000006c0)=[{0x5, 0x2, 0x1, 0x6}, {0x5, 0x1, 0x5, 0x7}, {0x1, 0x2, 0x10, 0x9}, {0x3, 0x4, 0x10, 0xc}, {0x2, 0x3, 0x6, 0xb}]}, 0x90)
r10 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x16, 0xb4, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x15, &(0x7f0000001180)=@framed={{0x18, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x0, 0x1, 0x0, r10}, @generic={0x56}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000008c0)={r6, 0x58, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0x5, 0x1, 0x0, r5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_val={0x18, 0x0, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x92d}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x1, 0x0, 0x50, 0x10}]}, &(0x7f0000000880)='syzkaller\x00', 0x401, 0xcc, &(0x7f0000000b00)=""/204, 0x41100, 0xc, '\x00', r11, 0x0, r8, 0x8, &(0x7f0000000c80)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000cc0)={0x4, 0xe, 0x2, 0x3b}, 0x10, 0x15b71, 0xffffffffffffffff, 0x5, &(0x7f0000000d00)=[r2, r4, r7, r4, r9, r7], &(0x7f0000000d40)=[{0x1, 0x2}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x1, 0x9}, {0x1, 0x3, 0x4, 0xa}, {0x2, 0x3, 0xc, 0x7}], 0x10, 0xf0}, 0x90)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], <r13=>0x0, 0x25, &(0x7f0000000700)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000740), 0x0, 0x0, 0x61, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1a, 0x14, &(0x7f0000000200)=@ringbuf={{}, {}, {}, [@map_idx={0x18, 0x9}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0xeb, &(0x7f0000000440)=""/235, 0x41000, 0x21, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f00000005c0)={0x2}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000940)=[{0x4, 0x0, 0x7, 0x5}, {0x4, 0x3, 0xf, 0x7}, {0x3, 0x0, 0x2, 0x4}, {0x4, 0x2, 0x0, 0x5}, {0x0, 0x2, 0x7, 0x4}]}, 0x90)
r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0xe, &(0x7f00000013c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x20}, [@ldst={0x2, 0x2, 0x3, 0x6, 0x8, 0xfffffffffffffff8, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000}, @ringbuf_query]}, &(0x7f0000001440)='syzkaller\x00', 0xcf, 0x1c, &(0x7f0000001480)=""/28, 0x41000, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000014c0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001540)=[{0x2, 0x5, 0xf, 0x9}], 0x10, 0x400}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000016c0)={{0xffffffffffffffff, <r15=>0xffffffffffffffff}, &(0x7f0000001640), &(0x7f0000001680)=r0}, 0x20)
r16 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20)
r17 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a00)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, r16, 0x1, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r17, 0x0, 0x0}, 0x10)
r18 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
recvmsg$unix(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001880)=""/184, 0xaf}, {&(0x7f0000000380)=""/200, 0xfffffffffffffd8a}, {&(0x7f0000001940)=""/192}], 0x2, &(0x7f0000000280)=[@cred={{0x1c}}], 0x20}, 0x21a3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1b, 0xd, &(0x7f0000000300)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @ldst={0x2, 0x2, 0x0, 0x4, 0x9, 0x30, 0x8}, @map_fd={0x18, 0x3}, @jmp={0x5, 0x1, 0x2, 0x8, 0xb, 0xffffffffffffffc0, 0x1f}, @exit, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @map_fd={0x18, 0x4}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000380)=""/4096, 0x41100, 0x33, '\x00', r11, 0x20, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000001380)={0x5, 0x2, 0x1f, 0x3ff}, 0x10, r13, r14, 0x7, &(0x7f0000001700)=[r15, r17, r18], &(0x7f0000001740)=[{0x3, 0x2, 0xa, 0xc}, {0x2, 0x5, 0x7, 0x1}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x3, 0x8, 0x6}, {0x2, 0x5, 0xd}, {0x0, 0x5, 0xb, 0xb}, {0x5, 0x1, 0x1, 0x8}], 0x10, 0x40}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:17 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x7, 0x0, 0x9, 0x3f, 0x0, 0x800, 0x2600, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x1, @perf_config_ext={0xffff, 0x6}, 0x249d, 0x1f, 0x20, 0x2, 0x2, 0x9844, 0x5284, 0x0, 0x6, 0x0, 0x5}, r0, 0x8, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x9, 0x0, 0x1f, 0x2, 0x0, 0x80000000, 0x61, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x7f, 0xffffffff00000001}, 0x511, 0x7, 0x0, 0x9, 0xd0, 0x2, 0x8, 0x0, 0x3791, 0x0, 0x8}, r0, 0x3, r1, 0xa)

[  582.030440][T20029] FAULT_INJECTION: forcing a failure.
[  582.030440][T20029] name failslab, interval 1, probability 0, space 0, times 0
[  582.058497][T20029] CPU: 0 PID: 20029 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  582.070061][T20029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  582.079954][T20029] Call Trace:
[  582.083078][T20029]  <TASK>
[  582.085855][T20029]  dump_stack_lvl+0x151/0x1b7
[  582.090362][T20029]  ? io_uring_drop_tctx_refs+0x190/0x190
[  582.095834][T20029]  ? anon_vma_fork+0x9c/0x4e0
[  582.100354][T20029]  dump_stack+0x15/0x17
[  582.104337][T20029]  should_fail+0x3c6/0x510
[  582.108592][T20029]  __should_failslab+0xa4/0xe0
[  582.113190][T20029]  ? anon_vma_fork+0xf7/0x4e0
[  582.117702][T20029]  should_failslab+0x9/0x20
[  582.122480][T20029]  slab_pre_alloc_hook+0x37/0xd0
[  582.127255][T20029]  ? anon_vma_fork+0xf7/0x4e0
[  582.131766][T20029]  kmem_cache_alloc+0x44/0x200
[  582.136367][T20029]  anon_vma_fork+0xf7/0x4e0
[  582.140701][T20029]  ? anon_vma_name+0x4c/0x70
[  582.145127][T20029]  ? vm_area_dup+0x17a/0x230
[  582.149641][T20029]  copy_mm+0xa3a/0x13e0
[  582.153638][T20029]  ? copy_signal+0x610/0x610
[  582.158059][T20029]  ? __init_rwsem+0xd6/0x1c0
[  582.162486][T20029]  ? copy_signal+0x4e3/0x610
[  582.166921][T20029]  copy_process+0x1149/0x3290
[  582.171434][T20029]  ? timerqueue_add+0x250/0x270
[  582.176115][T20029]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  582.181061][T20029]  ? enqueue_hrtimer+0xca/0x240
[  582.185746][T20029]  ? __hrtimer_run_queues+0x46b/0xad0
[  582.190956][T20029]  kernel_clone+0x21e/0x9e0
[  582.195301][T20029]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  582.200937][T20029]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  582.206925][T20029]  ? create_io_thread+0x1e0/0x1e0
[  582.211783][T20029]  ? __x64_sys_clone+0x237/0x290
[  582.216556][T20029]  ? __memmove+0x1a0/0x1a0
[  582.220810][T20029]  __x64_sys_clone+0x23f/0x290
[  582.225413][T20029]  ? __do_sys_vfork+0x130/0x130
[  582.230098][T20029]  ? debug_smp_processor_id+0x17/0x20
[  582.235305][T20029]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  582.241206][T20029]  ? exit_to_user_mode_prepare+0x39/0xa0
[  582.246675][T20029]  do_syscall_64+0x3d/0xb0
[  582.251197][T20029]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  582.256834][T20029]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  582.262559][T20029] RIP: 0033:0x7f7b6d82fda9
[  582.266814][T20029] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  582.286250][T20029] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  582.294581][T20029] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  582.302393][T20029] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  582.310232][T20029] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  582.318017][T20029] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:17 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2500, 0x43451)

[  582.325842][T20029] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  582.333645][T20029]  </TASK>
06:59:17 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000240)}, 0x20)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x41, 0x2, 0x3, 0x1400, r0, 0x20, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x0, 0xd}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r8, &(0x7f0000000000), 0x248800)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0x0, 0xd2, 0x18}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xf, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x7ff}, [@map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x4}, @func, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000340)='GPL\x00', 0x80000000, 0x3, &(0x7f0000000440)=""/3, 0x41100, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0x3, 0x3, 0xb56}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000680)=[r1, 0x1], &(0x7f00000006c0)=[{0x5, 0x2, 0x1, 0x6}, {0x5, 0x1, 0x5, 0x7}, {0x1, 0x2, 0x10, 0x9}, {0x3, 0x4, 0x10, 0xc}, {0x2, 0x3, 0x6, 0xb}]}, 0x90) (async)
r10 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x16, 0xb4, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x15, &(0x7f0000001180)=@framed={{0x18, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x0, 0x1, 0x0, r10}, @generic={0x56}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000008c0)={r6, 0x58, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0x5, 0x1, 0x0, r5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_val={0x18, 0x0, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x92d}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x1, 0x0, 0x50, 0x10}]}, &(0x7f0000000880)='syzkaller\x00', 0x401, 0xcc, &(0x7f0000000b00)=""/204, 0x41100, 0xc, '\x00', r11, 0x0, r8, 0x8, &(0x7f0000000c80)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000cc0)={0x4, 0xe, 0x2, 0x3b}, 0x10, 0x15b71, 0xffffffffffffffff, 0x5, &(0x7f0000000d00)=[r2, r4, r7, r4, r9, r7], &(0x7f0000000d40)=[{0x1, 0x2}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x1, 0x9}, {0x1, 0x3, 0x4, 0xa}, {0x2, 0x3, 0xc, 0x7}], 0x10, 0xf0}, 0x90) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], <r13=>0x0, 0x25, &(0x7f0000000700)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000740), 0x0, 0x0, 0x61, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1a, 0x14, &(0x7f0000000200)=@ringbuf={{}, {}, {}, [@map_idx={0x18, 0x9}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0xeb, &(0x7f0000000440)=""/235, 0x41000, 0x21, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f00000005c0)={0x2}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000940)=[{0x4, 0x0, 0x7, 0x5}, {0x4, 0x3, 0xf, 0x7}, {0x3, 0x0, 0x2, 0x4}, {0x4, 0x2, 0x0, 0x5}, {0x0, 0x2, 0x7, 0x4}]}, 0x90)
r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0xe, &(0x7f00000013c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x20}, [@ldst={0x2, 0x2, 0x3, 0x6, 0x8, 0xfffffffffffffff8, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000}, @ringbuf_query]}, &(0x7f0000001440)='syzkaller\x00', 0xcf, 0x1c, &(0x7f0000001480)=""/28, 0x41000, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000014c0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001540)=[{0x2, 0x5, 0xf, 0x9}], 0x10, 0x400}, 0x90) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000016c0)={{0xffffffffffffffff, <r15=>0xffffffffffffffff}, &(0x7f0000001640), &(0x7f0000001680)=r0}, 0x20) (async)
r16 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20)
r17 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a00)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, r16, 0x1, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r17, 0x0, 0x0}, 0x10) (async)
r18 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
recvmsg$unix(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001880)=""/184, 0xaf}, {&(0x7f0000000380)=""/200, 0xfffffffffffffd8a}, {&(0x7f0000001940)=""/192}], 0x2, &(0x7f0000000280)=[@cred={{0x1c}}], 0x20}, 0x21a3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1b, 0xd, &(0x7f0000000300)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @ldst={0x2, 0x2, 0x0, 0x4, 0x9, 0x30, 0x8}, @map_fd={0x18, 0x3}, @jmp={0x5, 0x1, 0x2, 0x8, 0xb, 0xffffffffffffffc0, 0x1f}, @exit, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @map_fd={0x18, 0x4}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000380)=""/4096, 0x41100, 0x33, '\x00', r11, 0x20, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000001380)={0x5, 0x2, 0x1f, 0x3ff}, 0x10, r13, r14, 0x7, &(0x7f0000001700)=[r15, r17, r18], &(0x7f0000001740)=[{0x3, 0x2, 0xa, 0xc}, {0x2, 0x5, 0x7, 0x1}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x3, 0x8, 0x6}, {0x2, 0x5, 0xd}, {0x0, 0x5, 0xb, 0xb}, {0x5, 0x1, 0x1, 0x8}], 0x10, 0x40}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:17 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x7, 0x0, 0x9, 0x3f, 0x0, 0x800, 0x2600, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x1, @perf_config_ext={0xffff, 0x6}, 0x249d, 0x1f, 0x20, 0x2, 0x2, 0x9844, 0x5284, 0x0, 0x6, 0x0, 0x5}, r0, 0x8, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x9, 0x0, 0x1f, 0x2, 0x0, 0x80000000, 0x61, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x7f, 0xffffffff00000001}, 0x511, 0x7, 0x0, 0x9, 0xd0, 0x2, 0x8, 0x0, 0x3791, 0x0, 0x8}, r0, 0x3, r1, 0xa)

06:59:17 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 56)

06:59:17 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x7, 0x0, 0x9, 0x3f, 0x0, 0x800, 0x2600, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x1, @perf_config_ext={0xffff, 0x6}, 0x249d, 0x1f, 0x20, 0x2, 0x2, 0x9844, 0x5284, 0x0, 0x6, 0x0, 0x5}, r0, 0x8, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x9, 0x0, 0x1f, 0x2, 0x0, 0x80000000, 0x61, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x7f, 0xffffffff00000001}, 0x511, 0x7, 0x0, 0x9, 0xd0, 0x2, 0x8, 0x0, 0x3791, 0x0, 0x8}, r0, 0x3, r1, 0xa)

06:59:17 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000240)}, 0x20) (async)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00'}, 0x18) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x41, 0x2, 0x3, 0x1400, r0, 0x20, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x0, 0xd}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180)) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r8, &(0x7f0000000000), 0x248800) (async)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0x0, 0xd2, 0x18}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xf, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x7ff}, [@map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x4}, @func, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000340)='GPL\x00', 0x80000000, 0x3, &(0x7f0000000440)=""/3, 0x41100, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0x3, 0x3, 0xb56}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000680)=[r1, 0x1], &(0x7f00000006c0)=[{0x5, 0x2, 0x1, 0x6}, {0x5, 0x1, 0x5, 0x7}, {0x1, 0x2, 0x10, 0x9}, {0x3, 0x4, 0x10, 0xc}, {0x2, 0x3, 0x6, 0xb}]}, 0x90) (async)
r10 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x16, 0xb4, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x15, &(0x7f0000001180)=@framed={{0x18, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0x0, 0x1, 0x0, r10}, @generic={0x56}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x90) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000008c0)={r6, 0x58, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10) (rerun: 64)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0x5, 0x1, 0x0, r5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_val={0x18, 0x0, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x92d}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x1, 0x0, 0x50, 0x10}]}, &(0x7f0000000880)='syzkaller\x00', 0x401, 0xcc, &(0x7f0000000b00)=""/204, 0x41100, 0xc, '\x00', r11, 0x0, r8, 0x8, &(0x7f0000000c80)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000cc0)={0x4, 0xe, 0x2, 0x3b}, 0x10, 0x15b71, 0xffffffffffffffff, 0x5, &(0x7f0000000d00)=[r2, r4, r7, r4, r9, r7], &(0x7f0000000d40)=[{0x1, 0x2}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x1, 0x9}, {0x1, 0x3, 0x4, 0xa}, {0x2, 0x3, 0xc, 0x7}], 0x10, 0xf0}, 0x90)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], <r13=>0x0, 0x25, &(0x7f0000000700)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000740), 0x0, 0x0, 0x61, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1a, 0x14, &(0x7f0000000200)=@ringbuf={{}, {}, {}, [@map_idx={0x18, 0x9}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0xeb, &(0x7f0000000440)=""/235, 0x41000, 0x21, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f00000005c0)={0x2}, 0x8, 0x10, 0x0, 0x0, r13, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000940)=[{0x4, 0x0, 0x7, 0x5}, {0x4, 0x3, 0xf, 0x7}, {0x3, 0x0, 0x2, 0x4}, {0x4, 0x2, 0x0, 0x5}, {0x0, 0x2, 0x7, 0x4}]}, 0x90)
r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0xe, &(0x7f00000013c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x20}, [@ldst={0x2, 0x2, 0x3, 0x6, 0x8, 0xfffffffffffffff8, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000}, @ringbuf_query]}, &(0x7f0000001440)='syzkaller\x00', 0xcf, 0x1c, &(0x7f0000001480)=""/28, 0x41000, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000014c0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001540)=[{0x2, 0x5, 0xf, 0x9}], 0x10, 0x400}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000016c0)={{0xffffffffffffffff, <r15=>0xffffffffffffffff}, &(0x7f0000001640), &(0x7f0000001680)=r0}, 0x20) (async, rerun: 32)
r16 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20) (rerun: 32)
r17 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a00)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, r16, 0x1, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r17, 0x0, 0x0}, 0x10) (async)
r18 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
recvmsg$unix(r18, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001880)=""/184, 0xaf}, {&(0x7f0000000380)=""/200, 0xfffffffffffffd8a}, {&(0x7f0000001940)=""/192}], 0x2, &(0x7f0000000280)=[@cred={{0x1c}}], 0x20}, 0x21a3) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1b, 0xd, &(0x7f0000000300)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @ldst={0x2, 0x2, 0x0, 0x4, 0x9, 0x30, 0x8}, @map_fd={0x18, 0x3}, @jmp={0x5, 0x1, 0x2, 0x8, 0xb, 0xffffffffffffffc0, 0x1f}, @exit, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @map_fd={0x18, 0x4}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000380)=""/4096, 0x41100, 0x33, '\x00', r11, 0x20, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000001380)={0x5, 0x2, 0x1f, 0x3ff}, 0x10, r13, r14, 0x7, &(0x7f0000001700)=[r15, r17, r18], &(0x7f0000001740)=[{0x3, 0x2, 0xa, 0xc}, {0x2, 0x5, 0x7, 0x1}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x3, 0x8, 0x6}, {0x2, 0x5, 0xd}, {0x0, 0x5, 0xb, 0xb}, {0x5, 0x1, 0x1, 0x8}], 0x10, 0x40}, 0x90) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:17 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2600, 0x43451)

06:59:17 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2700, 0x43451)

06:59:17 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x43244580, 0x0, 0x0, 0x0, 0x0, 0x0)

[  582.467419][T20066] FAULT_INJECTION: forcing a failure.
[  582.467419][T20066] name failslab, interval 1, probability 0, space 0, times 0
[  582.511487][T20066] CPU: 0 PID: 20066 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  582.523055][T20066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  582.533032][T20066] Call Trace:
[  582.536155][T20066]  <TASK>
[  582.538930][T20066]  dump_stack_lvl+0x151/0x1b7
[  582.543441][T20066]  ? io_uring_drop_tctx_refs+0x190/0x190
[  582.548915][T20066]  dump_stack+0x15/0x17
[  582.552902][T20066]  should_fail+0x3c6/0x510
[  582.557154][T20066]  __should_failslab+0xa4/0xe0
[  582.561754][T20066]  ? anon_vma_fork+0x1df/0x4e0
[  582.566358][T20066]  should_failslab+0x9/0x20
[  582.570697][T20066]  slab_pre_alloc_hook+0x37/0xd0
[  582.575470][T20066]  ? anon_vma_fork+0x1df/0x4e0
[  582.580067][T20066]  kmem_cache_alloc+0x44/0x200
[  582.584668][T20066]  anon_vma_fork+0x1df/0x4e0
[  582.589100][T20066]  copy_mm+0xa3a/0x13e0
[  582.593091][T20066]  ? copy_signal+0x610/0x610
[  582.597513][T20066]  ? __init_rwsem+0xd6/0x1c0
[  582.601940][T20066]  ? copy_signal+0x4e3/0x610
[  582.606366][T20066]  copy_process+0x1149/0x3290
[  582.610884][T20066]  ? timerqueue_add+0x250/0x270
[  582.615569][T20066]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  582.620516][T20066]  ? enqueue_hrtimer+0xca/0x240
[  582.625200][T20066]  ? __hrtimer_run_queues+0x46b/0xad0
[  582.630411][T20066]  kernel_clone+0x21e/0x9e0
[  582.634872][T20066]  ? irqentry_exit+0x30/0x40
[  582.639288][T20066]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  582.644933][T20066]  ? create_io_thread+0x1e0/0x1e0
[  582.649799][T20066]  __x64_sys_clone+0x23f/0x290
[  582.654392][T20066]  ? __do_sys_vfork+0x130/0x130
[  582.659079][T20066]  ? debug_smp_processor_id+0x17/0x20
[  582.664288][T20066]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  582.670188][T20066]  ? exit_to_user_mode_prepare+0x39/0xa0
[  582.675654][T20066]  do_syscall_64+0x3d/0xb0
[  582.679905][T20066]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  582.685551][T20066]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  582.691275][T20066] RIP: 0033:0x7f7b6d82fda9
[  582.695545][T20066] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  582.715503][T20066] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  582.723826][T20066] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  582.731633][T20066] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  582.739461][T20066] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  582.747259][T20066] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2800, 0x43451)

06:59:18 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  582.755070][T20066] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  582.762893][T20066]  </TASK>
06:59:18 executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0xd07, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x15, 0xfffffccb, 0x80000001, 0x1f, 0x196c, r0, 0xae1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:18 executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0xd07, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x15, 0xfffffccb, 0x80000001, 0x1f, 0x196c, r0, 0xae1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0xd07, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x15, 0xfffffccb, 0x80000001, 0x1f, 0x196c, r0, 0xae1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x48) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2900, 0x43451)

06:59:18 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 57)

[  582.860499][T20090] FAULT_INJECTION: forcing a failure.
[  582.860499][T20090] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  582.889362][T20090] CPU: 1 PID: 20090 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  582.901008][T20090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  582.910898][T20090] Call Trace:
[  582.914016][T20090]  <TASK>
[  582.916814][T20090]  dump_stack_lvl+0x151/0x1b7
[  582.921322][T20090]  ? io_uring_drop_tctx_refs+0x190/0x190
[  582.926778][T20090]  dump_stack+0x15/0x17
[  582.930766][T20090]  should_fail+0x3c6/0x510
[  582.935020][T20090]  should_fail_alloc_page+0x5a/0x80
[  582.940069][T20090]  prepare_alloc_pages+0x15c/0x700
[  582.945012][T20090]  ? update_stack_state+0x355/0x460
[  582.950214][T20090]  ? __alloc_pages_bulk+0xe40/0xe40
[  582.955250][T20090]  __alloc_pages+0x18c/0x8f0
[  582.959671][T20090]  ? prep_new_page+0x110/0x110
[  582.964276][T20090]  ? irqentry_exit+0x30/0x40
[  582.968704][T20090]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  582.974350][T20090]  get_zeroed_page+0x1b/0x40
[  582.980859][T20090]  __pud_alloc+0x8b/0x260
[  582.985021][T20090]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  582.991010][T20090]  ? do_handle_mm_fault+0x2330/0x2330
[  582.996222][T20090]  copy_page_range+0x2bcf/0x2f90
[  583.000990][T20090]  ? __kasan_slab_alloc+0xb1/0xe0
[  583.005851][T20090]  ? slab_post_alloc_hook+0x53/0x2c0
[  583.010973][T20090]  ? copy_mm+0xa3a/0x13e0
[  583.015161][T20090]  ? copy_process+0x1149/0x3290
[  583.019833][T20090]  ? kernel_clone+0x21e/0x9e0
[  583.024334][T20090]  ? __x64_sys_clone+0x23f/0x290
[  583.029112][T20090]  ? do_syscall_64+0x3d/0xb0
[  583.033549][T20090]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  583.039454][T20090]  ? pfn_valid+0x1e0/0x1e0
[  583.044562][T20090]  ? rwsem_write_trylock+0x15b/0x290
[  583.049681][T20090]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  583.055927][T20090]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  583.061491][T20090]  ? __rb_insert_augmented+0x5de/0x610
[  583.066785][T20090]  copy_mm+0xc7e/0x13e0
[  583.070776][T20090]  ? copy_signal+0x610/0x610
[  583.075196][T20090]  ? __init_rwsem+0xd6/0x1c0
[  583.079627][T20090]  ? copy_signal+0x4e3/0x610
[  583.084050][T20090]  copy_process+0x1149/0x3290
[  583.088568][T20090]  ? timerqueue_add+0x250/0x270
[  583.093254][T20090]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  583.098198][T20090]  ? enqueue_hrtimer+0xca/0x240
[  583.102885][T20090]  ? __hrtimer_run_queues+0x46b/0xad0
[  583.108095][T20090]  kernel_clone+0x21e/0x9e0
[  583.112437][T20090]  ? create_io_thread+0x1e0/0x1e0
[  583.117391][T20090]  ? clockevents_program_event+0x22f/0x300
[  583.123041][T20090]  __x64_sys_clone+0x23f/0x290
[  583.127633][T20090]  ? __do_sys_vfork+0x130/0x130
[  583.132320][T20090]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  583.138137][T20090]  do_syscall_64+0x3d/0xb0
[  583.142386][T20090]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.148031][T20090]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  583.153758][T20090] RIP: 0033:0x7f7b6d82fda9
[  583.158023][T20090] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  583.177451][T20090] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  583.185691][T20090] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  583.193504][T20090] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  583.201312][T20090] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2a00, 0x43451)

06:59:18 executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0xd07, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x15, 0xfffffccb, 0x80000001, 0x1f, 0x196c, r0, 0xae1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x15, 0xfffffccb, 0x80000001, 0x1f, 0x196c, r0, 0xae1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:18 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x43244580, 0x0, 0x0, 0x0, 0x0, 0x0)

[  583.209125][T20090] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  583.216935][T20090] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  583.224754][T20090]  </TASK>
06:59:18 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 58)

06:59:18 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x17, &(0x7f0000000280)=@raw=[@tail_call, @alu={0x7, 0x1, 0x4, 0xb, 0x2, 0xf180bde897952bff, 0x1}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @generic={0xfd, 0x8, 0x7, 0x9, 0x6}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001}, @generic={0x80, 0xe, 0x1, 0x401, 0xfffffc01}, @call={0x85, 0x0, 0x0, 0x11}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x1f248e97, 0x89, &(0x7f0000000340)=""/137, 0x40f00, 0x42, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x9, 0x5, 0x626}, 0x10, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000400)=[{0x2, 0x2, 0x6, 0xb}, {0x0, 0x3, 0x2, 0xa}, {0x4, 0x1, 0xc, 0x9}, {0x3, 0x2, 0x3, 0x1}, {0x5, 0x3, 0xb, 0x3}, {0x1, 0x5, 0x5, 0x4}, {0x0, 0x1, 0xc, 0x3}], 0x10, 0x8}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1, &(0x7f00000000c0)=@raw=[@jmp={0x5, 0x1, 0x7, 0x1, 0xb, 0xfffffffffffffff4}], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x3, 0xf, 0x2119, 0x8001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0, 0x10, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:18 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2b00, 0x43451)

[  583.327382][T20117] FAULT_INJECTION: forcing a failure.
[  583.327382][T20117] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  583.350900][T20117] CPU: 1 PID: 20117 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  583.362459][T20117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  583.372358][T20117] Call Trace:
[  583.375481][T20117]  <TASK>
[  583.378258][T20117]  dump_stack_lvl+0x151/0x1b7
[  583.382769][T20117]  ? io_uring_drop_tctx_refs+0x190/0x190
[  583.388240][T20117]  dump_stack+0x15/0x17
[  583.392225][T20117]  should_fail+0x3c6/0x510
[  583.396479][T20117]  should_fail_alloc_page+0x5a/0x80
[  583.401512][T20117]  prepare_alloc_pages+0x15c/0x700
[  583.406462][T20117]  ? __alloc_pages_bulk+0xe40/0xe40
[  583.411497][T20117]  __alloc_pages+0x18c/0x8f0
[  583.415917][T20117]  ? prep_new_page+0x110/0x110
[  583.420517][T20117]  ? __alloc_pages+0x27e/0x8f0
[  583.425123][T20117]  ? __kasan_check_write+0x14/0x20
[  583.430067][T20117]  ? _raw_spin_lock+0xa4/0x1b0
[  583.434665][T20117]  pte_alloc_one+0x73/0x1b0
[  583.439004][T20117]  ? pfn_modify_allowed+0x2f0/0x2f0
[  583.444043][T20117]  __pte_alloc+0x86/0x350
[  583.448203][T20117]  ? irqentry_exit+0x30/0x40
[  583.452637][T20117]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.458271][T20117]  ? free_pgtables+0x280/0x280
[  583.462874][T20117]  copy_page_range+0x28a8/0x2f90
[  583.467645][T20117]  ? __kasan_slab_alloc+0xb1/0xe0
[  583.472506][T20117]  ? slab_post_alloc_hook+0x53/0x2c0
[  583.477627][T20117]  ? kernel_clone+0x21e/0x9e0
[  583.482139][T20117]  ? do_syscall_64+0x3d/0xb0
[  583.486566][T20117]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  583.492475][T20117]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.498114][T20117]  ? pfn_valid+0x1e0/0x1e0
[  583.502364][T20117]  ? irqentry_exit+0x30/0x40
[  583.506807][T20117]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.512519][T20117]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  583.518076][T20117]  ? __rb_insert_augmented+0x5de/0x610
[  583.523373][T20117]  copy_mm+0xc7e/0x13e0
[  583.527359][T20117]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  583.533355][T20117]  ? copy_signal+0x610/0x610
[  583.537774][T20117]  ? __init_rwsem+0xd6/0x1c0
[  583.542201][T20117]  ? copy_signal+0x4e3/0x610
[  583.546628][T20117]  copy_process+0x1149/0x3290
[  583.551148][T20117]  ? timerqueue_add+0x250/0x270
[  583.555831][T20117]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  583.560775][T20117]  ? enqueue_hrtimer+0xca/0x240
[  583.565479][T20117]  ? __hrtimer_run_queues+0x46b/0xad0
[  583.570672][T20117]  kernel_clone+0x21e/0x9e0
[  583.575010][T20117]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.580649][T20117]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  583.586641][T20117]  ? create_io_thread+0x1e0/0x1e0
[  583.591502][T20117]  ? memset_erms+0xb/0x10
[  583.595666][T20117]  __x64_sys_clone+0x23f/0x290
[  583.600268][T20117]  ? __do_sys_vfork+0x130/0x130
[  583.604956][T20117]  ? debug_smp_processor_id+0x17/0x20
[  583.610168][T20117]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  583.616188][T20117]  ? exit_to_user_mode_prepare+0x39/0xa0
[  583.621640][T20117]  do_syscall_64+0x3d/0xb0
[  583.625892][T20117]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  583.631536][T20117]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  583.637264][T20117] RIP: 0033:0x7f7b6d82fda9
[  583.641519][T20117] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  583.660962][T20117] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  583.669203][T20117] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:19 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x43244580, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x43244580, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

06:59:19 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x17, &(0x7f0000000280)=@raw=[@tail_call, @alu={0x7, 0x1, 0x4, 0xb, 0x2, 0xf180bde897952bff, 0x1}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @generic={0xfd, 0x8, 0x7, 0x9, 0x6}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001}, @generic={0x80, 0xe, 0x1, 0x401, 0xfffffc01}, @call={0x85, 0x0, 0x0, 0x11}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x1f248e97, 0x89, &(0x7f0000000340)=""/137, 0x40f00, 0x42, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x9, 0x5, 0x626}, 0x10, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000400)=[{0x2, 0x2, 0x6, 0xb}, {0x0, 0x3, 0x2, 0xa}, {0x4, 0x1, 0xc, 0x9}, {0x3, 0x2, 0x3, 0x1}, {0x5, 0x3, 0xb, 0x3}, {0x1, 0x5, 0x5, 0x4}, {0x0, 0x1, 0xc, 0x3}], 0x10, 0x8}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1, &(0x7f00000000c0)=@raw=[@jmp={0x5, 0x1, 0x7, 0x1, 0xb, 0xfffffffffffffff4}], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x3, 0xf, 0x2119, 0x8001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0, 0x10, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:19 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:19 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x17, &(0x7f0000000280)=@raw=[@tail_call, @alu={0x7, 0x1, 0x4, 0xb, 0x2, 0xf180bde897952bff, 0x1}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @generic={0xfd, 0x8, 0x7, 0x9, 0x6}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001}, @generic={0x80, 0xe, 0x1, 0x401, 0xfffffc01}, @call={0x85, 0x0, 0x0, 0x11}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000000)='syzkaller\x00', 0x1f248e97, 0x89, &(0x7f0000000340)=""/137, 0x40f00, 0x42, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x9, 0x5, 0x626}, 0x10, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000400)=[{0x2, 0x2, 0x6, 0xb}, {0x0, 0x3, 0x2, 0xa}, {0x4, 0x1, 0xc, 0x9}, {0x3, 0x2, 0x3, 0x1}, {0x5, 0x3, 0xb, 0x3}, {0x1, 0x5, 0x5, 0x4}, {0x0, 0x1, 0xc, 0x3}], 0x10, 0x8}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1, &(0x7f00000000c0)=@raw=[@jmp={0x5, 0x1, 0x7, 0x1, 0xb, 0xfffffffffffffff4}], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x3, 0xf, 0x2119, 0x8001}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0, 0x10, 0x1}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:19 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 59)

[  583.677014][T20117] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  583.684823][T20117] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  583.692634][T20117] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  583.700454][T20117] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  583.708270][T20117]  </TASK>
06:59:19 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2c00, 0x43451)

[  583.796925][T20133] FAULT_INJECTION: forcing a failure.
[  583.796925][T20133] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  583.810929][T20133] CPU: 0 PID: 20133 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  583.822481][T20133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  583.832377][T20133] Call Trace:
[  583.835501][T20133]  <TASK>
[  583.838274][T20133]  dump_stack_lvl+0x151/0x1b7
[  583.842789][T20133]  ? io_uring_drop_tctx_refs+0x190/0x190
[  583.848265][T20133]  dump_stack+0x15/0x17
[  583.852264][T20133]  should_fail+0x3c6/0x510
[  583.856505][T20133]  should_fail_alloc_page+0x5a/0x80
[  583.861543][T20133]  prepare_alloc_pages+0x15c/0x700
[  583.866486][T20133]  ? __alloc_pages_bulk+0xe40/0xe40
[  583.871521][T20133]  __alloc_pages+0x18c/0x8f0
[  583.875946][T20133]  ? prep_new_page+0x110/0x110
[  583.880543][T20133]  ? __kasan_check_write+0x14/0x20
[  583.885497][T20133]  ? _raw_spin_lock+0xa4/0x1b0
[  583.890095][T20133]  pte_alloc_one+0x73/0x1b0
[  583.894436][T20133]  ? pfn_modify_allowed+0x2f0/0x2f0
[  583.899461][T20133]  ? __pmd_alloc+0x48d/0x550
[  583.903887][T20133]  __pte_alloc+0x86/0x350
[  583.908060][T20133]  ? __pud_alloc+0x260/0x260
[  583.912489][T20133]  ? __pud_alloc+0x213/0x260
[  583.916907][T20133]  ? free_pgtables+0x280/0x280
[  583.921506][T20133]  ? do_handle_mm_fault+0x2330/0x2330
[  583.926716][T20133]  ? __stack_depot_save+0x34/0x470
[  583.931659][T20133]  copy_page_range+0x28a8/0x2f90
[  583.936433][T20133]  ? __kasan_slab_alloc+0xb1/0xe0
[  583.941291][T20133]  ? slab_post_alloc_hook+0x53/0x2c0
[  583.946414][T20133]  ? kernel_clone+0x21e/0x9e0
[  583.950930][T20133]  ? do_syscall_64+0x3d/0xb0
[  583.955355][T20133]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  583.961353][T20133]  ? pfn_valid+0x1e0/0x1e0
[  583.965594][T20133]  ? __vma_link_rb+0x4c5/0x550
[  583.970197][T20133]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  583.975754][T20133]  ? __rb_insert_augmented+0x5de/0x610
[  583.981047][T20133]  copy_mm+0xc7e/0x13e0
[  583.985042][T20133]  ? copy_signal+0x610/0x610
[  583.989463][T20133]  ? __init_rwsem+0xd6/0x1c0
[  583.993890][T20133]  ? copy_signal+0x4e3/0x610
[  583.998315][T20133]  copy_process+0x1149/0x3290
[  584.002835][T20133]  ? timerqueue_add+0x250/0x270
[  584.007605][T20133]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  584.012552][T20133]  kernel_clone+0x21e/0x9e0
[  584.016892][T20133]  ? create_io_thread+0x1e0/0x1e0
[  584.021752][T20133]  __x64_sys_clone+0x23f/0x290
[  584.026349][T20133]  ? __do_sys_vfork+0x130/0x130
[  584.031054][T20133]  ? debug_smp_processor_id+0x17/0x20
[  584.036245][T20133]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  584.042153][T20133]  ? exit_to_user_mode_prepare+0x39/0xa0
[  584.047615][T20133]  do_syscall_64+0x3d/0xb0
[  584.051865][T20133]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  584.057508][T20133]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  584.063237][T20133] RIP: 0033:0x7f7b6d82fda9
[  584.067492][T20133] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  584.086932][T20133] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:19 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 60)

06:59:19 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:19 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffffffffffe0a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={&(0x7f00000002c0)=""/74, 0x4a, <r3=>0x0, &(0x7f0000000340)=""/101, 0x65}}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_fd={0x18, 0x3}, @alu={0x4, 0x0, 0xb, 0x7, 0x4, 0x6, 0x4}, @call={0x85, 0x0, 0x0, 0xd4}, @generic={0x8, 0x4, 0xd, 0x4, 0x6}]}, &(0x7f00000004c0)='GPL\x00', 0x7, 0x4f, &(0x7f0000000500)=""/79, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000005c0)=[r0, r0, r0, r0, r0, r0], &(0x7f0000000600)=[{0x1, 0x1, 0x3, 0x3}, {0x3, 0x1, 0x9, 0x1}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0x14, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x401}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000180)='syzkaller\x00', 0x52fa, 0x5c, &(0x7f00000001c0)=""/92, 0x40e00, 0x1, '\x00', 0x0, 0x12, r2, 0x8, &(0x7f0000000240)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xa, 0x8, 0x1}, 0x10, r3, r4, 0x9, &(0x7f0000000700)=[r0, r0, r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x3, 0x2, 0x9, 0x9}, {0x5, 0x4, 0x9, 0x7}, {0x3, 0x1, 0x5}, {0x1, 0x2, 0xf, 0x9}, {0x4, 0x2, 0x7, 0x9}, {0x1, 0x3, 0xd, 0x6}, {0x2, 0x3, 0xe, 0x3}, {0x1, 0x4, 0x8, 0x4}, {0x1, 0x9a, 0xe, 0xa}], 0x10, 0xe2}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  584.095177][T20133] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  584.102987][T20133] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  584.110798][T20133] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  584.118611][T20133] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  584.126510][T20133] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  584.134324][T20133]  </TASK>
06:59:19 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2d00, 0x43451)

06:59:19 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffffffffffe0a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={&(0x7f00000002c0)=""/74, 0x4a, <r3=>0x0, &(0x7f0000000340)=""/101, 0x65}}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_fd={0x18, 0x3}, @alu={0x4, 0x0, 0xb, 0x7, 0x4, 0x6, 0x4}, @call={0x85, 0x0, 0x0, 0xd4}, @generic={0x8, 0x4, 0xd, 0x4, 0x6}]}, &(0x7f00000004c0)='GPL\x00', 0x7, 0x4f, &(0x7f0000000500)=""/79, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000005c0)=[r0, r0, r0, r0, r0, r0], &(0x7f0000000600)=[{0x1, 0x1, 0x3, 0x3}, {0x3, 0x1, 0x9, 0x1}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0x14, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x401}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000180)='syzkaller\x00', 0x52fa, 0x5c, &(0x7f00000001c0)=""/92, 0x40e00, 0x1, '\x00', 0x0, 0x12, r2, 0x8, &(0x7f0000000240)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xa, 0x8, 0x1}, 0x10, r3, r4, 0x9, &(0x7f0000000700)=[r0, r0, r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x3, 0x2, 0x9, 0x9}, {0x5, 0x4, 0x9, 0x7}, {0x3, 0x1, 0x5}, {0x1, 0x2, 0xf, 0x9}, {0x4, 0x2, 0x7, 0x9}, {0x1, 0x3, 0xd, 0x6}, {0x2, 0x3, 0xe, 0x3}, {0x1, 0x4, 0x8, 0x4}, {0x1, 0x9a, 0xe, 0xa}], 0x10, 0xe2}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffffffffffe0a) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={&(0x7f00000002c0)=""/74, 0x4a, 0x0, &(0x7f0000000340)=""/101, 0x65}}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_fd={0x18, 0x3}, @alu={0x4, 0x0, 0xb, 0x7, 0x4, 0x6, 0x4}, @call={0x85, 0x0, 0x0, 0xd4}, @generic={0x8, 0x4, 0xd, 0x4, 0x6}]}, &(0x7f00000004c0)='GPL\x00', 0x7, 0x4f, &(0x7f0000000500)=""/79, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000005c0)=[r0, r0, r0, r0, r0, r0], &(0x7f0000000600)=[{0x1, 0x1, 0x3, 0x3}, {0x3, 0x1, 0x9, 0x1}], 0x10, 0x9}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0x14, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x401}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000180)='syzkaller\x00', 0x52fa, 0x5c, &(0x7f00000001c0)=""/92, 0x40e00, 0x1, '\x00', 0x0, 0x12, r2, 0x8, &(0x7f0000000240)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xa, 0x8, 0x1}, 0x10, r3, r4, 0x9, &(0x7f0000000700)=[r0, r0, r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x3, 0x2, 0x9, 0x9}, {0x5, 0x4, 0x9, 0x7}, {0x3, 0x1, 0x5}, {0x1, 0x2, 0xf, 0x9}, {0x4, 0x2, 0x7, 0x9}, {0x1, 0x3, 0xd, 0x6}, {0x2, 0x3, 0xe, 0x3}, {0x1, 0x4, 0x8, 0x4}, {0x1, 0x9a, 0xe, 0xa}], 0x10, 0xe2}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:19 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180)) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

[  584.249563][T20153] FAULT_INJECTION: forcing a failure.
[  584.249563][T20153] name failslab, interval 1, probability 0, space 0, times 0
[  584.264236][T20153] CPU: 1 PID: 20153 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  584.275785][T20153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  584.285678][T20153] Call Trace:
[  584.288800][T20153]  <TASK>
[  584.291580][T20153]  dump_stack_lvl+0x151/0x1b7
[  584.296106][T20153]  ? io_uring_drop_tctx_refs+0x190/0x190
[  584.301563][T20153]  dump_stack+0x15/0x17
[  584.305551][T20153]  should_fail+0x3c6/0x510
[  584.309805][T20153]  __should_failslab+0xa4/0xe0
[  584.314406][T20153]  ? vm_area_dup+0x26/0x230
[  584.318748][T20153]  should_failslab+0x9/0x20
[  584.323085][T20153]  slab_pre_alloc_hook+0x37/0xd0
[  584.327860][T20153]  ? vm_area_dup+0x26/0x230
[  584.332200][T20153]  kmem_cache_alloc+0x44/0x200
[  584.336812][T20153]  vm_area_dup+0x26/0x230
[  584.340964][T20153]  copy_mm+0x9a1/0x13e0
[  584.344958][T20153]  ? copy_signal+0x610/0x610
[  584.349381][T20153]  ? __init_rwsem+0xd6/0x1c0
[  584.353809][T20153]  ? copy_signal+0x4e3/0x610
[  584.358238][T20153]  copy_process+0x1149/0x3290
[  584.362752][T20153]  ? timerqueue_add+0x250/0x270
[  584.367435][T20153]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  584.372383][T20153]  ? enqueue_hrtimer+0xca/0x240
[  584.377159][T20153]  ? __hrtimer_run_queues+0x46b/0xad0
[  584.382375][T20153]  kernel_clone+0x21e/0x9e0
[  584.386704][T20153]  ? create_io_thread+0x1e0/0x1e0
[  584.391566][T20153]  ? clockevents_program_event+0x22f/0x300
[  584.397206][T20153]  __x64_sys_clone+0x23f/0x290
[  584.401806][T20153]  ? __do_sys_vfork+0x130/0x130
[  584.406498][T20153]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  584.412309][T20153]  do_syscall_64+0x3d/0xb0
[  584.416559][T20153]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  584.422203][T20153]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  584.427929][T20153] RIP: 0033:0x7f7b6d82fda9
[  584.432272][T20153] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  584.451715][T20153] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  584.459957][T20153] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  584.467767][T20153] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  584.475581][T20153] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  584.483392][T20153] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  584.491207][T20153] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
06:59:19 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffffffffffe0a) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={&(0x7f00000002c0)=""/74, 0x4a, <r3=>0x0, &(0x7f0000000340)=""/101, 0x65}}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_fd={0x18, 0x3}, @alu={0x4, 0x0, 0xb, 0x7, 0x4, 0x6, 0x4}, @call={0x85, 0x0, 0x0, 0xd4}, @generic={0x8, 0x4, 0xd, 0x4, 0x6}]}, &(0x7f00000004c0)='GPL\x00', 0x7, 0x4f, &(0x7f0000000500)=""/79, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000005c0)=[r0, r0, r0, r0, r0, r0], &(0x7f0000000600)=[{0x1, 0x1, 0x3, 0x3}, {0x3, 0x1, 0x9, 0x1}], 0x10, 0x9}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0x14, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x401}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000180)='syzkaller\x00', 0x52fa, 0x5c, &(0x7f00000001c0)=""/92, 0x40e00, 0x1, '\x00', 0x0, 0x12, r2, 0x8, &(0x7f0000000240)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xa, 0x8, 0x1}, 0x10, r3, r4, 0x9, &(0x7f0000000700)=[r0, r0, r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x3, 0x2, 0x9, 0x9}, {0x5, 0x4, 0x9, 0x7}, {0x3, 0x1, 0x5}, {0x1, 0x2, 0xf, 0x9}, {0x4, 0x2, 0x7, 0x9}, {0x1, 0x3, 0xd, 0x6}, {0x2, 0x3, 0xe, 0x3}, {0x1, 0x4, 0x8, 0x4}, {0x1, 0x9a, 0xe, 0xa}], 0x10, 0xe2}, 0x90) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 64)

[  584.499035][T20153]  </TASK>
06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2e00, 0x43451)

06:59:20 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 61)

06:59:20 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000180)) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x2f00, 0x43451)

[  584.624841][T20186] FAULT_INJECTION: forcing a failure.
[  584.624841][T20186] name failslab, interval 1, probability 0, space 0, times 0
[  584.649297][T20186] CPU: 1 PID: 20186 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  584.660858][T20186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  584.670755][T20186] Call Trace:
[  584.673875][T20186]  <TASK>
[  584.676655][T20186]  dump_stack_lvl+0x151/0x1b7
[  584.681176][T20186]  ? io_uring_drop_tctx_refs+0x190/0x190
[  584.686641][T20186]  ? irqentry_exit+0x30/0x40
[  584.691068][T20186]  dump_stack+0x15/0x17
[  584.695064][T20186]  should_fail+0x3c6/0x510
[  584.699308][T20186]  __should_failslab+0xa4/0xe0
[  584.703907][T20186]  ? vm_area_dup+0x26/0x230
[  584.708261][T20186]  should_failslab+0x9/0x20
[  584.712587][T20186]  slab_pre_alloc_hook+0x37/0xd0
[  584.717359][T20186]  ? vm_area_dup+0x26/0x230
[  584.721697][T20186]  kmem_cache_alloc+0x44/0x200
[  584.726299][T20186]  vm_area_dup+0x26/0x230
[  584.730468][T20186]  copy_mm+0x9a1/0x13e0
[  584.734474][T20186]  ? copy_signal+0x610/0x610
[  584.738880][T20186]  ? __init_rwsem+0xd6/0x1c0
[  584.743314][T20186]  ? copy_signal+0x4e3/0x610
[  584.747738][T20186]  copy_process+0x1149/0x3290
[  584.752269][T20186]  ? timerqueue_add+0x250/0x270
[  584.756937][T20186]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  584.761903][T20186]  ? enqueue_hrtimer+0xca/0x240
[  584.766567][T20186]  ? __hrtimer_run_queues+0x46b/0xad0
[  584.771777][T20186]  kernel_clone+0x21e/0x9e0
[  584.776117][T20186]  ? irqentry_exit+0x30/0x40
[  584.780547][T20186]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  584.786199][T20186]  ? create_io_thread+0x1e0/0x1e0
[  584.791051][T20186]  __x64_sys_clone+0x23f/0x290
[  584.795644][T20186]  ? __do_sys_vfork+0x130/0x130
[  584.800333][T20186]  ? debug_smp_processor_id+0x17/0x20
[  584.805536][T20186]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  584.811461][T20186]  ? exit_to_user_mode_prepare+0x39/0xa0
[  584.816912][T20186]  do_syscall_64+0x3d/0xb0
[  584.821160][T20186]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  584.826825][T20186]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  584.832535][T20186] RIP: 0033:0x7f7b6d82fda9
[  584.836801][T20186] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  584.856234][T20186] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  584.864473][T20186] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:20 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r4=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000), 0xfdef)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r8], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x248800)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r9, r10, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3000, 0x43451)

[  584.872286][T20186] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  584.880088][T20186] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  584.887906][T20186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  584.895741][T20186] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  584.903672][T20186]  </TASK>
06:59:20 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000522600002020207b1af8ff00000000bfa181000000000007010000f8ffffffb70200000001fe00b7030000deab44f4850000002d00000095999f4dffc85f59c620d45afa630342198b4eb309e2ee26f9aaa1225c805d84708629a47f23fc4f54b6a6cc31204782a99ae9752fbbebfb4824483aa040f87ca5a4"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000180))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0xffffff77, 0x0, 0xffffffffffffffff, 0x1628, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x4030582a, &(0x7f0000000040))
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200)=0x40000, 0x43405)
r8 = openat$cgroup_ro(r7, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffff61, 0x0, 0x0, 0xfffffffffffffcc9, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xc, 0x19, &(0x7f00000003c0)=@raw=[@map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x6}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @map_val={0x18, 0x5, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}}], &(0x7f0000000680)='GPL\x00', 0x2, 0x4, &(0x7f00000004c0)=""/4, 0x41000, 0x60, '\x00', r9, 0x4, r6, 0x8, &(0x7f0000000540)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x1, 0x10, 0x3, 0x8}, 0x10, 0x0, r10, 0x2, &(0x7f00000005c0)=[r6, r8], &(0x7f0000000600)=[{0x0, 0x3, 0x6, 0x5}, {0x3, 0x3, 0x8, 0x3}], 0x10, 0xfc000000}, 0x90)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000640)={0xffffffffffffffff, 0x1000, 0x8}, 0xc)
r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x20, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xffffffff}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @map_val={0x18, 0x7, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x4}, @exit, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, @alu={0x7, 0x0, 0xd, 0xb, 0xb, 0xffffffffffffffe0, 0x4}, @map_fd={0x18, 0x1, 0x1, 0x0, r5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xac, &(0x7f00000004c0)=""/172, 0x41000, 0x0, '\x00', r9, 0x27, r11, 0x8, &(0x7f00000005c0)={0x9, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, &(0x7f0000000680)=[r12, r13, r14], &(0x7f00000006c0)=[{0x1, 0x4, 0xe, 0xa}, {0x5, 0x3, 0x3, 0x3}], 0x10, 0xfb11}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={r13, 0x58, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r15=>0x0}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c80)={{r12, <r16=>0xffffffffffffffff}, &(0x7f0000000c00), &(0x7f0000000c40)='%+9llu \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x5, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, [@cb_func={0x18, 0x0, 0x4, 0x0, 0x1}]}, &(0x7f0000000900)='GPL\x00', 0x77, 0xc7, &(0x7f0000000a40)=""/199, 0x41000, 0x1b, '\x00', r15, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000bc0)={0x0, 0xb, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000cc0)=[r16, r12, r8, r11, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x5, 0x3, 0x2, 0x2}], 0x10, 0x9}, 0x90)

06:59:20 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 62)

06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3100, 0x43451)

06:59:20 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000522600002020207b1af8ff00000000bfa181000000000007010000f8ffffffb70200000001fe00b7030000deab44f4850000002d00000095999f4dffc85f59c620d45afa630342198b4eb309e2ee26f9aaa1225c805d84708629a47f23fc4f54b6a6cc31204782a99ae9752fbbebfb4824483aa040f87ca5a4"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000180)) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0xffffff77, 0x0, 0xffffffffffffffff, 0x1628, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x4030582a, &(0x7f0000000040)) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200)=0x40000, 0x43405)
r8 = openat$cgroup_ro(r7, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffff61, 0x0, 0x0, 0xfffffffffffffcc9, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xc, 0x19, &(0x7f00000003c0)=@raw=[@map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x6}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @map_val={0x18, 0x5, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}}], &(0x7f0000000680)='GPL\x00', 0x2, 0x4, &(0x7f00000004c0)=""/4, 0x41000, 0x60, '\x00', r9, 0x4, r6, 0x8, &(0x7f0000000540)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x1, 0x10, 0x3, 0x8}, 0x10, 0x0, r10, 0x2, &(0x7f00000005c0)=[r6, r8], &(0x7f0000000600)=[{0x0, 0x3, 0x6, 0x5}, {0x3, 0x3, 0x8, 0x3}], 0x10, 0xfc000000}, 0x90)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0xffffffffffffffff, 0x4, 0x10}, 0xc) (async)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000640)={0xffffffffffffffff, 0x1000, 0x8}, 0xc) (async)
r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x20, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xffffffff}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @map_val={0x18, 0x7, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x4}, @exit, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, @alu={0x7, 0x0, 0xd, 0xb, 0xb, 0xffffffffffffffe0, 0x4}, @map_fd={0x18, 0x1, 0x1, 0x0, r5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xac, &(0x7f00000004c0)=""/172, 0x41000, 0x0, '\x00', r9, 0x27, r11, 0x8, &(0x7f00000005c0)={0x9, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, &(0x7f0000000680)=[r12, r13, r14], &(0x7f00000006c0)=[{0x1, 0x4, 0xe, 0xa}, {0x5, 0x3, 0x3, 0x3}], 0x10, 0xfb11}, 0x90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={r13, 0x58, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r15=>0x0}}, 0x10) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c80)={{r12, <r16=>0xffffffffffffffff}, &(0x7f0000000c00), &(0x7f0000000c40)='%+9llu \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x5, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, [@cb_func={0x18, 0x0, 0x4, 0x0, 0x1}]}, &(0x7f0000000900)='GPL\x00', 0x77, 0xc7, &(0x7f0000000a40)=""/199, 0x41000, 0x1b, '\x00', r15, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000bc0)={0x0, 0xb, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000cc0)=[r16, r12, r8, r11, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x5, 0x3, 0x2, 0x2}], 0x10, 0x9}, 0x90)

[  585.049058][T20214] FAULT_INJECTION: forcing a failure.
[  585.049058][T20214] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  585.062947][T20214] CPU: 0 PID: 20214 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  585.074505][T20214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  585.084399][T20214] Call Trace:
[  585.087522][T20214]  <TASK>
[  585.090298][T20214]  dump_stack_lvl+0x151/0x1b7
[  585.094811][T20214]  ? io_uring_drop_tctx_refs+0x190/0x190
[  585.100279][T20214]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  585.105918][T20214]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  585.111911][T20214]  dump_stack+0x15/0x17
[  585.115900][T20214]  should_fail+0x3c6/0x510
[  585.120154][T20214]  should_fail_alloc_page+0x5a/0x80
[  585.125185][T20214]  prepare_alloc_pages+0x15c/0x700
[  585.130138][T20214]  ? __alloc_pages_bulk+0xe40/0xe40
[  585.135167][T20214]  ? sched_clock+0x9/0x10
[  585.139353][T20214]  __alloc_pages+0x18c/0x8f0
[  585.143779][T20214]  ? prep_new_page+0x110/0x110
[  585.148365][T20214]  pte_alloc_one+0x73/0x1b0
[  585.152702][T20214]  ? pfn_modify_allowed+0x2f0/0x2f0
[  585.157735][T20214]  ? preempt_schedule+0xd9/0xe0
[  585.162418][T20214]  ? preempt_schedule_common+0xbe/0xf0
[  585.167717][T20214]  __pte_alloc+0x86/0x350
[  585.171883][T20214]  ? free_pgtables+0x280/0x280
[  585.176481][T20214]  ? _raw_spin_lock+0xa4/0x1b0
[  585.181085][T20214]  ? __kasan_check_write+0x14/0x20
[  585.186034][T20214]  copy_page_range+0x28a8/0x2f90
[  585.190805][T20214]  ? __kasan_slab_alloc+0xb1/0xe0
[  585.195674][T20214]  ? pfn_valid+0x1e0/0x1e0
[  585.199919][T20214]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  585.205474][T20214]  ? __rb_insert_augmented+0x5de/0x610
[  585.210770][T20214]  copy_mm+0xc7e/0x13e0
[  585.214757][T20214]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  585.220754][T20214]  ? copy_signal+0x610/0x610
[  585.225176][T20214]  ? __init_rwsem+0xd6/0x1c0
[  585.229598][T20214]  ? copy_signal+0x4e3/0x610
[  585.234028][T20214]  copy_process+0x1149/0x3290
[  585.238538][T20214]  ? irqentry_exit+0x30/0x40
[  585.242973][T20214]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  585.247913][T20214]  ? vfs_write+0x9ec/0x1110
[  585.252251][T20214]  ? __hrtimer_run_queues+0x46b/0xad0
[  585.257461][T20214]  kernel_clone+0x21e/0x9e0
[  585.261799][T20214]  ? create_io_thread+0x1e0/0x1e0
[  585.266749][T20214]  ? mutex_unlock+0xb2/0x260
[  585.271188][T20214]  ? __mutex_lock_slowpath+0x10/0x10
[  585.276293][T20214]  __x64_sys_clone+0x23f/0x290
[  585.280897][T20214]  ? __do_sys_vfork+0x130/0x130
[  585.285587][T20214]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  585.291398][T20214]  do_syscall_64+0x3d/0xb0
[  585.295655][T20214]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  585.301288][T20214]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  585.307021][T20214] RIP: 0033:0x7f7b6d82fda9
[  585.311274][T20214] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  585.330712][T20214] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  585.338978][T20214] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3200, 0x43451)

06:59:20 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 63)

06:59:20 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000522600002020207b1af8ff00000000bfa181000000000007010000f8ffffffb70200000001fe00b7030000deab44f4850000002d00000095999f4dffc85f59c620d45afa630342198b4eb309e2ee26f9aaa1225c805d84708629a47f23fc4f54b6a6cc31204782a99ae9752fbbebfb4824483aa040f87ca5a4"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000180)) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20) (async)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0xffffff77, 0x0, 0xffffffffffffffff, 0x1628, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x4030582a, &(0x7f0000000040)) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200)=0x40000, 0x43405)
r8 = openat$cgroup_ro(r7, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffff61, 0x0, 0x0, 0xfffffffffffffcc9, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xc, 0x19, &(0x7f00000003c0)=@raw=[@map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x6}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @map_val={0x18, 0x5, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}}], &(0x7f0000000680)='GPL\x00', 0x2, 0x4, &(0x7f00000004c0)=""/4, 0x41000, 0x60, '\x00', r9, 0x4, r6, 0x8, &(0x7f0000000540)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x1, 0x10, 0x3, 0x8}, 0x10, 0x0, r10, 0x2, &(0x7f00000005c0)=[r6, r8], &(0x7f0000000600)=[{0x0, 0x3, 0x6, 0x5}, {0x3, 0x3, 0x8, 0x3}], 0x10, 0xfc000000}, 0x90) (async)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0xffffffffffffffff, 0x4, 0x10}, 0xc) (async)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000640)={0xffffffffffffffff, 0x1000, 0x8}, 0xc) (async)
r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x20, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xffffffff}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @map_val={0x18, 0x7, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x4}, @exit, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, @alu={0x7, 0x0, 0xd, 0xb, 0xb, 0xffffffffffffffe0, 0x4}, @map_fd={0x18, 0x1, 0x1, 0x0, r5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xac, &(0x7f00000004c0)=""/172, 0x41000, 0x0, '\x00', r9, 0x27, r11, 0x8, &(0x7f00000005c0)={0x9, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, &(0x7f0000000680)=[r12, r13, r14], &(0x7f00000006c0)=[{0x1, 0x4, 0xe, 0xa}, {0x5, 0x3, 0x3, 0x3}], 0x10, 0xfb11}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={r13, 0x58, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r15=>0x0}}, 0x10) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c80)={{r12, <r16=>0xffffffffffffffff}, &(0x7f0000000c00), &(0x7f0000000c40)='%+9llu \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x5, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, [@cb_func={0x18, 0x0, 0x4, 0x0, 0x1}]}, &(0x7f0000000900)='GPL\x00', 0x77, 0xc7, &(0x7f0000000a40)=""/199, 0x41000, 0x1b, '\x00', r15, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000bc0)={0x0, 0xb, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000cc0)=[r16, r12, r8, r11, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x5, 0x3, 0x2, 0x2}], 0x10, 0x9}, 0x90)

[  585.346862][T20214] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  585.354668][T20214] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  585.362478][T20214] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  585.370290][T20214] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  585.378109][T20214]  </TASK>
06:59:20 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x3, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x98, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x6, '\x00', r1, r2, 0x4, 0x4, 0x3}, 0x48)
syz_clone(0x800400, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3300, 0x43451)

06:59:20 executing program 2:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x3, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x98, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x6, '\x00', r1, r2, 0x4, 0x4, 0x3}, 0x48)
syz_clone(0x800400, 0x0, 0x0, 0x0, 0x0, 0x0)

[  585.457853][T20235] FAULT_INJECTION: forcing a failure.
[  585.457853][T20235] name failslab, interval 1, probability 0, space 0, times 0
[  585.485493][T20235] CPU: 1 PID: 20235 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  585.497142][T20235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  585.507039][T20235] Call Trace:
[  585.510176][T20235]  <TASK>
[  585.512936][T20235]  dump_stack_lvl+0x151/0x1b7
[  585.517456][T20235]  ? io_uring_drop_tctx_refs+0x190/0x190
[  585.522918][T20235]  dump_stack+0x15/0x17
[  585.526910][T20235]  should_fail+0x3c6/0x510
[  585.531163][T20235]  __should_failslab+0xa4/0xe0
[  585.535763][T20235]  ? vm_area_dup+0x26/0x230
[  585.540101][T20235]  should_failslab+0x9/0x20
[  585.544449][T20235]  slab_pre_alloc_hook+0x37/0xd0
[  585.549217][T20235]  ? vm_area_dup+0x26/0x230
[  585.553555][T20235]  kmem_cache_alloc+0x44/0x200
[  585.558158][T20235]  vm_area_dup+0x26/0x230
[  585.562324][T20235]  copy_mm+0x9a1/0x13e0
[  585.566320][T20235]  ? copy_signal+0x610/0x610
[  585.570753][T20235]  ? __init_rwsem+0xd6/0x1c0
[  585.575188][T20235]  ? copy_signal+0x4e3/0x610
[  585.579595][T20235]  copy_process+0x1149/0x3290
[  585.584120][T20235]  ? irqentry_exit+0x30/0x40
[  585.588546][T20235]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  585.593493][T20235]  ? kernel_clone+0x7a/0x9e0
[  585.597914][T20235]  kernel_clone+0x21e/0x9e0
[  585.602250][T20235]  ? create_io_thread+0x1e0/0x1e0
[  585.607106][T20235]  ? clockevents_program_event+0x22f/0x300
[  585.612751][T20235]  __x64_sys_clone+0x23f/0x290
[  585.617350][T20235]  ? __do_sys_vfork+0x130/0x130
[  585.622043][T20235]  ? debug_smp_processor_id+0x17/0x20
[  585.627245][T20235]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  585.633150][T20235]  ? exit_to_user_mode_prepare+0x39/0xa0
[  585.638614][T20235]  do_syscall_64+0x3d/0xb0
[  585.642865][T20235]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  585.648589][T20235]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  585.654322][T20235] RIP: 0033:0x7f7b6d82fda9
[  585.658571][T20235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  585.678120][T20235] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  585.686345][T20235] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  585.694157][T20235] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:21 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000003b01000020000000de00000000202020651af8ff00000000bfa110000000000007010000f8ffffffb702000000000000b7034000deab44f4850000002d00000095e01d7381fb1839be2713a5c8fa79053f53ac817399b5586f18a9b7b75a206c014b7d1880217002a96d34d319bfd687a1e7f8b491068ef9f8e08c670dbacccbd4c82b70f31f14cf7917027ea8ac4b8cb8da90a2460300000000000001f3b218be6f6fea2407f252c84d80c60b7ea0b4ec0c69d5b6ee5f11cb03481e05ec33eba07e08b6a1986e3cd0348c8e81b0b67ba9cfa60b0eac38e1c06c1450196087745938d256d670ea4ec020fbd9bae155a03b7ba1d2d6b096de0ecd6b7d4ad3d49c89421faebbaf15ef58463e56e6b8406d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1a, 0x9, 0x8001, 0xffff, 0x824, 0xffffffffffffffff, 0xac85, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r0, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240), &(0x7f0000000500)=[0x0, 0x0], 0x0, 0x4b, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xaf, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:21 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x3, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x98, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x6, '\x00', r1, r2, 0x4, 0x4, 0x3}, 0x48) (async, rerun: 64)
syz_clone(0x800400, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64)

06:59:21 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 64)

[  585.701966][T20235] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  585.709787][T20235] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  585.717591][T20235] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  585.725411][T20235]  </TASK>
06:59:21 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000003b01000020000000de00000000202020651af8ff00000000bfa110000000000007010000f8ffffffb702000000000000b7034000deab44f4850000002d00000095e01d7381fb1839be2713a5c8fa79053f53ac817399b5586f18a9b7b75a206c014b7d1880217002a96d34d319bfd687a1e7f8b491068ef9f8e08c670dbacccbd4c82b70f31f14cf7917027ea8ac4b8cb8da90a2460300000000000001f3b218be6f6fea2407f252c84d80c60b7ea0b4ec0c69d5b6ee5f11cb03481e05ec33eba07e08b6a1986e3cd0348c8e81b0b67ba9cfa60b0eac38e1c06c1450196087745938d256d670ea4ec020fbd9bae155a03b7ba1d2d6b096de0ecd6b7d4ad3d49c89421faebbaf15ef58463e56e6b8406d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1a, 0x9, 0x8001, 0xffff, 0x824, 0xffffffffffffffff, 0xac85, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r0, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240), &(0x7f0000000500)=[0x0, 0x0], 0x0, 0x4b, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xaf, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000003b01000020000000de00000000202020651af8ff00000000bfa110000000000007010000f8ffffffb702000000000000b7034000deab44f4850000002d00000095e01d7381fb1839be2713a5c8fa79053f53ac817399b5586f18a9b7b75a206c014b7d1880217002a96d34d319bfd687a1e7f8b491068ef9f8e08c670dbacccbd4c82b70f31f14cf7917027ea8ac4b8cb8da90a2460300000000000001f3b218be6f6fea2407f252c84d80c60b7ea0b4ec0c69d5b6ee5f11cb03481e05ec33eba07e08b6a1986e3cd0348c8e81b0b67ba9cfa60b0eac38e1c06c1450196087745938d256d670ea4ec020fbd9bae155a03b7ba1d2d6b096de0ecd6b7d4ad3d49c89421faebbaf15ef58463e56e6b8406d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1a, 0x9, 0x8001, 0xffff, 0x824, 0xffffffffffffffff, 0xac85, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r0, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240), &(0x7f0000000500)=[0x0, 0x0], 0x0, 0x4b, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xaf, 0x8, 0x8, &(0x7f0000000600)}}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)

06:59:21 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000003b01000020000000de00000000202020651af8ff00000000bfa110000000000007010000f8ffffffb702000000000000b7034000deab44f4850000002d00000095e01d7381fb1839be2713a5c8fa79053f53ac817399b5586f18a9b7b75a206c014b7d1880217002a96d34d319bfd687a1e7f8b491068ef9f8e08c670dbacccbd4c82b70f31f14cf7917027ea8ac4b8cb8da90a2460300000000000001f3b218be6f6fea2407f252c84d80c60b7ea0b4ec0c69d5b6ee5f11cb03481e05ec33eba07e08b6a1986e3cd0348c8e81b0b67ba9cfa60b0eac38e1c06c1450196087745938d256d670ea4ec020fbd9bae155a03b7ba1d2d6b096de0ecd6b7d4ad3d49c89421faebbaf15ef58463e56e6b8406d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1a, 0x9, 0x8001, 0xffff, 0x824, 0xffffffffffffffff, 0xac85, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r0, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240), &(0x7f0000000500)=[0x0, 0x0], 0x0, 0x4b, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xaf, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:21 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3400, 0x43451)

06:59:21 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000280)=r0}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x88300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000a00)='cpuacct.stat\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r3, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x29, &(0x7f0000000400)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x64, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xdb4, 0x0, 0x0, 0x0, 0x29}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0x3}]}, &(0x7f0000000200)='GPL\x00', 0xffffffff, 0xed, &(0x7f00000006c0)=""/237, 0x41100, 0x20, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000280)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x4, 0x1, 0x30, 0x80000000}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x16d0acb5}, 0x90)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1b, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf55, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@generic={0x5, 0x7, 0x8, 0x3, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query, @ldst={0x0, 0x99295ca7b3e2a512, 0x1, 0x3, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x1, 0x9, 0xfffffffffffffff4, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0xee3e49d83aa586e4, 0x14, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000480)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x9, 0x25a, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)=[{0x2, 0x4, 0x2, 0x7}, {0x0, 0x3, 0x8, 0x7}, {0x2, 0x3, 0x0, 0x8}], 0x10, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r0}, 0x10)

06:59:21 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  585.865594][T20285] FAULT_INJECTION: forcing a failure.
[  585.865594][T20285] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  585.897113][T20285] CPU: 0 PID: 20285 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  585.908679][T20285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  585.918576][T20285] Call Trace:
[  585.921695][T20285]  <TASK>
[  585.924475][T20285]  dump_stack_lvl+0x151/0x1b7
[  585.928988][T20285]  ? io_uring_drop_tctx_refs+0x190/0x190
[  585.934455][T20285]  ? _raw_spin_lock+0xa4/0x1b0
[  585.939055][T20285]  ? preempt_schedule+0xd9/0xe0
[  585.943755][T20285]  dump_stack+0x15/0x17
[  585.947736][T20285]  should_fail+0x3c6/0x510
[  585.951989][T20285]  should_fail_alloc_page+0x5a/0x80
[  585.957022][T20285]  prepare_alloc_pages+0x15c/0x700
[  585.961970][T20285]  ? __kasan_check_write+0x14/0x20
[  585.966917][T20285]  ? __alloc_pages_bulk+0xe40/0xe40
[  585.971946][T20285]  ? copy_page_range+0x2d59/0x2f90
[  585.976898][T20285]  __alloc_pages+0x18c/0x8f0
[  585.981320][T20285]  ? prep_new_page+0x110/0x110
[  585.985939][T20285]  new_slab+0x9a/0x4e0
[  585.989830][T20285]  ___slab_alloc+0x39e/0x830
[  585.994256][T20285]  ? vm_area_dup+0x26/0x230
[  585.998592][T20285]  ? vm_area_dup+0x26/0x230
[  586.002932][T20285]  ? vm_area_dup+0x26/0x230
[  586.007270][T20285]  __slab_alloc+0x4a/0x90
[  586.011438][T20285]  ? vm_area_dup+0x26/0x230
[  586.015775][T20285]  kmem_cache_alloc+0x134/0x200
[  586.020462][T20285]  vm_area_dup+0x26/0x230
[  586.024631][T20285]  copy_mm+0x9a1/0x13e0
[  586.028625][T20285]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  586.034273][T20285]  ? copy_signal+0x610/0x610
[  586.038689][T20285]  ? __init_rwsem+0xd6/0x1c0
[  586.043116][T20285]  ? copy_signal+0x4e3/0x610
[  586.047544][T20285]  copy_process+0x1149/0x3290
[  586.052059][T20285]  ? timerqueue_add+0x250/0x270
[  586.056743][T20285]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  586.061686][T20285]  ? enqueue_hrtimer+0xca/0x240
[  586.066372][T20285]  ? __hrtimer_run_queues+0x46b/0xad0
[  586.071718][T20285]  kernel_clone+0x21e/0x9e0
[  586.076064][T20285]  ? create_io_thread+0x1e0/0x1e0
[  586.080916][T20285]  ? clockevents_program_event+0x22f/0x300
[  586.086557][T20285]  __x64_sys_clone+0x23f/0x290
[  586.091150][T20285]  ? __do_sys_vfork+0x130/0x130
[  586.095841][T20285]  ? debug_smp_processor_id+0x17/0x20
[  586.101060][T20285]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  586.106949][T20285]  ? exit_to_user_mode_prepare+0x39/0xa0
[  586.112415][T20285]  do_syscall_64+0x3d/0xb0
[  586.116667][T20285]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  586.122308][T20285]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  586.128056][T20285] RIP: 0033:0x7f7b6d82fda9
[  586.132299][T20285] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  586.151742][T20285] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:21 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000280)=r0}, 0x20)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x88300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000a00)='cpuacct.stat\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r3, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x29, &(0x7f0000000400)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x64, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xdb4, 0x0, 0x0, 0x0, 0x29}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0x3}]}, &(0x7f0000000200)='GPL\x00', 0xffffffff, 0xed, &(0x7f00000006c0)=""/237, 0x41100, 0x20, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000280)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x4, 0x1, 0x30, 0x80000000}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x16d0acb5}, 0x90)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1b, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf55, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@generic={0x5, 0x7, 0x8, 0x3, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query, @ldst={0x0, 0x99295ca7b3e2a512, 0x1, 0x3, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x1, 0x9, 0xfffffffffffffff4, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0xee3e49d83aa586e4, 0x14, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000480)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x9, 0x25a, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)=[{0x2, 0x4, 0x2, 0x7}, {0x0, 0x3, 0x8, 0x7}, {0x2, 0x3, 0x0, 0x8}], 0x10, 0x4}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1b, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf55, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@generic={0x5, 0x7, 0x8, 0x3, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query, @ldst={0x0, 0x99295ca7b3e2a512, 0x1, 0x3, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x1, 0x9, 0xfffffffffffffff4, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0xee3e49d83aa586e4, 0x14, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000480)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x9, 0x25a, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)=[{0x2, 0x4, 0x2, 0x7}, {0x0, 0x3, 0x8, 0x7}, {0x2, 0x3, 0x0, 0x8}], 0x10, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r0}, 0x10)

[  586.159978][T20285] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  586.167790][T20285] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  586.175604][T20285] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  586.183420][T20285] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  586.191222][T20285] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  586.199045][T20285]  </TASK>
06:59:21 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3500, 0x43451)

06:59:21 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 65)

06:59:21 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000280)=r0}, 0x20) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0) (async)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x88300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000a00)='cpuacct.stat\x00', 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r3, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x29, &(0x7f0000000400)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x64, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xdb4, 0x0, 0x0, 0x0, 0x29}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0x3}]}, &(0x7f0000000200)='GPL\x00', 0xffffffff, 0xed, &(0x7f00000006c0)=""/237, 0x41100, 0x20, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000280)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x4, 0x1, 0x30, 0x80000000}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x16d0acb5}, 0x90) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1b, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf55, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@generic={0x5, 0x7, 0x8, 0x3, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query, @ldst={0x0, 0x99295ca7b3e2a512, 0x1, 0x3, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x1, 0x9, 0xfffffffffffffff4, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0xee3e49d83aa586e4, 0x14, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000480)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x9, 0x25a, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)=[{0x2, 0x4, 0x2, 0x7}, {0x0, 0x3, 0x8, 0x7}, {0x2, 0x3, 0x0, 0x8}], 0x10, 0x4}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r0}, 0x10)

06:59:21 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3600, 0x43451)

[  586.378241][T20325] FAULT_INJECTION: forcing a failure.
[  586.378241][T20325] name failslab, interval 1, probability 0, space 0, times 0
[  586.420788][T20325] CPU: 1 PID: 20325 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  586.432354][T20325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  586.442249][T20325] Call Trace:
[  586.445367][T20325]  <TASK>
[  586.448148][T20325]  dump_stack_lvl+0x151/0x1b7
[  586.452664][T20325]  ? io_uring_drop_tctx_refs+0x190/0x190
[  586.458135][T20325]  dump_stack+0x15/0x17
[  586.462119][T20325]  should_fail+0x3c6/0x510
[  586.466374][T20325]  __should_failslab+0xa4/0xe0
[  586.470974][T20325]  ? vm_area_dup+0x26/0x230
[  586.475309][T20325]  should_failslab+0x9/0x20
[  586.479648][T20325]  slab_pre_alloc_hook+0x37/0xd0
[  586.484424][T20325]  ? vm_area_dup+0x26/0x230
[  586.488759][T20325]  kmem_cache_alloc+0x44/0x200
[  586.493368][T20325]  vm_area_dup+0x26/0x230
[  586.497528][T20325]  copy_mm+0x9a1/0x13e0
[  586.501527][T20325]  ? copy_signal+0x610/0x610
[  586.505945][T20325]  ? copy_signal+0x4e6/0x610
[  586.510376][T20325]  copy_process+0x1149/0x3290
[  586.514891][T20325]  ? timerqueue_add+0x250/0x270
[  586.519571][T20325]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  586.524522][T20325]  ? enqueue_hrtimer+0xca/0x240
[  586.529204][T20325]  ? __hrtimer_run_queues+0x46b/0xad0
[  586.534414][T20325]  kernel_clone+0x21e/0x9e0
[  586.538753][T20325]  ? create_io_thread+0x1e0/0x1e0
[  586.543613][T20325]  ? clockevents_program_event+0x22f/0x300
[  586.549257][T20325]  __x64_sys_clone+0x23f/0x290
[  586.553859][T20325]  ? __do_sys_vfork+0x130/0x130
[  586.558547][T20325]  do_syscall_64+0x3d/0xb0
[  586.562796][T20325]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  586.568439][T20325]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  586.574166][T20325] RIP: 0033:0x7f7b6d82fda9
[  586.578419][T20325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  586.597859][T20325] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  586.606104][T20325] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  586.613913][T20325] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:22 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3700, 0x43451)

06:59:22 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x2b, &(0x7f00000000c0)=r1, 0x4)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x1d, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@jmp={0x5, 0x0, 0xc, 0x3, 0x0, 0x0, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x2b, &(0x7f00000000c0)=""/43, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x5, 0xe, 0xc44}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x80000000, <r4=>0x0}, 0x8)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x8}, 0xc)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0xb, 0x1, 0x7, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@cgroup=r1, r3, 0x1f, 0x8, 0x0, @link_id=r4, r6}, 0x20)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={r1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000007c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0], <r9=>0x0, 0x9a, &(0x7f0000000880)=[{}], 0x8, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x1d, &(0x7f0000000440)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @ldst={0x1, 0x3, 0x4, 0xa, 0x6, 0x50, 0x1}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3f}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_val={0x18, 0x9, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x2}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], &(0x7f0000000540)='GPL\x00', 0x80000000, 0xc5, &(0x7f0000000580)=""/197, 0x41100, 0x0, '\x00', r8, 0x25, r1, 0x8, &(0x7f0000000740)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0x5, 0x0, 0x7}, 0x10, r9, r3, 0x0, &(0x7f0000000ac0)=[r5, r1, r5], 0x0, 0x10, 0x3f}, 0x90)

[  586.621727][T20325] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  586.629538][T20325] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  586.637361][T20325] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  586.645169][T20325]  </TASK>
06:59:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3800, 0x43451)

06:59:22 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:22 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 66)

06:59:22 executing program 1:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3900, 0x43451)

06:59:22 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  586.801917][T20359] FAULT_INJECTION: forcing a failure.
[  586.801917][T20359] name failslab, interval 1, probability 0, space 0, times 0
[  586.817204][T20359] CPU: 1 PID: 20359 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  586.828774][T20359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  586.838665][T20359] Call Trace:
[  586.841789][T20359]  <TASK>
[  586.844564][T20359]  dump_stack_lvl+0x151/0x1b7
[  586.849081][T20359]  ? io_uring_drop_tctx_refs+0x190/0x190
[  586.854667][T20359]  dump_stack+0x15/0x17
[  586.858761][T20359]  should_fail+0x3c6/0x510
[  586.863014][T20359]  __should_failslab+0xa4/0xe0
[  586.867612][T20359]  ? vm_area_dup+0x26/0x230
[  586.871959][T20359]  should_failslab+0x9/0x20
[  586.876307][T20359]  slab_pre_alloc_hook+0x37/0xd0
[  586.881064][T20359]  ? vm_area_dup+0x26/0x230
[  586.885405][T20359]  kmem_cache_alloc+0x44/0x200
[  586.890016][T20359]  vm_area_dup+0x26/0x230
[  586.894168][T20359]  copy_mm+0x9a1/0x13e0
[  586.898163][T20359]  ? copy_signal+0x610/0x610
[  586.902588][T20359]  ? __init_rwsem+0xd6/0x1c0
[  586.907017][T20359]  ? copy_signal+0x4e3/0x610
[  586.911441][T20359]  copy_process+0x1149/0x3290
[  586.915959][T20359]  ? timerqueue_add+0x250/0x270
[  586.920639][T20359]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  586.925585][T20359]  ? enqueue_hrtimer+0xca/0x240
[  586.930270][T20359]  ? __hrtimer_run_queues+0x46b/0xad0
[  586.935491][T20359]  kernel_clone+0x21e/0x9e0
[  586.939822][T20359]  ? irqentry_exit+0x30/0x40
[  586.944244][T20359]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  586.949886][T20359]  ? create_io_thread+0x1e0/0x1e0
[  586.954760][T20359]  __x64_sys_clone+0x23f/0x290
[  586.959352][T20359]  ? __do_sys_vfork+0x130/0x130
[  586.964041][T20359]  ? debug_smp_processor_id+0x17/0x20
[  586.969241][T20359]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  586.975152][T20359]  ? exit_to_user_mode_prepare+0x39/0xa0
[  586.980615][T20359]  do_syscall_64+0x3d/0xb0
[  586.984871][T20359]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  586.990509][T20359]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  586.996334][T20359] RIP: 0033:0x7f7b6d82fda9
[  587.000758][T20359] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  587.020199][T20359] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  587.028447][T20359] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  587.036261][T20359] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  587.044084][T20359] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
06:59:22 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:22 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 67)

[  587.052004][T20359] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  587.059780][T20359] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  587.067595][T20359]  </TASK>
06:59:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3a00, 0x43451)

06:59:22 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:22 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  587.157298][T20368] FAULT_INJECTION: forcing a failure.
[  587.157298][T20368] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  587.174015][T20368] CPU: 0 PID: 20368 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  587.185572][T20368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  587.195462][T20368] Call Trace:
[  587.198586][T20368]  <TASK>
[  587.201364][T20368]  dump_stack_lvl+0x151/0x1b7
[  587.205877][T20368]  ? io_uring_drop_tctx_refs+0x190/0x190
[  587.211352][T20368]  ? kvm_sched_clock_read+0x18/0x40
[  587.216376][T20368]  ? sched_clock+0x9/0x10
[  587.220546][T20368]  ? sched_clock_cpu+0x18/0x3b0
[  587.225232][T20368]  ? _raw_spin_lock+0xa4/0x1b0
[  587.229833][T20368]  dump_stack+0x15/0x17
[  587.233823][T20368]  should_fail+0x3c6/0x510
[  587.238078][T20368]  should_fail_alloc_page+0x5a/0x80
[  587.243110][T20368]  prepare_alloc_pages+0x15c/0x700
[  587.248074][T20368]  ? __alloc_pages_bulk+0xe40/0xe40
[  587.253088][T20368]  ? sched_clock+0x9/0x10
[  587.257261][T20368]  ? native_set_ldt+0x360/0x360
[  587.262206][T20368]  __alloc_pages+0x18c/0x8f0
[  587.266629][T20368]  ? _raw_spin_unlock+0x4d/0x70
[  587.271500][T20368]  ? prep_new_page+0x110/0x110
[  587.276104][T20368]  pte_alloc_one+0x73/0x1b0
[  587.280440][T20368]  ? pfn_modify_allowed+0x2f0/0x2f0
[  587.285473][T20368]  ? preempt_schedule+0xd9/0xe0
[  587.290164][T20368]  __pte_alloc+0x86/0x350
[  587.294334][T20368]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.300001][T20368]  ? free_pgtables+0x280/0x280
[  587.304569][T20368]  ? __kasan_check_write+0x14/0x20
[  587.309517][T20368]  copy_page_range+0x28a8/0x2f90
[  587.314290][T20368]  ? __kasan_slab_alloc+0xb1/0xe0
[  587.319157][T20368]  ? pfn_valid+0x1e0/0x1e0
[  587.323401][T20368]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  587.328957][T20368]  ? __rb_insert_augmented+0x5de/0x610
[  587.334342][T20368]  copy_mm+0xc7e/0x13e0
[  587.338334][T20368]  ? copy_signal+0x610/0x610
[  587.342776][T20368]  ? __init_rwsem+0xd6/0x1c0
[  587.347185][T20368]  ? copy_signal+0x4e3/0x610
[  587.351613][T20368]  copy_process+0x1149/0x3290
[  587.356125][T20368]  ? proc_fail_nth_write+0x20b/0x290
[  587.361245][T20368]  ? fsnotify_perm+0x6a/0x5d0
[  587.365761][T20368]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  587.370708][T20368]  ? irqentry_exit+0x30/0x40
[  587.375220][T20368]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.380873][T20368]  kernel_clone+0x21e/0x9e0
[  587.385200][T20368]  ? ksys_write+0x219/0x2c0
[  587.389548][T20368]  ? create_io_thread+0x1e0/0x1e0
[  587.394398][T20368]  ? mutex_unlock+0xb2/0x260
[  587.398825][T20368]  ? __mutex_lock_slowpath+0x10/0x10
[  587.403955][T20368]  __x64_sys_clone+0x23f/0x290
[  587.408545][T20368]  ? __do_sys_vfork+0x130/0x130
[  587.413235][T20368]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  587.419051][T20368]  do_syscall_64+0x3d/0xb0
[  587.423303][T20368]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.428944][T20368]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  587.434672][T20368] RIP: 0033:0x7f7b6d82fda9
[  587.438926][T20368] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
06:59:22 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3b00, 0x43451)

[  587.458364][T20368] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  587.466609][T20368] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  587.474425][T20368] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  587.482231][T20368] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  587.490044][T20368] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  587.497858][T20368] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  587.505670][T20368]  </TASK>
06:59:23 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x2b, &(0x7f00000000c0)=r1, 0x4) (async)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x1d, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@jmp={0x5, 0x0, 0xc, 0x3, 0x0, 0x0, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x2b, &(0x7f00000000c0)=""/43, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x5, 0xe, 0xc44}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x80000000, <r4=>0x0}, 0x8) (async)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x8}, 0xc) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0xb, 0x1, 0x7, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@cgroup=r1, r3, 0x1f, 0x8, 0x0, @link_id=r4, r6}, 0x20) (async)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={r1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000007c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0], <r9=>0x0, 0x9a, &(0x7f0000000880)=[{}], 0x8, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x1d, &(0x7f0000000440)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @ldst={0x1, 0x3, 0x4, 0xa, 0x6, 0x50, 0x1}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3f}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_val={0x18, 0x9, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x2}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], &(0x7f0000000540)='GPL\x00', 0x80000000, 0xc5, &(0x7f0000000580)=""/197, 0x41100, 0x0, '\x00', r8, 0x25, r1, 0x8, &(0x7f0000000740)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0x5, 0x0, 0x7}, 0x10, r9, r3, 0x0, &(0x7f0000000ac0)=[r5, r1, r5], 0x0, 0x10, 0x3f}, 0x90)

06:59:23 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850200002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r1, &(0x7f0000000000), 0x165243)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r3, &(0x7f0000000000), 0x248800)
openat$cgroup_ro(r3, &(0x7f0000000600)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
write$cgroup_int(r2, &(0x7f0000000500)=0x7f, 0x12)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040))
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r5}, 0x80)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000902200000000000008000000851000000800000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000003f0630001000000018140000", @ANYRES32=r2, @ANYBLOB="000000000000000018210000", @ANYRES32=r4, @ANYBLOB="0000000000000002184100000100000000000000000000009500000000000000950000000000000076b78df1e42f4fa3028b7d781cd659b5a000ddf16779f74667a57b311ef8bcb71e358f5f488fd3a0771f11b22dcf43b7f1e1ee5b74e2f26fbc3bfc576a8ae44ed4264328c733455abf19b54cbba62f87fcaa83d8bb1fbc97e215f5ea67ef379f6e121739710b75237d8eae8bfa7b8c5f4cca7e03d919"], &(0x7f0000000000)='GPL\x00', 0x1c, 0x54, &(0x7f0000000340)=""/84, 0x40f00, 0x20, '\x00', r6, 0x1b, r8, 0x8, &(0x7f00000001c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xe, 0x6, 0x80}, 0x10, 0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000000400)=[{0x3, 0x5, 0x3, 0x9}, {0x2, 0x3, 0x8}, {0x1, 0x5, 0xd, 0x5}]}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3c00, 0x43451)

06:59:23 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 68)

[  587.626464][T20389] FAULT_INJECTION: forcing a failure.
[  587.626464][T20389] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  587.640720][T20389] CPU: 1 PID: 20389 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  587.652255][T20389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  587.662146][T20389] Call Trace:
[  587.665279][T20389]  <TASK>
[  587.668051][T20389]  dump_stack_lvl+0x151/0x1b7
[  587.672568][T20389]  ? io_uring_drop_tctx_refs+0x190/0x190
[  587.678039][T20389]  ? kvm_sched_clock_read+0x18/0x40
[  587.683080][T20389]  ? sched_clock+0x9/0x10
[  587.687234][T20389]  ? sched_clock_cpu+0x18/0x3b0
[  587.691921][T20389]  ? _raw_spin_lock+0xa4/0x1b0
[  587.696518][T20389]  dump_stack+0x15/0x17
[  587.700512][T20389]  should_fail+0x3c6/0x510
[  587.704771][T20389]  should_fail_alloc_page+0x5a/0x80
[  587.709799][T20389]  prepare_alloc_pages+0x15c/0x700
[  587.714767][T20389]  ? __alloc_pages_bulk+0xe40/0xe40
[  587.719778][T20389]  __alloc_pages+0x18c/0x8f0
[  587.724205][T20389]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.729846][T20389]  ? prep_new_page+0x110/0x110
[  587.734451][T20389]  pte_alloc_one+0x73/0x1b0
[  587.738787][T20389]  ? pfn_modify_allowed+0x2f0/0x2f0
[  587.743826][T20389]  ? irqentry_exit+0x30/0x40
[  587.748260][T20389]  ? common_interrupt+0x65/0xd0
[  587.753020][T20389]  __pte_alloc+0x86/0x350
[  587.757183][T20389]  ? irqentry_exit+0x30/0x40
[  587.761614][T20389]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.767255][T20389]  ? free_pgtables+0x280/0x280
[  587.771861][T20389]  ? copy_page_range+0x27d0/0x2f90
[  587.776827][T20389]  copy_page_range+0x28a8/0x2f90
[  587.781588][T20389]  ? __kasan_slab_alloc+0xb1/0xe0
[  587.786588][T20389]  ? pfn_valid+0x1e0/0x1e0
[  587.790842][T20389]  ? __vma_link_rb+0x4c5/0x550
[  587.795432][T20389]  ? vma_gap_callbacks_rotate+0x1b7/0x210
[  587.800991][T20389]  ? __rb_insert_augmented+0x5de/0x610
[  587.806346][T20389]  copy_mm+0xc7e/0x13e0
[  587.810276][T20389]  ? copy_signal+0x610/0x610
[  587.814705][T20389]  ? __init_rwsem+0xd6/0x1c0
[  587.819127][T20389]  ? copy_signal+0x4e3/0x610
[  587.823645][T20389]  copy_process+0x1149/0x3290
[  587.828252][T20389]  ? timerqueue_add+0x250/0x270
[  587.833014][T20389]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  587.837960][T20389]  ? enqueue_hrtimer+0xca/0x240
[  587.842643][T20389]  ? __hrtimer_run_queues+0x46b/0xad0
[  587.847855][T20389]  kernel_clone+0x21e/0x9e0
[  587.852199][T20389]  ? create_io_thread+0x1e0/0x1e0
[  587.857055][T20389]  ? clockevents_program_event+0x22f/0x300
[  587.862699][T20389]  __x64_sys_clone+0x23f/0x290
[  587.867298][T20389]  ? __do_sys_vfork+0x130/0x130
[  587.871985][T20389]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  587.877810][T20389]  do_syscall_64+0x3d/0xb0
[  587.882167][T20389]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  587.887803][T20389]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  587.893551][T20389] RIP: 0033:0x7f7b6d82fda9
[  587.897785][T20389] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  587.917237][T20389] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3d00, 0x43451)

[  587.925464][T20389] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  587.933277][T20389] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  587.941088][T20389] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  587.949167][T20389] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  587.957059][T20389] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  587.964984][T20389]  </TASK>
06:59:23 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850200002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (rerun: 64)
write$cgroup_type(r1, &(0x7f0000000000), 0x165243) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r3, &(0x7f0000000000), 0x248800) (async)
openat$cgroup_ro(r3, &(0x7f0000000600)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async)
write$cgroup_int(r2, &(0x7f0000000500)=0x7f, 0x12) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040)) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r5}, 0x80) (async)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) (async, rerun: 64)
bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8) (rerun: 64)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000902200000000000008000000851000000800000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000003f0630001000000018140000", @ANYRES32=r2, @ANYBLOB="000000000000000018210000", @ANYRES32=r4, @ANYBLOB="0000000000000002184100000100000000000000000000009500000000000000950000000000000076b78df1e42f4fa3028b7d781cd659b5a000ddf16779f74667a57b311ef8bcb71e358f5f488fd3a0771f11b22dcf43b7f1e1ee5b74e2f26fbc3bfc576a8ae44ed4264328c733455abf19b54cbba62f87fcaa83d8bb1fbc97e215f5ea67ef379f6e121739710b75237d8eae8bfa7b8c5f4cca7e03d919"], &(0x7f0000000000)='GPL\x00', 0x1c, 0x54, &(0x7f0000000340)=""/84, 0x40f00, 0x20, '\x00', r6, 0x1b, r8, 0x8, &(0x7f00000001c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xe, 0x6, 0x80}, 0x10, 0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000000400)=[{0x3, 0x5, 0x3, 0x9}, {0x2, 0x3, 0x8}, {0x1, 0x5, 0xd, 0x5}]}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:23 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 69)

06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3e00, 0x43451)

06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x3f00, 0x43451)

[  588.077773][T20403] FAULT_INJECTION: forcing a failure.
[  588.077773][T20403] name failslab, interval 1, probability 0, space 0, times 0
[  588.108711][T20403] CPU: 1 PID: 20403 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  588.120268][T20403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  588.130164][T20403] Call Trace:
[  588.133283][T20403]  <TASK>
[  588.136068][T20403]  dump_stack_lvl+0x151/0x1b7
[  588.140577][T20403]  ? io_uring_drop_tctx_refs+0x190/0x190
[  588.146049][T20403]  dump_stack+0x15/0x17
[  588.150040][T20403]  should_fail+0x3c6/0x510
[  588.154291][T20403]  __should_failslab+0xa4/0xe0
[  588.158893][T20403]  ? anon_vma_fork+0x1df/0x4e0
[  588.163489][T20403]  should_failslab+0x9/0x20
[  588.167839][T20403]  slab_pre_alloc_hook+0x37/0xd0
[  588.172600][T20403]  ? anon_vma_fork+0x1df/0x4e0
[  588.177204][T20403]  kmem_cache_alloc+0x44/0x200
[  588.181803][T20403]  anon_vma_fork+0x1df/0x4e0
[  588.186255][T20403]  copy_mm+0xa3a/0x13e0
[  588.190336][T20403]  ? copy_signal+0x610/0x610
[  588.194762][T20403]  ? __init_rwsem+0xd6/0x1c0
[  588.199185][T20403]  ? copy_signal+0x4e3/0x610
[  588.203612][T20403]  copy_process+0x1149/0x3290
[  588.208127][T20403]  ? timerqueue_add+0x250/0x270
[  588.212812][T20403]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  588.217759][T20403]  ? enqueue_hrtimer+0xca/0x240
[  588.222447][T20403]  ? __hrtimer_run_queues+0x46b/0xad0
[  588.227653][T20403]  kernel_clone+0x21e/0x9e0
[  588.231990][T20403]  ? irqentry_exit+0x30/0x40
[  588.236418][T20403]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  588.242062][T20403]  ? create_io_thread+0x1e0/0x1e0
[  588.246923][T20403]  __x64_sys_clone+0x23f/0x290
[  588.251522][T20403]  ? __do_sys_vfork+0x130/0x130
[  588.256209][T20403]  ? debug_smp_processor_id+0x17/0x20
[  588.261415][T20403]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  588.267324][T20403]  ? exit_to_user_mode_prepare+0x39/0xa0
[  588.272792][T20403]  do_syscall_64+0x3d/0xb0
[  588.277039][T20403]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  588.282682][T20403]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  588.288418][T20403] RIP: 0033:0x7f7b6d82fda9
[  588.292668][T20403] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  588.312099][T20403] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  588.320347][T20403] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  588.328168][T20403] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  588.335970][T20403] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  588.343780][T20403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  588.351593][T20403] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  588.359409][T20403]  </TASK>
[  588.368925][T20403] ------------[ cut here ]------------
06:59:23 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850200002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r1, &(0x7f0000000000), 0x165243) (async)
write$cgroup_type(r1, &(0x7f0000000000), 0x165243)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r3, &(0x7f0000000000), 0x248800)
openat$cgroup_ro(r3, &(0x7f0000000600)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r3, &(0x7f0000000600)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
write$cgroup_int(r2, &(0x7f0000000500)=0x7f, 0x12)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040))
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r5}, 0x80)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8) (async)
bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000902200000000000008000000851000000800000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000003f0630001000000018140000", @ANYRES32=r2, @ANYBLOB="000000000000000018210000", @ANYRES32=r4, @ANYBLOB="0000000000000002184100000100000000000000000000009500000000000000950000000000000076b78df1e42f4fa3028b7d781cd659b5a000ddf16779f74667a57b311ef8bcb71e358f5f488fd3a0771f11b22dcf43b7f1e1ee5b74e2f26fbc3bfc576a8ae44ed4264328c733455abf19b54cbba62f87fcaa83d8bb1fbc97e215f5ea67ef379f6e121739710b75237d8eae8bfa7b8c5f4cca7e03d919"], &(0x7f0000000000)='GPL\x00', 0x1c, 0x54, &(0x7f0000000340)=""/84, 0x40f00, 0x20, '\x00', r6, 0x1b, r8, 0x8, &(0x7f00000001c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0xe, 0x6, 0x80}, 0x10, 0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000000400)=[{0x3, 0x5, 0x3, 0x9}, {0x2, 0x3, 0x8}, {0x1, 0x5, 0xd, 0x5}]}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:23 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x2b, &(0x7f00000000c0)=r1, 0x4) (async)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x1d, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xff}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@jmp={0x5, 0x0, 0xc, 0x3, 0x0, 0x0, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x2b, &(0x7f00000000c0)=""/43, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x5, 0xe, 0xc44}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x80000000, <r4=>0x0}, 0x8)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x8}, 0xc) (async, rerun: 32)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0xb, 0x1, 0x7, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], <r6=>0x0}, 0x40) (rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@cgroup=r1, r3, 0x1f, 0x8, 0x0, @link_id=r4, r6}, 0x20) (async)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={r1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000007c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0], <r9=>0x0, 0x9a, &(0x7f0000000880)=[{}], 0x8, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x1d, &(0x7f0000000440)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @ldst={0x1, 0x3, 0x4, 0xa, 0x6, 0x50, 0x1}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3f}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_val={0x18, 0x9, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x2}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], &(0x7f0000000540)='GPL\x00', 0x80000000, 0xc5, &(0x7f0000000580)=""/197, 0x41100, 0x0, '\x00', r8, 0x25, r1, 0x8, &(0x7f0000000740)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0x5, 0x0, 0x7}, 0x10, r9, r3, 0x0, &(0x7f0000000ac0)=[r5, r1, r5], 0x0, 0x10, 0x3f}, 0x90)

06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x4000, 0x43451)

[  588.374445][T20403] refcount_t: underflow; use-after-free.
[  588.399059][T20403] WARNING: CPU: 0 PID: 20403 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0
06:59:23 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000001180), &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

[  588.432110][T20403] Modules linked in:
[  588.439999][T20403] CPU: 0 PID: 20403 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  588.452009][T20403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  588.463907][T20403] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
06:59:23 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x4100, 0x43451)

[  588.474071][T20403] Code: 04 01 48 c7 c7 40 c8 82 85 e8 e4 9e dc fe 0f 0b eb 8b e8 6b 49 0b ff c6 05 73 8e 9e 04 01 48 c7 c7 a0 c8 82 85 e8 c8 9e dc fe <0f> 0b e9 6c ff ff ff e8 4c 49 0b ff c6 05 55 8e 9e 04 01 48 c7 c7
[  588.494335][T20403] RSP: 0018:ffffc900009e7968 EFLAGS: 00010246
[  588.506689][T20403] RAX: 69500e95e1ba0600 RBX: 0000000000000003 RCX: 0000000000040000
[  588.522850][T20403] RDX: ffffc90001619000 RSI: 0000000000018bf3 RDI: 0000000000018bf4
[  588.533094][T20403] RBP: ffffc900009e7978 R08: ffffffff81575f25 R09: ffffed103ee065e8
[  588.544022][T20403] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110235fcecd
[  588.564330][T20403] R13: ffff88811afe7668 R14: 0000000000000003 R15: ffff8881174ee998
06:59:24 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x32600)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0], 0x0, 0xbb, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0xf4, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0x20, &(0x7f0000000800)={&(0x7f0000000700)=""/11, 0xb, <r6=>0x0, &(0x7f0000000740)=""/157, 0x9d}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x18, 0x2, &(0x7f0000000880)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xc0bd, 0x0, 0x0, 0x0, 0x1}], &(0x7f00000008c0)='GPL\x00', 0x400, 0xd, &(0x7f0000000900)=""/13, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x5, 0x4, 0x6}, {0x3, 0x4, 0xa, 0x4}, {0x0, 0x2, 0x4, 0x2}, {0x200, 0x3, 0x6, 0x9}, {0x4, 0x3, 0x10, 0x4}, {0x1, 0x5, 0xc, 0xa}, {0x4, 0x4, 0x1, 0x2}, {0x3, 0x1, 0x4, 0x2}]}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x1d, 0x3f, 0x3, 0x5, 0x4, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x48)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b40)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x28f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x3}, 0x48)
r10 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000dc0)={r3}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000010c0)={r10, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000e00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000e40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb2, &(0x7f0000000ec0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000f00), &(0x7f0000000f40), 0x8, 0xef, 0x8, 0x8, &(0x7f0000000f80)}}, 0x10)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r1, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @exit]}, &(0x7f0000000080)='syzkaller\x00', 0xfffff9ab, 0xd7, &(0x7f0000000280)=""/215, 0x40f00, 0x1, '\x00', r4, 0x27, r5, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x2, 0x0, 0x58d0}, 0x10, r6, r7, 0x2, &(0x7f0000000c40)=[r8, 0xffffffffffffffff, r9, r11], &(0x7f0000000c80)=[{0x1, 0x2, 0xe, 0x5}, {0x3, 0x5, 0x6, 0x9}], 0x10, 0xff}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
openat$cgroup_ro(r11, &(0x7f0000000d80)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)

[  588.575954][T20403] FS:  00007f7b6c5b16c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  588.586008][T20403] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  588.602907][T20403] CR2: 00007ffe00b40b48 CR3: 000000010e977000 CR4: 00000000003506b0
[  588.611492][T20403] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  588.620005][T20403] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  588.628254][T20403] Call Trace:
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x4200, 0x43451)

[  588.638220][T20403]  <TASK>
[  588.647814][T20403]  ? show_regs+0x58/0x60
[  588.652551][T20403]  ? __warn+0x160/0x2f0
[  588.656897][T20403]  ? refcount_warn_saturate+0x158/0x1a0
[  588.662827][T20403]  ? report_bug+0x3d9/0x5b0
[  588.668052][T20403]  ? refcount_warn_saturate+0x158/0x1a0
[  588.675710][T20403]  ? handle_bug+0x41/0x70
[  588.680519][T20403]  ? exc_invalid_op+0x1b/0x50
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x4300, 0x43451)

06:59:24 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x32600)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0], 0x0, 0xbb, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0xf4, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0x20, &(0x7f0000000800)={&(0x7f0000000700)=""/11, 0xb, <r6=>0x0, &(0x7f0000000740)=""/157, 0x9d}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x18, 0x2, &(0x7f0000000880)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xc0bd, 0x0, 0x0, 0x0, 0x1}], &(0x7f00000008c0)='GPL\x00', 0x400, 0xd, &(0x7f0000000900)=""/13, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x5, 0x4, 0x6}, {0x3, 0x4, 0xa, 0x4}, {0x0, 0x2, 0x4, 0x2}, {0x200, 0x3, 0x6, 0x9}, {0x4, 0x3, 0x10, 0x4}, {0x1, 0x5, 0xc, 0xa}, {0x4, 0x4, 0x1, 0x2}, {0x3, 0x1, 0x4, 0x2}]}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x1d, 0x3f, 0x3, 0x5, 0x4, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x48)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b40)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x28f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x3}, 0x48)
r10 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000dc0)={r3}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000010c0)={r10, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000e00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000e40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb2, &(0x7f0000000ec0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000f00), &(0x7f0000000f40), 0x8, 0xef, 0x8, 0x8, &(0x7f0000000f80)}}, 0x10)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r1, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @exit]}, &(0x7f0000000080)='syzkaller\x00', 0xfffff9ab, 0xd7, &(0x7f0000000280)=""/215, 0x40f00, 0x1, '\x00', r4, 0x27, r5, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x2, 0x0, 0x58d0}, 0x10, r6, r7, 0x2, &(0x7f0000000c40)=[r8, 0xffffffffffffffff, r9, r11], &(0x7f0000000c80)=[{0x1, 0x2, 0xe, 0x5}, {0x3, 0x5, 0x6, 0x9}], 0x10, 0xff}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
openat$cgroup_ro(r11, &(0x7f0000000d80)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (async)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x32600) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0], 0x0, 0xbb, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0xf4, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640)=0xffffffffffffffff, 0x4) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0x20, &(0x7f0000000800)={&(0x7f0000000700)=""/11, 0xb, 0x0, &(0x7f0000000740)=""/157, 0x9d}}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x18, 0x2, &(0x7f0000000880)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xc0bd, 0x0, 0x0, 0x0, 0x1}], &(0x7f00000008c0)='GPL\x00', 0x400, 0xd, &(0x7f0000000900)=""/13, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x5, 0x4, 0x6}, {0x3, 0x4, 0xa, 0x4}, {0x0, 0x2, 0x4, 0x2}, {0x200, 0x3, 0x6, 0x9}, {0x4, 0x3, 0x10, 0x4}, {0x1, 0x5, 0xc, 0xa}, {0x4, 0x4, 0x1, 0x2}, {0x3, 0x1, 0x4, 0x2}]}, 0x90) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x1d, 0x3f, 0x3, 0x5, 0x4, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x48) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b40)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x28f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x3}, 0x48) (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000dc0)={r3}, 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000010c0)={r10, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000e00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000e40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb2, &(0x7f0000000ec0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000f00), &(0x7f0000000f40), 0x8, 0xef, 0x8, 0x8, &(0x7f0000000f80)}}, 0x10) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r1, 0x4, 0x4, 0x5}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @exit]}, &(0x7f0000000080)='syzkaller\x00', 0xfffff9ab, 0xd7, &(0x7f0000000280)=""/215, 0x40f00, 0x1, '\x00', r4, 0x27, r5, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x2, 0x0, 0x58d0}, 0x10, r6, r7, 0x2, &(0x7f0000000c40)=[r8, 0xffffffffffffffff, r9, r11], &(0x7f0000000c80)=[{0x1, 0x2, 0xe, 0x5}, {0x3, 0x5, 0x6, 0x9}], 0x10, 0xff}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(r11, &(0x7f0000000d80)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) (async)

[  588.685266][T20403]  ? asm_exc_invalid_op+0x1b/0x20
[  588.698262][T20403]  ? __wake_up_klogd+0xd5/0x110
[  588.719788][T20403]  ? refcount_warn_saturate+0x158/0x1a0
[  588.729993][T20403]  ? refcount_warn_saturate+0x158/0x1a0
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x4400, 0x43451)

06:59:24 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (rerun: 64)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x32600)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0], 0x0, 0xbb, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0xf4, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640)=0xffffffffffffffff, 0x4) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0x20, &(0x7f0000000800)={&(0x7f0000000700)=""/11, 0xb, <r6=>0x0, &(0x7f0000000740)=""/157, 0x9d}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x18, 0x2, &(0x7f0000000880)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xc0bd, 0x0, 0x0, 0x0, 0x1}], &(0x7f00000008c0)='GPL\x00', 0x400, 0xd, &(0x7f0000000900)=""/13, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x5, 0x4, 0x6}, {0x3, 0x4, 0xa, 0x4}, {0x0, 0x2, 0x4, 0x2}, {0x200, 0x3, 0x6, 0x9}, {0x4, 0x3, 0x10, 0x4}, {0x1, 0x5, 0xc, 0xa}, {0x4, 0x4, 0x1, 0x2}, {0x3, 0x1, 0x4, 0x2}]}, 0x90) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x1d, 0x3f, 0x3, 0x5, 0x4, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x48) (async, rerun: 32)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b40)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0x28f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x3}, 0x48) (async, rerun: 32)
r10 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000dc0)={r3}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000010c0)={r10, 0xe0, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000e00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000e40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb2, &(0x7f0000000ec0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000f00), &(0x7f0000000f40), 0x8, 0xef, 0x8, 0x8, &(0x7f0000000f80)}}, 0x10) (async)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r1, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x4, 0x1, 0x0, r2}, @exit]}, &(0x7f0000000080)='syzkaller\x00', 0xfffff9ab, 0xd7, &(0x7f0000000280)=""/215, 0x40f00, 0x1, '\x00', r4, 0x27, r5, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x2, 0x0, 0x58d0}, 0x10, r6, r7, 0x2, &(0x7f0000000c40)=[r8, 0xffffffffffffffff, r9, r11], &(0x7f0000000c80)=[{0x1, 0x2, 0xe, 0x5}, {0x3, 0x5, 0x6, 0x9}], 0x10, 0xff}, 0x90) (async, rerun: 64)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async, rerun: 64)
openat$cgroup_ro(r11, &(0x7f0000000d80)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)

[  588.741219][T20403]  vm_area_free_no_check+0x123/0x130
[  588.748540][T20403]  copy_mm+0xefb/0x13e0
[  588.776666][T20403]  ? copy_signal+0x610/0x610
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x5104, 0x43451)

[  588.789350][T20403]  ? __init_rwsem+0xd6/0x1c0
[  588.794136][T20403]  ? copy_signal+0x4e3/0x610
[  588.810881][T20403]  copy_process+0x1149/0x3290
[  588.827012][T20403]  ? timerqueue_add+0x250/0x270
[  588.836282][T20403]  ? pidfd_show_fdinfo+0x2b0/0x2b0
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x5600, 0x43451)

[  588.842382][T20403]  ? enqueue_hrtimer+0xca/0x240
[  588.852351][T20403]  ? __hrtimer_run_queues+0x46b/0xad0
[  588.858366][T20403]  kernel_clone+0x21e/0x9e0
[  588.863551][T20403]  ? irqentry_exit+0x30/0x40
[  588.873592][T20403]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  588.887813][T20403]  ? create_io_thread+0x1e0/0x1e0
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x5700, 0x43451)

[  588.898558][T20403]  __x64_sys_clone+0x23f/0x290
[  588.906235][T20403]  ? __do_sys_vfork+0x130/0x130
[  588.911883][T20403]  ? debug_smp_processor_id+0x17/0x20
[  588.917507][T20403]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  588.939028][T20403]  ? exit_to_user_mode_prepare+0x39/0xa0
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x8008, 0x43451)

[  588.950872][T20403]  do_syscall_64+0x3d/0xb0
[  588.956653][T20403]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  588.966700][T20403]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  588.973088][T20403] RIP: 0033:0x7f7b6d82fda9
[  588.977552][T20403] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x8800, 0x43451)

[  589.018309][T20403] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  589.027234][T20403] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  589.045745][T20403] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x9100, 0x43451)

[  589.069638][T20403] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  589.077759][T20403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  589.096198][T20403] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  589.114939][T20403]  </TASK>
06:59:24 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xff01, 0x43451)

[  589.118816][T20403] ---[ end trace 08fe89d2d4509177 ]---
06:59:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 70)

[  589.197195][ T5713] ==================================================================
[  589.205098][ T5713] BUG: KASAN: use-after-free in __rb_insert_augmented+0xa0/0x610
[  589.212651][ T5713] Read of size 8 at addr ffff8881c0000008 by task syz-executor.4/5713
[  589.220629][ T5713] 
[  589.222811][ T5713] CPU: 0 PID: 5713 Comm: syz-executor.4 Tainted: G        W         5.15.148-syzkaller-00718-g993bed180178 #0
[  589.234259][ T5713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  589.244154][ T5713] Call Trace:
[  589.247273][ T5713]  <TASK>
[  589.250071][ T5713]  dump_stack_lvl+0x151/0x1b7
[  589.254593][ T5713]  ? io_uring_drop_tctx_refs+0x190/0x190
[  589.260036][ T5713]  ? panic+0x751/0x751
[  589.263939][ T5713]  print_address_description+0x87/0x3b0
[  589.269320][ T5713]  kasan_report+0x179/0x1c0
[  589.273657][ T5713]  ? __rb_insert_augmented+0xa0/0x610
[  589.278867][ T5713]  ? __rb_insert_augmented+0xa0/0x610
[  589.284075][ T5713]  __asan_report_load8_noabort+0x14/0x20
[  589.289541][ T5713]  __rb_insert_augmented+0xa0/0x610
[  589.294574][ T5713]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[  589.300824][ T5713]  vma_interval_tree_insert_after+0x2be/0x2d0
[  589.306725][ T5713]  copy_mm+0xba2/0x13e0
[  589.310722][ T5713]  ? copy_signal+0x610/0x610
[  589.315145][ T5713]  ? __init_rwsem+0xd6/0x1c0
[  589.319572][ T5713]  ? copy_signal+0x4e3/0x610
[  589.323997][ T5713]  copy_process+0x1149/0x3290
[  589.328524][ T5713]  ? io_schedule+0x120/0x120
[  589.332944][ T5713]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  589.337887][ T5713]  kernel_clone+0x21e/0x9e0
[  589.342225][ T5713]  ? kernel_read+0x1f0/0x1f0
[  589.346662][ T5713]  ? kmem_cache_free+0x2c3/0x2e0
[  589.351426][ T5713]  ? create_io_thread+0x1e0/0x1e0
[  589.356287][ T5713]  ? debug_smp_processor_id+0x17/0x20
[  589.361669][ T5713]  __x64_sys_clone+0x23f/0x290
[  589.366265][ T5713]  ? __do_sys_vfork+0x130/0x130
[  589.370955][ T5713]  do_syscall_64+0x3d/0xb0
[  589.375204][ T5713]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  589.380931][ T5713] RIP: 0033:0x7f7b6d82cdd3
[  589.385186][ T5713] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  589.404631][ T5713] RSP: 002b:00007ffc8feb0978 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  589.412872][ T5713] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7b6d82cdd3
[  589.420684][ T5713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  589.428492][ T5713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  589.436305][ T5713] R10: 000055555605f750 R11: 0000000000000246 R12: 0000000000000001
[  589.444114][ T5713] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  589.451935][ T5713]  </TASK>
[  589.454794][ T5713] 
[  589.456963][ T5713] The buggy address belongs to the page:
[  589.462609][ T5713] page:ffffea0007000000 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1c0000
[  589.472934][ T5713] flags: 0x4000000000000000(zone=1)
[  589.478000][ T5713] raw: 4000000000000000 ffffea0006d10008 ffffea0006f90008 0000000000000000
[  589.486392][ T5713] raw: 0000000000000000 000000000000000a 00000000ffffff7f 0000000000000000
[  589.494804][ T5713] page dumped because: kasan: bad access detected
[  589.501056][ T5713] page_owner tracks the page as freed
[  589.506262][ T5713] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x506dc0(GFP_USER|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_ZERO|__GFP_ACCOUNT), pid 7014, ts 192141724868, free_ts 200336367337
[  589.524922][ T5713]  post_alloc_hook+0x1a3/0x1b0
[  589.529523][ T5713]  prep_new_page+0x1b/0x110
[  589.533860][ T5713]  get_page_from_freelist+0x3550/0x35d0
[  589.539242][ T5713]  __alloc_pages+0x27e/0x8f0
[  589.543668][ T5713]  bpf_ringbuf_alloc+0xd0/0x3d0
[  589.548356][ T5713]  ringbuf_map_alloc+0x202/0x320
[  589.553130][ T5713]  map_create+0x411/0x2050
[  589.557381][ T5713]  __sys_bpf+0x296/0x760
[  589.561465][ T5713]  __x64_sys_bpf+0x7c/0x90
[  589.565715][ T5713]  do_syscall_64+0x3d/0xb0
[  589.569964][ T5713]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  589.575698][ T5713] page last free stack trace:
[  589.580209][ T5713]  free_unref_page_prepare+0x7c8/0x7d0
[  589.585502][ T5713]  free_unref_page+0xe8/0x750
[  589.590016][ T5713]  __free_pages+0x61/0xf0
[  589.594184][ T5713]  ringbuf_map_free+0xbe/0x120
[  589.598781][ T5713]  bpf_map_free_deferred+0x10d/0x1e0
[  589.603902][ T5713]  process_one_work+0x6bb/0xc10
[  589.608597][ T5713]  worker_thread+0xad5/0x12a0
[  589.613190][ T5713]  kthread+0x421/0x510
[  589.617098][ T5713]  ret_from_fork+0x1f/0x30
[  589.621434][ T5713] 
[  589.623606][ T5713] Memory state around the buggy address:
[  589.629162][ T5713]  ffff8881bfffff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  589.637062][ T5713]  ffff8881bfffff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
06:59:25 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000200000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703426e819f119d9f8b00002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, 0x0, &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x2, 0xfff, 0x4, 0x365c13179e76168f, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xd6, 0x5, 0x3}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0x9, 0x858, 0x1f, 0x6}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r4}, 0x38)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d40), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e80)={0x6, 0x18, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff6d8d, 0x0, 0x0, 0x0, 0x20}, [@generic={0x20, 0x6, 0x6, 0x1, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x81}]}, &(0x7f0000000c40)='syzkaller\x00', 0x2, 0x95, &(0x7f0000000c80)=""/149, 0x41100, 0x29, '\x00', r2, 0x25, r5, 0x8, &(0x7f0000000d80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000dc0)={0x0, 0xb, 0x7, 0x1}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000e00)=[{0x4, 0x2, 0x8, 0x6}, {0x4, 0x5, 0x2, 0xa}, {0x1, 0x3, 0xd, 0xa}, {0x0, 0x1, 0xf, 0x9}, {0x2, 0x4, 0xd, 0x8}, {0x1, 0x2, 0x5, 0x2}, {0x3, 0x4, 0xd}], 0x10, 0x9}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={r1, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r3, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000780)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x99, &(0x7f0000000800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0x51, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x17, 0xd, &(0x7f00000005c0)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f0000000640)='GPL\x00', 0x0, 0x6c, &(0x7f0000000680)=""/108, 0x41000, 0x7c, '\x00', r2, 0x3c, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x1, 0xc, 0x3, 0x2}, 0x10, r9, r7, 0x1, &(0x7f0000000a40)=[r7], &(0x7f0000000a80)=[{0x5, 0x2, 0xe, 0x6}], 0x10, 0x7}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r3}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x6, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @jmp={0x5, 0x0, 0xb, 0x9, 0x3, 0xfffffffffffffffe, 0x4}, @jmp={0x5, 0x1, 0xa, 0x2, 0x8, 0x50}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xffffffff}], &(0x7f00000000c0)='GPL\x00', 0xfff, 0x0, 0x0, 0x41100, 0x3, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x3, 0x4, 0x6, 0xffffff95}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000200)=[r0, r7, r0, r0, r0], &(0x7f0000000240)=[{0x1, 0x1, 0xc, 0x8}, {0x4, 0x2, 0x3, 0x1}, {0x0, 0x1, 0xe, 0x6}], 0x10, 0x3}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  589.644962][ T5713] >ffff8881c0000000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  589.652854][ T5713]                       ^
[  589.657023][ T5713]  ffff8881c0000080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  589.664922][ T5713]  ffff8881c0000100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  589.672937][ T5713] ==================================================================
[  589.680829][ T5713] Disabling lock debugging due to kernel taint
06:59:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0xff0f, 0x43451)

06:59:25 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000200000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703426e819f119d9f8b00002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x2, 0xfff, 0x4, 0x365c13179e76168f, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xd6, 0x5, 0x3}, 0x48) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0x9, 0x858, 0x1f, 0x6}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r4}, 0x38) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d40), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e80)={0x6, 0x18, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff6d8d, 0x0, 0x0, 0x0, 0x20}, [@generic={0x20, 0x6, 0x6, 0x1, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x81}]}, &(0x7f0000000c40)='syzkaller\x00', 0x2, 0x95, &(0x7f0000000c80)=""/149, 0x41100, 0x29, '\x00', r2, 0x25, r5, 0x8, &(0x7f0000000d80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000dc0)={0x0, 0xb, 0x7, 0x1}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000e00)=[{0x4, 0x2, 0x8, 0x6}, {0x4, 0x5, 0x2, 0xa}, {0x1, 0x3, 0xd, 0xa}, {0x0, 0x1, 0xf, 0x9}, {0x2, 0x4, 0xd, 0x8}, {0x1, 0x2, 0x5, 0x2}, {0x3, 0x4, 0xd}], 0x10, 0x9}, 0x90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10) (async)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={r1, <r8=>0xffffffffffffffff}, 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r3, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000780)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x99, &(0x7f0000000800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0x51, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x17, 0xd, &(0x7f00000005c0)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f0000000640)='GPL\x00', 0x0, 0x6c, &(0x7f0000000680)=""/108, 0x41000, 0x7c, '\x00', r2, 0x3c, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x1, 0xc, 0x3, 0x2}, 0x10, r9, r7, 0x1, &(0x7f0000000a40)=[r7], &(0x7f0000000a80)=[{0x5, 0x2, 0xe, 0x6}], 0x10, 0x7}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r3}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x6, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @jmp={0x5, 0x0, 0xb, 0x9, 0x3, 0xfffffffffffffffe, 0x4}, @jmp={0x5, 0x1, 0xa, 0x2, 0x8, 0x50}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xffffffff}], &(0x7f00000000c0)='GPL\x00', 0xfff, 0x0, 0x0, 0x41100, 0x3, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x3, 0x4, 0x6, 0xffffff95}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000200)=[r0, r7, r0, r0, r0], &(0x7f0000000240)=[{0x1, 0x1, 0xc, 0x8}, {0x4, 0x2, 0x3, 0x1}, {0x0, 0x1, 0xe, 0x6}], 0x10, 0x3}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  589.764076][T20539] FAULT_INJECTION: forcing a failure.
[  589.764076][T20539] name failslab, interval 1, probability 0, space 0, times 0
[  589.788959][T20539] CPU: 0 PID: 20539 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  589.800533][T20539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  589.810420][T20539] Call Trace:
[  589.813542][T20539]  <TASK>
[  589.816316][T20539]  dump_stack_lvl+0x151/0x1b7
[  589.821183][T20539]  ? io_uring_drop_tctx_refs+0x190/0x190
[  589.826647][T20539]  dump_stack+0x15/0x17
[  589.830641][T20539]  should_fail+0x3c6/0x510
[  589.834978][T20539]  __should_failslab+0xa4/0xe0
[  589.839578][T20539]  ? anon_vma_fork+0x1df/0x4e0
[  589.844174][T20539]  should_failslab+0x9/0x20
[  589.848515][T20539]  slab_pre_alloc_hook+0x37/0xd0
[  589.853290][T20539]  ? anon_vma_fork+0x1df/0x4e0
[  589.857890][T20539]  kmem_cache_alloc+0x44/0x200
[  589.862502][T20539]  anon_vma_fork+0x1df/0x4e0
[  589.866924][T20539]  copy_mm+0xa3a/0x13e0
[  589.870912][T20539]  ? copy_signal+0x610/0x610
[  589.875336][T20539]  ? __init_rwsem+0xd6/0x1c0
[  589.879764][T20539]  ? copy_signal+0x4e3/0x610
[  589.884192][T20539]  copy_process+0x1149/0x3290
[  589.888707][T20539]  ? timerqueue_add+0x250/0x270
[  589.893389][T20539]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  589.898335][T20539]  ? enqueue_hrtimer+0xca/0x240
[  589.903028][T20539]  ? __hrtimer_run_queues+0x46b/0xad0
[  589.908232][T20539]  kernel_clone+0x21e/0x9e0
[  589.912570][T20539]  ? create_io_thread+0x1e0/0x1e0
[  589.917429][T20539]  ? clockevents_program_event+0x22f/0x300
[  589.923083][T20539]  __x64_sys_clone+0x23f/0x290
[  589.927725][T20539]  ? __do_sys_vfork+0x130/0x130
[  589.932364][T20539]  do_syscall_64+0x3d/0xb0
[  589.936610][T20539]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  589.942255][T20539]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  589.947980][T20539] RIP: 0033:0x7f7b6d82fda9
[  589.952245][T20539] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  589.971771][T20539] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  589.980016][T20539] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  589.987828][T20539] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  589.995683][T20539] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  590.003448][T20539] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:25 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000200000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703426e819f119d9f8b00002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x2, 0xfff, 0x4, 0x365c13179e76168f, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xd6, 0x5, 0x3}, 0x48) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0x9, 0x858, 0x1f, 0x6}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r4}, 0x38) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d40), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e80)={0x6, 0x18, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff6d8d, 0x0, 0x0, 0x0, 0x20}, [@generic={0x20, 0x6, 0x6, 0x1, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x81}]}, &(0x7f0000000c40)='syzkaller\x00', 0x2, 0x95, &(0x7f0000000c80)=""/149, 0x41100, 0x29, '\x00', r2, 0x25, r5, 0x8, &(0x7f0000000d80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000dc0)={0x0, 0xb, 0x7, 0x1}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000e00)=[{0x4, 0x2, 0x8, 0x6}, {0x4, 0x5, 0x2, 0xa}, {0x1, 0x3, 0xd, 0xa}, {0x0, 0x1, 0xf, 0x9}, {0x2, 0x4, 0xd, 0x8}, {0x1, 0x2, 0x5, 0x2}, {0x3, 0x4, 0xd}], 0x10, 0x9}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10) (async)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={r1, <r8=>0xffffffffffffffff}, 0x4) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r3, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000780)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x99, &(0x7f0000000800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0x51, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x17, 0xd, &(0x7f00000005c0)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f0000000640)='GPL\x00', 0x0, 0x6c, &(0x7f0000000680)=""/108, 0x41000, 0x7c, '\x00', r2, 0x3c, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x1, 0xc, 0x3, 0x2}, 0x10, r9, r7, 0x1, &(0x7f0000000a40)=[r7], &(0x7f0000000a80)=[{0x5, 0x2, 0xe, 0x6}], 0x10, 0x7}, 0x90) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18400000feffffff0000000000000000183a000003000000000000000000000085100000fdffffff351b070002000000185200000a000000000000000000000085200000010000005eb97f8520fe951b30462508ebb7dd93d4feccaeae1920f73770dc3b601256cf476a"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x0, r7, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x6, 0x4}, 0x10, 0x0, r3}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x6, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @jmp={0x5, 0x0, 0xb, 0x9, 0x3, 0xfffffffffffffffe, 0x4}, @jmp={0x5, 0x1, 0xa, 0x2, 0x8, 0x50}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xffffffff}], &(0x7f00000000c0)='GPL\x00', 0xfff, 0x0, 0x0, 0x41100, 0x3, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x3, 0x4, 0x6, 0xffffff95}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000200)=[r0, r7, r0, r0, r0], &(0x7f0000000240)=[{0x1, 0x1, 0xc, 0x8}, {0x4, 0x2, 0x3, 0x1}, {0x0, 0x1, 0xe, 0x6}], 0x10, 0x3}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 1:
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000280)=""/95, 0x5f, <r0=>0x0, &(0x7f0000000300)=""/116, 0x74}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000140100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x28, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001680)={r4, 0x58, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x6, &(0x7f0000000440)=@raw=[@alu={0x3, 0x1, 0xb, 0x0, 0x7, 0xfffffffffffffffc, 0xffffffffffffffff}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x8, 0x8, 0x2, 0xffffffffffffffc0}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000680)=""/4096, 0x41000, 0x71, '\x00', r5, 0x0, r3, 0x8, &(0x7f00000016c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x4, 0x6, 0x7f, 0x4}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001740)=[{0x2, 0x5, 0x7}, {0x1, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x5, 0x4}, {0x4, 0x5, 0x6, 0x7}], 0x10, 0x9}, 0x90)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x6, [@union={0xd, 0x4, 0x0, 0x5, 0x0, 0x5, [{0x6, 0x1, 0x20}, {0xd, 0x0, 0xffffffff}, {0xe, 0x5, 0x1}, {0x3, 0x0, 0x6}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x74, 0x4}, @ptr={0x5, 0x0, 0x0, 0x2, 0x4}, @ptr={0x8, 0x0, 0x0, 0x2, 0x4}, @fwd={0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x61, 0x0, 0x2e, 0x0]}}, &(0x7f00000004c0)=""/123, 0x9a, 0x7b, 0x0, 0x8}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x14, 0x17960, 0x2, 0x1, 0x500, r2, 0x27, '\x00', r5, r6, 0x1, 0x5, 0x2}, 0x48)

06:59:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x18372, 0x43451)

[  590.011259][T20539] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  590.019078][T20539]  </TASK>
06:59:25 executing program 1:
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000280)=""/95, 0x5f, <r0=>0x0, &(0x7f0000000300)=""/116, 0x74}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000140100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x28, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001680)={r4, 0x58, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x6, &(0x7f0000000440)=@raw=[@alu={0x3, 0x1, 0xb, 0x0, 0x7, 0xfffffffffffffffc, 0xffffffffffffffff}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x8, 0x8, 0x2, 0xffffffffffffffc0}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000680)=""/4096, 0x41000, 0x71, '\x00', r5, 0x0, r3, 0x8, &(0x7f00000016c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x4, 0x6, 0x7f, 0x4}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001740)=[{0x2, 0x5, 0x7}, {0x1, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x5, 0x4}, {0x4, 0x5, 0x6, 0x7}], 0x10, 0x9}, 0x90)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x6, [@union={0xd, 0x4, 0x0, 0x5, 0x0, 0x5, [{0x6, 0x1, 0x20}, {0xd, 0x0, 0xffffffff}, {0xe, 0x5, 0x1}, {0x3, 0x0, 0x6}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x74, 0x4}, @ptr={0x5, 0x0, 0x0, 0x2, 0x4}, @ptr={0x8, 0x0, 0x0, 0x2, 0x4}, @fwd={0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x61, 0x0, 0x2e, 0x0]}}, &(0x7f00000004c0)=""/123, 0x9a, 0x7b, 0x0, 0x8}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x14, 0x17960, 0x2, 0x1, 0x500, r2, 0x27, '\x00', r5, r6, 0x1, 0x5, 0x2}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000280)=""/95, 0x5f, 0x0, &(0x7f0000000300)=""/116, 0x74}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000140100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x28, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x48) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001680)={r4, 0x58, &(0x7f0000000540)}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x6, &(0x7f0000000440)=@raw=[@alu={0x3, 0x1, 0xb, 0x0, 0x7, 0xfffffffffffffffc, 0xffffffffffffffff}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x8, 0x8, 0x2, 0xffffffffffffffc0}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000680)=""/4096, 0x41000, 0x71, '\x00', r5, 0x0, r3, 0x8, &(0x7f00000016c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x4, 0x6, 0x7f, 0x4}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001740)=[{0x2, 0x5, 0x7}, {0x1, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x5, 0x4}, {0x4, 0x5, 0x6, 0x7}], 0x10, 0x9}, 0x90) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x6, [@union={0xd, 0x4, 0x0, 0x5, 0x0, 0x5, [{0x6, 0x1, 0x20}, {0xd, 0x0, 0xffffffff}, {0xe, 0x5, 0x1}, {0x3, 0x0, 0x6}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x74, 0x4}, @ptr={0x5, 0x0, 0x0, 0x2, 0x4}, @ptr={0x8, 0x0, 0x0, 0x2, 0x4}, @fwd={0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x61, 0x0, 0x2e, 0x0]}}, &(0x7f00000004c0)=""/123, 0x9a, 0x7b, 0x0, 0x8}, 0x20) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x14, 0x17960, 0x2, 0x1, 0x500, r2, 0x27, '\x00', r5, r6, 0x1, 0x5, 0x2}, 0x48) (async)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x0, 0x0, r2, 0x0, '\x00', 0x0, r1}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000440)='\xd1\xbeZ\x83\xe8\xfb\xc1\xb9a3\x87\x8d\xed\xc8t\x16\x87h\xa0\xbeU\xae\xc5I^\xd4[\xaaE\xbe\xd1\bB^\xa5\x84H\x00\x00\x00\x01\x00\x00\x00\x00\x00\xc8\xae\xc9\x05\x00'/62)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x8, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xd5, &(0x7f0000000180)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x72, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd4, 0xd4, 0xb, [@fwd={0xe}, @typedef={0x0, 0x0, 0x0, 0x8, 0x3}, @fwd={0x8}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x72, 0x0, 0x46, 0x2}, @var={0x3, 0x0, 0x0, 0xe, 0x2, 0x1}, @struct={0xe, 0xa, 0x0, 0x4, 0x1, 0x2, [{0x5, 0x3, 0x8}, {0xa, 0x1, 0x7}, {0x9, 0x5, 0x5}, {0x5, 0x2, 0x3}, {0xb, 0x4, 0x7fff}, {0xc, 0x1, 0x7ff}, {0x4, 0x4, 0x80000001}, {0xc, 0x1, 0xb4}, {0x3, 0x4, 0xfff}, {0x1, 0x5, 0xffff}]}, @restrict={0x1, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x5f, 0x0, 0x5f, 0x2e, 0x30, 0x30, 0x0, 0x61, 0x2e]}}, &(0x7f00000004c0)=""/101, 0xf7, 0x65, 0x1}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x7b, &(0x7f00000006c0)=[{}], 0x8, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xc4, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
r6 = perf_event_open$cgroup(&(0x7f0000000ac0)={0x1, 0x80, 0x8, 0x81, 0x1, 0x0, 0x0, 0x6, 0xb43ed8b32ae5e139, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xffffffffffff9527, 0xc502}, 0x501, 0x5, 0x4, 0x0, 0x7ff, 0x4, 0x7, 0x0, 0x3, 0x0, 0x2beb}, r2, 0x0, r2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000b40)=0x8000000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x5, 0xe, &(0x7f0000000000)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x73, '\x00', r3, 0x6, r4, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x4, 0x0, 0x4, 0x10000}, 0x10, r5, 0xffffffffffffffff, 0xa, &(0x7f0000000900)=[r0, r0, r0], &(0x7f0000000940)=[{0x4, 0x2, 0x4, 0x9}, {0x5, 0x1, 0xc, 0x8}, {0x4, 0x3, 0x6, 0xa}, {0x0, 0x8000, 0xd, 0x5}, {0x1, 0x9, 0x9, 0x5}, {0x1, 0x3, 0xd, 0x4}, {0x0, 0x1, 0x5, 0x3}, {0x4, 0x5, 0xe, 0xd}, {0x3, 0x2, 0x8, 0x8}, {0x3, 0x1, 0x7, 0x6}], 0x10, 0x1ff}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x20000, 0x43451)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x0, 0x0, r2, 0x0, '\x00', 0x0, r1}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000440)='\xd1\xbeZ\x83\xe8\xfb\xc1\xb9a3\x87\x8d\xed\xc8t\x16\x87h\xa0\xbeU\xae\xc5I^\xd4[\xaaE\xbe\xd1\bB^\xa5\x84H\x00\x00\x00\x01\x00\x00\x00\x00\x00\xc8\xae\xc9\x05\x00'/62) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000440)='\xd1\xbeZ\x83\xe8\xfb\xc1\xb9a3\x87\x8d\xed\xc8t\x16\x87h\xa0\xbeU\xae\xc5I^\xd4[\xaaE\xbe\xd1\bB^\xa5\x84H\x00\x00\x00\x01\x00\x00\x00\x00\x00\xc8\xae\xc9\x05\x00'/62)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x8, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xd5, &(0x7f0000000180)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x72, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd4, 0xd4, 0xb, [@fwd={0xe}, @typedef={0x0, 0x0, 0x0, 0x8, 0x3}, @fwd={0x8}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x72, 0x0, 0x46, 0x2}, @var={0x3, 0x0, 0x0, 0xe, 0x2, 0x1}, @struct={0xe, 0xa, 0x0, 0x4, 0x1, 0x2, [{0x5, 0x3, 0x8}, {0xa, 0x1, 0x7}, {0x9, 0x5, 0x5}, {0x5, 0x2, 0x3}, {0xb, 0x4, 0x7fff}, {0xc, 0x1, 0x7ff}, {0x4, 0x4, 0x80000001}, {0xc, 0x1, 0xb4}, {0x3, 0x4, 0xfff}, {0x1, 0x5, 0xffff}]}, @restrict={0x1, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x5f, 0x0, 0x5f, 0x2e, 0x30, 0x30, 0x0, 0x61, 0x2e]}}, &(0x7f00000004c0)=""/101, 0xf7, 0x65, 0x1}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x7b, &(0x7f00000006c0)=[{}], 0x8, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xc4, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
perf_event_open$cgroup(&(0x7f0000000ac0)={0x1, 0x80, 0x8, 0x81, 0x1, 0x0, 0x0, 0x6, 0xb43ed8b32ae5e139, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xffffffffffff9527, 0xc502}, 0x501, 0x5, 0x4, 0x0, 0x7ff, 0x4, 0x7, 0x0, 0x3, 0x0, 0x2beb}, r2, 0x0, r2, 0x0) (async)
r6 = perf_event_open$cgroup(&(0x7f0000000ac0)={0x1, 0x80, 0x8, 0x81, 0x1, 0x0, 0x0, 0x6, 0xb43ed8b32ae5e139, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xffffffffffff9527, 0xc502}, 0x501, 0x5, 0x4, 0x0, 0x7ff, 0x4, 0x7, 0x0, 0x3, 0x0, 0x2beb}, r2, 0x0, r2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000b40)=0x8000000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x5, 0xe, &(0x7f0000000000)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x73, '\x00', r3, 0x6, r4, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x4, 0x0, 0x4, 0x10000}, 0x10, r5, 0xffffffffffffffff, 0xa, &(0x7f0000000900)=[r0, r0, r0], &(0x7f0000000940)=[{0x4, 0x2, 0x4, 0x9}, {0x5, 0x1, 0xc, 0x8}, {0x4, 0x3, 0x6, 0xa}, {0x0, 0x8000, 0xd, 0x5}, {0x1, 0x9, 0x9, 0x5}, {0x1, 0x3, 0xd, 0x4}, {0x0, 0x1, 0x5, 0x3}, {0x4, 0x5, 0xe, 0xd}, {0x3, 0x2, 0x8, 0x8}, {0x3, 0x1, 0x7, 0x6}], 0x10, 0x1ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x5, 0xe, &(0x7f0000000000)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x73, '\x00', r3, 0x6, r4, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x4, 0x0, 0x4, 0x10000}, 0x10, r5, 0xffffffffffffffff, 0xa, &(0x7f0000000900)=[r0, r0, r0], &(0x7f0000000940)=[{0x4, 0x2, 0x4, 0x9}, {0x5, 0x1, 0xc, 0x8}, {0x4, 0x3, 0x6, 0xa}, {0x0, 0x8000, 0xd, 0x5}, {0x1, 0x9, 0x9, 0x5}, {0x1, 0x3, 0xd, 0x4}, {0x0, 0x1, 0x5, 0x3}, {0x4, 0x5, 0xe, 0xd}, {0x3, 0x2, 0x8, 0x8}, {0x3, 0x1, 0x7, 0x6}], 0x10, 0x1ff}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:25 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 71)

06:59:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x306e4, 0x43451)

06:59:25 executing program 1:
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000280)=""/95, 0x5f, <r0=>0x0, &(0x7f0000000300)=""/116, 0x74}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000140100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x28, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001680)={r4, 0x58, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x6, &(0x7f0000000440)=@raw=[@alu={0x3, 0x1, 0xb, 0x0, 0x7, 0xfffffffffffffffc, 0xffffffffffffffff}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x8, 0x8, 0x2, 0xffffffffffffffc0}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000680)=""/4096, 0x41000, 0x71, '\x00', r5, 0x0, r3, 0x8, &(0x7f00000016c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x4, 0x6, 0x7f, 0x4}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001740)=[{0x2, 0x5, 0x7}, {0x1, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x5, 0x4}, {0x4, 0x5, 0x6, 0x7}], 0x10, 0x9}, 0x90)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x6, [@union={0xd, 0x4, 0x0, 0x5, 0x0, 0x5, [{0x6, 0x1, 0x20}, {0xd, 0x0, 0xffffffff}, {0xe, 0x5, 0x1}, {0x3, 0x0, 0x6}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x74, 0x4}, @ptr={0x5, 0x0, 0x0, 0x2, 0x4}, @ptr={0x8, 0x0, 0x0, 0x2, 0x4}, @fwd={0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x61, 0x0, 0x2e, 0x0]}}, &(0x7f00000004c0)=""/123, 0x9a, 0x7b, 0x0, 0x8}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x14, 0x17960, 0x2, 0x1, 0x500, r2, 0x27, '\x00', r5, r6, 0x1, 0x5, 0x2}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000000)={&(0x7f0000000280)=""/95, 0x5f, 0x0, &(0x7f0000000300)=""/116, 0x74}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000140100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f87fffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x28, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x48) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001680)={r4, 0x58, &(0x7f0000000540)}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x6, &(0x7f0000000440)=@raw=[@alu={0x3, 0x1, 0xb, 0x0, 0x7, 0xfffffffffffffffc, 0xffffffffffffffff}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x8, 0x8, 0x2, 0xffffffffffffffc0}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000680)=""/4096, 0x41000, 0x71, '\x00', r5, 0x0, r3, 0x8, &(0x7f00000016c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x4, 0x6, 0x7f, 0x4}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001740)=[{0x2, 0x5, 0x7}, {0x1, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x5, 0x4}, {0x4, 0x5, 0x6, 0x7}], 0x10, 0x9}, 0x90) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x6, [@union={0xd, 0x4, 0x0, 0x5, 0x0, 0x5, [{0x6, 0x1, 0x20}, {0xd, 0x0, 0xffffffff}, {0xe, 0x5, 0x1}, {0x3, 0x0, 0x6}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x74, 0x4}, @ptr={0x5, 0x0, 0x0, 0x2, 0x4}, @ptr={0x8, 0x0, 0x0, 0x2, 0x4}, @fwd={0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x61, 0x0, 0x2e, 0x0]}}, &(0x7f00000004c0)=""/123, 0x9a, 0x7b, 0x0, 0x8}, 0x20) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x14, 0x17960, 0x2, 0x1, 0x500, r2, 0x27, '\x00', r5, r6, 0x1, 0x5, 0x2}, 0x48) (async)

06:59:25 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x39080, 0x43451)

06:59:25 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x0, 0x0, r2, 0x0, '\x00', 0x0, r1}, 0x48) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000440)='\xd1\xbeZ\x83\xe8\xfb\xc1\xb9a3\x87\x8d\xed\xc8t\x16\x87h\xa0\xbeU\xae\xc5I^\xd4[\xaaE\xbe\xd1\bB^\xa5\x84H\x00\x00\x00\x01\x00\x00\x00\x00\x00\xc8\xae\xc9\x05\x00'/62)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x8, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x0, 0xd5, &(0x7f0000000180)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x72, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd4, 0xd4, 0xb, [@fwd={0xe}, @typedef={0x0, 0x0, 0x0, 0x8, 0x3}, @fwd={0x8}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x72, 0x0, 0x46, 0x2}, @var={0x3, 0x0, 0x0, 0xe, 0x2, 0x1}, @struct={0xe, 0xa, 0x0, 0x4, 0x1, 0x2, [{0x5, 0x3, 0x8}, {0xa, 0x1, 0x7}, {0x9, 0x5, 0x5}, {0x5, 0x2, 0x3}, {0xb, 0x4, 0x7fff}, {0xc, 0x1, 0x7ff}, {0x4, 0x4, 0x80000001}, {0xc, 0x1, 0xb4}, {0x3, 0x4, 0xfff}, {0x1, 0x5, 0xffff}]}, @restrict={0x1, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x5f, 0x0, 0x5f, 0x2e, 0x30, 0x30, 0x0, 0x61, 0x2e]}}, &(0x7f00000004c0)=""/101, 0xf7, 0x65, 0x1}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x7b, &(0x7f00000006c0)=[{}], 0x8, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xc4, 0x8, 0x8, &(0x7f0000000780)}}, 0x10) (async)
r6 = perf_event_open$cgroup(&(0x7f0000000ac0)={0x1, 0x80, 0x8, 0x81, 0x1, 0x0, 0x0, 0x6, 0xb43ed8b32ae5e139, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xffffffffffff9527, 0xc502}, 0x501, 0x5, 0x4, 0x0, 0x7ff, 0x4, 0x7, 0x0, 0x3, 0x0, 0x2beb}, r2, 0x0, r2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000b40)=0x8000000000000000) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x5, 0xe, &(0x7f0000000000)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x73, '\x00', r3, 0x6, r4, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x4, 0x0, 0x4, 0x10000}, 0x10, r5, 0xffffffffffffffff, 0xa, &(0x7f0000000900)=[r0, r0, r0], &(0x7f0000000940)=[{0x4, 0x2, 0x4, 0x9}, {0x5, 0x1, 0xc, 0x8}, {0x4, 0x3, 0x6, 0xa}, {0x0, 0x8000, 0xd, 0x5}, {0x1, 0x9, 0x9, 0x5}, {0x1, 0x3, 0xd, 0x4}, {0x0, 0x1, 0x5, 0x3}, {0x4, 0x5, 0xe, 0xd}, {0x3, 0x2, 0x8, 0x8}, {0x3, 0x1, 0x7, 0x6}], 0x10, 0x1ff}, 0x90) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  590.225835][T20601] FAULT_INJECTION: forcing a failure.
[  590.225835][T20601] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  590.239834][T20601] CPU: 1 PID: 20601 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  590.251393][T20601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  590.261288][T20601] Call Trace:
[  590.264407][T20601]  <TASK>
[  590.267188][T20601]  dump_stack_lvl+0x151/0x1b7
[  590.271701][T20601]  ? io_uring_drop_tctx_refs+0x190/0x190
[  590.277169][T20601]  ? kvm_sched_clock_read+0x18/0x40
[  590.282205][T20601]  ? sched_clock+0x9/0x10
[  590.286368][T20601]  ? sched_clock_cpu+0x18/0x3b0
[  590.291056][T20601]  ? _raw_spin_lock+0xa4/0x1b0
[  590.295665][T20601]  dump_stack+0x15/0x17
[  590.299648][T20601]  should_fail+0x3c6/0x510
[  590.303903][T20601]  should_fail_alloc_page+0x5a/0x80
[  590.308953][T20601]  prepare_alloc_pages+0x15c/0x700
[  590.313883][T20601]  ? __alloc_pages_bulk+0xe40/0xe40
[  590.318915][T20601]  ? sched_clock+0x9/0x10
[  590.323080][T20601]  ? native_set_ldt+0x360/0x360
[  590.327776][T20601]  __alloc_pages+0x18c/0x8f0
[  590.332194][T20601]  ? _raw_spin_unlock+0x4d/0x70
[  590.336880][T20601]  ? prep_new_page+0x110/0x110
[  590.341494][T20601]  pte_alloc_one+0x73/0x1b0
[  590.345823][T20601]  ? pfn_modify_allowed+0x2f0/0x2f0
[  590.350855][T20601]  ? preempt_schedule+0xd9/0xe0
[  590.355542][T20601]  ? preempt_schedule_common+0xbe/0xf0
[  590.360843][T20601]  __pte_alloc+0x86/0x350
[  590.365000][T20601]  ? free_pgtables+0x280/0x280
[  590.369599][T20601]  ? _raw_spin_lock+0xa4/0x1b0
[  590.374202][T20601]  ? __kasan_check_write+0x14/0x20
[  590.379239][T20601]  copy_page_range+0x28a8/0x2f90
[  590.384008][T20601]  ? __kasan_slab_alloc+0xb1/0xe0
[  590.388881][T20601]  ? pfn_valid+0x1e0/0x1e0
[  590.393124][T20601]  ? syscall_exit_to_user_mode+0x130/0x160
[  590.398773][T20601]  ? irqentry_exit+0x30/0x40
[  590.403195][T20601]  copy_mm+0xc7e/0x13e0
[  590.407185][T20601]  ? irqentry_exit+0x30/0x40
[  590.411616][T20601]  ? copy_signal+0x610/0x610
[  590.416036][T20601]  ? __init_rwsem+0xd6/0x1c0
[  590.420475][T20601]  ? copy_signal+0x4e3/0x610
[  590.424890][T20601]  copy_process+0x1149/0x3290
[  590.429408][T20601]  ? timerqueue_add+0x250/0x270
[  590.434088][T20601]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  590.439037][T20601]  ? enqueue_hrtimer+0xca/0x240
[  590.443725][T20601]  ? __hrtimer_run_queues+0x46b/0xad0
[  590.448927][T20601]  kernel_clone+0x21e/0x9e0
[  590.453267][T20601]  ? create_io_thread+0x1e0/0x1e0
[  590.458128][T20601]  ? clockevents_program_event+0x22f/0x300
[  590.463770][T20601]  __x64_sys_clone+0x23f/0x290
[  590.468372][T20601]  ? __do_sys_vfork+0x130/0x130
[  590.473058][T20601]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  590.478869][T20601]  do_syscall_64+0x3d/0xb0
[  590.483238][T20601]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  590.488880][T20601]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  590.494612][T20601] RIP: 0033:0x7f7b6d82fda9
[  590.498862][T20601] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  590.518311][T20601] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x2e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x7, 0x3}, {0x4}, {0x5}, {0x1, 0x5}, {0x0, 0x3}, {0xa, 0x3}, {0x9, 0x5}, {0xa, 0x3}]}, @func={0x10, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x2e]}}, &(0x7f0000000400)=""/135, 0x8f, 0x87, 0x1, 0x8}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/83, 0x53, <r2=>0x0, &(0x7f0000000580)=""/241, 0xf1}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)='%pS    \x00'}, 0x20)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb1, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa, 0x0, 0x0, 0x74000000}, @printk={@x={0x18, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6c000000}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x9cffffff}, 0x36)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], 0x30, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x19, &(0x7f00000012c0)=ANY=[@ANYBLOB="851000000200000023faffff10000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff0000", @ANYRES32, @ANYBLOB="55670000005300000000b70500000800fde968000000a5000000852000000100", @ANYRES32, @ANYBLOB="00000000fdffffff950000000000000085000000a300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x50, &(0x7f0000000340)=""/80, 0x41000, 0x48, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x4}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{0x0, 0x5, 0x6, 0x7}, {0x4, 0x5, 0x10}, {0x0, 0x1, 0x0, 0x5}, {0x1, 0x0, 0xf}], 0x10, 0x7ff}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x16, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x3, 0x7, 0xe, 0x0, 0x2}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @alu={0x7, 0x0, 0x5, 0x6, 0x1, 0x0, 0xfffffffffffffff0}, @call, @jmp={0x5, 0x1, 0x0, 0x4, 0xa, 0x40}, @generic={0x0, 0x9, 0x5, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x96, &(0x7f0000000480)=""/150, 0x40f00, 0xa, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x5, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7b03}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000880)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)=r0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x13, 0x1, 0x9, 0x4c, 0x4, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xe, 0x13, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdde}, @jmp={0x5, 0x0, 0xb, 0x7, 0x0, 0x40, 0x1}, @ldst={0x0, 0x2, 0x4, 0xb, 0x1, 0x100, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x3f, &(0x7f0000000080)=""/63, 0x40f00, 0x50, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f00000004c0)={0x4, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, r0, 0x0, &(0x7f0000000a00)=[r3, r4, r5, r7, r8, r9, r10], 0x0, 0x10, 0x1000}, 0x90)

[  590.526548][T20601] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  590.534358][T20601] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  590.542171][T20601] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  590.549986][T20601] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  590.557797][T20601] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  590.565614][T20601]  </TASK>
06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x2e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x7, 0x3}, {0x4}, {0x5}, {0x1, 0x5}, {0x0, 0x3}, {0xa, 0x3}, {0x9, 0x5}, {0xa, 0x3}]}, @func={0x10, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x2e]}}, &(0x7f0000000400)=""/135, 0x8f, 0x87, 0x1, 0x8}, 0x20) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x2e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x7, 0x3}, {0x4}, {0x5}, {0x1, 0x5}, {0x0, 0x3}, {0xa, 0x3}, {0x9, 0x5}, {0xa, 0x3}]}, @func={0x10, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x2e]}}, &(0x7f0000000400)=""/135, 0x8f, 0x87, 0x1, 0x8}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/83, 0x53, 0x0, &(0x7f0000000580)=""/241, 0xf1}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/83, 0x53, <r2=>0x0, &(0x7f0000000580)=""/241, 0xf1}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)='%pS    \x00'}, 0x20)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb1, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa, 0x0, 0x0, 0x74000000}, @printk={@x={0x18, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6c000000}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x9cffffff}, 0x36)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], 0x30, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], 0x30, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x19, &(0x7f00000012c0)=ANY=[@ANYBLOB="851000000200000023faffff10000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff0000", @ANYRES32, @ANYBLOB="55670000005300000000b70500000800fde968000000a5000000852000000100", @ANYRES32, @ANYBLOB="00000000fdffffff950000000000000085000000a300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x50, &(0x7f0000000340)=""/80, 0x41000, 0x48, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x4}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{0x0, 0x5, 0x6, 0x7}, {0x4, 0x5, 0x10}, {0x0, 0x1, 0x0, 0x5}, {0x1, 0x0, 0xf}], 0x10, 0x7ff}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x16, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x3, 0x7, 0xe, 0x0, 0x2}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @alu={0x7, 0x0, 0x5, 0x6, 0x1, 0x0, 0xfffffffffffffff0}, @call, @jmp={0x5, 0x1, 0x0, 0x4, 0xa, 0x40}, @generic={0x0, 0x9, 0x5, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x96, &(0x7f0000000480)=""/150, 0x40f00, 0xa, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x5, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7b03}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0x1}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000880)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1}, &(0x7f00000008c0), &(0x7f0000000900)=r0}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)=r0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x13, 0x1, 0x9, 0x4c, 0x4, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xe, 0x13, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdde}, @jmp={0x5, 0x0, 0xb, 0x7, 0x0, 0x40, 0x1}, @ldst={0x0, 0x2, 0x4, 0xb, 0x1, 0x100, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x3f, &(0x7f0000000080)=""/63, 0x40f00, 0x50, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f00000004c0)={0x4, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, r0, 0x0, &(0x7f0000000a00)=[r3, r4, r5, r7, r8, r9, r10], 0x0, 0x10, 0x1000}, 0x90)

06:59:26 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x7, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000002c0)=[{}], 0x8, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xbf, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000700)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0)
close(r3)
write$cgroup_type(r3, &(0x7f0000000080), 0x11ffffce1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000200000000000000fdffffff181100cd31ace322f93cc26bb700", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x10001, 0xe4, &(0x7f0000000100)=""/228, 0x40f00, 0x10, '\x00', r1, 0x0, r2, 0x8, &(0x7f0000000500)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0xf, 0x2, 0x7fffffff}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r0, r3, r4], &(0x7f0000000600)=[{0x5, 0x4, 0xf, 0x1}], 0x10, 0x308}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x40000, 0x43451)

06:59:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 72)

06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x2e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x7, 0x3}, {0x4}, {0x5}, {0x1, 0x5}, {0x0, 0x3}, {0xa, 0x3}, {0x9, 0x5}, {0xa, 0x3}]}, @func={0x10, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x2e]}}, &(0x7f0000000400)=""/135, 0x8f, 0x87, 0x1, 0x8}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/83, 0x53, <r2=>0x0, &(0x7f0000000580)=""/241, 0xf1}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)='%pS    \x00'}, 0x20)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb1, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa, 0x0, 0x0, 0x74000000}, @printk={@x={0x18, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6c000000}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x9cffffff}, 0x36)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], 0x30, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x19, &(0x7f00000012c0)=ANY=[@ANYBLOB="851000000200000023faffff10000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff0000", @ANYRES32, @ANYBLOB="55670000005300000000b70500000800fde968000000a5000000852000000100", @ANYRES32, @ANYBLOB="00000000fdffffff950000000000000085000000a300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x50, &(0x7f0000000340)=""/80, 0x41000, 0x48, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x4}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{0x0, 0x5, 0x6, 0x7}, {0x4, 0x5, 0x10}, {0x0, 0x1, 0x0, 0x5}, {0x1, 0x0, 0xf}], 0x10, 0x7ff}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x16, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x3, 0x7, 0xe, 0x0, 0x2}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @alu={0x7, 0x0, 0x5, 0x6, 0x1, 0x0, 0xfffffffffffffff0}, @call, @jmp={0x5, 0x1, 0x0, 0x4, 0xa, 0x40}, @generic={0x0, 0x9, 0x5, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x96, &(0x7f0000000480)=""/150, 0x40f00, 0xa, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x5, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7b03}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000880)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)=r0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x13, 0x1, 0x9, 0x4c, 0x4, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xe, 0x13, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdde}, @jmp={0x5, 0x0, 0xb, 0x7, 0x0, 0x40, 0x1}, @ldst={0x0, 0x2, 0x4, 0xb, 0x1, 0x100, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x3f, &(0x7f0000000080)=""/63, 0x40f00, 0x50, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f00000004c0)={0x4, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, r0, 0x0, &(0x7f0000000a00)=[r3, r4, r5, r7, r8, r9, r10], 0x0, 0x10, 0x1000}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x2e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x7, 0x3}, {0x4}, {0x5}, {0x1, 0x5}, {0x0, 0x3}, {0xa, 0x3}, {0x9, 0x5}, {0xa, 0x3}]}, @func={0x10, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x2e]}}, &(0x7f0000000400)=""/135, 0x8f, 0x87, 0x1, 0x8}, 0x20) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/83, 0x53, 0x0, &(0x7f0000000580)=""/241, 0xf1}}, 0x10) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{0x1}, &(0x7f0000000700), &(0x7f0000000740)='%pS    \x00'}, 0x20) (async)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb1, 0x7f}, 0x48) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r4}, @generic={0x66}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa, 0x0, 0x0, 0x74000000}, @printk={@x={0x18, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6c000000}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x9cffffff}, 0x36) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1c, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], 0x30, 0x0, 0x0, &(0x7f00000006c0), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x19, &(0x7f00000012c0)=ANY=[@ANYBLOB="851000000200000023faffff10000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff0000", @ANYRES32, @ANYBLOB="55670000005300000000b70500000800fde968000000a5000000852000000100", @ANYRES32, @ANYBLOB="00000000fdffffff950000000000000085000000a300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x50, &(0x7f0000000340)=""/80, 0x41000, 0x48, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x4}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{0x0, 0x5, 0x6, 0x7}, {0x4, 0x5, 0x10}, {0x0, 0x1, 0x0, 0x5}, {0x1, 0x0, 0xf}], 0x10, 0x7ff}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x16, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x3, 0x7, 0xe, 0x0, 0x2}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @alu={0x7, 0x0, 0x5, 0x6, 0x1, 0x0, 0xfffffffffffffff0}, @call, @jmp={0x5, 0x1, 0x0, 0x4, 0xa, 0x40}, @generic={0x0, 0x9, 0x5, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x96, &(0x7f0000000480)=""/150, 0x40f00, 0xa, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x5, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7b03}, 0x90) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0x1}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000880), 0x4) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1}, &(0x7f00000008c0), &(0x7f0000000900)=r0}, 0x20) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x13, 0x1, 0x9, 0x4c, 0x4, 0xffffffffffffffff, 0x4}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xe, 0x13, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdde}, @jmp={0x5, 0x0, 0xb, 0x7, 0x0, 0x40, 0x1}, @ldst={0x0, 0x2, 0x4, 0xb, 0x1, 0x100, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x3f, &(0x7f0000000080)=""/63, 0x40f00, 0x50, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f00000004c0)={0x4, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, r0, 0x0, &(0x7f0000000a00)=[r3, r4, r5, r7, r8, r9, r10], 0x0, 0x10, 0x1000}, 0x90) (async)

06:59:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x43450, 0x43451)

06:59:26 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x7, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000002c0)=[{}], 0x8, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xbf, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000700)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0) (async)
close(r3) (async)
write$cgroup_type(r3, &(0x7f0000000080), 0x11ffffce1) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000200000000000000fdffffff181100cd31ace322f93cc26bb700", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x10001, 0xe4, &(0x7f0000000100)=""/228, 0x40f00, 0x10, '\x00', r1, 0x0, r2, 0x8, &(0x7f0000000500)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0xf, 0x2, 0x7fffffff}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r0, r3, r4], &(0x7f0000000600)=[{0x5, 0x4, 0xf, 0x1}], 0x10, 0x308}, 0x90)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  590.768433][T20644] FAULT_INJECTION: forcing a failure.
[  590.768433][T20644] name failslab, interval 1, probability 0, space 0, times 0
[  590.786439][T20644] CPU: 1 PID: 20644 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  590.798121][T20644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  590.808030][T20644] Call Trace:
[  590.811130][T20644]  <TASK>
[  590.813911][T20644]  dump_stack_lvl+0x151/0x1b7
[  590.818428][T20644]  ? io_uring_drop_tctx_refs+0x190/0x190
[  590.823889][T20644]  dump_stack+0x15/0x17
[  590.827879][T20644]  should_fail+0x3c6/0x510
[  590.832134][T20644]  __should_failslab+0xa4/0xe0
[  590.836743][T20644]  ? anon_vma_clone+0x9a/0x500
[  590.841340][T20644]  should_failslab+0x9/0x20
[  590.845672][T20644]  slab_pre_alloc_hook+0x37/0xd0
[  590.850451][T20644]  ? anon_vma_clone+0x9a/0x500
[  590.855048][T20644]  kmem_cache_alloc+0x44/0x200
[  590.859656][T20644]  anon_vma_clone+0x9a/0x500
[  590.864078][T20644]  anon_vma_fork+0x91/0x4e0
[  590.868416][T20644]  ? anon_vma_name+0x43/0x70
[  590.872850][T20644]  ? vm_area_dup+0x17a/0x230
[  590.877271][T20644]  copy_mm+0xa3a/0x13e0
[  590.881262][T20644]  ? copy_signal+0x610/0x610
[  590.885686][T20644]  ? __init_rwsem+0xd6/0x1c0
[  590.890121][T20644]  ? copy_signal+0x4e3/0x610
[  590.894543][T20644]  copy_process+0x1149/0x3290
[  590.899071][T20644]  ? timerqueue_add+0x250/0x270
[  590.903826][T20644]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  590.908770][T20644]  ? enqueue_hrtimer+0xca/0x240
[  590.913466][T20644]  ? __hrtimer_run_queues+0x46b/0xad0
[  590.918665][T20644]  kernel_clone+0x21e/0x9e0
[  590.923008][T20644]  ? irqentry_exit+0x30/0x40
[  590.927430][T20644]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  590.933071][T20644]  ? create_io_thread+0x1e0/0x1e0
[  590.937947][T20644]  __x64_sys_clone+0x23f/0x290
[  590.942533][T20644]  ? __do_sys_vfork+0x130/0x130
[  590.947225][T20644]  ? debug_smp_processor_id+0x17/0x20
[  590.952427][T20644]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  590.958330][T20644]  ? exit_to_user_mode_prepare+0x39/0xa0
[  590.963800][T20644]  do_syscall_64+0x3d/0xb0
[  590.968048][T20644]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  590.973691][T20644]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  590.979429][T20644] RIP: 0033:0x7f7b6d82fda9
[  590.983678][T20644] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  591.003123][T20644] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  591.011358][T20644] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
06:59:26 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1d, 0x0, 0xffffffff, 0x1, 0x800, 0xffffffffffffffff, 0x3a6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x15, 0x6, 0x5, 0x8, 0x494, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x1}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r3, <r4=>0xffffffffffffffff}, 0x0, &(0x7f00000011c0)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000015c0)={0x6, 0x24, &(0x7f0000001240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3c7e}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001380)='GPL\x00', 0x7, 0xcf, &(0x7f00000013c0)=""/207, 0x41100, 0x21, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000014c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001500)={0x0, 0x2, 0x5, 0x265}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001540)=[r0], &(0x7f0000001580)=[{0x3, 0x1, 0x6, 0x6}, {0x1, 0x2, 0x7, 0x6}], 0x10, 0x8}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/180, 0xb4, <r5=>0x0, &(0x7f00000006c0)=""/71, 0x47}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)=r3}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000000), 0xfdef)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x11ffffce1)
bpf$MAP_CREATE(0x0, &(0x7f0000003c40)=@base={0x1d, 0x9, 0x4f, 0x8, 0x4, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x660c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xf, 0x17, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0x3, 0x8, 0x1b, 0xfffffffffffffffc, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x1, 0x0, 0x7, 0x80, 0x7}], &(0x7f0000000e80)='GPL\x00', 0x6, 0xf4, &(0x7f0000000ec0)=""/244, 0x41100, 0x0, '\x00', r2, 0x36, r3, 0x8, &(0x7f0000000fc0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000001000)={0x5, 0x9, 0x16f3, 0xff}, 0x10, 0xffffffffffffffff, r3, 0x3, &(0x7f0000001040)=[r1, r0, r3, r3, r1, r9], &(0x7f0000001080)=[{0x5, 0x1, 0x3, 0x6}, {0x0, 0x2, 0xd, 0x7}, {0x4, 0x3, 0x9, 0x3}], 0x10, 0x6}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r10, &(0x7f0000000000), 0x248800)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1126659e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x15, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_val={0x18, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xb57}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff96, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0xe1e, 0xfb, &(0x7f0000000400)=""/251, 0x40f00, 0x4, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000580)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x5, 0x3, 0x1000}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)=[r10, r11, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xaf5}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_clone(0xfdfd42048f9026ac, 0x0, 0x0, 0x0, 0x0, 0x0)

06:59:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x43451, 0x43451)

06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020200000000000000000bfa100000000000007010000f8ffffffb702006e1c36ba51b44e1200deab46f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  591.019174][T20644] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  591.026983][T20644] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  591.034793][T20644] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  591.042604][T20644] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  591.050428][T20644]  </TASK>
06:59:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 73)

06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020200000000000000000bfa100000000000007010000f8ffffffb702006e1c36ba51b44e1200deab46f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

[  591.150498][T20673] FAULT_INJECTION: forcing a failure.
[  591.150498][T20673] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  591.170582][T20673] CPU: 1 PID: 20673 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  591.182145][T20673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  591.192050][T20673] Call Trace:
[  591.195163][T20673]  <TASK>
[  591.197939][T20673]  dump_stack_lvl+0x151/0x1b7
[  591.202456][T20673]  ? io_uring_drop_tctx_refs+0x190/0x190
[  591.208100][T20673]  ? kvm_sched_clock_read+0x18/0x40
[  591.213126][T20673]  ? sched_clock+0x9/0x10
[  591.217289][T20673]  ? sched_clock_cpu+0x18/0x3b0
[  591.221981][T20673]  ? _raw_spin_lock+0xa4/0x1b0
[  591.226580][T20673]  dump_stack+0x15/0x17
[  591.230572][T20673]  should_fail+0x3c6/0x510
[  591.234826][T20673]  should_fail_alloc_page+0x5a/0x80
[  591.239859][T20673]  prepare_alloc_pages+0x15c/0x700
[  591.244803][T20673]  ? irqentry_exit+0x30/0x40
[  591.249232][T20673]  ? __alloc_pages_bulk+0xe40/0xe40
[  591.254265][T20673]  __alloc_pages+0x18c/0x8f0
[  591.258706][T20673]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.264338][T20673]  ? prep_new_page+0x110/0x110
[  591.268953][T20673]  ? 0xffffffffa002865c
[  591.272927][T20673]  ? is_bpf_text_address+0x172/0x190
[  591.278132][T20673]  pte_alloc_one+0x73/0x1b0
[  591.282474][T20673]  ? pfn_modify_allowed+0x2f0/0x2f0
[  591.287506][T20673]  __pte_alloc+0x86/0x350
[  591.291670][T20673]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.297314][T20673]  ? free_pgtables+0x280/0x280
[  591.301913][T20673]  ? __kasan_check_write+0x14/0x20
[  591.306867][T20673]  copy_page_range+0x28a8/0x2f90
[  591.311635][T20673]  ? __kasan_slab_alloc+0xb1/0xe0
[  591.316503][T20673]  ? pfn_valid+0x1e0/0x1e0
[  591.320749][T20673]  ? syscall_exit_to_user_mode+0x130/0x160
[  591.326387][T20673]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.332032][T20673]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  591.338026][T20673]  copy_mm+0xc7e/0x13e0
[  591.342019][T20673]  ? copy_signal+0x610/0x610
[  591.346443][T20673]  ? __init_rwsem+0xd6/0x1c0
[  591.350877][T20673]  ? copy_signal+0x4e3/0x610
[  591.355295][T20673]  copy_process+0x1149/0x3290
[  591.359808][T20673]  ? timerqueue_add+0x250/0x270
[  591.364576][T20673]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  591.369873][T20673]  ? enqueue_hrtimer+0xca/0x240
[  591.374562][T20673]  ? __hrtimer_run_queues+0x46b/0xad0
[  591.379767][T20673]  kernel_clone+0x21e/0x9e0
[  591.384106][T20673]  ? create_io_thread+0x1e0/0x1e0
[  591.388966][T20673]  ? clockevents_program_event+0x22f/0x300
[  591.394613][T20673]  __x64_sys_clone+0x23f/0x290
[  591.399212][T20673]  ? __do_sys_vfork+0x130/0x130
[  591.404158][T20673]  ? debug_smp_processor_id+0x17/0x20
[  591.409374][T20673]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  591.415267][T20673]  ? exit_to_user_mode_prepare+0x39/0xa0
[  591.420734][T20673]  do_syscall_64+0x3d/0xb0
[  591.424984][T20673]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.430627][T20673]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  591.436356][T20673] RIP: 0033:0x7f7b6d82fda9
[  591.440614][T20673] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  591.460050][T20673] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  591.468295][T20673] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  591.476107][T20673] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  591.483917][T20673] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  591.491728][T20673] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:26 executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x7, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0], 0x0, 0x91, &(0x7f00000002c0)=[{}], 0x8, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xbf, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4004662b, &(0x7f00000005c0)=0x1) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000700)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0)
close(r3) (async)
write$cgroup_type(r3, &(0x7f0000000080), 0x11ffffce1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000200000000000000fdffffff181100cd31ace322f93cc26bb700", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x10001, 0xe4, &(0x7f0000000100)=""/228, 0x40f00, 0x10, '\x00', r1, 0x0, r2, 0x8, &(0x7f0000000500)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0xf, 0x2, 0x7fffffff}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r0, r3, r4], &(0x7f0000000600)=[{0x5, 0x4, 0xf, 0x1}], 0x10, 0x308}, 0x90) (async, rerun: 32)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (rerun: 32)

06:59:26 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x44000, 0x43451)

06:59:26 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020200000000000000000bfa100000000000007010000f8ffffffb702006e1c36ba51b44e1200deab46f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (async)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 74)

[  591.499542][T20673] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  591.507355][T20673]  </TASK>
06:59:27 executing program 1:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x58, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000700), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/46, 0x2e, <r5=>0x0, &(0x7f0000000800)=""/29, 0x1d}}, 0x10)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b00)=@bpf_ext={0x1c, 0x18, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@alu={0x7, 0x0, 0x9, 0x3, 0x6, 0x100, 0x4}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x3}, @map_fd={0x18, 0xa}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xf, 0x9eef, 0x7}, 0x10, 0xea7f, 0xffffffffffffffff, 0x5, &(0x7f0000000a40)=[0xffffffffffffffff, 0x1], &(0x7f0000000a80)=[{0x4, 0x3, 0xd, 0x7}, {0x0, 0x5, 0x2, 0x2}, {0x0, 0x3, 0xc}, {0x5, 0x2, 0xf, 0x4}, {0x2, 0x1, 0x7, 0x8}], 0x10, 0xda}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c40)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d00)={{0x1, <r8=>0xffffffffffffffff}, &(0x7f0000000c80), &(0x7f0000000cc0)}, 0x20)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000002000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x17, 0x29, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1f}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x8001}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}, @alu={0x4, 0x0, 0x1, 0x9, 0x5, 0x100, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='syzkaller\x00', 0x6, 0xfa, &(0x7f0000000540)=""/250, 0x41100, 0x46, '\x00', r3, 0x0, r4, 0x8, &(0x7f0000000740)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0xa, 0x2, 0x1}, 0x10, r5, r6, 0x4, &(0x7f0000000d40)=[r7, r8, r9], &(0x7f0000000d80)=[{0x3, 0x4, 0xb, 0xa}, {0x0, 0x2, 0xa, 0x4}, {0x4, 0x3, 0xf, 0x4}, {0x5, 0x4, 0x8, 0x2}], 0x10, 0xffff5099}, 0x90)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001000)={&(0x7f0000000f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@fwd={0x6}]}, {0x0, [0x61, 0x0, 0x0, 0x30, 0x5f]}}, &(0x7f0000000f80)=""/111, 0x2b, 0x6f, 0x1, 0x1f}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001140)={{r1, <r12=>0xffffffffffffffff}, &(0x7f00000010c0), &(0x7f0000001100)='%+9llu \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x9ebfcb725395061b, 0x10, &(0x7f0000000e80)=@raw=[@jmp={0x5, 0x1, 0x2, 0x3, 0x1}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5740}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], &(0x7f0000000f00)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0xf, r11, 0x8, &(0x7f0000001040)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000001080)={0x2, 0x8, 0x22c, 0x4}, 0x10, r5, r10, 0x5, &(0x7f0000001180)=[r0, r1, r12], &(0x7f00000011c0)=[{0x5, 0x3, 0xe, 0x6}, {0x2, 0x1, 0x4, 0x4}, {0x1, 0x4, 0x8, 0x4}, {0x2, 0x5, 0x7, 0xc}, {0x5, 0x1, 0x4, 0xd}], 0x10, 0x80000000}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001880)={0x6, 0x10, &(0x7f0000001600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x4d}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001680)='GPL\x00', 0x6, 0xd1, &(0x7f00000016c0)=""/209, 0x40f00, 0x4, '\x00', r3, 0x25, r11, 0x8, &(0x7f00000017c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000001800)={0x4, 0x0, 0xff, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001840)=[0xffffffffffffffff], 0x0, 0x10, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x1a, 0x1d, &(0x7f0000001300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @call={0x85, 0x0, 0x0, 0xba}, @generic={0x7, 0x4, 0x4, 0x5, 0x52f}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0xb}, @printk={@u}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe2d}}]}, &(0x7f0000001400)='syzkaller\x00', 0x1, 0x5e, &(0x7f0000001440)=""/94, 0x41100, 0x40, '\x00', 0x0, 0x37, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r5, r0, 0x3, &(0x7f00000014c0)=[r1, r9, r12, r12, r2, r0], &(0x7f0000001500)=[{0x5, 0x5, 0x2, 0xb}, {0x5, 0x2, 0x8}, {0x4, 0x5, 0x10, 0x7}]}, 0x90)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r13}, 0x10)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

06:59:27 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x100000, 0x43451)

[  591.650033][T20697] FAULT_INJECTION: forcing a failure.
[  591.650033][T20697] name failslab, interval 1, probability 0, space 0, times 0
[  591.665449][T20697] CPU: 0 PID: 20697 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  591.677013][T20697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  591.686900][T20697] Call Trace:
[  591.690020][T20697]  <TASK>
[  591.692799][T20697]  dump_stack_lvl+0x151/0x1b7
[  591.697315][T20697]  ? io_uring_drop_tctx_refs+0x190/0x190
[  591.702780][T20697]  ? _printk+0xc/0x111
[  591.706683][T20697]  dump_stack+0x15/0x17
[  591.710688][T20697]  should_fail+0x3c6/0x510
[  591.714930][T20697]  __should_failslab+0xa4/0xe0
[  591.719555][T20697]  ? vm_area_dup+0x26/0x230
[  591.723868][T20697]  should_failslab+0x9/0x20
[  591.728218][T20697]  slab_pre_alloc_hook+0x37/0xd0
[  591.732982][T20697]  ? vm_area_dup+0x26/0x230
[  591.737321][T20697]  kmem_cache_alloc+0x44/0x200
[  591.741925][T20697]  vm_area_dup+0x26/0x230
[  591.746094][T20697]  copy_mm+0x9a1/0x13e0
[  591.750101][T20697]  ? irqentry_exit+0x30/0x40
[  591.754509][T20697]  ? copy_signal+0x610/0x610
[  591.758936][T20697]  ? __init_rwsem+0xd6/0x1c0
[  591.763361][T20697]  copy_process+0x1149/0x3290
[  591.767876][T20697]  ? timerqueue_add+0x250/0x270
[  591.772563][T20697]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  591.777511][T20697]  ? enqueue_hrtimer+0xca/0x240
[  591.782192][T20697]  ? __hrtimer_run_queues+0x46b/0xad0
[  591.787403][T20697]  kernel_clone+0x21e/0x9e0
[  591.791744][T20697]  ? irqentry_exit+0x30/0x40
[  591.796165][T20697]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.801808][T20697]  ? create_io_thread+0x1e0/0x1e0
[  591.806672][T20697]  __x64_sys_clone+0x23f/0x290
[  591.811270][T20697]  ? __do_sys_vfork+0x130/0x130
[  591.815959][T20697]  ? debug_smp_processor_id+0x17/0x20
[  591.821163][T20697]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  591.827065][T20697]  ? exit_to_user_mode_prepare+0x39/0xa0
[  591.832533][T20697]  do_syscall_64+0x3d/0xb0
[  591.836787][T20697]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  591.842427][T20697]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  591.848167][T20697] RIP: 0033:0x7f7b6d82fda9
[  591.852529][T20697] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  591.872039][T20697] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  591.880289][T20697] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  591.888095][T20697] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  591.895906][T20697] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  591.903714][T20697] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  591.911548][T20697] R13: 000000000000000b R14: 00007f7b6d95df80 R15: 00007ffc8feb0768
[  591.919342][T20697]  </TASK>
06:59:27 executing program 4:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xab)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x9, 0x3f, 0x9, 0x8, 0x0, 0x101, 0x400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000100)}, 0x10514, 0x7, 0xff, 0x1, 0x0, 0x2, 0x2, 0x0, 0x8, 0x0, 0x40000000000004}, 0x0, 0x11, 0xffffffffffffffff, 0x2)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000780)={r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='afs_make_fs_call\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
syz_clone(0x13025000, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) (fail_nth: 75)

06:59:27 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x200000, 0x43451)

[  592.025015][T20718] FAULT_INJECTION: forcing a failure.
[  592.025015][T20718] name failslab, interval 1, probability 0, space 0, times 0
[  592.042095][T20718] CPU: 0 PID: 20718 Comm: syz-executor.4 Tainted: G    B   W         5.15.148-syzkaller-00718-g993bed180178 #0
[  592.053649][T20718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  592.063571][T20718] Call Trace:
[  592.066666][T20718]  <TASK>
[  592.069441][T20718]  dump_stack_lvl+0x151/0x1b7
[  592.073953][T20718]  ? io_uring_drop_tctx_refs+0x190/0x190
[  592.079423][T20718]  ? kasan_check_range+0x1bc/0x2a0
[  592.084370][T20718]  dump_stack+0x15/0x17
[  592.088359][T20718]  should_fail+0x3c6/0x510
[  592.092630][T20718]  __should_failslab+0xa4/0xe0
[  592.097218][T20718]  ? vm_area_dup+0x26/0x230
[  592.101556][T20718]  should_failslab+0x9/0x20
[  592.105892][T20718]  slab_pre_alloc_hook+0x37/0xd0
[  592.110670][T20718]  ? vm_area_dup+0x26/0x230
[  592.115009][T20718]  kmem_cache_alloc+0x44/0x200
[  592.119610][T20718]  vm_area_dup+0x26/0x230
[  592.123773][T20718]  copy_mm+0x9a1/0x13e0
[  592.127770][T20718]  ? copy_signal+0x610/0x610
[  592.132192][T20718]  ? __init_rwsem+0xd6/0x1c0
[  592.136625][T20718]  ? copy_signal+0x4e3/0x610
[  592.141044][T20718]  copy_process+0x1149/0x3290
[  592.145560][T20718]  ? timerqueue_add+0x250/0x270
[  592.150276][T20718]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  592.155191][T20718]  ? enqueue_hrtimer+0xca/0x240
[  592.159879][T20718]  ? __hrtimer_run_queues+0x46b/0xad0
[  592.165087][T20718]  kernel_clone+0x21e/0x9e0
[  592.169431][T20718]  ? create_io_thread+0x1e0/0x1e0
[  592.174284][T20718]  ? clockevents_program_event+0x22f/0x300
[  592.179930][T20718]  __x64_sys_clone+0x23f/0x290
[  592.184529][T20718]  ? __do_sys_vfork+0x130/0x130
[  592.189219][T20718]  ? syscall_enter_from_user_mode+0x19/0x1b0
[  592.195031][T20718]  do_syscall_64+0x3d/0xb0
[  592.199280][T20718]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  592.204925][T20718]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  592.210652][T20718] RIP: 0033:0x7f7b6d82fda9
[  592.214908][T20718] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  592.234370][T20718] RSP: 002b:00007f7b6c5b1078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  592.242601][T20718] RAX: ffffffffffffffda RBX: 00007f7b6d95df80 RCX: 00007f7b6d82fda9
[  592.250404][T20718] RDX: 0000000000000000 RSI: ffffffff00000000 RDI: 0000000013025000
[  592.258213][T20718] RBP: 00007f7b6c5b1120 R08: 0000000000000000 R09: 0000000000000000
[  592.266025][T20718] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
06:59:27 executing program 1:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{0x1}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x58, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000700), 0x4) (async)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000700), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/46, 0x2e, 0x0, &(0x7f0000000800)=""/29, 0x1d}}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/46, 0x2e, <r5=>0x0, &(0x7f0000000800)=""/29, 0x1d}}, 0x10)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b00)=@bpf_ext={0x1c, 0x18, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@alu={0x7, 0x0, 0x9, 0x3, 0x6, 0x100, 0x4}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x3}, @map_fd={0x18, 0xa}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xf, 0x9eef, 0x7}, 0x10, 0xea7f, 0xffffffffffffffff, 0x5, &(0x7f0000000a40)=[0xffffffffffffffff, 0x1], &(0x7f0000000a80)=[{0x4, 0x3, 0xd, 0x7}, {0x0, 0x5, 0x2, 0x2}, {0x0, 0x3, 0xc}, {0x5, 0x2, 0xf, 0x4}, {0x2, 0x1, 0x7, 0x8}], 0x10, 0xda}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c40)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d00)={{0x1, <r8=>0xffffffffffffffff}, &(0x7f0000000c80), &(0x7f0000000cc0)}, 0x20)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000002000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000002000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x17, 0x29, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1f}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x8001}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}, @alu={0x4, 0x0, 0x1, 0x9, 0x5, 0x100, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='syzkaller\x00', 0x6, 0xfa, &(0x7f0000000540)=""/250, 0x41100, 0x46, '\x00', r3, 0x0, r4, 0x8, &(0x7f0000000740)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0xa, 0x2, 0x1}, 0x10, r5, r6, 0x4, &(0x7f0000000d40)=[r7, r8, r9], &(0x7f0000000d80)=[{0x3, 0x4, 0xb, 0xa}, {0x0, 0x2, 0xa, 0x4}, {0x4, 0x3, 0xf, 0x4}, {0x5, 0x4, 0x8, 0x2}], 0x10, 0xffff5099}, 0x90) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x17, 0x29, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1f}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x8001}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}, @alu={0x4, 0x0, 0x1, 0x9, 0x5, 0x100, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000500)='syzkaller\x00', 0x6, 0xfa, &(0x7f0000000540)=""/250, 0x41100, 0x46, '\x00', r3, 0x0, r4, 0x8, &(0x7f0000000740)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x2,