54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:34 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:34 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:34 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:34 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:34 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:34 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:35 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:35 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:35 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:35 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:35 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(0x0, 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:35 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(0x0, 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(0x0, 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:35 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:35 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:35 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:36 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:36 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:36 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:36 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(0x0, 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:36 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:36 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(0x0, 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:36 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:36 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:36 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001)

14:47:36 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:36 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:37 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:37 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:37 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:37 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:37 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x0)

14:47:37 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:37 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:37 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:37 executing program 2:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)

14:47:38 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 3:
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 2:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 3:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x1c575)

14:47:38 executing program 3:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)

14:47:38 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:38 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:38 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:47:38 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:39 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:39 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:39 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000001)

14:47:39 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x80000001)

14:47:39 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:39 executing program 4:
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:39 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:39 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x0, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:39 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001440)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000200)={[{@dioread_nolock}, {@data_journal}]})

14:47:39 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:39 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:39 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  144.578293][T16329] loop3: detected capacity change from 0 to 4
14:47:39 executing program 2:
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001440)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000200)={[{@dioread_nolock}, {@data_journal}]})

[  144.704935][T16340] loop2: detected capacity change from 0 to 4
[  144.729469][T16340] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  144.745439][T16340] EXT4-fs (loop2): bad geometry: block count 128 exceeds size of device (1 blocks)
14:47:39 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000640)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x7, 0xe, 0x1, {0x0, 0x0, r1}}, 0x7)

14:47:39 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:39 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)

14:47:39 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:39 executing program 4:
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:40 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x0, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:40 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:40 executing program 3:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:40 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:40 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000640)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x7, 0xe, 0x1, {0x0, 0x0, r1}}, 0x7)

14:47:40 executing program 4:
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:40 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:40 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000640)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x7, 0xe, 0x1, {0x0, 0x0, r1}}, 0x7)

14:47:40 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 1)

14:47:40 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)

14:47:40 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x0, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  145.562276][T17283] FAULT_INJECTION: forcing a failure.
[  145.562276][T17283] name failslab, interval 1, probability 0, space 0, times 1
[  145.574990][T17283] CPU: 0 PID: 17283 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  145.583808][T17283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  145.593951][T17283] Call Trace:
[  145.597308][T17283]  <TASK>
[  145.600228][T17283]  dump_stack_lvl+0xd6/0x122
[  145.604840][T17283]  dump_stack+0x11/0x1b
[  145.609109][T17283]  should_fail+0x23c/0x250
[  145.613530][T17283]  ? alloc_pipe_info+0xac/0x350
[  145.618382][T17283]  __should_failslab+0x81/0x90
[  145.623236][T17283]  should_failslab+0x5/0x20
[  145.627731][T17283]  kmem_cache_alloc_trace+0x52/0x350
[  145.633063][T17283]  alloc_pipe_info+0xac/0x350
[  145.637745][T17283]  splice_direct_to_actor+0x5f7/0x650
[  145.643105][T17283]  ? security_file_permission+0x7c/0xa0
[  145.648714][T17283]  ? do_splice_direct+0x190/0x190
[  145.653788][T17283]  ? security_file_permission+0x87/0xa0
[  145.659404][T17283]  do_splice_direct+0x106/0x190
[  145.664377][T17283]  do_sendfile+0x675/0xc40
[  145.668868][T17283]  __x64_sys_sendfile64+0x102/0x140
[  145.674065][T17283]  do_syscall_64+0x44/0xd0
[  145.678553][T17283]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  145.684435][T17283] RIP: 0033:0x7f8cb7c38ae9
[  145.688851][T17283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:40 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 2)

[  145.708489][T17283] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  145.716900][T17283] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  145.724870][T17283] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  145.732949][T17283] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  145.740942][T17283] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  145.749092][T17283] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  145.757081][T17283]  </TASK>
[  145.804428][T17290] FAULT_INJECTION: forcing a failure.
[  145.804428][T17290] name failslab, interval 1, probability 0, space 0, times 0
[  145.817262][T17290] CPU: 1 PID: 17290 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  145.826028][T17290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  145.836297][T17290] Call Trace:
[  145.839633][T17290]  <TASK>
[  145.842580][T17290]  dump_stack_lvl+0xd6/0x122
[  145.847175][T17290]  dump_stack+0x11/0x1b
14:47:40 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  145.851327][T17290]  should_fail+0x23c/0x250
[  145.855785][T17290]  ? kcalloc+0x32/0x40
[  145.859855][T17290]  __should_failslab+0x81/0x90
[  145.864625][T17290]  should_failslab+0x5/0x20
[  145.869129][T17290]  __kmalloc+0x6f/0x370
[  145.873291][T17290]  ? kmem_cache_alloc_trace+0x24b/0x350
[  145.878916][T17290]  kcalloc+0x32/0x40
[  145.882846][T17290]  alloc_pipe_info+0x1be/0x350
[  145.887782][T17290]  splice_direct_to_actor+0x5f7/0x650
[  145.893208][T17290]  ? security_file_permission+0x7c/0xa0
[  145.898818][T17290]  ? do_splice_direct+0x190/0x190
[  145.903849][T17290]  ? security_file_permission+0x87/0xa0
[  145.909408][T17290]  do_splice_direct+0x106/0x190
[  145.914367][T17290]  do_sendfile+0x675/0xc40
[  145.918824][T17290]  __x64_sys_sendfile64+0x102/0x140
[  145.924064][T17290]  do_syscall_64+0x44/0xd0
[  145.928488][T17290]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  145.934469][T17290] RIP: 0033:0x7f8cb7c38ae9
[  145.938886][T17290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  145.958498][T17290] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  145.966999][T17290] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  145.975029][T17290] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  145.982998][T17290] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  145.990967][T17290] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
14:47:40 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:40 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))

14:47:41 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 3)

14:47:41 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  145.998958][T17290] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  146.006995][T17290]  </TASK>
[  146.050979][T17598] FAULT_INJECTION: forcing a failure.
[  146.050979][T17598] name failslab, interval 1, probability 0, space 0, times 0
[  146.063744][T17598] CPU: 1 PID: 17598 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  146.072510][T17598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  146.082664][T17598] Call Trace:
[  146.085947][T17598]  <TASK>
[  146.088881][T17598]  dump_stack_lvl+0xd6/0x122
[  146.093584][T17598]  dump_stack+0x11/0x1b
[  146.097739][T17598]  should_fail+0x23c/0x250
[  146.102165][T17598]  ? kmalloc_array+0x2d/0x40
[  146.106829][T17598]  __should_failslab+0x81/0x90
[  146.111612][T17598]  should_failslab+0x5/0x20
[  146.116145][T17598]  __kmalloc+0x6f/0x370
[  146.120304][T17598]  kmalloc_array+0x2d/0x40
[  146.124919][T17598]  iter_file_splice_write+0xd5/0x790
[  146.130205][T17598]  ? atime_needs_update+0x2ba/0x390
[  146.135410][T17598]  ? touch_atime+0x11f/0x2e0
[  146.140092][T17598]  ? generic_file_splice_read+0x2a9/0x330
[  146.145859][T17598]  ? splice_from_pipe+0xd0/0xd0
[  146.150722][T17598]  direct_splice_actor+0x80/0xa0
[  146.155661][T17598]  splice_direct_to_actor+0x345/0x650
[  146.161110][T17598]  ? do_splice_direct+0x190/0x190
[  146.166133][T17598]  do_splice_direct+0x106/0x190
[  146.170995][T17598]  do_sendfile+0x675/0xc40
[  146.175410][T17598]  __x64_sys_sendfile64+0x102/0x140
[  146.180611][T17598]  do_syscall_64+0x44/0xd0
[  146.185039][T17598]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  146.190987][T17598] RIP: 0033:0x7f8cb7c38ae9
[  146.195404][T17598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  146.215097][T17598] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  146.223613][T17598] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  146.231644][T17598] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  146.239748][T17598] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  146.247725][T17598] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  146.255692][T17598] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  146.263734][T17598]  </TASK>
14:47:41 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:41 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0x0, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:41 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:41 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)

14:47:41 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0x0, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:41 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 4)

[  146.331690][T17813] FAULT_INJECTION: forcing a failure.
[  146.331690][T17813] name failslab, interval 1, probability 0, space 0, times 0
[  146.344369][T17813] CPU: 1 PID: 17813 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  146.353135][T17813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  146.363256][T17813] Call Trace:
[  146.366528][T17813]  <TASK>
[  146.369453][T17813]  dump_stack_lvl+0xd6/0x122
[  146.374051][T17813]  dump_stack+0x11/0x1b
[  146.378202][T17813]  should_fail+0x23c/0x250
[  146.382720][T17813]  ? jbd2__journal_start+0xf7/0x3f0
[  146.388070][T17813]  __should_failslab+0x81/0x90
[  146.392844][T17813]  should_failslab+0x5/0x20
[  146.397354][T17813]  kmem_cache_alloc+0x4f/0x320
[  146.402134][T17813]  jbd2__journal_start+0xf7/0x3f0
[  146.407145][T17813]  __ext4_journal_start_sb+0x159/0x310
[  146.412650][T17813]  ? ext4_file_write_iter+0x461/0x1200
[  146.418096][T17813]  ext4_file_write_iter+0x992/0x1200
[  146.423378][T17813]  ? ext4_file_write_iter+0x461/0x1200
[  146.428901][T17813]  do_iter_readv_writev+0x2de/0x380
[  146.434088][T17813]  do_iter_write+0x192/0x5c0
[  146.438718][T17813]  ? splice_from_pipe_next+0x34f/0x3b0
[  146.444165][T17813]  ? kmalloc_array+0x2d/0x40
[  146.448917][T17813]  vfs_iter_write+0x4c/0x70
[  146.453578][T17813]  iter_file_splice_write+0x43a/0x790
[  146.459002][T17813]  ? splice_from_pipe+0xd0/0xd0
[  146.463850][T17813]  direct_splice_actor+0x80/0xa0
[  146.468802][T17813]  splice_direct_to_actor+0x345/0x650
[  146.474598][T17813]  ? do_splice_direct+0x190/0x190
[  146.479634][T17813]  do_splice_direct+0x106/0x190
[  146.484476][T17813]  do_sendfile+0x675/0xc40
[  146.488896][T17813]  __x64_sys_sendfile64+0x102/0x140
[  146.494090][T17813]  do_syscall_64+0x44/0xd0
[  146.498581][T17813]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  146.504506][T17813] RIP: 0033:0x7f8cb7c38ae9
[  146.509002][T17813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:41 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0x0, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  146.528609][T17813] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  146.537137][T17813] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  146.545139][T17813] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  146.553189][T17813] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  146.561147][T17813] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  146.569103][T17813] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  146.577066][T17813]  </TASK>
14:47:41 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 5)

[  146.646281][T17873] FAULT_INJECTION: forcing a failure.
[  146.646281][T17873] name failslab, interval 1, probability 0, space 0, times 0
[  146.659029][T17873] CPU: 0 PID: 17873 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  146.667965][T17873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  146.678023][T17873] Call Trace:
[  146.681305][T17873]  <TASK>
[  146.684240][T17873]  dump_stack_lvl+0xd6/0x122
[  146.688837][T17873]  dump_stack+0x11/0x1b
[  146.693069][T17873]  should_fail+0x23c/0x250
[  146.697558][T17873]  ? __iomap_dio_rw+0x143/0x1070
[  146.702501][T17873]  __should_failslab+0x81/0x90
[  146.707273][T17873]  should_failslab+0x5/0x20
[  146.711959][T17873]  kmem_cache_alloc_trace+0x52/0x350
[  146.717320][T17873]  ? preempt_count_add+0x4e/0x90
[  146.722267][T17873]  ? _raw_spin_unlock+0x2e/0x50
[  146.727126][T17873]  __iomap_dio_rw+0x143/0x1070
[  146.732043][T17873]  ? __ext4_handle_dirty_metadata+0x17d/0x5a0
[  146.738119][T17873]  ? ___cache_free+0x46/0x300
[  146.742856][T17873]  iomap_dio_rw+0x38/0x80
[  146.747230][T17873]  ? ext4_file_write_iter+0x461/0x1200
[  146.752694][T17873]  ext4_file_write_iter+0xac3/0x1200
[  146.757989][T17873]  ? ext4_file_write_iter+0x461/0x1200
[  146.763515][T17873]  do_iter_readv_writev+0x2de/0x380
[  146.768981][T17873]  do_iter_write+0x192/0x5c0
[  146.773715][T17873]  ? splice_from_pipe_next+0x34f/0x3b0
[  146.779208][T17873]  ? kmalloc_array+0x2d/0x40
[  146.783814][T17873]  vfs_iter_write+0x4c/0x70
[  146.788451][T17873]  iter_file_splice_write+0x43a/0x790
[  146.793877][T17873]  ? splice_from_pipe+0xd0/0xd0
[  146.798740][T17873]  direct_splice_actor+0x80/0xa0
[  146.804048][T17873]  splice_direct_to_actor+0x345/0x650
[  146.809448][T17873]  ? do_splice_direct+0x190/0x190
[  146.814642][T17873]  do_splice_direct+0x106/0x190
[  146.819583][T17873]  do_sendfile+0x675/0xc40
[  146.824010][T17873]  __x64_sys_sendfile64+0x102/0x140
[  146.829230][T17873]  do_syscall_64+0x44/0xd0
[  146.833712][T17873]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  146.839645][T17873] RIP: 0033:0x7f8cb7c38ae9
[  146.844062][T17873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  146.863787][T17873] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  146.872257][T17873] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  146.880258][T17873] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  146.888254][T17873] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
14:47:41 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)

14:47:41 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0x0, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  146.896234][T17873] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  146.904239][T17873] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  146.912286][T17873]  </TASK>
14:47:41 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 6)

[  146.998248][T17937] FAULT_INJECTION: forcing a failure.
[  146.998248][T17937] name failslab, interval 1, probability 0, space 0, times 0
[  147.010894][T17937] CPU: 0 PID: 17937 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  147.019702][T17937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.029847][T17937] Call Trace:
[  147.033132][T17937]  <TASK>
[  147.036061][T17937]  dump_stack_lvl+0xd6/0x122
[  147.040750][T17937]  dump_stack+0x11/0x1b
[  147.045145][T17937]  should_fail+0x23c/0x250
[  147.049568][T17937]  ? jbd2__journal_start+0xf7/0x3f0
[  147.054802][T17937]  __should_failslab+0x81/0x90
[  147.059577][T17937]  should_failslab+0x5/0x20
[  147.064126][T17937]  kmem_cache_alloc+0x4f/0x320
[  147.068894][T17937]  ? __perf_event_task_sched_out+0xec6/0xf00
[  147.074882][T17937]  jbd2__journal_start+0xf7/0x3f0
[  147.079910][T17937]  __ext4_journal_start_sb+0x159/0x310
[  147.085426][T17937]  ext4_iomap_begin+0x408/0x630
[  147.090286][T17937]  ? ext4_alloc_da_blocks+0x100/0x100
[  147.095696][T17937]  iomap_iter+0x395/0x4a0
[  147.100031][T17937]  __iomap_dio_rw+0x695/0x1070
[  147.104957][T17937]  ? _raw_spin_lock_irq+0x41/0x50
[  147.110065][T17937]  iomap_dio_rw+0x38/0x80
[  147.114405][T17937]  ? ext4_file_write_iter+0x461/0x1200
[  147.119914][T17937]  ext4_file_write_iter+0xac3/0x1200
[  147.125208][T17937]  ? ext4_file_write_iter+0x461/0x1200
[  147.130682][T17937]  do_iter_readv_writev+0x2de/0x380
[  147.135920][T17937]  do_iter_write+0x192/0x5c0
[  147.140518][T17937]  ? splice_from_pipe_next+0x34f/0x3b0
14:47:42 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0x0, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:42 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:42 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:42 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)

[  147.146031][T17937]  ? kmalloc_array+0x2d/0x40
[  147.150642][T17937]  vfs_iter_write+0x4c/0x70
[  147.155143][T17937]  iter_file_splice_write+0x43a/0x790
[  147.160556][T17937]  ? splice_from_pipe+0xd0/0xd0
[  147.165415][T17937]  direct_splice_actor+0x80/0xa0
[  147.170433][T17937]  splice_direct_to_actor+0x345/0x650
[  147.175817][T17937]  ? do_splice_direct+0x190/0x190
[  147.180845][T17937]  do_splice_direct+0x106/0x190
[  147.185829][T17937]  do_sendfile+0x675/0xc40
[  147.190251][T17937]  __x64_sys_sendfile64+0x102/0x140
14:47:42 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0x0, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  147.195454][T17937]  do_syscall_64+0x44/0xd0
[  147.199920][T17937]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  147.205865][T17937] RIP: 0033:0x7f8cb7c38ae9
[  147.210289][T17937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.229981][T17937] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  147.238401][T17937] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
14:47:42 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 7)

14:47:42 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

[  147.246416][T17937] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  147.254385][T17937] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  147.262370][T17937] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  147.270335][T17937] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  147.278318][T17937]  </TASK>
[  147.333870][T17953] FAULT_INJECTION: forcing a failure.
[  147.333870][T17953] name failslab, interval 1, probability 0, space 0, times 0
[  147.346653][T17953] CPU: 1 PID: 17953 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  147.355416][T17953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.365525][T17953] Call Trace:
[  147.368798][T17953]  <TASK>
[  147.371748][T17953]  dump_stack_lvl+0xd6/0x122
[  147.376342][T17953]  dump_stack+0x11/0x1b
[  147.380692][T17953]  should_fail+0x23c/0x250
[  147.385162][T17953]  ? jbd2__journal_start+0xf7/0x3f0
[  147.390358][T17953]  __should_failslab+0x81/0x90
[  147.395178][T17953]  should_failslab+0x5/0x20
[  147.399729][T17953]  kmem_cache_alloc+0x4f/0x320
[  147.404495][T17953]  ? __find_get_block+0x785/0x9b0
[  147.409524][T17953]  jbd2__journal_start+0xf7/0x3f0
[  147.414598][T17953]  __ext4_journal_start_sb+0x159/0x310
[  147.420069][T17953]  ext4_iomap_begin+0x408/0x630
[  147.424935][T17953]  ? ext4_alloc_da_blocks+0x100/0x100
[  147.430351][T17953]  iomap_iter+0x395/0x4a0
[  147.434712][T17953]  __iomap_dio_rw+0x695/0x1070
[  147.439526][T17953]  iomap_dio_rw+0x38/0x80
[  147.443854][T17953]  ? ext4_file_write_iter+0x461/0x1200
[  147.449311][T17953]  ext4_file_write_iter+0xac3/0x1200
[  147.454598][T17953]  ? ext4_file_write_iter+0x461/0x1200
[  147.460062][T17953]  do_iter_readv_writev+0x2de/0x380
[  147.465271][T17953]  do_iter_write+0x192/0x5c0
[  147.469861][T17953]  ? tsan.module_ctor+0x10/0x10
[  147.474748][T17953]  vfs_iter_write+0x4c/0x70
[  147.479255][T17953]  iter_file_splice_write+0x43a/0x790
14:47:42 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0x0, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:42 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

[  147.484630][T17953]  ? splice_from_pipe+0xd0/0xd0
[  147.489490][T17953]  direct_splice_actor+0x80/0xa0
[  147.494431][T17953]  splice_direct_to_actor+0x345/0x650
[  147.499809][T17953]  ? do_splice_direct+0x190/0x190
[  147.504893][T17953]  do_splice_direct+0x106/0x190
[  147.509742][T17953]  do_sendfile+0x675/0xc40
[  147.514159][T17953]  __x64_sys_sendfile64+0x102/0x140
[  147.519392][T17953]  do_syscall_64+0x44/0xd0
[  147.523817][T17953]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  147.529763][T17953] RIP: 0033:0x7f8cb7c38ae9
[  147.534170][T17953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.553864][T17953] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  147.562275][T17953] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  147.570271][T17953] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
14:47:42 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

14:47:42 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0x0, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  147.578283][T17953] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  147.586249][T17953] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  147.594238][T17953] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  147.602209][T17953]  </TASK>
14:47:42 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 8)

[  147.687061][T18171] FAULT_INJECTION: forcing a failure.
[  147.687061][T18171] name failslab, interval 1, probability 0, space 0, times 0
[  147.699703][T18171] CPU: 0 PID: 18171 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  147.708468][T18171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.718588][T18171] Call Trace:
[  147.721884][T18171]  <TASK>
[  147.724857][T18171]  dump_stack_lvl+0xd6/0x122
[  147.729449][T18171]  dump_stack+0x11/0x1b
[  147.733633][T18171]  should_fail+0x23c/0x250
[  147.738151][T18171]  ? __es_insert_extent+0x546/0xe80
[  147.743340][T18171]  __should_failslab+0x81/0x90
[  147.748126][T18171]  should_failslab+0x5/0x20
[  147.752686][T18171]  kmem_cache_alloc+0x4f/0x320
[  147.757494][T18171]  __es_insert_extent+0x546/0xe80
[  147.762521][T18171]  ext4_es_insert_extent+0x1cb/0x19c0
[  147.767966][T18171]  ext4_ext_map_blocks+0xff7/0x2120
[  147.773168][T18171]  ? _raw_read_unlock+0x13/0x30
[  147.778051][T18171]  ext4_map_blocks+0x1cf/0xf00
[  147.782832][T18171]  ext4_iomap_begin+0x4b0/0x630
[  147.787802][T18171]  ? ext4_alloc_da_blocks+0x100/0x100
[  147.793236][T18171]  iomap_iter+0x395/0x4a0
[  147.797570][T18171]  __iomap_dio_rw+0x695/0x1070
[  147.802387][T18171]  ? _raw_spin_lock_irq+0x41/0x50
[  147.807419][T18171]  iomap_dio_rw+0x38/0x80
[  147.811744][T18171]  ? ext4_file_write_iter+0x461/0x1200
[  147.817210][T18171]  ext4_file_write_iter+0xac3/0x1200
[  147.822628][T18171]  ? ext4_file_write_iter+0x461/0x1200
[  147.828131][T18171]  do_iter_readv_writev+0x2de/0x380
[  147.833580][T18171]  do_iter_write+0x192/0x5c0
[  147.838239][T18171]  ? splice_from_pipe_next+0x34f/0x3b0
[  147.843697][T18171]  ? kmalloc_array+0x2d/0x40
[  147.848306][T18171]  vfs_iter_write+0x4c/0x70
[  147.852857][T18171]  iter_file_splice_write+0x43a/0x790
[  147.858362][T18171]  ? splice_from_pipe+0xd0/0xd0
[  147.863216][T18171]  direct_splice_actor+0x80/0xa0
[  147.868204][T18171]  splice_direct_to_actor+0x345/0x650
[  147.873654][T18171]  ? do_splice_direct+0x190/0x190
[  147.878768][T18171]  do_splice_direct+0x106/0x190
[  147.883636][T18171]  do_sendfile+0x675/0xc40
[  147.888090][T18171]  __x64_sys_sendfile64+0x102/0x140
[  147.893358][T18171]  do_syscall_64+0x44/0xd0
[  147.897775][T18171]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  147.903760][T18171] RIP: 0033:0x7f8cb7c38ae9
[  147.908169][T18171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.927755][T18171] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  147.936183][T18171] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  147.944163][T18171] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  147.952167][T18171] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  147.960122][T18171] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  147.968131][T18171] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  147.976155][T18171]  </TASK>
14:47:43 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0x0, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)

14:47:43 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:43 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0x0, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:43 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))

14:47:43 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 9)

14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))

[  148.161448][T18190] FAULT_INJECTION: forcing a failure.
[  148.161448][T18190] name failslab, interval 1, probability 0, space 0, times 0
[  148.174233][T18190] CPU: 1 PID: 18190 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  148.183247][T18190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.193301][T18190] Call Trace:
[  148.196630][T18190]  <TASK>
[  148.199618][T18190]  dump_stack_lvl+0xd6/0x122
[  148.204214][T18190]  dump_stack+0x11/0x1b
[  148.208435][T18190]  should_fail+0x23c/0x250
[  148.212865][T18190]  ? kcalloc+0x32/0x50
[  148.216938][T18190]  __should_failslab+0x81/0x90
[  148.221704][T18190]  should_failslab+0x5/0x20
[  148.226253][T18190]  __kmalloc+0x6f/0x370
[  148.230413][T18190]  kcalloc+0x32/0x50
[  148.234307][T18190]  ext4_find_extent+0x19f/0x7e0
[  148.239163][T18190]  ? kfree+0xf8/0x1f0
[  148.243219][T18190]  ext4_ext_map_blocks+0x115/0x2120
[  148.248507][T18190]  ? _raw_read_unlock+0x13/0x30
[  148.253367][T18190]  ext4_map_blocks+0x71e/0xf00
[  148.258140][T18190]  ext4_iomap_begin+0x4b0/0x630
[  148.263171][T18190]  ? ext4_alloc_da_blocks+0x100/0x100
[  148.268604][T18190]  iomap_iter+0x395/0x4a0
[  148.272939][T18190]  __iomap_dio_rw+0x695/0x1070
[  148.277768][T18190]  ? _raw_spin_lock_irq+0x41/0x50
[  148.282798][T18190]  iomap_dio_rw+0x38/0x80
[  148.287124][T18190]  ? ext4_file_write_iter+0x461/0x1200
[  148.292576][T18190]  ext4_file_write_iter+0xac3/0x1200
[  148.297875][T18190]  ? ext4_file_write_iter+0x461/0x1200
[  148.303331][T18190]  do_iter_readv_writev+0x2de/0x380
14:47:43 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x0, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:43 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)

[  148.308527][T18190]  do_iter_write+0x192/0x5c0
[  148.313236][T18190]  ? splice_from_pipe_next+0x34f/0x3b0
[  148.318690][T18190]  ? kmalloc_array+0x2d/0x40
[  148.323345][T18190]  vfs_iter_write+0x4c/0x70
[  148.327851][T18190]  iter_file_splice_write+0x43a/0x790
[  148.333229][T18190]  ? splice_from_pipe+0xd0/0xd0
[  148.338079][T18190]  direct_splice_actor+0x80/0xa0
[  148.343020][T18190]  splice_direct_to_actor+0x345/0x650
[  148.348443][T18190]  ? do_splice_direct+0x190/0x190
[  148.353488][T18190]  do_splice_direct+0x106/0x190
[  148.358348][T18190]  do_sendfile+0x675/0xc40
[  148.362831][T18190]  __x64_sys_sendfile64+0x102/0x140
[  148.368153][T18190]  do_syscall_64+0x44/0xd0
[  148.372638][T18190]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  148.378571][T18190] RIP: 0033:0x7f8cb7c38ae9
[  148.383027][T18190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  148.402620][T18190] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
14:47:43 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x0, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))

[  148.411064][T18190] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  148.419037][T18190] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  148.427069][T18190] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  148.435037][T18190] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  148.443022][T18190] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  148.451053][T18190]  </TASK>
14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:43 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 10)

[  148.550801][T18513] FAULT_INJECTION: forcing a failure.
[  148.550801][T18513] name failslab, interval 1, probability 0, space 0, times 0
[  148.563502][T18513] CPU: 0 PID: 18513 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  148.572310][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.582362][T18513] Call Trace:
[  148.585666][T18513]  <TASK>
[  148.588598][T18513]  dump_stack_lvl+0xd6/0x122
[  148.593194][T18513]  dump_stack+0x11/0x1b
14:47:43 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  148.597369][T18513]  should_fail+0x23c/0x250
[  148.601802][T18513]  ? ext4_mb_new_blocks+0x328/0x1ee0
[  148.607087][T18513]  __should_failslab+0x81/0x90
[  148.611857][T18513]  should_failslab+0x5/0x20
[  148.616438][T18513]  kmem_cache_alloc+0x4f/0x320
[  148.621239][T18513]  ext4_mb_new_blocks+0x328/0x1ee0
[  148.626352][T18513]  ? kcalloc+0x32/0x50
[  148.630427][T18513]  ? ext4_find_extent+0x6d7/0x7e0
[  148.635460][T18513]  ? ext4_ext_search_right+0x301/0x4f0
[  148.641065][T18513]  ? ext4_inode_to_goal_block+0x1bd/0x1d0
[  148.646782][T18513]  ext4_ext_map_blocks+0x1658/0x2120
[  148.652124][T18513]  ? _raw_read_unlock+0x13/0x30
[  148.657037][T18513]  ext4_map_blocks+0x71e/0xf00
[  148.661824][T18513]  ext4_iomap_begin+0x4b0/0x630
[  148.666782][T18513]  ? ext4_alloc_da_blocks+0x100/0x100
[  148.672152][T18513]  iomap_iter+0x395/0x4a0
[  148.676532][T18513]  __iomap_dio_rw+0x695/0x1070
[  148.681291][T18513]  ? _raw_spin_lock_irq+0x41/0x50
[  148.686400][T18513]  iomap_dio_rw+0x38/0x80
[  148.690744][T18513]  ? ext4_file_write_iter+0x461/0x1200
[  148.696186][T18513]  ext4_file_write_iter+0xac3/0x1200
[  148.701482][T18513]  ? ext4_file_write_iter+0x461/0x1200
[  148.706926][T18513]  do_iter_readv_writev+0x2de/0x380
[  148.712106][T18513]  do_iter_write+0x192/0x5c0
[  148.716737][T18513]  ? splice_from_pipe_next+0x34f/0x3b0
[  148.722337][T18513]  ? kmalloc_array+0x2d/0x40
[  148.726937][T18513]  vfs_iter_write+0x4c/0x70
[  148.731449][T18513]  iter_file_splice_write+0x43a/0x790
[  148.736829][T18513]  ? splice_from_pipe+0xd0/0xd0
[  148.741731][T18513]  direct_splice_actor+0x80/0xa0
[  148.746736][T18513]  splice_direct_to_actor+0x345/0x650
[  148.752347][T18513]  ? do_splice_direct+0x190/0x190
[  148.757416][T18513]  do_splice_direct+0x106/0x190
[  148.762312][T18513]  do_sendfile+0x675/0xc40
[  148.766739][T18513]  __x64_sys_sendfile64+0x102/0x140
[  148.771992][T18513]  do_syscall_64+0x44/0xd0
[  148.776551][T18513]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  148.782516][T18513] RIP: 0033:0x7f8cb7c38ae9
[  148.787021][T18513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  148.806643][T18513] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  148.815037][T18513] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  148.822990][T18513] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  148.830967][T18513] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  148.838919][T18513] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  148.846875][T18513] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  148.854842][T18513]  </TASK>
14:47:43 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0x0, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:43 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x0, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:43 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 11)

14:47:43 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:43 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:43 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  148.988812][T18528] FAULT_INJECTION: forcing a failure.
[  148.988812][T18528] name failslab, interval 1, probability 0, space 0, times 0
[  149.001496][T18528] CPU: 0 PID: 18528 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  149.010260][T18528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  149.020367][T18528] Call Trace:
[  149.023639][T18528]  <TASK>
[  149.026557][T18528]  dump_stack_lvl+0xd6/0x122
[  149.031325][T18528]  dump_stack+0x11/0x1b
[  149.035483][T18528]  should_fail+0x23c/0x250
[  149.039897][T18528]  ? __es_insert_extent+0x546/0xe80
[  149.045093][T18528]  __should_failslab+0x81/0x90
[  149.049847][T18528]  should_failslab+0x5/0x20
[  149.054422][T18528]  kmem_cache_alloc+0x4f/0x320
[  149.059182][T18528]  __es_insert_extent+0x546/0xe80
[  149.064209][T18528]  ? ext4_ext_map_blocks+0x1128/0x2120
[  149.069745][T18528]  ext4_es_insert_extent+0x1cb/0x19c0
[  149.075160][T18528]  ext4_map_blocks+0xa5d/0xf00
[  149.079955][T18528]  ext4_iomap_begin+0x4b0/0x630
[  149.084867][T18528]  ? ext4_alloc_da_blocks+0x100/0x100
[  149.090269][T18528]  iomap_iter+0x395/0x4a0
[  149.094679][T18528]  __iomap_dio_rw+0x695/0x1070
[  149.099432][T18528]  ? _raw_spin_lock_irq+0x41/0x50
[  149.104463][T18528]  iomap_dio_rw+0x38/0x80
[  149.108807][T18528]  ? ext4_file_write_iter+0x461/0x1200
[  149.114322][T18528]  ext4_file_write_iter+0xac3/0x1200
[  149.119591][T18528]  ? ext4_file_write_iter+0x461/0x1200
[  149.125034][T18528]  do_iter_readv_writev+0x2de/0x380
[  149.130277][T18528]  do_iter_write+0x192/0x5c0
[  149.134916][T18528]  ? splice_from_pipe_next+0x34f/0x3b0
[  149.140364][T18528]  ? kmalloc_array+0x2d/0x40
[  149.144940][T18528]  vfs_iter_write+0x4c/0x70
[  149.149463][T18528]  iter_file_splice_write+0x43a/0x790
[  149.154824][T18528]  ? splice_from_pipe+0xd0/0xd0
[  149.159678][T18528]  direct_splice_actor+0x80/0xa0
[  149.164646][T18528]  splice_direct_to_actor+0x345/0x650
[  149.170017][T18528]  ? do_splice_direct+0x190/0x190
[  149.175160][T18528]  do_splice_direct+0x106/0x190
[  149.179997][T18528]  do_sendfile+0x675/0xc40
[  149.184410][T18528]  __x64_sys_sendfile64+0x102/0x140
[  149.189619][T18528]  do_syscall_64+0x44/0xd0
[  149.194035][T18528]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  149.199956][T18528] RIP: 0033:0x7f8cb7c38ae9
[  149.204360][T18528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  149.223964][T18528] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
14:47:44 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  149.232363][T18528] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  149.240318][T18528] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  149.248272][T18528] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  149.256226][T18528] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  149.264193][T18528] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  149.272170][T18528]  </TASK>
14:47:44 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:44 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:44 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:44 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:44 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:44 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0x0, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:44 executing program 1:
syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:44 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 12)

14:47:44 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:44 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:44 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:44 executing program 1:
syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  149.817905][T18761] FAULT_INJECTION: forcing a failure.
[  149.817905][T18761] name failslab, interval 1, probability 0, space 0, times 0
[  149.830625][T18761] CPU: 0 PID: 18761 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  149.839451][T18761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  149.849502][T18761] Call Trace:
[  149.852773][T18761]  <TASK>
[  149.855714][T18761]  dump_stack_lvl+0xd6/0x122
[  149.860357][T18761]  dump_stack+0x11/0x1b
[  149.864566][T18761]  should_fail+0x23c/0x250
[  149.869045][T18761]  ? mempool_alloc_slab+0x16/0x20
[  149.874070][T18761]  __should_failslab+0x81/0x90
[  149.878828][T18761]  should_failslab+0x5/0x20
[  149.883375][T18761]  kmem_cache_alloc+0x4f/0x320
[  149.888132][T18761]  mempool_alloc_slab+0x16/0x20
[  149.893002][T18761]  ? mempool_free+0x130/0x130
[  149.897690][T18761]  mempool_alloc+0x9d/0x310
[  149.902261][T18761]  ? preempt_count_add+0x4e/0x90
[  149.907264][T18761]  ? _raw_read_unlock+0x13/0x30
[  149.912118][T18761]  ? jbd2_transaction_committed+0xad/0xc0
[  149.917848][T18761]  bio_alloc_bioset+0xcc/0x560
[  149.922602][T18761]  ? iov_iter_alignment+0x34b/0x370
[  149.927865][T18761]  iomap_dio_bio_iter+0x5ed/0xc70
[  149.932993][T18761]  ? ext4_alloc_da_blocks+0x100/0x100
[  149.938390][T18761]  __iomap_dio_rw+0x8b5/0x1070
[  149.943151][T18761]  ? _raw_spin_lock_irq+0x41/0x50
[  149.948221][T18761]  iomap_dio_rw+0x38/0x80
[  149.952987][T18761]  ? ext4_file_write_iter+0x461/0x1200
[  149.958524][T18761]  ext4_file_write_iter+0xac3/0x1200
[  149.963798][T18761]  ? ext4_file_write_iter+0x461/0x1200
[  149.969259][T18761]  do_iter_readv_writev+0x2de/0x380
[  149.974454][T18761]  do_iter_write+0x192/0x5c0
[  149.979046][T18761]  ? splice_from_pipe_next+0x34f/0x3b0
[  149.984541][T18761]  ? kmalloc_array+0x2d/0x40
[  149.989135][T18761]  vfs_iter_write+0x4c/0x70
[  149.993644][T18761]  iter_file_splice_write+0x43a/0x790
[  149.999072][T18761]  ? splice_from_pipe+0xd0/0xd0
[  150.003909][T18761]  direct_splice_actor+0x80/0xa0
[  150.008831][T18761]  splice_direct_to_actor+0x345/0x650
[  150.014209][T18761]  ? do_splice_direct+0x190/0x190
[  150.019222][T18761]  do_splice_direct+0x106/0x190
[  150.024058][T18761]  do_sendfile+0x675/0xc40
[  150.028586][T18761]  __x64_sys_sendfile64+0x102/0x140
[  150.033778][T18761]  do_syscall_64+0x44/0xd0
[  150.038208][T18761]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  150.044168][T18761] RIP: 0033:0x7f8cb7c38ae9
[  150.048634][T18761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  150.068330][T18761] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  150.076742][T18761] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  150.084700][T18761] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  150.092672][T18761] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  150.100629][T18761] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  150.108599][T18761] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
14:47:45 executing program 1:
syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  150.116561][T18761]  </TASK>
14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:45 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x0, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:45 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:45 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:45 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 13)

14:47:45 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  150.597263][T18897] FAULT_INJECTION: forcing a failure.
[  150.597263][T18897] name failslab, interval 1, probability 0, space 0, times 0
[  150.609917][T18897] CPU: 0 PID: 18897 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  150.618684][T18897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  150.628744][T18897] Call Trace:
[  150.632022][T18897]  <TASK>
[  150.634955][T18897]  dump_stack_lvl+0xd6/0x122
[  150.639549][T18897]  dump_stack+0x11/0x1b
[  150.643707][T18897]  should_fail+0x23c/0x250
[  150.648128][T18897]  __should_failslab+0x81/0x90
[  150.652901][T18897]  should_failslab+0x5/0x20
[  150.657458][T18897]  kmem_cache_alloc_node+0x61/0x2d0
[  150.662780][T18897]  ? create_task_io_context+0x36/0x1e0
[  150.668297][T18897]  ? __blk_queue_split+0xb2f/0xc60
[  150.673416][T18897]  create_task_io_context+0x36/0x1e0
[  150.678737][T18897]  submit_bio_checks+0x828/0x8e0
[  150.683670][T18897]  ? __rcu_read_unlock+0x5c/0x290
[  150.688706][T18897]  blk_mq_submit_bio+0x2e1/0x1470
[  150.693889][T18897]  ? iov_iter_advance+0x6b6/0x750
[  150.698903][T18897]  ? mempool_alloc_slab+0x16/0x20
[  150.703957][T18897]  __submit_bio+0x131/0x340
[  150.708480][T18897]  ? mempool_alloc+0xaa/0x310
[  150.713156][T18897]  submit_bio_noacct+0x418/0x4e0
[  150.718122][T18897]  submit_bio+0x10c/0x180
[  150.722442][T18897]  iomap_dio_bio_iter+0x9ed/0xc70
[  150.727471][T18897]  __iomap_dio_rw+0x8b5/0x1070
[  150.732237][T18897]  ? _raw_spin_lock_irq+0x41/0x50
[  150.737255][T18897]  iomap_dio_rw+0x38/0x80
[  150.741574][T18897]  ? ext4_file_write_iter+0x461/0x1200
[  150.747018][T18897]  ext4_file_write_iter+0xac3/0x1200
[  150.752347][T18897]  ? ext4_file_write_iter+0x461/0x1200
[  150.757873][T18897]  do_iter_readv_writev+0x2de/0x380
[  150.763063][T18897]  do_iter_write+0x192/0x5c0
[  150.767690][T18897]  ? splice_from_pipe_next+0x34f/0x3b0
[  150.773158][T18897]  ? kmalloc_array+0x2d/0x40
[  150.777748][T18897]  vfs_iter_write+0x4c/0x70
[  150.782255][T18897]  iter_file_splice_write+0x43a/0x790
[  150.787615][T18897]  ? splice_from_pipe+0xd0/0xd0
[  150.792453][T18897]  direct_splice_actor+0x80/0xa0
[  150.797377][T18897]  splice_direct_to_actor+0x345/0x650
[  150.802802][T18897]  ? do_splice_direct+0x190/0x190
[  150.807834][T18897]  do_splice_direct+0x106/0x190
[  150.812750][T18897]  do_sendfile+0x675/0xc40
[  150.817165][T18897]  __x64_sys_sendfile64+0x102/0x140
[  150.822389][T18897]  do_syscall_64+0x44/0xd0
[  150.826802][T18897]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  150.832710][T18897] RIP: 0033:0x7f8cb7c38ae9
[  150.837114][T18897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  150.856722][T18897] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  150.865121][T18897] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  150.873077][T18897] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  150.881048][T18897] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  150.889003][T18897] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  150.897002][T18897] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  150.905094][T18897]  </TASK>
14:47:45 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:45 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))

14:47:46 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 14)

14:47:46 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:46 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x0, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:46 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  151.294120][T19029] FAULT_INJECTION: forcing a failure.
[  151.294120][T19029] name failslab, interval 1, probability 0, space 0, times 0
[  151.306904][T19029] CPU: 0 PID: 19029 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  151.315755][T19029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  151.325808][T19029] Call Trace:
[  151.329164][T19029]  <TASK>
[  151.332124][T19029]  dump_stack_lvl+0xd6/0x122
[  151.336748][T19029]  dump_stack+0x11/0x1b
[  151.340902][T19029]  should_fail+0x23c/0x250
[  151.345335][T19029]  ? mempool_alloc_slab+0x16/0x20
[  151.350506][T19029]  __should_failslab+0x81/0x90
[  151.355285][T19029]  should_failslab+0x5/0x20
[  151.359793][T19029]  kmem_cache_alloc+0x4f/0x320
[  151.364627][T19029]  mempool_alloc_slab+0x16/0x20
[  151.369655][T19029]  ? mempool_free+0x130/0x130
[  151.374422][T19029]  mempool_alloc+0x9d/0x310
[  151.378983][T19029]  ? __find_get_block+0x785/0x9b0
[  151.384139][T19029]  ? __filemap_get_folio+0x583/0x690
[  151.389434][T19029]  sg_pool_alloc+0x74/0x90
14:47:46 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:46 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000100))

[  151.393912][T19029]  __sg_alloc_table+0xce/0x290
[  151.399204][T19029]  sg_alloc_table_chained+0xaf/0x140
[  151.404506][T19029]  ? sg_alloc_table_chained+0x140/0x140
[  151.410144][T19029]  scsi_alloc_sgtables+0x18a/0x510
[  151.415276][T19029]  sd_init_command+0x944/0x1610
[  151.420550][T19029]  scsi_queue_rq+0x1026/0x1460
[  151.425339][T19029]  blk_mq_dispatch_rq_list+0x534/0x11e0
[  151.430963][T19029]  ? __sbitmap_queue_get+0x11/0x20
[  151.436079][T19029]  blk_mq_do_dispatch_sched+0x446/0x6d0
14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)

[  151.441747][T19029]  __blk_mq_sched_dispatch_requests+0x1ca/0x270
[  151.447997][T19029]  blk_mq_sched_dispatch_requests+0x9f/0x110
[  151.453983][T19029]  __blk_mq_run_hw_queue+0xc1/0x140
[  151.459184][T19029]  __blk_mq_delay_run_hw_queue+0x199/0x360
[  151.465028][T19029]  ? __rcu_read_unlock+0x5c/0x290
[  151.470103][T19029]  blk_mq_run_hw_queue+0x231/0x260
[  151.475249][T19029]  blk_mq_sched_insert_requests+0x130/0x200
[  151.481152][T19029]  blk_mq_flush_plug_list+0x372/0x460
[  151.486751][T19029]  blk_flush_plug+0x25a/0x2b0
[  151.491442][T19029]  ? ext4_iomap_end+0x33/0x50
[  151.496130][T19029]  blk_finish_plug+0x44/0x60
[  151.500819][T19029]  __iomap_dio_rw+0xcad/0x1070
[  151.505602][T19029]  ? _raw_spin_lock_irq+0x41/0x50
[  151.510682][T19029]  iomap_dio_rw+0x38/0x80
[  151.515016][T19029]  ? ext4_file_write_iter+0x461/0x1200
[  151.520548][T19029]  ext4_file_write_iter+0xac3/0x1200
[  151.525864][T19029]  ? ext4_file_write_iter+0x461/0x1200
[  151.531330][T19029]  do_iter_readv_writev+0x2de/0x380
[  151.537067][T19029]  do_iter_write+0x192/0x5c0
[  151.541662][T19029]  ? splice_from_pipe_next+0x34f/0x3b0
[  151.547203][T19029]  ? kmalloc_array+0x2d/0x40
[  151.551799][T19029]  vfs_iter_write+0x4c/0x70
[  151.556385][T19029]  iter_file_splice_write+0x43a/0x790
[  151.561829][T19029]  ? splice_from_pipe+0xd0/0xd0
[  151.566709][T19029]  direct_splice_actor+0x80/0xa0
[  151.571908][T19029]  splice_direct_to_actor+0x345/0x650
[  151.577285][T19029]  ? do_splice_direct+0x190/0x190
[  151.582314][T19029]  do_splice_direct+0x106/0x190
[  151.587168][T19029]  do_sendfile+0x675/0xc40
[  151.591593][T19029]  __x64_sys_sendfile64+0x102/0x140
[  151.596831][T19029]  do_syscall_64+0x44/0xd0
[  151.601250][T19029]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  151.607147][T19029] RIP: 0033:0x7f8cb7c38ae9
[  151.611629][T19029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  151.631235][T19029] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
14:47:46 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r0 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r0, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)

14:47:46 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:46 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), 0x0)

[  151.639815][T19029] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  151.647782][T19029] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  151.655751][T19029] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  151.663765][T19029] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  151.671745][T19029] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  151.679757][T19029]  </TASK>
14:47:46 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 15)

14:47:46 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:46 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x0, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:46 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  151.897385][T19029] syz-executor.3 (19029) used greatest stack depth: 9688 bytes left
[  151.931389][T19264] FAULT_INJECTION: forcing a failure.
[  151.931389][T19264] name failslab, interval 1, probability 0, space 0, times 0
[  151.944051][T19264] CPU: 0 PID: 19264 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  151.952840][T19264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  151.962896][T19264] Call Trace:
[  151.966171][T19264]  <TASK>
[  151.969098][T19264]  dump_stack_lvl+0xd6/0x122
[  151.973712][T19264]  dump_stack+0x11/0x1b
[  151.977869][T19264]  should_fail+0x23c/0x250
[  151.982289][T19264]  ? jbd2__journal_start+0xf7/0x3f0
[  151.987493][T19264]  __should_failslab+0x81/0x90
[  151.992293][T19264]  should_failslab+0x5/0x20
14:47:46 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:46 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  151.996798][T19264]  kmem_cache_alloc+0x4f/0x320
[  152.001835][T19264]  jbd2__journal_start+0xf7/0x3f0
[  152.006860][T19264]  __ext4_journal_start_sb+0x159/0x310
[  152.012347][T19264]  ext4_file_write_iter+0xbe6/0x1200
[  152.017799][T19264]  do_iter_readv_writev+0x2de/0x380
[  152.022999][T19264]  do_iter_write+0x192/0x5c0
[  152.027607][T19264]  ? tsan.module_ctor+0x10/0x10
[  152.032564][T19264]  vfs_iter_write+0x4c/0x70
[  152.037190][T19264]  iter_file_splice_write+0x43a/0x790
[  152.042574][T19264]  ? splice_from_pipe+0xd0/0xd0
14:47:47 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  152.047427][T19264]  direct_splice_actor+0x80/0xa0
[  152.052373][T19264]  splice_direct_to_actor+0x345/0x650
[  152.057754][T19264]  ? do_splice_direct+0x190/0x190
[  152.062784][T19264]  do_splice_direct+0x106/0x190
[  152.067701][T19264]  do_sendfile+0x675/0xc40
[  152.072124][T19264]  __x64_sys_sendfile64+0x102/0x140
[  152.077357][T19264]  do_syscall_64+0x44/0xd0
[  152.081800][T19264]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  152.087819][T19264] RIP: 0033:0x7f8cb7c38ae9
[  152.092233][T19264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  152.111870][T19264] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  152.120382][T19264] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  152.128359][T19264] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  152.136327][T19264] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
14:47:47 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 16)

14:47:47 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  152.144363][T19264] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  152.152333][T19264] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  152.160313][T19264]  </TASK>
[  152.228220][T19385] FAULT_INJECTION: forcing a failure.
[  152.228220][T19385] name failslab, interval 1, probability 0, space 0, times 0
[  152.240883][T19385] CPU: 0 PID: 19385 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  152.249712][T19385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  152.259857][T19385] Call Trace:
[  152.263128][T19385]  <TASK>
[  152.266052][T19385]  dump_stack_lvl+0xd6/0x122
[  152.270688][T19385]  dump_stack+0x11/0x1b
[  152.274907][T19385]  should_fail+0x23c/0x250
[  152.279325][T19385]  ? kmalloc_array+0x2d/0x40
[  152.284013][T19385]  __should_failslab+0x81/0x90
[  152.288805][T19385]  should_failslab+0x5/0x20
[  152.293367][T19385]  __kmalloc+0x6f/0x370
[  152.297524][T19385]  kmalloc_array+0x2d/0x40
[  152.301938][T19385]  iter_file_splice_write+0xd5/0x790
[  152.307228][T19385]  ? atime_needs_update+0x2ba/0x390
[  152.312425][T19385]  ? touch_atime+0x11f/0x2e0
[  152.317039][T19385]  ? generic_file_splice_read+0x2a9/0x330
[  152.322883][T19385]  ? splice_from_pipe+0xd0/0xd0
14:47:47 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  152.327762][T19385]  direct_splice_actor+0x80/0xa0
[  152.332701][T19385]  splice_direct_to_actor+0x345/0x650
[  152.338072][T19385]  ? do_splice_direct+0x190/0x190
[  152.343187][T19385]  do_splice_direct+0x106/0x190
[  152.348103][T19385]  do_sendfile+0x675/0xc40
[  152.352521][T19385]  __x64_sys_sendfile64+0x102/0x140
[  152.357723][T19385]  do_syscall_64+0x44/0xd0
[  152.362349][T19385]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  152.368408][T19385] RIP: 0033:0x7f8cb7c38ae9
[  152.372839][T19385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  152.392444][T19385] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  152.400878][T19385] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  152.408945][T19385] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  152.416984][T19385] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
14:47:47 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:47 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 17)

[  152.424954][T19385] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  152.432929][T19385] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  152.441389][T19385]  </TASK>
[  152.510667][T19494] FAULT_INJECTION: forcing a failure.
[  152.510667][T19494] name failslab, interval 1, probability 0, space 0, times 0
[  152.523362][T19494] CPU: 0 PID: 19494 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  152.532125][T19494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  152.542305][T19494] Call Trace:
[  152.545583][T19494]  <TASK>
[  152.548517][T19494]  dump_stack_lvl+0xd6/0x122
[  152.553193][T19494]  dump_stack+0x11/0x1b
[  152.557390][T19494]  should_fail+0x23c/0x250
[  152.561819][T19494]  ? kmalloc_array+0x2d/0x40
[  152.566543][T19494]  __should_failslab+0x81/0x90
[  152.571305][T19494]  should_failslab+0x5/0x20
[  152.575855][T19494]  __kmalloc+0x6f/0x370
[  152.580013][T19494]  kmalloc_array+0x2d/0x40
[  152.584484][T19494]  iter_file_splice_write+0xd5/0x790
[  152.589821][T19494]  ? atime_needs_update+0x2ba/0x390
[  152.595017][T19494]  ? touch_atime+0x11f/0x2e0
[  152.599616][T19494]  ? generic_file_splice_read+0x2a9/0x330
[  152.605417][T19494]  ? splice_from_pipe+0xd0/0xd0
14:47:47 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x0, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  152.610270][T19494]  direct_splice_actor+0x80/0xa0
[  152.615311][T19494]  splice_direct_to_actor+0x345/0x650
[  152.620773][T19494]  ? do_splice_direct+0x190/0x190
[  152.625797][T19494]  do_splice_direct+0x106/0x190
[  152.630646][T19494]  do_sendfile+0x675/0xc40
[  152.635059][T19494]  __x64_sys_sendfile64+0x102/0x140
[  152.640258][T19494]  do_syscall_64+0x44/0xd0
[  152.644673][T19494]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  152.650596][T19494] RIP: 0033:0x7f8cb7c38ae9
[  152.655211][T19494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  152.674852][T19494] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  152.683259][T19494] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  152.691225][T19494] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  152.699186][T19494] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
14:47:47 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  152.707159][T19494] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  152.715112][T19494] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  152.723070][T19494]  </TASK>
14:47:47 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:47 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:47 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 18)

[  152.841161][T19606] FAULT_INJECTION: forcing a failure.
[  152.841161][T19606] name failslab, interval 1, probability 0, space 0, times 0
[  152.853835][T19606] CPU: 0 PID: 19606 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  152.862595][T19606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  152.872648][T19606] Call Trace:
[  152.875925][T19606]  <TASK>
[  152.878853][T19606]  dump_stack_lvl+0xd6/0x122
[  152.883520][T19606]  dump_stack+0x11/0x1b
14:47:47 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  152.887674][T19606]  should_fail+0x23c/0x250
[  152.892085][T19606]  ? jbd2__journal_start+0xf7/0x3f0
[  152.897287][T19606]  __should_failslab+0x81/0x90
[  152.902052][T19606]  should_failslab+0x5/0x20
[  152.906560][T19606]  kmem_cache_alloc+0x4f/0x320
[  152.911395][T19606]  jbd2__journal_start+0xf7/0x3f0
[  152.916482][T19606]  __ext4_journal_start_sb+0x159/0x310
[  152.922016][T19606]  ? ext4_file_write_iter+0x461/0x1200
[  152.927501][T19606]  ext4_file_write_iter+0x992/0x1200
[  152.932997][T19606]  ? ext4_file_write_iter+0x461/0x1200
[  152.938515][T19606]  do_iter_readv_writev+0x2de/0x380
[  152.943720][T19606]  do_iter_write+0x192/0x5c0
[  152.948362][T19606]  ? splice_from_pipe_next+0x34f/0x3b0
[  152.955425][T19606]  ? kmalloc_array+0x2d/0x40
[  152.960028][T19606]  vfs_iter_write+0x4c/0x70
[  152.964733][T19606]  iter_file_splice_write+0x43a/0x790
[  152.970129][T19606]  ? splice_from_pipe+0xd0/0xd0
[  152.974996][T19606]  direct_splice_actor+0x80/0xa0
[  152.979945][T19606]  splice_direct_to_actor+0x345/0x650
[  152.985393][T19606]  ? do_splice_direct+0x190/0x190
[  152.990507][T19606]  do_splice_direct+0x106/0x190
[  152.995364][T19606]  do_sendfile+0x675/0xc40
[  152.999858][T19606]  __x64_sys_sendfile64+0x102/0x140
[  153.005233][T19606]  do_syscall_64+0x44/0xd0
[  153.009655][T19606]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  153.015552][T19606] RIP: 0033:0x7f8cb7c38ae9
[  153.019964][T19606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:48 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:48 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 19)

[  153.039615][T19606] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  153.048038][T19606] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  153.056128][T19606] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  153.064099][T19606] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  153.072072][T19606] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  153.080130][T19606] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  153.088106][T19606]  </TASK>
14:47:48 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  153.159878][T19801] FAULT_INJECTION: forcing a failure.
[  153.159878][T19801] name failslab, interval 1, probability 0, space 0, times 0
[  153.172553][T19801] CPU: 1 PID: 19801 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  153.181312][T19801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  153.191510][T19801] Call Trace:
[  153.194794][T19801]  <TASK>
[  153.197715][T19801]  dump_stack_lvl+0xd6/0x122
[  153.202306][T19801]  dump_stack+0x11/0x1b
14:47:48 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  153.206517][T19801]  should_fail+0x23c/0x250
[  153.210974][T19801]  ? jbd2__journal_start+0xf7/0x3f0
[  153.216194][T19801]  __should_failslab+0x81/0x90
[  153.221054][T19801]  should_failslab+0x5/0x20
[  153.225557][T19801]  kmem_cache_alloc+0x4f/0x320
[  153.230411][T19801]  jbd2__journal_start+0xf7/0x3f0
[  153.235515][T19801]  __ext4_journal_start_sb+0x159/0x310
[  153.241053][T19801]  ? ext4_file_write_iter+0x461/0x1200
[  153.246509][T19801]  ext4_file_write_iter+0x992/0x1200
[  153.251820][T19801]  ? ext4_file_write_iter+0x461/0x1200
[  153.257282][T19801]  do_iter_readv_writev+0x2de/0x380
[  153.262483][T19801]  do_iter_write+0x192/0x5c0
[  153.267130][T19801]  ? splice_from_pipe_next+0x34f/0x3b0
[  153.272588][T19801]  ? kmalloc_array+0x2d/0x40
[  153.277176][T19801]  vfs_iter_write+0x4c/0x70
[  153.281681][T19801]  iter_file_splice_write+0x43a/0x790
[  153.287145][T19801]  ? splice_from_pipe+0xd0/0xd0
[  153.292025][T19801]  direct_splice_actor+0x80/0xa0
[  153.296965][T19801]  splice_direct_to_actor+0x345/0x650
[  153.302416][T19801]  ? do_splice_direct+0x190/0x190
14:47:48 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  153.307444][T19801]  do_splice_direct+0x106/0x190
[  153.312292][T19801]  do_sendfile+0x675/0xc40
[  153.316705][T19801]  __x64_sys_sendfile64+0x102/0x140
[  153.322249][T19801]  do_syscall_64+0x44/0xd0
[  153.326687][T19801]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  153.332726][T19801] RIP: 0033:0x7f8cb7c38ae9
[  153.337251][T19801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:48 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  153.357204][T19801] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  153.365785][T19801] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  153.373752][T19801] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  153.381771][T19801] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  153.389733][T19801] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  153.397806][T19801] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  153.405826][T19801]  </TASK>
14:47:48 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x0, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:48 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 20)

14:47:48 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:48 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  153.558144][T20101] FAULT_INJECTION: forcing a failure.
[  153.558144][T20101] name failslab, interval 1, probability 0, space 0, times 0
[  153.570813][T20101] CPU: 1 PID: 20101 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  153.579576][T20101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  153.589629][T20101] Call Trace:
[  153.592930][T20101]  <TASK>
[  153.595852][T20101]  dump_stack_lvl+0xd6/0x122
[  153.600528][T20101]  dump_stack+0x11/0x1b
[  153.604706][T20101]  should_fail+0x23c/0x250
[  153.609115][T20101]  ? jbd2__journal_start+0xf7/0x3f0
[  153.614357][T20101]  __should_failslab+0x81/0x90
[  153.619255][T20101]  should_failslab+0x5/0x20
[  153.623848][T20101]  kmem_cache_alloc+0x4f/0x320
[  153.628636][T20101]  ? __find_get_block+0x785/0x9b0
[  153.633661][T20101]  jbd2__journal_start+0xf7/0x3f0
[  153.638753][T20101]  __ext4_journal_start_sb+0x159/0x310
[  153.644229][T20101]  ext4_iomap_begin+0x408/0x630
[  153.649119][T20101]  ? ext4_alloc_da_blocks+0x100/0x100
[  153.654544][T20101]  iomap_iter+0x395/0x4a0
[  153.658875][T20101]  __iomap_dio_rw+0x695/0x1070
[  153.663654][T20101]  iomap_dio_rw+0x38/0x80
[  153.667982][T20101]  ? ext4_file_write_iter+0x461/0x1200
[  153.673435][T20101]  ext4_file_write_iter+0xac3/0x1200
[  153.678713][T20101]  ? ext4_file_write_iter+0x461/0x1200
[  153.684168][T20101]  do_iter_readv_writev+0x2de/0x380
[  153.689436][T20101]  do_iter_write+0x192/0x5c0
[  153.694197][T20101]  ? splice_from_pipe_next+0x34f/0x3b0
[  153.699649][T20101]  ? kmalloc_array+0x2d/0x40
[  153.704239][T20101]  vfs_iter_write+0x4c/0x70
[  153.708742][T20101]  iter_file_splice_write+0x43a/0x790
[  153.714122][T20101]  ? splice_from_pipe+0xd0/0xd0
[  153.718971][T20101]  direct_splice_actor+0x80/0xa0
[  153.723937][T20101]  splice_direct_to_actor+0x345/0x650
[  153.729377][T20101]  ? do_splice_direct+0x190/0x190
[  153.734398][T20101]  do_splice_direct+0x106/0x190
[  153.739279][T20101]  do_sendfile+0x675/0xc40
[  153.743699][T20101]  __x64_sys_sendfile64+0x102/0x140
[  153.748998][T20101]  do_syscall_64+0x44/0xd0
[  153.753443][T20101]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  153.759330][T20101] RIP: 0033:0x7f8cb7c38ae9
[  153.763737][T20101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  153.783410][T20101] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  153.791822][T20101] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  153.799878][T20101] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
14:47:48 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x0, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:48 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:48 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:48 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  153.807849][T20101] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  153.815843][T20101] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  153.823806][T20101] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  153.831800][T20101]  </TASK>
14:47:48 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 21)

[  153.889814][T20252] FAULT_INJECTION: forcing a failure.
[  153.889814][T20252] name failslab, interval 1, probability 0, space 0, times 0
[  153.902511][T20252] CPU: 1 PID: 20252 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  153.911449][T20252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  153.921501][T20252] Call Trace:
[  153.924774][T20252]  <TASK>
[  153.927700][T20252]  dump_stack_lvl+0xd6/0x122
[  153.932292][T20252]  dump_stack+0x11/0x1b
[  153.936506][T20252]  should_fail+0x23c/0x250
[  153.940931][T20252]  ? ext4_mb_new_blocks+0x328/0x1ee0
[  153.946216][T20252]  __should_failslab+0x81/0x90
[  153.951043][T20252]  should_failslab+0x5/0x20
[  153.955546][T20252]  kmem_cache_alloc+0x4f/0x320
[  153.960473][T20252]  ext4_mb_new_blocks+0x328/0x1ee0
[  153.965596][T20252]  ? ext4_find_extent+0x7b2/0x7e0
[  153.970631][T20252]  ? ext4_ext_search_right+0x246/0x4f0
[  153.976348][T20252]  ext4_ext_map_blocks+0x1658/0x2120
[  153.981645][T20252]  ? ext4_es_lookup_extent+0x221/0x500
14:47:49 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  153.987108][T20252]  ext4_map_blocks+0x71e/0xf00
[  153.991874][T20252]  ext4_iomap_begin+0x4b0/0x630
[  153.996797][T20252]  ? ext4_alloc_da_blocks+0x100/0x100
[  154.002166][T20252]  iomap_iter+0x395/0x4a0
[  154.006648][T20252]  __iomap_dio_rw+0x695/0x1070
[  154.011574][T20252]  ? _raw_spin_lock_irq+0x41/0x50
[  154.016688][T20252]  iomap_dio_rw+0x38/0x80
[  154.021026][T20252]  ? ext4_file_write_iter+0x461/0x1200
[  154.026722][T20252]  ext4_file_write_iter+0xac3/0x1200
[  154.032002][T20252]  ? ext4_file_write_iter+0x461/0x1200
14:47:49 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  154.037540][T20252]  do_iter_readv_writev+0x2de/0x380
[  154.042794][T20252]  do_iter_write+0x192/0x5c0
[  154.047434][T20252]  ? splice_from_pipe_next+0x34f/0x3b0
[  154.052892][T20252]  ? kmalloc_array+0x2d/0x40
[  154.057485][T20252]  vfs_iter_write+0x4c/0x70
[  154.062120][T20252]  iter_file_splice_write+0x43a/0x790
[  154.067497][T20252]  ? splice_from_pipe+0xd0/0xd0
[  154.072351][T20252]  direct_splice_actor+0x80/0xa0
[  154.077369][T20252]  splice_direct_to_actor+0x345/0x650
[  154.082738][T20252]  ? do_splice_direct+0x190/0x190
[  154.087815][T20252]  do_splice_direct+0x106/0x190
[  154.092666][T20252]  do_sendfile+0x675/0xc40
[  154.097095][T20252]  __x64_sys_sendfile64+0x102/0x140
[  154.102362][T20252]  do_syscall_64+0x44/0xd0
[  154.106778][T20252]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.112675][T20252] RIP: 0033:0x7f8cb7c38ae9
[  154.117083][T20252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:49 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:49 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x0, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:49 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:49 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 22)

[  154.136725][T20252] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  154.145181][T20252] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  154.153174][T20252] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  154.161162][T20252] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  154.169136][T20252] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  154.177107][T20252] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  154.185092][T20252]  </TASK>
[  154.233825][T20467] FAULT_INJECTION: forcing a failure.
[  154.233825][T20467] name failslab, interval 1, probability 0, space 0, times 0
[  154.246496][T20467] CPU: 1 PID: 20467 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  154.255260][T20467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  154.265302][T20467] Call Trace:
[  154.268565][T20467]  <TASK>
[  154.271478][T20467]  dump_stack_lvl+0xd6/0x122
[  154.276078][T20467]  dump_stack+0x11/0x1b
[  154.280229][T20467]  should_fail+0x23c/0x250
[  154.284827][T20467]  ? ext4_mb_new_blocks+0x328/0x1ee0
[  154.290116][T20467]  __should_failslab+0x81/0x90
[  154.294865][T20467]  should_failslab+0x5/0x20
[  154.299388][T20467]  kmem_cache_alloc+0x4f/0x320
[  154.304214][T20467]  ext4_mb_new_blocks+0x328/0x1ee0
[  154.309387][T20467]  ? ext4_find_extent+0x7b2/0x7e0
[  154.314403][T20467]  ? ext4_ext_search_right+0x246/0x4f0
[  154.319861][T20467]  ext4_ext_map_blocks+0x1658/0x2120
[  154.325233][T20467]  ? ext4_es_lookup_extent+0x221/0x500
[  154.330674][T20467]  ext4_map_blocks+0x71e/0xf00
[  154.335491][T20467]  ext4_iomap_begin+0x4b0/0x630
[  154.340330][T20467]  ? ext4_alloc_da_blocks+0x100/0x100
[  154.345784][T20467]  iomap_iter+0x395/0x4a0
[  154.350100][T20467]  __iomap_dio_rw+0x695/0x1070
[  154.354901][T20467]  ? _raw_spin_lock_irq+0x41/0x50
[  154.359974][T20467]  iomap_dio_rw+0x38/0x80
[  154.364309][T20467]  ? ext4_file_write_iter+0x461/0x1200
[  154.369823][T20467]  ext4_file_write_iter+0xac3/0x1200
[  154.375198][T20467]  ? ext4_file_write_iter+0x461/0x1200
[  154.380652][T20467]  do_iter_readv_writev+0x2de/0x380
[  154.385912][T20467]  do_iter_write+0x192/0x5c0
[  154.390544][T20467]  vfs_iter_write+0x4c/0x70
[  154.395049][T20467]  iter_file_splice_write+0x43a/0x790
[  154.400423][T20467]  ? splice_from_pipe+0xd0/0xd0
[  154.405260][T20467]  direct_splice_actor+0x80/0xa0
[  154.410188][T20467]  splice_direct_to_actor+0x345/0x650
[  154.415562][T20467]  ? do_splice_direct+0x190/0x190
[  154.420581][T20467]  do_splice_direct+0x106/0x190
[  154.426337][T20467]  do_sendfile+0x675/0xc40
[  154.431004][T20467]  __x64_sys_sendfile64+0x102/0x140
[  154.436246][T20467]  do_syscall_64+0x44/0xd0
[  154.440657][T20467]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.446573][T20467] RIP: 0033:0x7f8cb7c38ae9
[  154.451003][T20467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  154.470604][T20467] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
14:47:49 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 23)

[  154.479011][T20467] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  154.487052][T20467] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  154.495095][T20467] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  154.503047][T20467] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  154.511041][T20467] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  154.519052][T20467]  </TASK>
[  154.610767][T20479] FAULT_INJECTION: forcing a failure.
[  154.610767][T20479] name failslab, interval 1, probability 0, space 0, times 0
[  154.623715][T20479] CPU: 1 PID: 20479 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  154.632476][T20479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  154.642528][T20479] Call Trace:
[  154.645799][T20479]  <TASK>
[  154.648719][T20479]  dump_stack_lvl+0xd6/0x122
[  154.653304][T20479]  dump_stack+0x11/0x1b
14:47:49 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:49 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:49 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:49 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  154.657459][T20479]  should_fail+0x23c/0x250
[  154.661890][T20479]  ? ext4_mb_new_blocks+0x73e/0x1ee0
[  154.667247][T20479]  __should_failslab+0x81/0x90
[  154.672075][T20479]  should_failslab+0x5/0x20
[  154.676583][T20479]  kmem_cache_alloc+0x4f/0x320
[  154.681350][T20479]  ext4_mb_new_blocks+0x73e/0x1ee0
[  154.686476][T20479]  ? ext4_find_extent+0x7b2/0x7e0
[  154.691549][T20479]  ? ext4_ext_search_right+0x246/0x4f0
[  154.697049][T20479]  ext4_ext_map_blocks+0x1658/0x2120
[  154.702440][T20479]  ? ext4_es_lookup_extent+0x221/0x500
[  154.707901][T20479]  ext4_map_blocks+0x71e/0xf00
[  154.712668][T20479]  ext4_iomap_begin+0x4b0/0x630
[  154.717514][T20479]  ? ext4_alloc_da_blocks+0x100/0x100
[  154.723073][T20479]  iomap_iter+0x395/0x4a0
[  154.727389][T20479]  __iomap_dio_rw+0x695/0x1070
[  154.732256][T20479]  ? _raw_spin_lock_irq+0x41/0x50
[  154.737312][T20479]  iomap_dio_rw+0x38/0x80
[  154.741671][T20479]  ? ext4_file_write_iter+0x461/0x1200
[  154.747113][T20479]  ext4_file_write_iter+0xac3/0x1200
[  154.752399][T20479]  ? ext4_file_write_iter+0x461/0x1200
[  154.757857][T20479]  do_iter_readv_writev+0x2de/0x380
[  154.763302][T20479]  do_iter_write+0x192/0x5c0
[  154.767895][T20479]  ? splice_from_pipe_next+0x34f/0x3b0
[  154.773402][T20479]  ? kmalloc_array+0x2d/0x40
[  154.777991][T20479]  vfs_iter_write+0x4c/0x70
[  154.782586][T20479]  iter_file_splice_write+0x43a/0x790
[  154.788149][T20479]  ? splice_from_pipe+0xd0/0xd0
[  154.793005][T20479]  direct_splice_actor+0x80/0xa0
[  154.797991][T20479]  splice_direct_to_actor+0x345/0x650
[  154.803372][T20479]  ? do_splice_direct+0x190/0x190
[  154.808411][T20479]  do_splice_direct+0x106/0x190
[  154.813259][T20479]  do_sendfile+0x675/0xc40
[  154.817678][T20479]  __x64_sys_sendfile64+0x102/0x140
[  154.822880][T20479]  do_syscall_64+0x44/0xd0
[  154.827318][T20479]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.833392][T20479] RIP: 0033:0x7f8cb7c38ae9
[  154.837817][T20479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:49 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  154.857536][T20479] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  154.866026][T20479] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  154.874010][T20479] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  154.881960][T20479] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  154.889913][T20479] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  154.897949][T20479] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  154.906066][T20479]  </TASK>
14:47:49 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 24)

14:47:49 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  154.973773][T20694] FAULT_INJECTION: forcing a failure.
[  154.973773][T20694] name failslab, interval 1, probability 0, space 0, times 0
[  154.986766][T20694] CPU: 0 PID: 20694 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  154.995552][T20694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  155.005604][T20694] Call Trace:
[  155.008878][T20694]  <TASK>
[  155.011804][T20694]  dump_stack_lvl+0xd6/0x122
[  155.016580][T20694]  dump_stack+0x11/0x1b
[  155.020836][T20694]  should_fail+0x23c/0x250
[  155.025262][T20694]  ? __es_insert_extent+0x546/0xe80
[  155.030700][T20694]  __should_failslab+0x81/0x90
[  155.035468][T20694]  should_failslab+0x5/0x20
[  155.040078][T20694]  kmem_cache_alloc+0x4f/0x320
[  155.044913][T20694]  __es_insert_extent+0x546/0xe80
[  155.049959][T20694]  ext4_es_insert_extent+0x1cb/0x19c0
[  155.055358][T20694]  ext4_map_blocks+0xa5d/0xf00
[  155.060150][T20694]  ext4_iomap_begin+0x4b0/0x630
[  155.065075][T20694]  ? ext4_alloc_da_blocks+0x100/0x100
14:47:50 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  155.070450][T20694]  iomap_iter+0x395/0x4a0
[  155.074780][T20694]  __iomap_dio_rw+0x695/0x1070
[  155.079617][T20694]  ? _raw_spin_lock_irq+0x41/0x50
[  155.084642][T20694]  iomap_dio_rw+0x38/0x80
[  155.088976][T20694]  ? ext4_file_write_iter+0x461/0x1200
[  155.094429][T20694]  ext4_file_write_iter+0xac3/0x1200
[  155.099728][T20694]  ? ext4_file_write_iter+0x461/0x1200
[  155.105257][T20694]  do_iter_readv_writev+0x2de/0x380
[  155.110691][T20694]  do_iter_write+0x192/0x5c0
[  155.115278][T20694]  ? splice_from_pipe_next+0x34f/0x3b0
[  155.120788][T20694]  ? kmalloc_array+0x2d/0x40
[  155.125473][T20694]  vfs_iter_write+0x4c/0x70
[  155.129980][T20694]  iter_file_splice_write+0x43a/0x790
[  155.135356][T20694]  ? splice_from_pipe+0xd0/0xd0
[  155.140209][T20694]  direct_splice_actor+0x80/0xa0
[  155.145142][T20694]  splice_direct_to_actor+0x345/0x650
[  155.150513][T20694]  ? do_splice_direct+0x190/0x190
[  155.155601][T20694]  do_splice_direct+0x106/0x190
[  155.160452][T20694]  do_sendfile+0x675/0xc40
[  155.164877][T20694]  __x64_sys_sendfile64+0x102/0x140
[  155.170090][T20694]  do_syscall_64+0x44/0xd0
[  155.174488][T20694]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  155.180389][T20694] RIP: 0033:0x7f8cb7c38ae9
[  155.184866][T20694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  155.204451][T20694] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  155.212860][T20694] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
14:47:50 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x0, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:50 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0x0, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:50 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  155.220818][T20694] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  155.228835][T20694] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  155.236782][T20694] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  155.244731][T20694] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  155.252683][T20694]  </TASK>
14:47:50 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 25)

14:47:50 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  155.436061][T20714] FAULT_INJECTION: forcing a failure.
[  155.436061][T20714] name failslab, interval 1, probability 0, space 0, times 0
[  155.448800][T20714] CPU: 0 PID: 20714 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  155.457596][T20714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  155.467648][T20714] Call Trace:
[  155.470922][T20714]  <TASK>
[  155.473886][T20714]  dump_stack_lvl+0xd6/0x122
[  155.478583][T20714]  dump_stack+0x11/0x1b
[  155.482779][T20714]  should_fail+0x23c/0x250
[  155.487228][T20714]  ? mempool_alloc_slab+0x16/0x20
[  155.492284][T20714]  __should_failslab+0x81/0x90
[  155.497054][T20714]  should_failslab+0x5/0x20
[  155.501639][T20714]  kmem_cache_alloc+0x4f/0x320
[  155.506477][T20714]  mempool_alloc_slab+0x16/0x20
[  155.511351][T20714]  ? mempool_free+0x130/0x130
[  155.516050][T20714]  mempool_alloc+0x9d/0x310
[  155.520581][T20714]  ? preempt_count_add+0x4e/0x90
[  155.525546][T20714]  ? _raw_read_unlock+0x13/0x30
[  155.530529][T20714]  ? jbd2_transaction_committed+0xad/0xc0
[  155.536265][T20714]  bio_alloc_bioset+0xcc/0x560
[  155.541039][T20714]  ? iov_iter_alignment+0x34b/0x370
[  155.546242][T20714]  iomap_dio_bio_iter+0x5ed/0xc70
[  155.551296][T20714]  ? ext4_alloc_da_blocks+0x100/0x100
[  155.556701][T20714]  __iomap_dio_rw+0x8b5/0x1070
[  155.561468][T20714]  ? _raw_spin_lock_irq+0x41/0x50
[  155.566540][T20714]  iomap_dio_rw+0x38/0x80
[  155.570934][T20714]  ? ext4_file_write_iter+0x461/0x1200
[  155.576398][T20714]  ext4_file_write_iter+0xac3/0x1200
[  155.581712][T20714]  ? ext4_file_write_iter+0x461/0x1200
[  155.587172][T20714]  do_iter_readv_writev+0x2de/0x380
[  155.592373][T20714]  do_iter_write+0x192/0x5c0
[  155.596988][T20714]  ? splice_from_pipe_next+0x34f/0x3b0
[  155.602529][T20714]  ? kmalloc_array+0x2d/0x40
[  155.607125][T20714]  vfs_iter_write+0x4c/0x70
[  155.611639][T20714]  iter_file_splice_write+0x43a/0x790
[  155.617082][T20714]  ? splice_from_pipe+0xd0/0xd0
[  155.622015][T20714]  direct_splice_actor+0x80/0xa0
[  155.627108][T20714]  splice_direct_to_actor+0x345/0x650
[  155.632487][T20714]  ? do_splice_direct+0x190/0x190
[  155.637517][T20714]  do_splice_direct+0x106/0x190
[  155.642466][T20714]  do_sendfile+0x675/0xc40
[  155.646956][T20714]  __x64_sys_sendfile64+0x102/0x140
[  155.652186][T20714]  do_syscall_64+0x44/0xd0
[  155.656613][T20714]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  155.662508][T20714] RIP: 0033:0x7f8cb7c38ae9
[  155.666950][T20714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:50 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  155.687258][T20714] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  155.695697][T20714] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  155.703670][T20714] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  155.711647][T20714] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  155.719758][T20714] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  155.727779][T20714] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  155.735785][T20714]  </TASK>
[  155.742794][   T24] kauditd_printk_skb: 60 callbacks suppressed
[  155.742806][   T24] audit: type=1400 audit(1638802070.702:160): avc:  denied  { unlink } for  pid=1420 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
14:47:50 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:50 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:50 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0x0, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:50 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:51 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 26)

14:47:51 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  156.099876][T20947] FAULT_INJECTION: forcing a failure.
[  156.099876][T20947] name failslab, interval 1, probability 0, space 0, times 0
[  156.112591][T20947] CPU: 0 PID: 20947 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  156.121360][T20947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  156.131430][T20947] Call Trace:
[  156.134716][T20947]  <TASK>
[  156.137690][T20947]  dump_stack_lvl+0xd6/0x122
[  156.142284][T20947]  dump_stack+0x11/0x1b
[  156.146443][T20947]  should_fail+0x23c/0x250
[  156.150866][T20947]  ? mempool_alloc_slab+0x16/0x20
[  156.155985][T20947]  __should_failslab+0x81/0x90
[  156.160751][T20947]  should_failslab+0x5/0x20
[  156.165311][T20947]  kmem_cache_alloc+0x4f/0x320
[  156.170290][T20947]  mempool_alloc_slab+0x16/0x20
[  156.175152][T20947]  ? mempool_free+0x130/0x130
[  156.179904][T20947]  mempool_alloc+0x9d/0x310
[  156.184415][T20947]  ? __find_get_block+0x785/0x9b0
[  156.189497][T20947]  sg_pool_alloc+0x74/0x90
[  156.193977][T20947]  __sg_alloc_table+0xce/0x290
14:47:51 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x0, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:51 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0x0, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  156.198848][T20947]  sg_alloc_table_chained+0xaf/0x140
[  156.204228][T20947]  ? sg_alloc_table_chained+0x140/0x140
[  156.209824][T20947]  scsi_alloc_sgtables+0x18a/0x510
[  156.214938][T20947]  sd_init_command+0x944/0x1610
[  156.219871][T20947]  scsi_queue_rq+0x1026/0x1460
[  156.224698][T20947]  blk_mq_dispatch_rq_list+0x534/0x11e0
[  156.230301][T20947]  ? __sbitmap_queue_get+0x11/0x20
[  156.235459][T20947]  blk_mq_do_dispatch_sched+0x446/0x6d0
[  156.241129][T20947]  __blk_mq_sched_dispatch_requests+0x1ca/0x270
[  156.247380][T20947]  blk_mq_sched_dispatch_requests+0x9f/0x110
[  156.253364][T20947]  __blk_mq_run_hw_queue+0xc1/0x140
[  156.258606][T20947]  __blk_mq_delay_run_hw_queue+0x199/0x360
[  156.264586][T20947]  ? __rcu_read_unlock+0x5c/0x290
[  156.269658][T20947]  blk_mq_run_hw_queue+0x231/0x260
[  156.274782][T20947]  blk_mq_sched_insert_requests+0x130/0x200
[  156.280719][T20947]  blk_mq_flush_plug_list+0x372/0x460
[  156.286106][T20947]  blk_flush_plug+0x25a/0x2b0
[  156.290847][T20947]  ? ext4_iomap_end+0x33/0x50
[  156.295570][T20947]  blk_finish_plug+0x44/0x60
[  156.300172][T20947]  __iomap_dio_rw+0xcad/0x1070
[  156.304971][T20947]  ? _raw_spin_lock_irq+0x41/0x50
[  156.310005][T20947]  iomap_dio_rw+0x38/0x80
[  156.314333][T20947]  ? ext4_file_write_iter+0x461/0x1200
[  156.319847][T20947]  ext4_file_write_iter+0xac3/0x1200
[  156.325160][T20947]  ? ext4_file_write_iter+0x461/0x1200
[  156.330644][T20947]  do_iter_readv_writev+0x2de/0x380
[  156.335870][T20947]  do_iter_write+0x192/0x5c0
[  156.340495][T20947]  ? splice_from_pipe_next+0x34f/0x3b0
[  156.346016][T20947]  ? kmalloc_array+0x2d/0x40
[  156.350661][T20947]  vfs_iter_write+0x4c/0x70
[  156.355209][T20947]  iter_file_splice_write+0x43a/0x790
[  156.360571][T20947]  ? splice_from_pipe+0xd0/0xd0
[  156.365486][T20947]  direct_splice_actor+0x80/0xa0
[  156.370630][T20947]  splice_direct_to_actor+0x345/0x650
[  156.375993][T20947]  ? do_splice_direct+0x190/0x190
[  156.381051][T20947]  do_splice_direct+0x106/0x190
[  156.385949][T20947]  do_sendfile+0x675/0xc40
[  156.390351][T20947]  __x64_sys_sendfile64+0x102/0x140
[  156.395609][T20947]  do_syscall_64+0x44/0xd0
[  156.400035][T20947]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.405925][T20947] RIP: 0033:0x7f8cb7c38ae9
[  156.410335][T20947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  156.430099][T20947] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  156.438566][T20947] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
14:47:51 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0x0, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  156.446523][T20947] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  156.454479][T20947] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  156.462535][T20947] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  156.470515][T20947] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  156.478475][T20947]  </TASK>
14:47:51 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:51 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 27)

14:47:51 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:51 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  156.697223][T21254] FAULT_INJECTION: forcing a failure.
[  156.697223][T21254] name failslab, interval 1, probability 0, space 0, times 0
[  156.710147][T21254] CPU: 0 PID: 21254 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  156.718998][T21254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  156.729089][T21254] Call Trace:
[  156.732368][T21254]  <TASK>
[  156.735356][T21254]  dump_stack_lvl+0xd6/0x122
[  156.740031][T21254]  dump_stack+0x11/0x1b
[  156.744250][T21254]  should_fail+0x23c/0x250
[  156.748718][T21254]  ? jbd2__journal_start+0xf7/0x3f0
[  156.753914][T21254]  __should_failslab+0x81/0x90
[  156.758678][T21254]  should_failslab+0x5/0x20
[  156.763327][T21254]  kmem_cache_alloc+0x4f/0x320
[  156.768193][T21254]  jbd2__journal_start+0xf7/0x3f0
[  156.773253][T21254]  __ext4_journal_start_sb+0x159/0x310
[  156.778786][T21254]  ext4_file_write_iter+0xbe6/0x1200
[  156.784076][T21254]  do_iter_readv_writev+0x2de/0x380
[  156.789327][T21254]  do_iter_write+0x192/0x5c0
[  156.793996][T21254]  ? page_cache_pipe_buf_confirm+0x65/0x180
[  156.799891][T21254]  ? page_cache_pipe_buf_confirm+0xbf/0x180
[  156.805910][T21254]  vfs_iter_write+0x4c/0x70
[  156.810470][T21254]  iter_file_splice_write+0x43a/0x790
[  156.815864][T21254]  ? splice_from_pipe+0xd0/0xd0
[  156.820750][T21254]  direct_splice_actor+0x80/0xa0
[  156.825791][T21254]  splice_direct_to_actor+0x345/0x650
[  156.831169][T21254]  ? do_splice_direct+0x190/0x190
[  156.836197][T21254]  do_splice_direct+0x106/0x190
[  156.841050][T21254]  do_sendfile+0x675/0xc40
[  156.845487][T21254]  __x64_sys_sendfile64+0x102/0x140
[  156.850719][T21254]  do_syscall_64+0x44/0xd0
[  156.855193][T21254]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.861139][T21254] RIP: 0033:0x7f8cb7c38ae9
[  156.865548][T21254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  156.885246][T21254] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
14:47:51 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x0, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:51 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

[  156.893696][T21254] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  156.901665][T21254] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  156.909638][T21254] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  156.917611][T21254] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  156.925652][T21254] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  156.933632][T21254]  </TASK>
14:47:51 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 28)

14:47:51 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  157.022063][T21468] FAULT_INJECTION: forcing a failure.
[  157.022063][T21468] name failslab, interval 1, probability 0, space 0, times 0
[  157.034874][T21468] CPU: 0 PID: 21468 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  157.043689][T21468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.053920][T21468] Call Trace:
[  157.057201][T21468]  <TASK>
[  157.060131][T21468]  dump_stack_lvl+0xd6/0x122
[  157.064740][T21468]  dump_stack+0x11/0x1b
[  157.068909][T21468]  should_fail+0x23c/0x250
[  157.073323][T21468]  ? jbd2__journal_start+0xf7/0x3f0
[  157.078515][T21468]  __should_failslab+0x81/0x90
[  157.083282][T21468]  should_failslab+0x5/0x20
[  157.087789][T21468]  kmem_cache_alloc+0x4f/0x320
[  157.092703][T21468]  jbd2__journal_start+0xf7/0x3f0
[  157.097800][T21468]  __ext4_journal_start_sb+0x159/0x310
[  157.103276][T21468]  ? ext4_expand_extra_isize+0x560/0x560
[  157.108931][T21468]  ext4_dirty_inode+0x58/0xa0
[  157.113641][T21468]  __mark_inode_dirty+0x72/0x6c0
14:47:52 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x0, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  157.118609][T21468]  ? ktime_get_coarse_real_ts64+0x10d/0x120
[  157.124513][T21468]  inode_update_time+0x1b4/0x1d0
[  157.129519][T21468]  file_update_time+0x1f3/0x230
[  157.134377][T21468]  file_modified+0x62/0x80
[  157.138830][T21468]  ext4_file_write_iter+0x795/0x1200
[  157.144152][T21468]  ? ext4_file_write_iter+0x461/0x1200
[  157.149732][T21468]  do_iter_readv_writev+0x2de/0x380
[  157.155001][T21468]  do_iter_write+0x192/0x5c0
[  157.159624][T21468]  ? splice_from_pipe_next+0x34f/0x3b0
[  157.165157][T21468]  ? kmalloc_array+0x2d/0x40
[  157.169749][T21468]  vfs_iter_write+0x4c/0x70
[  157.174264][T21468]  iter_file_splice_write+0x43a/0x790
[  157.179714][T21468]  ? splice_from_pipe+0xd0/0xd0
[  157.184582][T21468]  direct_splice_actor+0x80/0xa0
[  157.189573][T21468]  splice_direct_to_actor+0x345/0x650
[  157.194983][T21468]  ? do_splice_direct+0x190/0x190
[  157.200016][T21468]  do_splice_direct+0x106/0x190
[  157.204873][T21468]  do_sendfile+0x675/0xc40
[  157.209290][T21468]  __x64_sys_sendfile64+0x102/0x140
[  157.214492][T21468]  do_syscall_64+0x44/0xd0
[  157.218916][T21468]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  157.225425][T21468] RIP: 0033:0x7f8cb7c38ae9
[  157.229847][T21468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  157.249500][T21468] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  157.258399][T21468] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
14:47:52 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))

14:47:52 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:52 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x0, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:52 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  157.266375][T21468] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  157.274348][T21468] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  157.282444][T21468] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  157.290419][T21468] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  157.298497][T21468]  </TASK>
14:47:52 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:52 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 29)

[  157.499015][T21690] FAULT_INJECTION: forcing a failure.
[  157.499015][T21690] name failslab, interval 1, probability 0, space 0, times 0
[  157.511714][T21690] CPU: 0 PID: 21690 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  157.520482][T21690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.530541][T21690] Call Trace:
[  157.533928][T21690]  <TASK>
[  157.536866][T21690]  dump_stack_lvl+0xd6/0x122
[  157.541465][T21690]  dump_stack+0x11/0x1b
[  157.545658][T21690]  should_fail+0x23c/0x250
[  157.550122][T21690]  ? __iomap_dio_rw+0x143/0x1070
[  157.555068][T21690]  __should_failslab+0x81/0x90
[  157.559904][T21690]  should_failslab+0x5/0x20
[  157.564777][T21690]  kmem_cache_alloc_trace+0x52/0x350
[  157.570076][T21690]  __iomap_dio_rw+0x143/0x1070
[  157.575218][T21690]  ? preempt_count_add+0x4e/0x90
[  157.580167][T21690]  ? _raw_spin_unlock_irqrestore+0x3d/0x60
[  157.586107][T21690]  ? ___cache_free+0x46/0x300
[  157.590796][T21690]  iomap_dio_rw+0x38/0x80
14:47:52 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

[  157.595130][T21690]  ? ext4_file_write_iter+0x461/0x1200
[  157.600600][T21690]  ext4_file_write_iter+0xac3/0x1200
[  157.605907][T21690]  ? ext4_file_write_iter+0x461/0x1200
[  157.611370][T21690]  do_iter_readv_writev+0x2de/0x380
[  157.616599][T21690]  do_iter_write+0x192/0x5c0
[  157.621222][T21690]  ? splice_from_pipe_next+0x34f/0x3b0
[  157.626716][T21690]  ? kmalloc_array+0x2d/0x40
[  157.631312][T21690]  vfs_iter_write+0x4c/0x70
[  157.635839][T21690]  iter_file_splice_write+0x43a/0x790
[  157.641378][T21690]  ? splice_from_pipe+0xd0/0xd0
[  157.646277][T21690]  direct_splice_actor+0x80/0xa0
[  157.651273][T21690]  splice_direct_to_actor+0x345/0x650
[  157.656694][T21690]  ? do_splice_direct+0x190/0x190
[  157.661721][T21690]  do_splice_direct+0x106/0x190
[  157.666582][T21690]  do_sendfile+0x675/0xc40
[  157.671039][T21690]  __x64_sys_sendfile64+0x102/0x140
[  157.676321][T21690]  do_syscall_64+0x44/0xd0
[  157.680829][T21690]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  157.686732][T21690] RIP: 0033:0x7f8cb7c38ae9
[  157.691144][T21690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  157.710860][T21690] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  157.719331][T21690] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  157.727504][T21690] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  157.735543][T21690] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
14:47:52 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 30)

14:47:52 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

[  157.743586][T21690] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  157.751562][T21690] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  157.759546][T21690]  </TASK>
14:47:52 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x0, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:52 executing program 2:
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  157.856158][T21997] FAULT_INJECTION: forcing a failure.
[  157.856158][T21997] name failslab, interval 1, probability 0, space 0, times 0
[  157.868987][T21997] CPU: 0 PID: 21997 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  157.877929][T21997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.887988][T21997] Call Trace:
[  157.891298][T21997]  <TASK>
[  157.894233][T21997]  dump_stack_lvl+0xd6/0x122
[  157.898843][T21997]  dump_stack+0x11/0x1b
14:47:52 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0x0, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:52 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  157.903045][T21997]  should_fail+0x23c/0x250
[  157.907471][T21997]  ? jbd2__journal_start+0xf7/0x3f0
[  157.912761][T21997]  __should_failslab+0x81/0x90
[  157.917554][T21997]  should_failslab+0x5/0x20
[  157.922147][T21997]  kmem_cache_alloc+0x4f/0x320
[  157.926906][T21997]  jbd2__journal_start+0xf7/0x3f0
[  157.931926][T21997]  __ext4_journal_start_sb+0x159/0x310
[  157.937451][T21997]  ? ext4_file_write_iter+0x461/0x1200
[  157.942909][T21997]  ext4_file_write_iter+0x992/0x1200
[  157.948360][T21997]  ? ext4_file_write_iter+0x461/0x1200
14:47:52 executing program 1:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x0, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  157.953826][T21997]  do_iter_readv_writev+0x2de/0x380
[  157.959050][T21997]  do_iter_write+0x192/0x5c0
[  157.963647][T21997]  ? splice_from_pipe_next+0x34f/0x3b0
[  157.969138][T21997]  ? kmalloc_array+0x2d/0x40
[  157.973732][T21997]  vfs_iter_write+0x4c/0x70
[  157.978277][T21997]  iter_file_splice_write+0x43a/0x790
[  157.983755][T21997]  ? splice_from_pipe+0xd0/0xd0
[  157.988658][T21997]  direct_splice_actor+0x80/0xa0
[  157.993614][T21997]  splice_direct_to_actor+0x345/0x650
[  157.998989][T21997]  ? do_splice_direct+0x190/0x190
[  158.004059][T21997]  do_splice_direct+0x106/0x190
[  158.008917][T21997]  do_sendfile+0x675/0xc40
[  158.013413][T21997]  __x64_sys_sendfile64+0x102/0x140
[  158.018939][T21997]  do_syscall_64+0x44/0xd0
[  158.023365][T21997]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.029264][T21997] RIP: 0033:0x7f8cb7c38ae9
[  158.033676][T21997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.053498][T21997] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  158.062209][T21997] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  158.070279][T21997] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  158.078258][T21997] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  158.086239][T21997] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  158.094307][T21997] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  158.102303][T21997]  </TASK>
14:47:53 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 31)

[  158.171261][T22180] FAULT_INJECTION: forcing a failure.
[  158.171261][T22180] name failslab, interval 1, probability 0, space 0, times 0
[  158.184547][T22180] CPU: 0 PID: 22180 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  158.193312][T22180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.203365][T22180] Call Trace:
[  158.206642][T22180]  <TASK>
[  158.209566][T22180]  dump_stack_lvl+0xd6/0x122
[  158.214159][T22180]  dump_stack+0x11/0x1b
14:47:53 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x0, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:53 executing program 2:
syz_io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  158.218417][T22180]  should_fail+0x23c/0x250
[  158.222838][T22180]  ? jbd2__journal_start+0xf7/0x3f0
[  158.228038][T22180]  __should_failslab+0x81/0x90
[  158.232838][T22180]  should_failslab+0x5/0x20
[  158.237396][T22180]  kmem_cache_alloc+0x4f/0x320
[  158.242228][T22180]  jbd2__journal_start+0xf7/0x3f0
[  158.247265][T22180]  __ext4_journal_start_sb+0x159/0x310
[  158.252759][T22180]  ext4_iomap_begin+0x408/0x630
[  158.257644][T22180]  ? ext4_alloc_da_blocks+0x100/0x100
[  158.263198][T22180]  iomap_iter+0x395/0x4a0
[  158.267542][T22180]  __iomap_dio_rw+0x695/0x1070
[  158.272311][T22180]  ? _raw_spin_lock_irq+0x41/0x50
[  158.277342][T22180]  iomap_dio_rw+0x38/0x80
[  158.281681][T22180]  ? ext4_file_write_iter+0x461/0x1200
[  158.287147][T22180]  ext4_file_write_iter+0xac3/0x1200
[  158.292440][T22180]  ? ext4_file_write_iter+0x461/0x1200
[  158.298083][T22180]  do_iter_readv_writev+0x2de/0x380
[  158.303285][T22180]  do_iter_write+0x192/0x5c0
[  158.307884][T22180]  ? splice_from_pipe_next+0x34f/0x3b0
[  158.313424][T22180]  ? kmalloc_array+0x2d/0x40
[  158.318018][T22180]  vfs_iter_write+0x4c/0x70
[  158.322554][T22180]  iter_file_splice_write+0x43a/0x790
[  158.327993][T22180]  ? splice_from_pipe+0xd0/0xd0
[  158.332853][T22180]  direct_splice_actor+0x80/0xa0
[  158.337863][T22180]  splice_direct_to_actor+0x345/0x650
[  158.343238][T22180]  ? do_splice_direct+0x190/0x190
[  158.348271][T22180]  do_splice_direct+0x106/0x190
[  158.353160][T22180]  do_sendfile+0x675/0xc40
[  158.357624][T22180]  __x64_sys_sendfile64+0x102/0x140
[  158.362882][T22180]  do_syscall_64+0x44/0xd0
[  158.367303][T22180]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.373201][T22180] RIP: 0033:0x7f8cb7c38ae9
[  158.377615][T22180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.397275][T22180] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  158.405706][T22180] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  158.413729][T22180] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
14:47:53 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x0, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  158.421703][T22180] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  158.429679][T22180] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  158.437712][T22180] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  158.445700][T22180]  </TASK>
14:47:53 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 32)

14:47:53 executing program 2:
syz_io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  158.533429][T22325] FAULT_INJECTION: forcing a failure.
[  158.533429][T22325] name failslab, interval 1, probability 0, space 0, times 0
[  158.546128][T22325] CPU: 0 PID: 22325 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  158.554890][T22325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.564950][T22325] Call Trace:
[  158.568229][T22325]  <TASK>
[  158.571225][T22325]  dump_stack_lvl+0xd6/0x122
[  158.576348][T22325]  dump_stack+0x11/0x1b
[  158.580546][T22325]  should_fail+0x23c/0x250
[  158.585010][T22325]  ? jbd2__journal_start+0xf7/0x3f0
[  158.590216][T22325]  __should_failslab+0x81/0x90
[  158.595130][T22325]  should_failslab+0x5/0x20
[  158.599646][T22325]  kmem_cache_alloc+0x4f/0x320
[  158.604454][T22325]  ? __find_get_block+0x785/0x9b0
[  158.609493][T22325]  jbd2__journal_start+0xf7/0x3f0
[  158.614569][T22325]  __ext4_journal_start_sb+0x159/0x310
[  158.620127][T22325]  ext4_iomap_begin+0x408/0x630
[  158.624989][T22325]  ? ext4_alloc_da_blocks+0x100/0x100
[  158.630371][T22325]  iomap_iter+0x395/0x4a0
[  158.634711][T22325]  __iomap_dio_rw+0x695/0x1070
[  158.639558][T22325]  ? _raw_spin_lock_irq+0x41/0x50
[  158.644589][T22325]  iomap_dio_rw+0x38/0x80
[  158.648983][T22325]  ? ext4_file_write_iter+0x461/0x1200
[  158.654444][T22325]  ext4_file_write_iter+0xac3/0x1200
[  158.659865][T22325]  ? ext4_file_write_iter+0x461/0x1200
[  158.665334][T22325]  do_iter_readv_writev+0x2de/0x380
[  158.670539][T22325]  do_iter_write+0x192/0x5c0
[  158.675177][T22325]  ? splice_from_pipe_next+0x34f/0x3b0
[  158.680703][T22325]  ? kmalloc_array+0x2d/0x40
[  158.685403][T22325]  vfs_iter_write+0x4c/0x70
[  158.689920][T22325]  iter_file_splice_write+0x43a/0x790
[  158.695345][T22325]  ? splice_from_pipe+0xd0/0xd0
[  158.700205][T22325]  direct_splice_actor+0x80/0xa0
[  158.705220][T22325]  splice_direct_to_actor+0x345/0x650
[  158.710603][T22325]  ? do_splice_direct+0x190/0x190
[  158.715666][T22325]  do_splice_direct+0x106/0x190
[  158.720575][T22325]  do_sendfile+0x675/0xc40
[  158.724996][T22325]  __x64_sys_sendfile64+0x102/0x140
[  158.730215][T22325]  do_syscall_64+0x44/0xd0
[  158.734716][T22325]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.740691][T22325] RIP: 0033:0x7f8cb7c38ae9
[  158.745181][T22325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.764791][T22325] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  158.773255][T22325] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
14:47:53 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0x0, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:53 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:53 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x0, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:53 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 33)

[  158.781229][T22325] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  158.789203][T22325] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  158.797178][T22325] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  158.805153][T22325] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  158.813480][T22325]  </TASK>
14:47:53 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x0, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:53 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  158.888879][T22435] FAULT_INJECTION: forcing a failure.
[  158.888879][T22435] name failslab, interval 1, probability 0, space 0, times 0
[  158.901545][T22435] CPU: 0 PID: 22435 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  158.910308][T22435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.920357][T22435] Call Trace:
[  158.923623][T22435]  <TASK>
[  158.926565][T22435]  dump_stack_lvl+0xd6/0x122
[  158.931181][T22435]  dump_stack+0x11/0x1b
[  158.935332][T22435]  should_fail+0x23c/0x250
[  158.939830][T22435]  ? ext4_mb_new_blocks+0x328/0x1ee0
[  158.945201][T22435]  __should_failslab+0x81/0x90
[  158.949966][T22435]  should_failslab+0x5/0x20
[  158.954472][T22435]  kmem_cache_alloc+0x4f/0x320
[  158.959303][T22435]  ext4_mb_new_blocks+0x328/0x1ee0
[  158.964503][T22435]  ? ext4_find_extent+0x7b2/0x7e0
[  158.969543][T22435]  ? ext4_ext_search_right+0x246/0x4f0
[  158.975109][T22435]  ext4_ext_map_blocks+0x1658/0x2120
[  158.980482][T22435]  ? ext4_es_lookup_extent+0x221/0x500
[  158.985935][T22435]  ext4_map_blocks+0x71e/0xf00
[  158.990767][T22435]  ext4_iomap_begin+0x4b0/0x630
[  158.995606][T22435]  ? ext4_alloc_da_blocks+0x100/0x100
[  159.001054][T22435]  iomap_iter+0x395/0x4a0
[  159.005721][T22435]  __iomap_dio_rw+0x695/0x1070
[  159.010500][T22435]  ? _raw_spin_lock_irq+0x41/0x50
[  159.015544][T22435]  iomap_dio_rw+0x38/0x80
[  159.019918][T22435]  ? ext4_file_write_iter+0x461/0x1200
[  159.025564][T22435]  ext4_file_write_iter+0xac3/0x1200
[  159.030896][T22435]  ? ext4_file_write_iter+0x461/0x1200
[  159.036403][T22435]  do_iter_readv_writev+0x2de/0x380
[  159.041588][T22435]  do_iter_write+0x192/0x5c0
[  159.046221][T22435]  ? splice_from_pipe_next+0x34f/0x3b0
[  159.051738][T22435]  ? kmalloc_array+0x2d/0x40
[  159.056325][T22435]  vfs_iter_write+0x4c/0x70
[  159.060818][T22435]  iter_file_splice_write+0x43a/0x790
[  159.066178][T22435]  ? splice_from_pipe+0xd0/0xd0
[  159.071102][T22435]  direct_splice_actor+0x80/0xa0
[  159.076036][T22435]  splice_direct_to_actor+0x345/0x650
[  159.081394][T22435]  ? do_splice_direct+0x190/0x190
[  159.086408][T22435]  do_splice_direct+0x106/0x190
[  159.091261][T22435]  do_sendfile+0x675/0xc40
[  159.095733][T22435]  __x64_sys_sendfile64+0x102/0x140
[  159.100917][T22435]  do_syscall_64+0x44/0xd0
[  159.105384][T22435]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.111352][T22435] RIP: 0033:0x7f8cb7c38ae9
[  159.115823][T22435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:54 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 34)

[  159.135456][T22435] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  159.143854][T22435] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  159.151814][T22435] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  159.159768][T22435] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  159.167724][T22435] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  159.175771][T22435] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  159.183800][T22435]  </TASK>
14:47:54 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  159.249716][T22471] FAULT_INJECTION: forcing a failure.
[  159.249716][T22471] name failslab, interval 1, probability 0, space 0, times 0
[  159.262542][T22471] CPU: 0 PID: 22471 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  159.271378][T22471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.281454][T22471] Call Trace:
[  159.284740][T22471]  <TASK>
[  159.287674][T22471]  dump_stack_lvl+0xd6/0x122
[  159.292473][T22471]  dump_stack+0x11/0x1b
14:47:54 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:54 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  159.296664][T22471]  should_fail+0x23c/0x250
[  159.301091][T22471]  ? ext4_mb_new_blocks+0x73e/0x1ee0
[  159.306382][T22471]  __should_failslab+0x81/0x90
[  159.311186][T22471]  should_failslab+0x5/0x20
[  159.315746][T22471]  kmem_cache_alloc+0x4f/0x320
[  159.320737][T22471]  ext4_mb_new_blocks+0x73e/0x1ee0
[  159.325862][T22471]  ? ext4_find_extent+0x7b2/0x7e0
[  159.330954][T22471]  ? ext4_ext_search_right+0x246/0x4f0
[  159.336429][T22471]  ext4_ext_map_blocks+0x1658/0x2120
[  159.341736][T22471]  ? ext4_es_lookup_extent+0x221/0x500
[  159.347218][T22471]  ext4_map_blocks+0x71e/0xf00
[  159.352091][T22471]  ext4_iomap_begin+0x4b0/0x630
[  159.356950][T22471]  ? ext4_alloc_da_blocks+0x100/0x100
[  159.362425][T22471]  iomap_iter+0x395/0x4a0
[  159.366760][T22471]  __iomap_dio_rw+0x695/0x1070
[  159.371531][T22471]  ? _raw_spin_lock_irq+0x41/0x50
[  159.376647][T22471]  iomap_dio_rw+0x38/0x80
[  159.380979][T22471]  ? ext4_file_write_iter+0x461/0x1200
[  159.386459][T22471]  ext4_file_write_iter+0xac3/0x1200
[  159.391816][T22471]  ? ext4_file_write_iter+0x461/0x1200
14:47:54 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

[  159.397287][T22471]  do_iter_readv_writev+0x2de/0x380
[  159.402511][T22471]  do_iter_write+0x192/0x5c0
[  159.407339][T22471]  ? splice_from_pipe_next+0x34f/0x3b0
[  159.412803][T22471]  ? kmalloc_array+0x2d/0x40
[  159.417391][T22471]  vfs_iter_write+0x4c/0x70
[  159.422005][T22471]  iter_file_splice_write+0x43a/0x790
[  159.427696][T22471]  ? splice_from_pipe+0xd0/0xd0
[  159.432585][T22471]  direct_splice_actor+0x80/0xa0
[  159.437658][T22471]  splice_direct_to_actor+0x345/0x650
[  159.443035][T22471]  ? do_splice_direct+0x190/0x190
[  159.448153][T22471]  do_splice_direct+0x106/0x190
[  159.453108][T22471]  do_sendfile+0x675/0xc40
[  159.457557][T22471]  __x64_sys_sendfile64+0x102/0x140
[  159.462975][T22471]  do_syscall_64+0x44/0xd0
[  159.467392][T22471]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.473272][T22471] RIP: 0033:0x7f8cb7c38ae9
[  159.477681][T22471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:54 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 35)

[  159.497460][T22471] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  159.505965][T22471] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  159.513977][T22471] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  159.521953][T22471] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  159.529923][T22471] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  159.537891][T22471] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  159.545898][T22471]  </TASK>
[  159.607505][T22559] FAULT_INJECTION: forcing a failure.
[  159.607505][T22559] name failslab, interval 1, probability 0, space 0, times 0
[  159.620262][T22559] CPU: 1 PID: 22559 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  159.629053][T22559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.639146][T22559] Call Trace:
[  159.642471][T22559]  <TASK>
[  159.645417][T22559]  dump_stack_lvl+0xd6/0x122
[  159.650067][T22559]  dump_stack+0x11/0x1b
[  159.654246][T22559]  should_fail+0x23c/0x250
[  159.658787][T22559]  ? mempool_alloc_slab+0x16/0x20
[  159.663876][T22559]  __should_failslab+0x81/0x90
[  159.668643][T22559]  should_failslab+0x5/0x20
[  159.673140][T22559]  kmem_cache_alloc+0x4f/0x320
[  159.677907][T22559]  mempool_alloc_slab+0x16/0x20
[  159.682829][T22559]  ? mempool_free+0x130/0x130
[  159.687510][T22559]  mempool_alloc+0x9d/0x310
[  159.692100][T22559]  ? preempt_count_add+0x4e/0x90
[  159.697078][T22559]  ? _raw_read_unlock+0x13/0x30
[  159.701940][T22559]  ? jbd2_transaction_committed+0xad/0xc0
[  159.707693][T22559]  bio_alloc_bioset+0xcc/0x560
[  159.712459][T22559]  ? iov_iter_alignment+0x34b/0x370
[  159.717837][T22559]  iomap_dio_bio_iter+0x5ed/0xc70
[  159.722871][T22559]  ? ext4_alloc_da_blocks+0x100/0x100
[  159.728314][T22559]  __iomap_dio_rw+0x8b5/0x1070
[  159.733136][T22559]  ? _raw_spin_lock_irq+0x41/0x50
[  159.738166][T22559]  iomap_dio_rw+0x38/0x80
[  159.742493][T22559]  ? ext4_file_write_iter+0x461/0x1200
[  159.747969][T22559]  ext4_file_write_iter+0xac3/0x1200
[  159.753253][T22559]  ? ext4_file_write_iter+0x461/0x1200
[  159.758707][T22559]  do_iter_readv_writev+0x2de/0x380
[  159.763907][T22559]  do_iter_write+0x192/0x5c0
[  159.768509][T22559]  ? splice_from_pipe_next+0x34f/0x3b0
[  159.774003][T22559]  ? kmalloc_array+0x2d/0x40
[  159.778620][T22559]  vfs_iter_write+0x4c/0x70
[  159.783203][T22559]  iter_file_splice_write+0x43a/0x790
[  159.788589][T22559]  ? splice_from_pipe+0xd0/0xd0
[  159.793451][T22559]  direct_splice_actor+0x80/0xa0
[  159.798434][T22559]  splice_direct_to_actor+0x345/0x650
[  159.803865][T22559]  ? do_splice_direct+0x190/0x190
[  159.808959][T22559]  do_splice_direct+0x106/0x190
[  159.813856][T22559]  do_sendfile+0x675/0xc40
[  159.818419][T22559]  __x64_sys_sendfile64+0x102/0x140
[  159.823698][T22559]  do_syscall_64+0x44/0xd0
[  159.828217][T22559]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.834115][T22559] RIP: 0033:0x7f8cb7c38ae9
[  159.838550][T22559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  159.858287][T22559] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  159.866756][T22559] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  159.874710][T22559] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  159.882686][T22559] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  159.890662][T22559] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  159.898628][T22559] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
14:47:54 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0x0, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:54 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})

14:47:54 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:54 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, &(0x7f0000000300))
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  159.906683][T22559]  </TASK>
14:47:55 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 36)

14:47:55 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  160.127215][T22868] FAULT_INJECTION: forcing a failure.
[  160.127215][T22868] name failslab, interval 1, probability 0, space 0, times 0
[  160.139910][T22868] CPU: 1 PID: 22868 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  160.148679][T22868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.158729][T22868] Call Trace:
[  160.161999][T22868]  <TASK>
[  160.164920][T22868]  dump_stack_lvl+0xd6/0x122
[  160.169543][T22868]  dump_stack+0x11/0x1b
14:47:55 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  160.173810][T22868]  should_fail+0x23c/0x250
[  160.178229][T22868]  ? mempool_alloc_slab+0x16/0x20
[  160.183312][T22868]  __should_failslab+0x81/0x90
[  160.188111][T22868]  should_failslab+0x5/0x20
[  160.192680][T22868]  kmem_cache_alloc+0x4f/0x320
[  160.197465][T22868]  mempool_alloc_slab+0x16/0x20
[  160.202327][T22868]  ? mempool_free+0x130/0x130
[  160.207065][T22868]  mempool_alloc+0x9d/0x310
[  160.211661][T22868]  ? preempt_count_add+0x4e/0x90
[  160.216670][T22868]  ? _raw_read_unlock+0x13/0x30
[  160.221519][T22868]  ? jbd2_transaction_committed+0xad/0xc0
[  160.227271][T22868]  bio_alloc_bioset+0xcc/0x560
[  160.232031][T22868]  ? iov_iter_alignment+0x34b/0x370
[  160.237226][T22868]  iomap_dio_bio_iter+0x5ed/0xc70
[  160.242318][T22868]  ? ext4_alloc_da_blocks+0x100/0x100
[  160.247693][T22868]  __iomap_dio_rw+0x8b5/0x1070
[  160.252475][T22868]  iomap_dio_rw+0x38/0x80
[  160.256830][T22868]  ? ext4_file_write_iter+0x461/0x1200
[  160.262330][T22868]  ext4_file_write_iter+0xac3/0x1200
[  160.267681][T22868]  ? ext4_file_write_iter+0x461/0x1200
[  160.273139][T22868]  do_iter_readv_writev+0x2de/0x380
[  160.278341][T22868]  do_iter_write+0x192/0x5c0
[  160.282941][T22868]  ? splice_from_pipe_next+0x34f/0x3b0
[  160.288495][T22868]  ? kmalloc_array+0x2d/0x40
[  160.293081][T22868]  vfs_iter_write+0x4c/0x70
[  160.297583][T22868]  iter_file_splice_write+0x43a/0x790
[  160.302958][T22868]  ? splice_from_pipe+0xd0/0xd0
[  160.307806][T22868]  direct_splice_actor+0x80/0xa0
[  160.312806][T22868]  splice_direct_to_actor+0x345/0x650
[  160.318266][T22868]  ? do_splice_direct+0x190/0x190
[  160.323385][T22868]  do_splice_direct+0x106/0x190
[  160.328310][T22868]  do_sendfile+0x675/0xc40
[  160.333082][T22868]  __x64_sys_sendfile64+0x102/0x140
[  160.338351][T22868]  do_syscall_64+0x44/0xd0
[  160.342764][T22868]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  160.348748][T22868] RIP: 0033:0x7f8cb7c38ae9
[  160.353147][T22868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:55 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:55 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:55 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

14:47:55 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  160.372861][T22868] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  160.381346][T22868] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  160.389332][T22868] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  160.397309][T22868] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  160.405282][T22868] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  160.413291][T22868] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  160.421276][T22868]  </TASK>
14:47:55 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:55 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:55 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 37)

14:47:55 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:55 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

14:47:55 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  160.804889][T23206] FAULT_INJECTION: forcing a failure.
[  160.804889][T23206] name failslab, interval 1, probability 0, space 0, times 0
[  160.817820][T23206] CPU: 0 PID: 23206 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  160.826865][T23206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.836921][T23206] Call Trace:
[  160.840198][T23206]  <TASK>
[  160.843124][T23206]  dump_stack_lvl+0xd6/0x122
[  160.847741][T23206]  dump_stack+0x11/0x1b
[  160.851937][T23206]  should_fail+0x23c/0x250
[  160.856447][T23206]  ? mempool_alloc_slab+0x16/0x20
[  160.861609][T23206]  __should_failslab+0x81/0x90
[  160.866384][T23206]  should_failslab+0x5/0x20
[  160.870953][T23206]  kmem_cache_alloc+0x4f/0x320
[  160.875734][T23206]  mempool_alloc_slab+0x16/0x20
[  160.880626][T23206]  ? mempool_free+0x130/0x130
[  160.885356][T23206]  mempool_alloc+0x9d/0x310
[  160.889872][T23206]  ? preempt_count_add+0x4e/0x90
[  160.894958][T23206]  ? _raw_read_unlock+0x13/0x30
[  160.899833][T23206]  ? jbd2_transaction_committed+0xad/0xc0
14:47:55 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  160.905565][T23206]  bio_alloc_bioset+0xcc/0x560
[  160.910419][T23206]  ? iov_iter_alignment+0x34b/0x370
[  160.915625][T23206]  iomap_dio_bio_iter+0x5ed/0xc70
[  160.920771][T23206]  ? ext4_alloc_da_blocks+0x100/0x100
[  160.926148][T23206]  __iomap_dio_rw+0x8b5/0x1070
[  160.930991][T23206]  ? _raw_spin_lock_irq+0x41/0x50
[  160.936054][T23206]  iomap_dio_rw+0x38/0x80
[  160.940417][T23206]  ? ext4_file_write_iter+0x461/0x1200
[  160.945880][T23206]  ext4_file_write_iter+0xac3/0x1200
14:47:55 executing program 1:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)
mlock2(&(0x7f0000ee7000/0x4000)=nil, 0x4000, 0x1)

[  160.951203][T23206]  ? ext4_file_write_iter+0x461/0x1200
[  160.956668][T23206]  do_iter_readv_writev+0x2de/0x380
[  160.961956][T23206]  do_iter_write+0x192/0x5c0
[  160.966630][T23206]  ? splice_from_pipe_next+0x34f/0x3b0
[  160.972115][T23206]  ? kmalloc_array+0x2d/0x40
[  160.976760][T23206]  vfs_iter_write+0x4c/0x70
[  160.981268][T23206]  iter_file_splice_write+0x43a/0x790
[  160.986738][T23206]  ? splice_from_pipe+0xd0/0xd0
[  160.991644][T23206]  direct_splice_actor+0x80/0xa0
[  160.996602][T23206]  splice_direct_to_actor+0x345/0x650
[  161.002066][T23206]  ? do_splice_direct+0x190/0x190
[  161.007541][T23206]  do_splice_direct+0x106/0x190
[  161.012418][T23206]  do_sendfile+0x675/0xc40
[  161.017023][T23206]  __x64_sys_sendfile64+0x102/0x140
[  161.022231][T23206]  do_syscall_64+0x44/0xd0
[  161.026715][T23206]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.032662][T23206] RIP: 0033:0x7f8cb7c38ae9
[  161.037139][T23206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.056836][T23206] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  161.065366][T23206] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  161.073362][T23206] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  161.081334][T23206] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  161.089308][T23206] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  161.097303][T23206] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  161.105354][T23206]  </TASK>
14:47:56 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x0, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:56 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:56 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 38)

[  161.336967][T23522] FAULT_INJECTION: forcing a failure.
[  161.336967][T23522] name failslab, interval 1, probability 0, space 0, times 0
[  161.349783][T23522] CPU: 0 PID: 23522 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  161.358544][T23522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.368629][T23522] Call Trace:
[  161.371905][T23522]  <TASK>
[  161.374850][T23522]  dump_stack_lvl+0xd6/0x122
[  161.379500][T23522]  dump_stack+0x11/0x1b
[  161.383694][T23522]  should_fail+0x23c/0x250
[  161.388152][T23522]  ? mempool_alloc_slab+0x16/0x20
[  161.393175][T23522]  __should_failslab+0x81/0x90
[  161.398097][T23522]  should_failslab+0x5/0x20
[  161.402727][T23522]  kmem_cache_alloc+0x4f/0x320
[  161.407507][T23522]  mempool_alloc_slab+0x16/0x20
[  161.412376][T23522]  ? mempool_free+0x130/0x130
[  161.417428][T23522]  mempool_alloc+0x9d/0x310
[  161.421939][T23522]  ? __find_get_block+0x785/0x9b0
[  161.426967][T23522]  sg_pool_alloc+0x74/0x90
[  161.431467][T23522]  __sg_alloc_table+0xce/0x290
[  161.436241][T23522]  sg_alloc_table_chained+0xaf/0x140
[  161.441793][T23522]  ? sg_alloc_table_chained+0x140/0x140
[  161.447618][T23522]  scsi_alloc_sgtables+0x18a/0x510
[  161.452741][T23522]  sd_init_command+0x944/0x1610
[  161.457634][T23522]  scsi_queue_rq+0x1026/0x1460
[  161.462447][T23522]  blk_mq_dispatch_rq_list+0x534/0x11e0
[  161.468652][T23522]  ? __sbitmap_queue_get+0x11/0x20
[  161.473768][T23522]  blk_mq_do_dispatch_sched+0x446/0x6d0
[  161.479351][T23522]  __blk_mq_sched_dispatch_requests+0x1ca/0x270
14:47:56 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 1)

14:47:56 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x0, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:56 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:56 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  161.485628][T23522]  blk_mq_sched_dispatch_requests+0x9f/0x110
[  161.491773][T23522]  __blk_mq_run_hw_queue+0xc1/0x140
[  161.497029][T23522]  __blk_mq_delay_run_hw_queue+0x199/0x360
[  161.502911][T23522]  ? __rcu_read_unlock+0x5c/0x290
[  161.507946][T23522]  blk_mq_run_hw_queue+0x231/0x260
[  161.513186][T23522]  blk_mq_sched_insert_requests+0x130/0x200
[  161.519167][T23522]  blk_mq_flush_plug_list+0x372/0x460
[  161.524642][T23522]  blk_flush_plug+0x25a/0x2b0
[  161.529344][T23522]  ? ext4_iomap_end+0x33/0x50
[  161.534028][T23522]  blk_finish_plug+0x44/0x60
[  161.538623][T23522]  __iomap_dio_rw+0xcad/0x1070
[  161.543453][T23522]  ? _raw_spin_lock_irq+0x41/0x50
[  161.548486][T23522]  iomap_dio_rw+0x38/0x80
[  161.552818][T23522]  ? ext4_file_write_iter+0x461/0x1200
[  161.558276][T23522]  ext4_file_write_iter+0xac3/0x1200
[  161.563566][T23522]  ? ext4_file_write_iter+0x461/0x1200
[  161.569273][T23522]  do_iter_readv_writev+0x2de/0x380
[  161.574479][T23522]  do_iter_write+0x192/0x5c0
[  161.579079][T23522]  ? splice_from_pipe_next+0x34f/0x3b0
[  161.584634][T23522]  ? kmalloc_array+0x2d/0x40
[  161.589261][T23522]  vfs_iter_write+0x4c/0x70
[  161.593775][T23522]  iter_file_splice_write+0x43a/0x790
[  161.593985][T23531] FAULT_INJECTION: forcing a failure.
[  161.593985][T23531] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  161.599197][T23522]  ? splice_from_pipe+0xd0/0xd0
[  161.599223][T23522]  direct_splice_actor+0x80/0xa0
[  161.599242][T23522]  splice_direct_to_actor+0x345/0x650
[  161.599308][T23522]  ? do_splice_direct+0x190/0x190
[  161.632591][T23522]  do_splice_direct+0x106/0x190
[  161.637498][T23522]  do_sendfile+0x675/0xc40
[  161.641907][T23522]  __x64_sys_sendfile64+0x102/0x140
[  161.647174][T23522]  do_syscall_64+0x44/0xd0
[  161.651575][T23522]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.657457][T23522] RIP: 0033:0x7f8cb7c38ae9
[  161.661854][T23522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.681456][T23522] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  161.689865][T23522] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  161.697876][T23522] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  161.705835][T23522] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  161.713790][T23522] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  161.721808][T23522] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  161.729881][T23522]  </TASK>
[  161.732900][T23531] CPU: 1 PID: 23531 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  161.741728][T23531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.751778][T23531] Call Trace:
[  161.755051][T23531]  <TASK>
[  161.757979][T23531]  dump_stack_lvl+0xd6/0x122
[  161.762620][T23531]  dump_stack+0x11/0x1b
[  161.766844][T23531]  should_fail+0x23c/0x250
[  161.771300][T23531]  should_fail_usercopy+0x16/0x20
[  161.776328][T23531]  _copy_from_user+0x1c/0xd0
[  161.780929][T23531]  __x64_sys_io_uring_setup+0x5d/0x130
[  161.786538][T23531]  do_syscall_64+0x44/0xd0
[  161.790965][T23531]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.796883][T23531] RIP: 0033:0x7f5e20891ae9
[  161.801306][T23531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.820912][T23531] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  161.829328][T23531] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
14:47:56 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  161.837306][T23531] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  161.845346][T23531] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  161.853321][T23531] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  161.861289][T23531] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  161.869293][T23531]  </TASK>
14:47:56 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x0, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:56 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 2)

14:47:56 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:56 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  161.974496][T23645] FAULT_INJECTION: forcing a failure.
[  161.974496][T23645] name failslab, interval 1, probability 0, space 0, times 0
[  161.987235][T23645] CPU: 0 PID: 23645 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  161.996108][T23645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.006319][T23645] Call Trace:
[  162.009594][T23645]  <TASK>
[  162.012572][T23645]  dump_stack_lvl+0xd6/0x122
[  162.017190][T23645]  dump_stack+0x11/0x1b
[  162.021381][T23645]  should_fail+0x23c/0x250
[  162.025802][T23645]  ? io_ring_ctx_alloc+0x35/0x58d
[  162.030834][T23645]  __should_failslab+0x81/0x90
[  162.035602][T23645]  should_failslab+0x5/0x20
[  162.040137][T23645]  kmem_cache_alloc_trace+0x52/0x350
[  162.045413][T23645]  ? proc_fail_nth_write+0x127/0x150
[  162.050806][T23645]  io_ring_ctx_alloc+0x35/0x58d
[  162.055668][T23645]  io_uring_create+0x1c8/0x754
[  162.060470][T23645]  __x64_sys_io_uring_setup+0x118/0x130
[  162.066028][T23645]  do_syscall_64+0x44/0xd0
[  162.070526][T23645]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.076407][T23645] RIP: 0033:0x7f5e20891ae9
[  162.080994][T23645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  162.100605][T23645] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  162.109066][T23645] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  162.117090][T23645] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
14:47:57 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 39)

14:47:57 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:57 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 3)

[  162.125304][T23645] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  162.133272][T23645] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  162.141229][T23645] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  162.149294][T23645]  </TASK>
14:47:57 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  162.221284][T23653] FAULT_INJECTION: forcing a failure.
[  162.221284][T23653] name failslab, interval 1, probability 0, space 0, times 0
[  162.234068][T23653] CPU: 1 PID: 23653 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  162.242831][T23653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.252987][T23653] Call Trace:
[  162.256261][T23653]  <TASK>
[  162.259186][T23653]  dump_stack_lvl+0xd6/0x122
[  162.263778][T23653]  dump_stack+0x11/0x1b
[  162.267934][T23653]  should_fail+0x23c/0x250
[  162.272402][T23653]  ? kmalloc_array+0x2d/0x40
[  162.276997][T23653]  __should_failslab+0x81/0x90
[  162.281799][T23653]  should_failslab+0x5/0x20
[  162.286492][T23653]  __kmalloc+0x6f/0x370
[  162.290654][T23653]  kmalloc_array+0x2d/0x40
[  162.291090][T23660] FAULT_INJECTION: forcing a failure.
[  162.291090][T23660] name failslab, interval 1, probability 0, space 0, times 0
[  162.295069][T23653]  iter_file_splice_write+0xd5/0x790
[  162.315115][T23653]  ? atime_needs_update+0x2ba/0x390
[  162.320319][T23653]  ? touch_atime+0x11f/0x2e0
[  162.324931][T23653]  ? generic_file_splice_read+0x2a9/0x330
[  162.330857][T23653]  ? splice_from_pipe+0xd0/0xd0
[  162.335701][T23653]  direct_splice_actor+0x80/0xa0
[  162.340651][T23653]  splice_direct_to_actor+0x345/0x650
[  162.346008][T23653]  ? do_splice_direct+0x190/0x190
[  162.351048][T23653]  do_splice_direct+0x106/0x190
[  162.355901][T23653]  do_sendfile+0x675/0xc40
[  162.360302][T23653]  __x64_sys_sendfile64+0x102/0x140
[  162.365496][T23653]  do_syscall_64+0x44/0xd0
[  162.370012][T23653]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.375892][T23653] RIP: 0033:0x7f8cb7c38ae9
[  162.380292][T23653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  162.399883][T23653] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  162.408305][T23653] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  162.416263][T23653] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  162.424226][T23653] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  162.432245][T23653] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  162.440290][T23653] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  162.448310][T23653]  </TASK>
[  162.451312][T23660] CPU: 0 PID: 23660 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  162.460076][T23660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.470209][T23660] Call Trace:
[  162.473487][T23660]  <TASK>
[  162.476415][T23660]  dump_stack_lvl+0xd6/0x122
[  162.481017][T23660]  dump_stack+0x11/0x1b
[  162.485234][T23660]  should_fail+0x23c/0x250
[  162.489769][T23660]  ? io_ring_ctx_alloc+0x9f/0x58d
[  162.494792][T23660]  __should_failslab+0x81/0x90
[  162.499712][T23660]  should_failslab+0x5/0x20
[  162.504309][T23660]  __kmalloc+0x6f/0x370
[  162.508549][T23660]  ? io_ring_ctx_alloc+0x35/0x58d
[  162.513761][T23660]  io_ring_ctx_alloc+0x9f/0x58d
[  162.518654][T23660]  io_uring_create+0x1c8/0x754
[  162.523424][T23660]  __x64_sys_io_uring_setup+0x118/0x130
[  162.528988][T23660]  do_syscall_64+0x44/0xd0
[  162.533481][T23660]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.539468][T23660] RIP: 0033:0x7f5e20891ae9
[  162.543881][T23660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:47:57 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 40)

14:47:57 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:57 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, 0x0, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:57 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 4)

[  162.566044][T23660] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  162.574457][T23660] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  162.582458][T23660] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  162.590631][T23660] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  162.598602][T23660] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  162.606594][T23660] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  162.614601][T23660]  </TASK>
[  162.678327][T23765] FAULT_INJECTION: forcing a failure.
[  162.678327][T23765] name failslab, interval 1, probability 0, space 0, times 0
[  162.679431][T23769] FAULT_INJECTION: forcing a failure.
[  162.679431][T23769] name failslab, interval 1, probability 0, space 0, times 0
[  162.690972][T23765] CPU: 1 PID: 23765 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  162.712291][T23765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.722334][T23765] Call Trace:
[  162.725600][T23765]  <TASK>
[  162.728514][T23765]  dump_stack_lvl+0xd6/0x122
[  162.733097][T23765]  dump_stack+0x11/0x1b
[  162.737249][T23765]  should_fail+0x23c/0x250
[  162.741723][T23765]  ? jbd2__journal_start+0xf7/0x3f0
[  162.746907][T23765]  __should_failslab+0x81/0x90
[  162.751659][T23765]  should_failslab+0x5/0x20
[  162.756234][T23765]  kmem_cache_alloc+0x4f/0x320
[  162.761069][T23765]  jbd2__journal_start+0xf7/0x3f0
[  162.766101][T23765]  __ext4_journal_start_sb+0x159/0x310
[  162.771648][T23765]  ? ext4_expand_extra_isize+0x560/0x560
[  162.777347][T23765]  ext4_dirty_inode+0x58/0xa0
[  162.782094][T23765]  __mark_inode_dirty+0x72/0x6c0
[  162.787019][T23765]  ? ktime_get_coarse_real_ts64+0x10d/0x120
[  162.792993][T23765]  inode_update_time+0x1b4/0x1d0
[  162.798018][T23765]  file_update_time+0x1f3/0x230
[  162.802856][T23765]  file_modified+0x62/0x80
[  162.807258][T23765]  ext4_file_write_iter+0x795/0x1200
[  162.812531][T23765]  ? ext4_file_write_iter+0x461/0x1200
[  162.818032][T23765]  do_iter_readv_writev+0x2de/0x380
[  162.823217][T23765]  do_iter_write+0x192/0x5c0
[  162.827796][T23765]  ? splice_from_pipe_next+0x34f/0x3b0
[  162.833238][T23765]  ? kmalloc_array+0x2d/0x40
[  162.837899][T23765]  vfs_iter_write+0x4c/0x70
[  162.842503][T23765]  iter_file_splice_write+0x43a/0x790
[  162.847940][T23765]  ? splice_from_pipe+0xd0/0xd0
[  162.852785][T23765]  direct_splice_actor+0x80/0xa0
[  162.857738][T23765]  splice_direct_to_actor+0x345/0x650
[  162.863173][T23765]  ? do_splice_direct+0x190/0x190
[  162.868289][T23765]  do_splice_direct+0x106/0x190
[  162.873128][T23765]  do_sendfile+0x675/0xc40
[  162.877533][T23765]  __x64_sys_sendfile64+0x102/0x140
[  162.882726][T23765]  do_syscall_64+0x44/0xd0
[  162.887163][T23765]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.893055][T23765] RIP: 0033:0x7f8cb7c38ae9
[  162.897459][T23765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  162.917182][T23765] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  162.925668][T23765] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  162.933636][T23765] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  162.941596][T23765] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  162.949767][T23765] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  162.957741][T23765] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  162.965814][T23765]  </TASK>
[  162.968832][T23769] CPU: 0 PID: 23769 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  162.977750][T23769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.987938][T23769] Call Trace:
[  162.991387][T23769]  <TASK>
[  162.994313][T23769]  dump_stack_lvl+0xd6/0x122
[  162.998987][T23769]  dump_stack+0x11/0x1b
[  163.003189][T23769]  should_fail+0x23c/0x250
[  163.007606][T23769]  ? io_ring_ctx_alloc+0xf2/0x58d
[  163.012788][T23769]  __should_failslab+0x81/0x90
[  163.017601][T23769]  should_failslab+0x5/0x20
[  163.022175][T23769]  kmem_cache_alloc_trace+0x52/0x350
[  163.027459][T23769]  ? io_ring_ctx_alloc+0x9f/0x58d
[  163.032646][T23769]  io_ring_ctx_alloc+0xf2/0x58d
[  163.037503][T23769]  io_uring_create+0x1c8/0x754
[  163.042264][T23769]  __x64_sys_io_uring_setup+0x118/0x130
[  163.048061][T23769]  do_syscall_64+0x44/0xd0
[  163.052479][T23769]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.058521][T23769] RIP: 0033:0x7f5e20891ae9
[  163.062974][T23769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.082597][T23769] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  163.091020][T23769] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  163.099165][T23769] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  163.107199][T23769] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  163.115168][T23769] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
14:47:58 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:58 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:58 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:58 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 5)

[  163.123281][T23769] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  163.131264][T23769]  </TASK>
14:47:58 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, 0x0, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  163.210920][T23878] FAULT_INJECTION: forcing a failure.
[  163.210920][T23878] name failslab, interval 1, probability 0, space 0, times 0
[  163.223568][T23878] CPU: 0 PID: 23878 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  163.232329][T23878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.242404][T23878] Call Trace:
[  163.245683][T23878]  <TASK>
[  163.248615][T23878]  dump_stack_lvl+0xd6/0x122
[  163.253216][T23878]  dump_stack+0x11/0x1b
[  163.257388][T23878]  should_fail+0x23c/0x250
[  163.261928][T23878]  ? percpu_ref_init+0x96/0x250
[  163.266783][T23878]  ? io_sq_offload_create+0x84e/0x84e
[  163.272158][T23878]  __should_failslab+0x81/0x90
[  163.276980][T23878]  should_failslab+0x5/0x20
[  163.281488][T23878]  kmem_cache_alloc_trace+0x52/0x350
[  163.286778][T23878]  ? io_sq_offload_create+0x84e/0x84e
[  163.292204][T23878]  percpu_ref_init+0x96/0x250
[  163.296917][T23878]  io_ring_ctx_alloc+0x137/0x58d
[  163.301989][T23878]  io_uring_create+0x1c8/0x754
[  163.306762][T23878]  __x64_sys_io_uring_setup+0x118/0x130
[  163.312387][T23878]  do_syscall_64+0x44/0xd0
[  163.316813][T23878]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.322713][T23878] RIP: 0033:0x7f5e20891ae9
[  163.327132][T23878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.346824][T23878] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
14:47:58 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 6)

[  163.355285][T23878] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  163.363361][T23878] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  163.371360][T23878] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  163.379463][T23878] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  163.387440][T23878] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  163.395416][T23878]  </TASK>
14:47:58 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, 0x0, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:58 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 41)

[  163.483383][T23883] FAULT_INJECTION: forcing a failure.
[  163.483383][T23883] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  163.496672][T23883] CPU: 1 PID: 23883 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  163.505461][T23883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.515574][T23883] Call Trace:
[  163.518872][T23883]  <TASK>
[  163.521801][T23883]  dump_stack_lvl+0xd6/0x122
[  163.526417][T23883]  dump_stack+0x11/0x1b
[  163.530577][T23883]  should_fail+0x23c/0x250
[  163.534987][T23883]  __alloc_pages+0x102/0x330
[  163.539578][T23883]  alloc_pages+0x382/0x3d0
[  163.543987][T23883]  __get_free_pages+0x8/0x30
[  163.548577][T23883]  io_mem_alloc+0x2b/0x40
[  163.552907][T23883]  io_allocate_scq_urings+0x98/0x1bb
[  163.558200][T23883]  io_uring_create+0x341/0x754
[  163.562966][T23883]  __x64_sys_io_uring_setup+0x118/0x130
[  163.568547][T23883]  do_syscall_64+0x44/0xd0
[  163.572961][T23883]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.578855][T23883] RIP: 0033:0x7f5e20891ae9
[  163.583380][T23883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.603166][T23883] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  163.611597][T23883] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  163.619656][T23883] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
14:47:58 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:58 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  163.627667][T23883] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  163.635908][T23883] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  163.643875][T23883] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  163.651858][T23883]  </TASK>
[  163.672166][T23887] FAULT_INJECTION: forcing a failure.
14:47:58 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 7)

[  163.672166][T23887] name failslab, interval 1, probability 0, space 0, times 0
[  163.684904][T23887] CPU: 1 PID: 23887 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  163.693757][T23887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.703812][T23887] Call Trace:
[  163.707100][T23887]  <TASK>
[  163.709408][T23896] FAULT_INJECTION: forcing a failure.
[  163.709408][T23896] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  163.710025][T23887]  dump_stack_lvl+0xd6/0x122
[  163.727806][T23887]  dump_stack+0x11/0x1b
[  163.731963][T23887]  should_fail+0x23c/0x250
[  163.736377][T23887]  ? jbd2__journal_start+0xf7/0x3f0
[  163.741560][T23887]  __should_failslab+0x81/0x90
[  163.746308][T23887]  should_failslab+0x5/0x20
[  163.750802][T23887]  kmem_cache_alloc+0x4f/0x320
[  163.755572][T23887]  jbd2__journal_start+0xf7/0x3f0
[  163.760585][T23887]  __ext4_journal_start_sb+0x159/0x310
[  163.766033][T23887]  ? ext4_file_write_iter+0x461/0x1200
[  163.771550][T23887]  ext4_file_write_iter+0x992/0x1200
[  163.776893][T23887]  ? ext4_file_write_iter+0x461/0x1200
[  163.782344][T23887]  do_iter_readv_writev+0x2de/0x380
[  163.787665][T23887]  do_iter_write+0x192/0x5c0
[  163.792244][T23887]  ? splice_from_pipe_next+0x34f/0x3b0
[  163.797815][T23887]  ? kmalloc_array+0x2d/0x40
[  163.802457][T23887]  vfs_iter_write+0x4c/0x70
[  163.807032][T23887]  iter_file_splice_write+0x43a/0x790
[  163.812444][T23887]  ? splice_from_pipe+0xd0/0xd0
[  163.817278][T23887]  direct_splice_actor+0x80/0xa0
[  163.822204][T23887]  splice_direct_to_actor+0x345/0x650
[  163.827904][T23887]  ? do_splice_direct+0x190/0x190
[  163.832926][T23887]  do_splice_direct+0x106/0x190
[  163.837806][T23887]  do_sendfile+0x675/0xc40
[  163.842259][T23887]  __x64_sys_sendfile64+0x102/0x140
[  163.847529][T23887]  do_syscall_64+0x44/0xd0
[  163.851932][T23887]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.857810][T23887] RIP: 0033:0x7f8cb7c38ae9
[  163.862209][T23887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.881855][T23887] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  163.890608][T23887] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  163.898574][T23887] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  163.906526][T23887] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  163.914491][T23887] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  163.922565][T23887] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  163.930550][T23887]  </TASK>
[  163.933558][T23896] CPU: 0 PID: 23896 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  163.942432][T23896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.952498][T23896] Call Trace:
[  163.955829][T23896]  <TASK>
[  163.958773][T23896]  dump_stack_lvl+0xd6/0x122
[  163.963420][T23896]  dump_stack+0x11/0x1b
[  163.967570][T23896]  should_fail+0x23c/0x250
[  163.971982][T23896]  __alloc_pages+0x102/0x330
[  163.976595][T23896]  alloc_pages+0x382/0x3d0
[  163.981012][T23896]  __get_free_pages+0x8/0x30
[  163.985678][T23896]  io_mem_alloc+0x2b/0x40
[  163.990004][T23896]  io_allocate_scq_urings+0x154/0x1bb
[  163.995374][T23896]  io_uring_create+0x341/0x754
[  164.000215][T23896]  __x64_sys_io_uring_setup+0x118/0x130
[  164.005884][T23896]  do_syscall_64+0x44/0xd0
[  164.010302][T23896]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.016198][T23896] RIP: 0033:0x7f5e20891ae9
[  164.020611][T23896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.040252][T23896] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  164.048727][T23896] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  164.056695][T23896] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  164.064664][T23896] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  164.072735][T23896] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
14:47:59 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:47:59 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:59 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:47:59 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 42)

14:47:59 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 8)

[  164.080792][T23896] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  164.088839][T23896]  </TASK>
[  164.136131][T23907] FAULT_INJECTION: forcing a failure.
[  164.136131][T23907] name failslab, interval 1, probability 0, space 0, times 0
[  164.148866][T23907] CPU: 1 PID: 23907 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  164.157719][T23907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.168359][T23907] Call Trace:
[  164.171659][T23907]  <TASK>
[  164.174633][T23907]  dump_stack_lvl+0xd6/0x122
[  164.179223][T23907]  dump_stack+0x11/0x1b
14:47:59 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  164.183379][T23907]  should_fail+0x23c/0x250
[  164.187798][T23907]  ? jbd2__journal_start+0xf7/0x3f0
[  164.193003][T23907]  __should_failslab+0x81/0x90
[  164.197764][T23907]  should_failslab+0x5/0x20
[  164.202316][T23907]  kmem_cache_alloc+0x4f/0x320
[  164.207075][T23907]  ? __find_get_block+0x785/0x9b0
[  164.212105][T23907]  jbd2__journal_start+0xf7/0x3f0
[  164.217182][T23907]  __ext4_journal_start_sb+0x159/0x310
[  164.222718][T23907]  ext4_iomap_begin+0x408/0x630
[  164.227609][T23907]  ? ext4_alloc_da_blocks+0x100/0x100
[  164.233052][T23907]  iomap_iter+0x395/0x4a0
[  164.233607][T23914] FAULT_INJECTION: forcing a failure.
[  164.233607][T23914] name failslab, interval 1, probability 0, space 0, times 0
[  164.237386][T23907]  __iomap_dio_rw+0x695/0x1070
[  164.254890][T23907]  iomap_dio_rw+0x38/0x80
[  164.259218][T23907]  ? ext4_file_write_iter+0x461/0x1200
[  164.264663][T23907]  ext4_file_write_iter+0xac3/0x1200
[  164.269930][T23907]  ? ext4_file_write_iter+0x461/0x1200
[  164.275395][T23907]  do_iter_readv_writev+0x2de/0x380
[  164.280581][T23907]  do_iter_write+0x192/0x5c0
[  164.285162][T23907]  ? splice_from_pipe_next+0x34f/0x3b0
[  164.290677][T23907]  ? kmalloc_array+0x2d/0x40
[  164.295255][T23907]  vfs_iter_write+0x4c/0x70
[  164.299797][T23907]  iter_file_splice_write+0x43a/0x790
[  164.305240][T23907]  ? splice_from_pipe+0xd0/0xd0
[  164.310088][T23907]  direct_splice_actor+0x80/0xa0
[  164.315013][T23907]  splice_direct_to_actor+0x345/0x650
[  164.320375][T23907]  ? do_splice_direct+0x190/0x190
[  164.325450][T23907]  do_splice_direct+0x106/0x190
[  164.330286][T23907]  do_sendfile+0x675/0xc40
[  164.334728][T23907]  __x64_sys_sendfile64+0x102/0x140
[  164.339914][T23907]  do_syscall_64+0x44/0xd0
[  164.344318][T23907]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.350196][T23907] RIP: 0033:0x7f8cb7c38ae9
[  164.354601][T23907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.374216][T23907] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  164.382610][T23907] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  164.390562][T23907] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  164.398567][T23907] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  164.406548][T23907] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
[  164.414516][T23907] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  164.422477][T23907]  </TASK>
[  164.425479][T23914] CPU: 0 PID: 23914 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
14:47:59 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:47:59 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 43)

14:47:59 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  164.434302][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.444404][T23914] Call Trace:
[  164.447677][T23914]  <TASK>
[  164.450601][T23914]  dump_stack_lvl+0xd6/0x122
[  164.455190][T23914]  dump_stack+0x11/0x1b
[  164.459350][T23914]  should_fail+0x23c/0x250
[  164.463767][T23914]  ? io_sq_offload_create+0x1aa/0x84e
[  164.469182][T23914]  __should_failslab+0x81/0x90
[  164.473947][T23914]  should_failslab+0x5/0x20
[  164.478471][T23914]  kmem_cache_alloc_trace+0x52/0x350
[  164.483767][T23914]  io_sq_offload_create+0x1aa/0x84e
[  164.488966][T23914]  ? __get_free_pages+0x8/0x30
[  164.493787][T23914]  ? io_mem_alloc+0x2b/0x40
[  164.498292][T23914]  ? io_allocate_scq_urings+0x16e/0x1bb
[  164.503844][T23914]  io_uring_create+0x35f/0x754
[  164.508683][T23914]  __x64_sys_io_uring_setup+0x118/0x130
[  164.514302][T23914]  do_syscall_64+0x44/0xd0
[  164.519050][T23914]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.524986][T23914] RIP: 0033:0x7f5e20891ae9
14:47:59 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  164.529410][T23914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.549105][T23914] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  164.557649][T23914] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  164.565624][T23914] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  164.573598][T23914] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
14:47:59 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 9)

[  164.581568][T23914] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  164.589575][T23914] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  164.597551][T23914]  </TASK>
[  164.649820][T24022] FAULT_INJECTION: forcing a failure.
[  164.649820][T24022] name failslab, interval 1, probability 0, space 0, times 0
[  164.662455][T24022] CPU: 0 PID: 24022 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  164.671251][T24022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.681376][T24022] Call Trace:
[  164.684652][T24022]  <TASK>
[  164.687634][T24022]  dump_stack_lvl+0xd6/0x122
[  164.692301][T24022]  dump_stack+0x11/0x1b
14:47:59 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  164.696468][T24022]  should_fail+0x23c/0x250
[  164.700896][T24022]  ? kcalloc+0x32/0x50
[  164.705046][T24022]  __should_failslab+0x81/0x90
[  164.709808][T24022]  should_failslab+0x5/0x20
[  164.714313][T24022]  __kmalloc+0x6f/0x370
[  164.718589][T24022]  ? blk_mq_dispatch_rq_list+0xee5/0x11e0
[  164.724417][T24022]  kcalloc+0x32/0x50
[  164.728325][T24022]  ext4_find_extent+0x19f/0x7e0
[  164.733179][T24022]  ext4_ext_map_blocks+0x115/0x2120
[  164.738380][T24022]  ? preempt_count_add+0x4e/0x90
[  164.743370][T24022]  ? _raw_read_unlock+0x13/0x30
14:47:59 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  164.748231][T24022]  ? start_this_handle+0xfa6/0x1050
[  164.753528][T24022]  ? ext4_es_lookup_extent+0x221/0x500
[  164.759157][T24022]  ext4_map_blocks+0x71e/0xf00
[  164.764042][T24022]  ext4_iomap_begin+0x4b0/0x630
[  164.768908][T24022]  ? ext4_alloc_da_blocks+0x100/0x100
[  164.774285][T24022]  iomap_iter+0x395/0x4a0
[  164.778626][T24022]  __iomap_dio_rw+0x695/0x1070
[  164.783402][T24022]  iomap_dio_rw+0x38/0x80
[  164.787800][T24022]  ? ext4_file_write_iter+0x461/0x1200
[  164.793246][T24022]  ext4_file_write_iter+0xac3/0x1200
[  164.798700][T24022]  ? ext4_file_write_iter+0x461/0x1200
[  164.804154][T24022]  do_iter_readv_writev+0x2de/0x380
[  164.809502][T24022]  do_iter_write+0x192/0x5c0
[  164.814116][T24022]  ? splice_from_pipe_next+0x34f/0x3b0
[  164.819556][T24022]  ? kmalloc_array+0x2d/0x40
[  164.824131][T24022]  vfs_iter_write+0x4c/0x70
[  164.828640][T24022]  iter_file_splice_write+0x43a/0x790
[  164.834090][T24022]  ? splice_from_pipe+0xd0/0xd0
[  164.838921][T24022]  direct_splice_actor+0x80/0xa0
[  164.843910][T24022]  splice_direct_to_actor+0x345/0x650
[  164.849281][T24022]  ? do_splice_direct+0x190/0x190
[  164.854298][T24022]  do_splice_direct+0x106/0x190
[  164.859155][T24022]  do_sendfile+0x675/0xc40
[  164.863604][T24022]  __x64_sys_sendfile64+0x102/0x140
[  164.868869][T24022]  do_syscall_64+0x44/0xd0
[  164.873296][T24022]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.879184][T24022] RIP: 0033:0x7f8cb7c38ae9
[  164.883590][T24022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.903302][T24022] RSP: 002b:00007f8cb73af188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  164.911848][T24022] RAX: ffffffffffffffda RBX: 00007f8cb7d4bf60 RCX: 00007f8cb7c38ae9
[  164.919812][T24022] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  164.927764][T24022] RBP: 00007f8cb73af1d0 R08: 0000000000000000 R09: 0000000000000000
[  164.935740][T24022] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002
14:47:59 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001) (fail_nth: 44)

[  164.943737][T24022] R13: 00007fff4f09602f R14: 00007f8cb73af300 R15: 0000000000022000
[  164.951744][T24022]  </TASK>
[  164.981136][T24031] FAULT_INJECTION: forcing a failure.
[  164.981136][T24031] name failslab, interval 1, probability 0, space 0, times 0
[  164.993965][T24031] CPU: 0 PID: 24031 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  165.002733][T24031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.012847][T24031] Call Trace:
[  165.016124][T24031]  <TASK>
[  165.019092][T24031]  dump_stack_lvl+0xd6/0x122
[  165.023688][T24031]  dump_stack+0x11/0x1b
14:48:00 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  165.027899][T24031]  should_fail+0x23c/0x250
[  165.032326][T24031]  __should_failslab+0x81/0x90
[  165.037156][T24031]  should_failslab+0x5/0x20
[  165.041676][T24031]  kmem_cache_alloc_node+0x61/0x2d0
[  165.046878][T24031]  ? dup_task_struct+0x63/0x680
[  165.051768][T24031]  dup_task_struct+0x63/0x680
[  165.056458][T24031]  ? xfd_validate_state+0x4e/0xf0
[  165.061491][T24031]  copy_process+0x3f4/0x2fd0
[  165.066086][T24031]  ? __rcu_read_unlock+0x5c/0x290
[  165.071116][T24031]  ? avc_has_perm_noaudit+0x1c0/0x270
[  165.076498][T24031]  ? io_mem_alloc+0x40/0x40
[  165.081354][T24031]  create_io_thread+0x95/0xc0
[  165.086121][T24031]  ? io_mem_alloc+0x40/0x40
[  165.090679][T24031]  io_sq_offload_create+0x7a5/0x84e
[  165.095953][T24031]  io_uring_create+0x35f/0x754
[  165.100803][T24031]  __x64_sys_io_uring_setup+0x118/0x130
[  165.106363][T24031]  do_syscall_64+0x44/0xd0
[  165.110786][T24031]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.116743][T24031] RIP: 0033:0x7f5e20891ae9
[  165.121173][T24031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.140781][T24031] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  165.149196][T24031] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  165.157237][T24031] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  165.165205][T24031] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  165.173176][T24031] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
14:48:00 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000001)

14:48:00 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 10)

[  165.181208][T24031] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  165.189185][T24031]  </TASK>
14:48:00 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  165.256370][T24144] FAULT_INJECTION: forcing a failure.
[  165.256370][T24144] name failslab, interval 1, probability 0, space 0, times 0
[  165.269134][T24144] CPU: 0 PID: 24144 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  165.278337][T24144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.289121][T24144] Call Trace:
[  165.292401][T24144]  <TASK>
[  165.295331][T24144]  dump_stack_lvl+0xd6/0x122
[  165.299976][T24144]  dump_stack+0x11/0x1b
[  165.304210][T24144]  should_fail+0x23c/0x250
[  165.308648][T24144]  ? alloc_pid+0x6c/0x6d0
[  165.312979][T24144]  __should_failslab+0x81/0x90
[  165.317747][T24144]  should_failslab+0x5/0x20
[  165.322252][T24144]  kmem_cache_alloc+0x4f/0x320
[  165.327085][T24144]  ? fpu_clone+0x1cf/0x700
[  165.331587][T24144]  alloc_pid+0x6c/0x6d0
[  165.335748][T24144]  ? copy_thread+0x13f/0x220
[  165.340340][T24144]  copy_process+0x17e9/0x2fd0
[  165.345061][T24144]  ? finish_task_switch+0xd0/0x280
[  165.350173][T24144]  ? io_mem_alloc+0x40/0x40
[  165.354762][T24144]  create_io_thread+0x95/0xc0
[  165.359506][T24144]  ? io_mem_alloc+0x40/0x40
[  165.364146][T24144]  io_sq_offload_create+0x7a5/0x84e
[  165.369480][T24144]  io_uring_create+0x35f/0x754
[  165.374325][T24144]  __x64_sys_io_uring_setup+0x118/0x130
[  165.379972][T24144]  do_syscall_64+0x44/0xd0
[  165.384451][T24144]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.390356][T24144] RIP: 0033:0x7f5e20891ae9
[  165.394767][T24144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.414495][T24144] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  165.422906][T24144] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  165.430880][T24144] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  165.438854][T24144] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  165.446833][T24144] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
14:48:00 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:00 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (fail_nth: 11)

14:48:00 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:00 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x7ffff000)

[  165.454808][T24144] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  165.462851][T24144]  </TASK>
[  165.547179][T24156] FAULT_INJECTION: forcing a failure.
[  165.547179][T24156] name failslab, interval 1, probability 0, space 0, times 0
[  165.559866][T24156] CPU: 1 PID: 24156 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  165.568629][T24156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.578680][T24156] Call Trace:
[  165.581950][T24156]  <TASK>
[  165.584873][T24156]  dump_stack_lvl+0xd6/0x122
[  165.589465][T24156]  dump_stack+0x11/0x1b
[  165.593621][T24156]  should_fail+0x23c/0x250
[  165.598038][T24156]  __should_failslab+0x81/0x90
[  165.603303][T24156]  should_failslab+0x5/0x20
[  165.608629][T24156]  kmem_cache_alloc_node+0x61/0x2d0
[  165.613909][T24156]  ? __rcu_read_unlock+0x5c/0x290
[  165.618928][T24156]  ? alloc_vmap_area+0x14a/0x1230
[  165.624038][T24156]  alloc_vmap_area+0x14a/0x1230
[  165.628887][T24156]  ? kmem_cache_alloc_node_trace+0x20f/0x310
[  165.634866][T24156]  __get_vm_area_node+0x165/0x240
[  165.639891][T24156]  __vmalloc_node_range+0xb4/0x690
[  165.645109][T24156]  ? copy_process+0x3f4/0x2fd0
[  165.649883][T24156]  ? kmem_cache_alloc_node+0x1f7/0x2d0
[  165.655345][T24156]  ? dup_task_struct+0x63/0x680
[  165.660199][T24156]  dup_task_struct+0x496/0x680
[  165.664967][T24156]  ? copy_process+0x3f4/0x2fd0
[  165.669813][T24156]  copy_process+0x3f4/0x2fd0
[  165.674436][T24156]  ? __rcu_read_unlock+0x5c/0x290
[  165.679459][T24156]  ? io_sq_offload_create+0x1aa/0x84e
[  165.684946][T24156]  ? finish_task_switch+0xd0/0x280
[  165.690136][T24156]  ? io_sq_offload_create+0x1aa/0x84e
[  165.695541][T24156]  ? io_mem_alloc+0x40/0x40
[  165.700081][T24156]  create_io_thread+0x95/0xc0
[  165.704813][T24156]  ? io_mem_alloc+0x40/0x40
[  165.709393][T24156]  io_sq_offload_create+0x7a5/0x84e
[  165.714598][T24156]  io_uring_create+0x35f/0x754
[  165.719373][T24156]  __x64_sys_io_uring_setup+0x118/0x130
[  165.724924][T24156]  do_syscall_64+0x44/0xd0
[  165.729360][T24156]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.735549][T24156] RIP: 0033:0x7f5e20891ae9
[  165.739956][T24156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.759674][T24156] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  165.768088][T24156] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  165.776117][T24156] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  165.784115][T24156] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
14:48:00 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:48:00 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, 0xffffffffffffffff, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:00 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  165.792092][T24156] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  165.800096][T24156] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  165.808099][T24156]  </TASK>
[  165.811158][T24156] syz-executor.1: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[  165.826527][T24156] CPU: 1 PID: 24156 Comm: syz-executor.1 Not tainted 5.16.0-rc4-syzkaller #0
[  165.835292][T24156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.845435][T24156] Call Trace:
[  165.848719][T24156]  <TASK>
[  165.851655][T24156]  dump_stack_lvl+0xd6/0x122
[  165.856258][T24156]  dump_stack+0x11/0x1b
[  165.860476][T24156]  warn_alloc+0x132/0x190
[  165.864853][T24156]  ? kfree+0xf8/0x1f0
[  165.868886][T24156]  __vmalloc_node_range+0x1fa/0x690
[  165.874088][T24156]  ? kmem_cache_alloc_node+0x1f7/0x2d0
[  165.879547][T24156]  ? dup_task_struct+0x63/0x680
[  165.884480][T24156]  dup_task_struct+0x496/0x680
[  165.889249][T24156]  ? copy_process+0x3f4/0x2fd0
[  165.894013][T24156]  copy_process+0x3f4/0x2fd0
14:48:00 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0), &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

[  165.898631][T24156]  ? __rcu_read_unlock+0x5c/0x290
[  165.903682][T24156]  ? io_sq_offload_create+0x1aa/0x84e
[  165.909113][T24156]  ? finish_task_switch+0xd0/0x280
[  165.914242][T24156]  ? io_sq_offload_create+0x1aa/0x84e
[  165.919614][T24156]  ? io_mem_alloc+0x40/0x40
[  165.924098][T24156]  create_io_thread+0x95/0xc0
[  165.928759][T24156]  ? io_mem_alloc+0x40/0x40
[  165.933242][T24156]  io_sq_offload_create+0x7a5/0x84e
[  165.938438][T24156]  io_uring_create+0x35f/0x754
[  165.943243][T24156]  __x64_sys_io_uring_setup+0x118/0x130
[  165.948873][T24156]  do_syscall_64+0x44/0xd0
[  165.953305][T24156]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.959269][T24156] RIP: 0033:0x7f5e20891ae9
[  165.963673][T24156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.983329][T24156] RSP: 002b:00007f5e20008108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  165.991752][T24156] RAX: ffffffffffffffda RBX: 00007f5e209a4f60 RCX: 00007f5e20891ae9
[  165.999782][T24156] RDX: 0000000020ffd000 RSI: 0000000020000040 RDI: 0000000000007d9d
[  166.007742][T24156] RBP: 0000000020000040 R08: 0000000020000100 R09: 0000000020000100
[  166.015747][T24156] R10: 00000000200000c0 R11: 0000000000000202 R12: 0000000020000100
[  166.023714][T24156] R13: 0000000020ffd000 R14: 00000000200000c0 R15: 0000000020fff000
[  166.031788][T24156]  </TASK>
[  166.034836][T24156] Mem-Info:
[  166.037938][T24156] active_anon:236 inactive_anon:146021 isolated_anon:0
[  166.037938][T24156]  active_file:11462 inactive_file:18274 isolated_file:0
[  166.037938][T24156]  unevictable:3 dirty:15 writeback:0
[  166.037938][T24156]  slab_reclaimable:5795 slab_unreclaimable:14812
[  166.037938][T24156]  mapped:17993 shmem:340 pagetables:2680 bounce:0
[  166.037938][T24156]  kernel_misc_reclaimable:0
[  166.037938][T24156]  free:1788392 free_pcp:2371 free_cma:0
[  166.079536][T24156] Node 0 active_anon:944kB inactive_anon:584084kB active_file:45848kB inactive_file:73096kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:71972kB dirty:60kB writeback:0kB shmem:1360kB writeback_tmp:0kB kernel_stack:4976kB pagetables:10720kB all_unreclaimable? no
[  166.105954][T24156] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  166.133447][T24156] lowmem_reserve[]: 0 2896 7874 7874
[  166.138747][T24156] Node 0 DMA32 free:2967228kB boost:0kB min:4172kB low:7136kB high:10100kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2970768kB mlocked:0kB bounce:0kB free_pcp:3540kB local_pcp:3444kB free_cma:0kB
[  166.167581][T24156] lowmem_reserve[]: 0 0 4978 4978
[  166.172617][T24156] Node 0 Normal free:4170980kB boost:0kB min:7172kB low:12268kB high:17364kB reserved_highatomic:0KB active_anon:944kB inactive_anon:584084kB active_file:45848kB inactive_file:73096kB unevictable:12kB writepending:60kB present:5242880kB managed:5098248kB mlocked:0kB bounce:0kB free_pcp:5940kB local_pcp:652kB free_cma:0kB
[  166.202831][T24156] lowmem_reserve[]: 0 0 0 0
[  166.207385][T24156] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  166.220048][T24156] Node 0 DMA32: 5*4kB (M) 3*8kB (M) 3*16kB (M) 5*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 722*4096kB (M) = 2967228kB
14:48:01 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:01 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, 0xffffffffffffffff, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  166.236140][T24156] Node 0 Normal: 394*4kB (M) 242*8kB (UM) 81*16kB (UME) 172*32kB (UME) 83*64kB (UME) 30*128kB (UME) 21*256kB (UM) 16*512kB (UM) 3*1024kB (ME) 3*2048kB (UM) 1008*4096kB (UM) = 4171016kB
[  166.254590][T24156] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  166.263958][T24156] 18679 total pagecache pages
[  166.268625][T24156] 0 pages in swap cache
[  166.272763][T24156] Swap cache stats: add 0, delete 0, find 0/0
[  166.278909][T24156] Free swap  = 0kB
[  166.282637][T24156] Total swap = 0kB
[  166.286380][T24156] 2097051 pages RAM
[  166.290167][T24156] 0 pages HighMem/MovableOnly
[  166.294842][T24156] 75957 pages reserved
14:48:01 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000002)

14:48:01 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0), &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000003)

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x2, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x4, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, 0xffffffffffffffff, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:01 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0), &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:48:01 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x7, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000004)

14:48:01 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:01 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, 0x0, &(0x7f0000000580))

14:48:01 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x30, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:01 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x50, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x64, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x1c0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x204, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, 0x0, &(0x7f0000000580))

14:48:02 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:02 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000005)

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x402, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:02 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:02 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, 0x0, &(0x7f0000000580))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x406, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x604, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x700, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000006)

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x3000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x4000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:02 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), 0x0)

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x5000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:02 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:02 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000007)

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x6400, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:02 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), 0x0)

14:48:02 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xc001, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x300000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x500000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x1000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x2000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), 0x0)

14:48:03 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:03 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000008)

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x2040000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), 0x0)

14:48:03 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x4000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x6040000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x7000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000009)

14:48:03 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x40000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), 0x0)

14:48:03 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x64000000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xc0010000, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:03 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8000000a)

14:48:04 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xffffffff, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 2:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000009)

14:48:04 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x7}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x8}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8000000b)

14:48:04 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x2, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))

14:48:04 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x42}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x21c}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x10c00}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8000000c)

14:48:04 executing program 2:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, &(0x7f0000000300))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r3}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:04 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:04 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8000000d)

14:48:04 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 1)

14:48:04 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:04 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  169.858205][T25658] FAULT_INJECTION: forcing a failure.
[  169.858205][T25658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.871347][T25658] CPU: 0 PID: 25658 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  169.880154][T25658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  169.890210][T25658] Call Trace:
[  169.893488][T25658]  <TASK>
[  169.896488][T25658]  dump_stack_lvl+0xd6/0x122
[  169.901167][T25658]  dump_stack+0x11/0x1b
[  169.905329][T25658]  should_fail+0x23c/0x250
[  169.909807][T25658]  should_fail_usercopy+0x16/0x20
[  169.914833][T25658]  _copy_from_user+0x1c/0xd0
[  169.919482][T25658]  __x64_sys_io_uring_setup+0x5d/0x130
[  169.924990][T25658]  do_syscall_64+0x44/0xd0
[  169.929441][T25658]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  169.935383][T25658] RIP: 0033:0x7f5223f4aae9
[  169.939787][T25658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  169.959488][T25658] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  169.967897][T25658] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  169.975871][T25658] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  169.983910][T25658] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  169.991882][T25658] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  169.999854][T25658] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  170.007879][T25658]  </TASK>
14:48:05 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x7}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:05 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 2)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x30}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  170.164533][T25775] FAULT_INJECTION: forcing a failure.
[  170.164533][T25775] name failslab, interval 1, probability 0, space 0, times 0
[  170.177419][T25775] CPU: 0 PID: 25775 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  170.186279][T25775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  170.196333][T25775] Call Trace:
[  170.199613][T25775]  <TASK>
[  170.202590][T25775]  dump_stack_lvl+0xd6/0x122
[  170.207248][T25775]  dump_stack+0x11/0x1b
[  170.211435][T25775]  should_fail+0x23c/0x250
[  170.215876][T25775]  ? io_ring_ctx_alloc+0x35/0x58d
[  170.220904][T25775]  __should_failslab+0x81/0x90
[  170.225676][T25775]  should_failslab+0x5/0x20
[  170.230247][T25775]  kmem_cache_alloc_trace+0x52/0x350
[  170.235544][T25775]  ? proc_fail_nth_write+0x127/0x150
[  170.240841][T25775]  io_ring_ctx_alloc+0x35/0x58d
[  170.245695][T25775]  io_uring_create+0x1c8/0x754
[  170.250531][T25775]  __x64_sys_io_uring_setup+0x118/0x130
[  170.256106][T25775]  do_syscall_64+0x44/0xd0
[  170.260523][T25775]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  170.266474][T25775] RIP: 0033:0x7f5223f4aae9
[  170.270884][T25775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  170.290667][T25775] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  170.299081][T25775] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  170.307181][T25775] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  170.315154][T25775] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  170.323121][T25775] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  170.331332][T25775] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  170.339309][T25775]  </TASK>
14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x50}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8000000f)

14:48:05 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:05 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:05 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 3)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x64}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x1c0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  170.542859][T25897] FAULT_INJECTION: forcing a failure.
[  170.542859][T25897] name failslab, interval 1, probability 0, space 0, times 0
[  170.555704][T25897] CPU: 0 PID: 25897 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  170.564462][T25897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  170.574515][T25897] Call Trace:
[  170.577790][T25897]  <TASK>
[  170.580715][T25897]  dump_stack_lvl+0xd6/0x122
[  170.585383][T25897]  dump_stack+0x11/0x1b
[  170.589537][T25897]  should_fail+0x23c/0x250
[  170.593969][T25897]  ? io_ring_ctx_alloc+0x9f/0x58d
[  170.599001][T25897]  __should_failslab+0x81/0x90
[  170.603771][T25897]  should_failslab+0x5/0x20
[  170.608321][T25897]  __kmalloc+0x6f/0x370
[  170.612477][T25897]  ? io_ring_ctx_alloc+0x35/0x58d
[  170.617507][T25897]  io_ring_ctx_alloc+0x9f/0x58d
[  170.622419][T25897]  io_uring_create+0x1c8/0x754
[  170.627213][T25897]  __x64_sys_io_uring_setup+0x118/0x130
[  170.632839][T25897]  do_syscall_64+0x44/0xd0
[  170.637326][T25897]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  170.643223][T25897] RIP: 0033:0x7f5223f4aae9
[  170.647629][T25897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  170.667265][T25897] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  170.675678][T25897] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  170.683650][T25897] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
14:48:05 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x204}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r4 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r5 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r4}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r4, &(0x7f00000005c0)={0xffffffffffffffff, r5, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:05 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000010)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x402}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  170.691631][T25897] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  170.699608][T25897] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  170.707591][T25897] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  170.715582][T25897]  </TASK>
14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x406}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x604}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 4)

14:48:05 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x700}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x3000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:05 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000011)

[  170.990321][T26036] FAULT_INJECTION: forcing a failure.
[  170.990321][T26036] name failslab, interval 1, probability 0, space 0, times 0
[  171.003130][T26036] CPU: 1 PID: 26036 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  171.011897][T26036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  171.021992][T26036] Call Trace:
[  171.025276][T26036]  <TASK>
[  171.028199][T26036]  dump_stack_lvl+0xd6/0x122
[  171.032793][T26036]  dump_stack+0x11/0x1b
[  171.036940][T26036]  should_fail+0x23c/0x250
[  171.041350][T26036]  ? io_ring_ctx_alloc+0xf2/0x58d
[  171.046402][T26036]  __should_failslab+0x81/0x90
[  171.051167][T26036]  should_failslab+0x5/0x20
[  171.055744][T26036]  kmem_cache_alloc_trace+0x52/0x350
[  171.061098][T26036]  ? io_ring_ctx_alloc+0x9f/0x58d
[  171.066256][T26036]  io_ring_ctx_alloc+0xf2/0x58d
[  171.071107][T26036]  io_uring_create+0x1c8/0x754
[  171.075873][T26036]  __x64_sys_io_uring_setup+0x118/0x130
[  171.081456][T26036]  do_syscall_64+0x44/0xd0
[  171.085950][T26036]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.091882][T26036] RIP: 0033:0x7f5223f4aae9
[  171.096289][T26036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  171.115888][T26036] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  171.124288][T26036] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  171.132286][T26036] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  171.140253][T26036] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  171.148237][T26036] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  171.156244][T26036] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  171.164199][T26036]  </TASK>
14:48:06 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x4000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 5)

14:48:06 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:06 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000201)

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x5000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x6400}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

[  171.515349][T26143] ==================================================================
[  171.523455][T26143] BUG: KCSAN: data-race in ext4_fc_commit / ext4_fc_commit
[  171.530690][T26143] 
[  171.533009][T26143] read to 0xffff888103698820 of 8 bytes by task 26027 on cpu 1:
[  171.540645][T26143]  ext4_fc_commit+0x1c2/0x1360
[  171.545418][T26143]  ext4_sync_file+0x336/0x6e0
[  171.550103][T26143]  vfs_fsync_range+0x107/0x120
[  171.554877][T26143]  iomap_dio_complete+0x2d5/0x3e0
[  171.559900][T26143]  iomap_dio_rw+0x56/0x80
[  171.564226][T26143]  ext4_file_write_iter+0xa72/0x1200
[  171.569516][T26143]  do_iter_readv_writev+0x2de/0x380
[  171.574830][T26143]  do_iter_write+0x192/0x5c0
[  171.579554][T26143]  vfs_iter_write+0x4c/0x70
[  171.584149][T26143]  iter_file_splice_write+0x43a/0x790
[  171.589529][T26143]  direct_splice_actor+0x80/0xa0
[  171.594468][T26143]  splice_direct_to_actor+0x345/0x650
[  171.599843][T26143]  do_splice_direct+0x106/0x190
[  171.604782][T26143]  do_sendfile+0x675/0xc40
[  171.605503][T26163] FAULT_INJECTION: forcing a failure.
[  171.605503][T26163] name failslab, interval 1, probability 0, space 0, times 0
[  171.609198][T26143]  __x64_sys_sendfile64+0x102/0x140
[  171.609221][T26143]  do_syscall_64+0x44/0xd0
[  171.621831][T26163] CPU: 1 PID: 26163 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  171.626963][T26143]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.631359][T26163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  171.640092][T26143] 
[  171.640098][T26143] write to 0xffff888103698820 of 8 bytes by task 26143 on cpu 0:
[  171.645962][T26163] Call Trace:
[  171.646046][T26163]  <TASK>
[  171.655994][T26143]  ext4_fc_commit+0x1f4/0x1360
[  171.658301][T26163]  dump_stack_lvl+0xd6/0x122
[  171.665984][T26143]  ext4_sync_file+0x336/0x6e0
[  171.666002][T26143]  vfs_fsync_range+0x107/0x120
[  171.669269][T26163]  dump_stack+0x11/0x1b
[  171.672178][T26143]  iomap_dio_complete+0x2d5/0x3e0
[  171.676914][T26163]  should_fail+0x23c/0x250
[  171.681476][T26143]  iomap_dio_rw+0x56/0x80
[  171.686128][T26163]  ? percpu_ref_init+0x96/0x250
[  171.690863][T26143]  ext4_file_write_iter+0xac3/0x1200
[  171.694991][T26163]  ? io_sq_offload_create+0x84e/0x84e
[  171.699990][T26143]  do_iter_readv_writev+0x2de/0x380
[  171.704380][T26163]  __should_failslab+0x81/0x90
[  171.708683][T26143]  do_iter_write+0x192/0x5c0
[  171.713506][T26163]  should_failslab+0x5/0x20
[  171.718772][T26143]  vfs_iter_write+0x4c/0x70
[  171.724117][T26163]  kmem_cache_alloc_trace+0x52/0x350
[  171.729286][T26143]  iter_file_splice_write+0x43a/0x790
[  171.734026][T26163]  ? io_sq_offload_create+0x84e/0x84e
[  171.738587][T26143]  direct_splice_actor+0x80/0xa0
[  171.743067][T26163]  percpu_ref_init+0x96/0x250
[  171.747551][T26143]  splice_direct_to_actor+0x345/0x650
[  171.752826][T26163]  io_ring_ctx_alloc+0x137/0x58d
[  171.758174][T26143]  do_splice_direct+0x106/0x190
[  171.763620][T26163]  io_uring_create+0x1c8/0x754
[  171.768547][T26143]  do_sendfile+0x675/0xc40
[  171.773198][T26163]  __x64_sys_io_uring_setup+0x118/0x130
[  171.778538][T26143]  __x64_sys_sendfile64+0x102/0x140
[  171.783452][T26163]  do_syscall_64+0x44/0xd0
[  171.788366][T26143]  do_syscall_64+0x44/0xd0
[  171.788385][T26143]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.788406][T26143] 
[  171.788409][T26143] value changed: 0x0000000000000192 -> 0x0000000000000183
[  171.788419][T26143] 
[  171.788421][T26143] Reported by Kernel Concurrency Sanitizer on:
[  171.788427][T26143] CPU: 0 PID: 26143 Comm: syz-executor.3 Not tainted 5.16.0-rc4-syzkaller #0
[  171.793174][T26163]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.797564][T26143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  171.803262][T26163] RIP: 0033:0x7f5223f4aae9
[  171.808432][T26143] ==================================================================
[  171.878467][T26163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  171.898597][T26163] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  171.907015][T26163] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0xc001}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x300000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x500000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:06 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:06 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:06 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x1000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  171.915082][T26163] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  171.923113][T26163] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  171.931100][T26163] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  171.939181][T26163] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  171.947311][T26163]  </TASK>
14:48:07 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 6)

[  172.137184][T26288] FAULT_INJECTION: forcing a failure.
[  172.137184][T26288] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  172.150457][T26288] CPU: 0 PID: 26288 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  172.159224][T26288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.169413][T26288] Call Trace:
[  172.172687][T26288]  <TASK>
[  172.175613][T26288]  dump_stack_lvl+0xd6/0x122
[  172.180284][T26288]  dump_stack+0x11/0x1b
[  172.184444][T26288]  should_fail+0x23c/0x250
[  172.188888][T26288]  __alloc_pages+0x102/0x330
[  172.193509][T26288]  alloc_pages+0x382/0x3d0
[  172.197933][T26288]  __get_free_pages+0x8/0x30
[  172.202816][T26288]  io_mem_alloc+0x2b/0x40
[  172.207215][T26288]  io_allocate_scq_urings+0x98/0x1bb
[  172.212562][T26288]  io_uring_create+0x341/0x754
[  172.217331][T26288]  __x64_sys_io_uring_setup+0x118/0x130
[  172.222950][T26288]  do_syscall_64+0x44/0xd0
[  172.227445][T26288]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  172.233342][T26288] RIP: 0033:0x7f5223f4aae9
[  172.237756][T26288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  172.257378][T26288] RSP: 002b:00007f52236c1108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  172.265821][T26288] RAX: ffffffffffffffda RBX: 00007f522405df60 RCX: 00007f5223f4aae9
[  172.273797][T26288] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
14:48:07 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x2000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:07 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000281)

14:48:07 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4000, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:07 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 7)

[  172.281772][T26288] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  172.289741][T26288] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  172.297823][T26288] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  172.305871][T26288]  </TASK>
14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x2040000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x4000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  172.452837][T26401] FAULT_INJECTION: forcing a failure.
[  172.452837][T26401] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  172.466211][T26401] CPU: 1 PID: 26401 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  172.474972][T26401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.485025][T26401] Call Trace:
[  172.488304][T26401]  <TASK>
[  172.491255][T26401]  dump_stack_lvl+0xd6/0x122
[  172.495920][T26401]  dump_stack+0x11/0x1b
[  172.500171][T26401]  should_fail+0x23c/0x250
[  172.504590][T26401]  __alloc_pages+0x102/0x330
[  172.509222][T26401]  alloc_pages+0x382/0x3d0
[  172.513847][T26401]  __get_free_pages+0x8/0x30
[  172.518534][T26401]  io_mem_alloc+0x2b/0x40
[  172.522865][T26401]  io_allocate_scq_urings+0x154/0x1bb
[  172.528242][T26401]  io_uring_create+0x341/0x754
[  172.533009][T26401]  __x64_sys_io_uring_setup+0x118/0x130
[  172.538613][T26401]  do_syscall_64+0x44/0xd0
[  172.543066][T26401]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  172.548962][T26401] RIP: 0033:0x7f5223f4aae9
14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x6040000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x7000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  172.553417][T26401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  172.573285][T26401] RSP: 002b:00007f52236c1108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  172.581788][T26401] RAX: ffffffffffffffda RBX: 00007f522405df60 RCX: 00007f5223f4aae9
[  172.589760][T26401] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  172.597903][T26401] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  172.605855][T26401] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  172.613893][T26401] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  172.621853][T26401]  </TASK>
14:48:07 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x40000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:07 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 8)

[  172.795996][T26529] FAULT_INJECTION: forcing a failure.
[  172.795996][T26529] name failslab, interval 1, probability 0, space 0, times 0
[  172.808672][T26529] CPU: 0 PID: 26529 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  172.817444][T26529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.827905][T26529] Call Trace:
[  172.831183][T26529]  <TASK>
[  172.834238][T26529]  dump_stack_lvl+0xd6/0x122
[  172.838905][T26529]  dump_stack+0x11/0x1b
[  172.843250][T26529]  should_fail+0x23c/0x250
[  172.847721][T26529]  ? io_rsrc_node_switch_start+0x53/0x110
[  172.853503][T26529]  __should_failslab+0x81/0x90
[  172.858283][T26529]  should_failslab+0x5/0x20
[  172.862851][T26529]  kmem_cache_alloc_trace+0x52/0x350
[  172.868237][T26529]  ? io_sq_offload_create+0xf6/0x84e
[  172.873583][T26529]  io_rsrc_node_switch_start+0x53/0x110
[  172.879130][T26529]  io_uring_create+0x37a/0x754
[  172.883915][T26529]  __x64_sys_io_uring_setup+0x118/0x130
[  172.889470][T26529]  do_syscall_64+0x44/0xd0
[  172.893938][T26529]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  172.899913][T26529] RIP: 0033:0x7f5223f4aae9
[  172.904328][T26529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  172.924740][T26529] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  172.933157][T26529] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
14:48:07 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:07 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:07 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000301)

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x64000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:07 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:07 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0xc0010000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  172.941401][T26529] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  172.949376][T26529] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  172.957425][T26529] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  172.966524][T26529] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  172.974498][T26529]  </TASK>
14:48:08 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 9)

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0xffffffff}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  173.153976][T26636] FAULT_INJECTION: forcing a failure.
[  173.153976][T26636] name failslab, interval 1, probability 0, space 0, times 0
[  173.166803][T26636] CPU: 0 PID: 26636 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  173.175664][T26636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  173.185805][T26636] Call Trace:
[  173.189088][T26636]  <TASK>
[  173.192049][T26636]  dump_stack_lvl+0xd6/0x122
[  173.196646][T26636]  dump_stack+0x11/0x1b
[  173.200837][T26636]  should_fail+0x23c/0x250
[  173.205447][T26636]  ? percpu_ref_init+0x96/0x250
[  173.210306][T26636]  ? kzalloc+0x21/0x21
[  173.214373][T26636]  __should_failslab+0x81/0x90
[  173.219215][T26636]  should_failslab+0x5/0x20
[  173.223755][T26636]  kmem_cache_alloc_trace+0x52/0x350
[  173.229196][T26636]  ? kzalloc+0x21/0x21
[  173.233378][T26636]  percpu_ref_init+0x96/0x250
[  173.238152][T26636]  io_rsrc_node_switch_start+0x71/0x110
[  173.243865][T26636]  io_uring_create+0x37a/0x754
[  173.248633][T26636]  __x64_sys_io_uring_setup+0x118/0x130
[  173.254199][T26636]  do_syscall_64+0x44/0xd0
[  173.258645][T26636]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  173.264550][T26636] RIP: 0033:0x7f5223f4aae9
[  173.268960][T26636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  173.288614][T26636] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:08 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0xa, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:08 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000500)

[  173.297364][T26636] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  173.305338][T26636] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  173.313309][T26636] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  173.321280][T26636] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  173.329349][T26636] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  173.337402][T26636]  </TASK>
14:48:08 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x4}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:08 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 10)

14:48:08 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:08 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000501)

14:48:08 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x7}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  173.628957][T26790] FAULT_INJECTION: forcing a failure.
[  173.628957][T26790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.642070][T26790] CPU: 1 PID: 26790 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  173.655325][T26790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  173.665401][T26790] Call Trace:
[  173.668680][T26790]  <TASK>
[  173.671622][T26790]  dump_stack_lvl+0xd6/0x122
14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x30}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x50}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  173.676266][T26790]  dump_stack+0x11/0x1b
[  173.680558][T26790]  should_fail+0x23c/0x250
[  173.685018][T26790]  should_fail_usercopy+0x16/0x20
[  173.690038][T26790]  _copy_to_user+0x1c/0x90
[  173.694530][T26790]  io_uring_create+0x4d0/0x754
[  173.699442][T26790]  __x64_sys_io_uring_setup+0x118/0x130
[  173.705025][T26790]  do_syscall_64+0x44/0xd0
[  173.709609][T26790]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  173.715542][T26790] RIP: 0033:0x7f5223f4aae9
14:48:08 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

[  173.719974][T26790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  173.739841][T26790] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  173.753031][T26790] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  173.761028][T26790] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  173.768994][T26790] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x64}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:08 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x1c0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  173.776965][T26790] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  173.784939][T26790] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  173.792948][T26790]  </TASK>
14:48:09 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x204}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:09 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 11)

14:48:09 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000600)

14:48:09 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index, 0x8, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:09 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x402}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x406}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x604}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.282244][T27039] FAULT_INJECTION: forcing a failure.
[  174.282244][T27039] name failslab, interval 1, probability 0, space 0, times 0
[  174.295209][T27039] CPU: 0 PID: 27039 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  174.303973][T27039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  174.314024][T27039] Call Trace:
[  174.317302][T27039]  <TASK>
[  174.320226][T27039]  dump_stack_lvl+0xd6/0x122
[  174.324909][T27039]  dump_stack+0x11/0x1b
14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x700}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.329116][T27039]  should_fail+0x23c/0x250
[  174.333728][T27039]  ? sock_alloc_inode+0x23/0x90
[  174.338589][T27039]  __should_failslab+0x81/0x90
[  174.343349][T27039]  ? sockfs_init_fs_context+0x70/0x70
[  174.348787][T27039]  should_failslab+0x5/0x20
[  174.353319][T27039]  kmem_cache_alloc+0x4f/0x320
[  174.358130][T27039]  ? sockfs_init_fs_context+0x70/0x70
[  174.363516][T27039]  sock_alloc_inode+0x23/0x90
[  174.368292][T27039]  ? sockfs_init_fs_context+0x70/0x70
[  174.374554][T27039]  new_inode_pseudo+0x38/0x190
[  174.379340][T27039]  __sock_create+0x122/0x4e0
[  174.383941][T27039]  ? should_fail+0xd6/0x250
[  174.388445][T27039]  sock_create_kern+0x34/0x40
[  174.393172][T27039]  io_uring_create+0x50b/0x754
[  174.397989][T27039]  __x64_sys_io_uring_setup+0x118/0x130
[  174.403560][T27039]  do_syscall_64+0x44/0xd0
[  174.407975][T27039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  174.413876][T27039] RIP: 0033:0x7f5223f4aae9
14:48:09 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000601)

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x3000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.418289][T27039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  174.438091][T27039] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  174.446504][T27039] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  174.458364][T27039] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  174.466333][T27039] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  174.474313][T27039] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  174.482281][T27039] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  174.490255][T27039]  </TASK>
[  174.493573][T27039] socket: no more sockets
14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x4000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:09 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x0, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:09 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:09 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 12)

14:48:09 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x5000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:09 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000701)

[  174.755689][T27172] FAULT_INJECTION: forcing a failure.
[  174.755689][T27172] name failslab, interval 1, probability 0, space 0, times 0
[  174.768330][T27172] CPU: 0 PID: 27172 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  174.777125][T27172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  174.787187][T27172] Call Trace:
[  174.790469][T27172]  <TASK>
[  174.793393][T27172]  dump_stack_lvl+0xd6/0x122
[  174.797997][T27172]  dump_stack+0x11/0x1b
14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x6400}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.802169][T27172]  should_fail+0x23c/0x250
[  174.806601][T27172]  ? security_inode_alloc+0x30/0x180
[  174.811886][T27172]  __should_failslab+0x81/0x90
[  174.816785][T27172]  should_failslab+0x5/0x20
[  174.821349][T27172]  kmem_cache_alloc+0x4f/0x320
[  174.826250][T27172]  security_inode_alloc+0x30/0x180
[  174.831365][T27172]  inode_init_always+0x214/0x3e0
[  174.836304][T27172]  ? sockfs_init_fs_context+0x70/0x70
[  174.841681][T27172]  new_inode_pseudo+0x6f/0x190
[  174.846482][T27172]  __sock_create+0x122/0x4e0
[  174.851072][T27172]  ? should_fail+0xd6/0x250
[  174.855575][T27172]  sock_create_kern+0x34/0x40
[  174.860268][T27172]  io_uring_create+0x50b/0x754
[  174.865048][T27172]  __x64_sys_io_uring_setup+0x118/0x130
[  174.870696][T27172]  do_syscall_64+0x44/0xd0
[  174.875117][T27172]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  174.881018][T27172] RIP: 0033:0x7f5223f4aae9
[  174.885448][T27172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0xc001}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.905175][T27172] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  174.913591][T27172] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  174.921568][T27172] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  174.929539][T27172] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  174.937542][T27172] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  174.945523][T27172] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  174.953503][T27172]  </TASK>
14:48:09 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000801)

14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x300000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  174.956659][T27172] socket: no more sockets
14:48:09 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x500000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x0, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x1000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x2000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 13)

14:48:10 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:10 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x0, &(0x7f0000000340)=""/31, 0x1f, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:10 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:10 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000901)

14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x2040000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x4000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

[  175.414833][T27424] FAULT_INJECTION: forcing a failure.
[  175.414833][T27424] name failslab, interval 1, probability 0, space 0, times 0
[  175.427490][T27424] CPU: 0 PID: 27424 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  175.436322][T27424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  175.446410][T27424] Call Trace:
[  175.449689][T27424]  <TASK>
[  175.452688][T27424]  dump_stack_lvl+0xd6/0x122
[  175.457285][T27424]  dump_stack+0x11/0x1b
[  175.461450][T27424]  should_fail+0x23c/0x250
[  175.465869][T27424]  ? sk_prot_alloc+0x41/0x190
[  175.470617][T27424]  __should_failslab+0x81/0x90
[  175.475401][T27424]  should_failslab+0x5/0x20
[  175.480053][T27424]  kmem_cache_alloc+0x4f/0x320
[  175.484822][T27424]  sk_prot_alloc+0x41/0x190
[  175.489351][T27424]  sk_alloc+0x2e/0x330
[  175.493423][T27424]  unix_create1+0xa2/0x3c0
[  175.497867][T27424]  unix_create+0xfb/0x120
[  175.502270][T27424]  __sock_create+0x2cc/0x4e0
[  175.506870][T27424]  sock_create_kern+0x34/0x40
[  175.511552][T27424]  io_uring_create+0x50b/0x754
[  175.516320][T27424]  __x64_sys_io_uring_setup+0x118/0x130
[  175.521992][T27424]  do_syscall_64+0x44/0xd0
[  175.526409][T27424]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  175.532346][T27424] RIP: 0033:0x7f5223f4aae9
[  175.536799][T27424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  175.556407][T27424] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x6040000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, 0x0, 0x0, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x7000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80000a01)

[  175.564838][T27424] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  175.572810][T27424] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  175.580877][T27424] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  175.588976][T27424] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  175.597009][T27424] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  175.604978][T27424]  </TASK>
14:48:10 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x40000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:10 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 14)

[  175.806002][T27549] FAULT_INJECTION: forcing a failure.
[  175.806002][T27549] name failslab, interval 1, probability 0, space 0, times 0
[  175.818953][T27549] CPU: 1 PID: 27549 Comm: syz-executor.2 Not tainted 5.16.0-rc4-syzkaller #0
[  175.827762][T27549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  175.837859][T27549] Call Trace:
[  175.841168][T27549]  <TASK>
[  175.844089][T27549]  dump_stack_lvl+0xd6/0x122
[  175.848699][T27549]  dump_stack+0x11/0x1b
[  175.852833][T27549]  should_fail+0x23c/0x250
[  175.857228][T27549]  ? selinux_sk_alloc_security+0x61/0x120
[  175.862960][T27549]  __should_failslab+0x81/0x90
[  175.867767][T27549]  should_failslab+0x5/0x20
[  175.872276][T27549]  kmem_cache_alloc_trace+0x52/0x350
[  175.877564][T27549]  ? __rcu_read_unlock+0x5c/0x290
[  175.882597][T27549]  selinux_sk_alloc_security+0x61/0x120
[  175.888131][T27549]  security_sk_alloc+0x45/0x90
[  175.893043][T27549]  sk_prot_alloc+0xd2/0x190
[  175.897658][T27549]  sk_alloc+0x2e/0x330
[  175.901850][T27549]  unix_create1+0xa2/0x3c0
[  175.906269][T27549]  unix_create+0xfb/0x120
[  175.910611][T27549]  __sock_create+0x2cc/0x4e0
[  175.915206][T27549]  sock_create_kern+0x34/0x40
[  175.919927][T27549]  io_uring_create+0x50b/0x754
[  175.924749][T27549]  __x64_sys_io_uring_setup+0x118/0x130
[  175.930399][T27549]  do_syscall_64+0x44/0xd0
[  175.934821][T27549]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  175.940893][T27549] RIP: 0033:0x7f5223f4aae9
[  175.945302][T27549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  175.964930][T27549] RSP: 002b:00007f52236a0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  175.973897][T27549] RAX: ffffffffffffffda RBX: 00007f522405e028 RCX: 00007f5223f4aae9
[  175.981855][T27549] RDX: 0000000020c06000 RSI: 00000000200004c0 RDI: 00000000000035b8
[  175.989819][T27549] RBP: 00000000200004c0 R08: 0000000020000580 R09: 0000000020000580
[  175.997775][T27549] R10: 0000000020000540 R11: 0000000000000202 R12: 0000000020000580
[  176.005741][T27549] R13: 0000000020c06000 R14: 0000000020000540 R15: 0000000020460000
[  176.013703][T27549]  </TASK>
14:48:11 executing program 0:
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x8, 0x2, 0x2)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0xd3b8, 0x2, 0x1, 0x297}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
r1 = syz_io_uring_setup(0x4016, &(0x7f0000000140)={0x0, 0xff01, 0xe00f80cf762177e4, 0x2, 0xc7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
syz_io_uring_setup(0x7566, &(0x7f0000000240)={0x0, 0xf545, 0x4, 0x3, 0x248, 0x0, r1}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000a, 0x10, r1, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x4000, @fd_index=0xa, 0x8, 0x0, 0x0, 0x9, 0x1, {0x0, r4}}, 0x1)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = syz_io_uring_setup(0x52e6, &(0x7f00000003c0)={0x0, 0x2e48, 0x20, 0x3, 0x348, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mprotect(&(0x7f0000d4a000/0x4000)=nil, 0x4000, 0x1000000)
r6 = syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0xe903, 0x2, 0x2, 0x7e, 0x0, r5}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580))
remap_file_pages(&(0x7f0000b00000/0x3000)=nil, 0x3000, 0x1, 0x7, 0x10)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r5, &(0x7f00000005c0)={0xffffffffffffffff, r6, 0x100})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0x7)

14:48:11 executing program 4:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x3f, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x1c575)

14:48:11 executing program 1:
syz_io_uring_setup(0x7d9d, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x64000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

14:48:11 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
syz_io_uring_setup(0x35b8, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x7e}, &(0x7f0000460000/0x3000)=nil, &(0x7f0000c06000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)) (fail_nth: 15)

14:48:11 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7f, 0x8, 0x9, 0x0, 0x0, 0x800, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xc0e, 0x80}, 0x40, 0xffff, 0xffffffff, 0x5, 0x5, 0x1, 0xfff7, 0x0, 0x3f, 0x0, 0x6}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x1, 0xff, 0x0, 0xc50, 0x1010, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x0, 0x8da, 0x7, 0x5, 0x6, 0xe902, 0x0, 0xd1, 0x0, 0x40000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00