_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd4, &(0x7f0000000680)=[{}], 0x8, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x20, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000008c0)=0xffffffffffffffff, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r0, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000980)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000009c0)=[0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0], 0x0, 0x3e, &(0x7f0000000a40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10) r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x80000001, 0x18}, 0xc) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r11, &(0x7f0000000000), 0x165243) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r11, 0x1) openat$cgroup_ro(r11, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000f80)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000e40)=@raw=[@exit], &(0x7f0000000e80)='GPL\x00', 0x1ff, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, r11, 0x8, &(0x7f0000000ec0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000f00)={0x4, 0x9, 0x0, 0xffff}, 0x10, r8, 0x0, 0x2, 0x0, &(0x7f0000000f40)=[{0x4, 0x3, 0x5, 0x1}, {0x2, 0x1, 0xb, 0x7}], 0x10, 0x3}, 0x90) r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@bloom_filter={0x1e, 0x4b6a, 0xfffffffa, 0xa557, 0x0, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0xe}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x10, 0x38, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xeec7, 0x0, 0x0, 0x0, 0x34}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@alu={0x7, 0x0, 0xb, 0x9, 0x2, 0x102, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x3, 0x83, &(0x7f0000000500)=""/131, 0x41000, 0x40, '\x00', r6, 0x2d, r7, 0x8, &(0x7f0000000900)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000940)={0x1, 0x7, 0x9, 0x1}, 0x10, r8, r0, 0x0, &(0x7f0000000d40)=[r9, 0x1, r10, 0xffffffffffffffff, r0, r1, r12], 0x0, 0x10, 0xfffffeff}, 0x90) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0), 0x12) 22:48:58 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) [ 1476.743871][T30331] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1476.752117][T30331] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1476.759926][T30331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1476.767738][T30331] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1476.775549][T30331] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1476.783361][T30331] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1476.791177][T30331] 22:48:58 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000fa36cfa73f92b0702aad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:48:58 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61020000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1476.824548][T30344] FAULT_INJECTION: forcing a failure. [ 1476.824548][T30344] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.852011][T30344] CPU: 0 PID: 30344 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1476.862175][T30344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1476.872063][T30344] Call Trace: [ 1476.875188][T30344] [ 1476.877968][T30344] dump_stack_lvl+0x151/0x1b7 [ 1476.882480][T30344] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1476.887945][T30344] ? slab_post_alloc_hook+0x53/0x2c0 [ 1476.893070][T30344] ? kernel_clone+0x21e/0x9e0 [ 1476.897588][T30344] ? do_syscall_64+0x3d/0xb0 [ 1476.902007][T30344] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1476.908000][T30344] dump_stack+0x15/0x17 [ 1476.911987][T30344] should_fail+0x3c6/0x510 [ 1476.916328][T30344] __should_failslab+0xa4/0xe0 [ 1476.920927][T30344] ? copy_mm+0x192/0x13e0 [ 1476.925091][T30344] should_failslab+0x9/0x20 [ 1476.929432][T30344] slab_pre_alloc_hook+0x37/0xd0 [ 1476.934208][T30344] ? copy_mm+0x192/0x13e0 [ 1476.938371][T30344] kmem_cache_alloc+0x44/0x200 [ 1476.942972][T30344] copy_mm+0x192/0x13e0 [ 1476.946967][T30344] ? _raw_spin_lock+0xa4/0x1b0 [ 1476.951565][T30344] ? copy_signal+0x610/0x610 [ 1476.955992][T30344] ? __kasan_check_write+0x14/0x20 [ 1476.960940][T30344] ? __init_rwsem+0xd6/0x1c0 [ 1476.965454][T30344] ? copy_signal+0x4e3/0x610 [ 1476.969878][T30344] copy_process+0x1149/0x3290 [ 1476.974391][T30344] ? proc_fail_nth_write+0x20b/0x290 [ 1476.979511][T30344] ? fsnotify_perm+0x6a/0x5d0 [ 1476.984026][T30344] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1476.988972][T30344] ? vfs_write+0x9ec/0x1110 [ 1476.993312][T30344] kernel_clone+0x21e/0x9e0 [ 1476.997650][T30344] ? file_end_write+0x1c0/0x1c0 [ 1477.002338][T30344] ? create_io_thread+0x1e0/0x1e0 [ 1477.007197][T30344] ? mutex_unlock+0xb2/0x260 [ 1477.011623][T30344] ? __mutex_lock_slowpath+0x10/0x10 [ 1477.016745][T30344] __x64_sys_clone+0x23f/0x290 [ 1477.021345][T30344] ? __do_sys_vfork+0x130/0x130 [ 1477.026031][T30344] ? ksys_write+0x260/0x2c0 [ 1477.030379][T30344] ? debug_smp_processor_id+0x17/0x20 [ 1477.035596][T30344] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1477.041480][T30344] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1477.046952][T30344] do_syscall_64+0x3d/0xb0 [ 1477.051203][T30344] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1477.056928][T30344] RIP: 0033:0x7f0304509da9 [ 1477.061183][T30344] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1477.080623][T30344] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1477.088869][T30344] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1477.096680][T30344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1477.104492][T30344] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1477.112304][T30344] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 22:48:58 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00') (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00') bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd4, &(0x7f0000000680)=[{}], 0x8, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x20, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000008c0)=0xffffffffffffffff, 0x4) (async) r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000008c0)=0xffffffffffffffff, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r0, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000980)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000009c0)=[0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0], 0x0, 0x3e, &(0x7f0000000a40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10) r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x80000001, 0x18}, 0xc) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) (async) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r11, &(0x7f0000000000), 0x165243) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r11, 0x1) openat$cgroup_ro(r11, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) (async) openat$cgroup_ro(r11, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000f80)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000e40)=@raw=[@exit], &(0x7f0000000e80)='GPL\x00', 0x1ff, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, r11, 0x8, &(0x7f0000000ec0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000f00)={0x4, 0x9, 0x0, 0xffff}, 0x10, r8, 0x0, 0x2, 0x0, &(0x7f0000000f40)=[{0x4, 0x3, 0x5, 0x1}, {0x2, 0x1, 0xb, 0x7}], 0x10, 0x3}, 0x90) r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@bloom_filter={0x1e, 0x4b6a, 0xfffffffa, 0xa557, 0x0, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0xe}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x10, 0x38, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xeec7, 0x0, 0x0, 0x0, 0x34}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@alu={0x7, 0x0, 0xb, 0x9, 0x2, 0x102, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x3, 0x83, &(0x7f0000000500)=""/131, 0x41000, 0x40, '\x00', r6, 0x2d, r7, 0x8, &(0x7f0000000900)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000940)={0x1, 0x7, 0x9, 0x1}, 0x10, r8, r0, 0x0, &(0x7f0000000d40)=[r9, 0x1, r10, 0xffffffffffffffff, r0, r1, r12], 0x0, 0x10, 0xfffffeff}, 0x90) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0), 0x12) 22:48:58 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000fa36cfa73f92b0702aad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:48:58 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 22:48:58 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1e000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1477.120376][T30344] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1477.128187][T30344] 22:48:58 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000fa36cfa73f92b0702aad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000fa36cfa73f92b0702aad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) [ 1477.158458][T30359] FAULT_INJECTION: forcing a failure. [ 1477.158458][T30359] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.182037][T30359] CPU: 0 PID: 30359 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1477.192204][T30359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1477.202091][T30359] Call Trace: [ 1477.205212][T30359] [ 1477.207992][T30359] dump_stack_lvl+0x151/0x1b7 [ 1477.212504][T30359] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1477.217975][T30359] dump_stack+0x15/0x17 [ 1477.221962][T30359] should_fail+0x3c6/0x510 [ 1477.226217][T30359] __should_failslab+0xa4/0xe0 [ 1477.230816][T30359] should_failslab+0x9/0x20 [ 1477.235156][T30359] slab_pre_alloc_hook+0x37/0xd0 [ 1477.239929][T30359] kmem_cache_alloc_trace+0x48/0x210 [ 1477.245049][T30359] ? mm_init+0x39a/0x970 [ 1477.249131][T30359] mm_init+0x39a/0x970 [ 1477.253037][T30359] copy_mm+0x1e3/0x13e0 [ 1477.257029][T30359] ? _raw_spin_lock+0xa4/0x1b0 [ 1477.261637][T30359] ? copy_signal+0x610/0x610 [ 1477.266054][T30359] ? __kasan_check_write+0x14/0x20 [ 1477.271005][T30359] ? __init_rwsem+0xd6/0x1c0 [ 1477.275429][T30359] ? copy_signal+0x4e3/0x610 [ 1477.279857][T30359] copy_process+0x1149/0x3290 [ 1477.284482][T30359] ? proc_fail_nth_write+0x20b/0x290 [ 1477.289593][T30359] ? fsnotify_perm+0x6a/0x5d0 [ 1477.294105][T30359] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1477.299050][T30359] ? vfs_write+0x9ec/0x1110 [ 1477.303390][T30359] kernel_clone+0x21e/0x9e0 [ 1477.307728][T30359] ? file_end_write+0x1c0/0x1c0 [ 1477.312414][T30359] ? create_io_thread+0x1e0/0x1e0 [ 1477.317276][T30359] ? mutex_unlock+0xb2/0x260 [ 1477.321702][T30359] ? __mutex_lock_slowpath+0x10/0x10 [ 1477.326824][T30359] __x64_sys_clone+0x23f/0x290 [ 1477.331423][T30359] ? __do_sys_vfork+0x130/0x130 [ 1477.336107][T30359] ? ksys_write+0x260/0x2c0 [ 1477.340451][T30359] ? debug_smp_processor_id+0x17/0x20 [ 1477.345654][T30359] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1477.351559][T30359] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1477.357026][T30359] do_syscall_64+0x3d/0xb0 [ 1477.361280][T30359] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1477.367006][T30359] RIP: 0033:0x7f0304509da9 [ 1477.371261][T30359] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1477.390700][T30359] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1477.399089][T30359] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:48:58 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:48:58 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:48:58 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00') bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd4, &(0x7f0000000680)=[{}], 0x8, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x20, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000008c0)=0xffffffffffffffff, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r0, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000980)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000009c0)=[0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0], 0x0, 0x3e, &(0x7f0000000a40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r0, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000980)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000009c0)=[0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0], 0x0, 0x3e, &(0x7f0000000a40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10) r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x80000001, 0x18}, 0xc) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r11, &(0x7f0000000000), 0x165243) (async) write$cgroup_type(r11, &(0x7f0000000000), 0x165243) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r11, 0x1) (async) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, r11, 0x1) openat$cgroup_ro(r11, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000f80)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000e40)=@raw=[@exit], &(0x7f0000000e80)='GPL\x00', 0x1ff, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, r11, 0x8, &(0x7f0000000ec0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000f00)={0x4, 0x9, 0x0, 0xffff}, 0x10, r8, 0x0, 0x2, 0x0, &(0x7f0000000f40)=[{0x4, 0x3, 0x5, 0x1}, {0x2, 0x1, 0xb, 0x7}], 0x10, 0x3}, 0x90) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000f80)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000e40)=@raw=[@exit], &(0x7f0000000e80)='GPL\x00', 0x1ff, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, r11, 0x8, &(0x7f0000000ec0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000f00)={0x4, 0x9, 0x0, 0xffff}, 0x10, r8, 0x0, 0x2, 0x0, &(0x7f0000000f40)=[{0x4, 0x3, 0x5, 0x1}, {0x2, 0x1, 0xb, 0x7}], 0x10, 0x3}, 0x90) r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@bloom_filter={0x1e, 0x4b6a, 0xfffffffa, 0xa557, 0x0, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0xe}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x10, 0x38, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xeec7, 0x0, 0x0, 0x0, 0x34}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@alu={0x7, 0x0, 0xb, 0x9, 0x2, 0x102, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x3, 0x83, &(0x7f0000000500)=""/131, 0x41000, 0x40, '\x00', r6, 0x2d, r7, 0x8, &(0x7f0000000900)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000940)={0x1, 0x7, 0x9, 0x1}, 0x10, r8, r0, 0x0, &(0x7f0000000d40)=[r9, 0x1, r10, 0xffffffffffffffff, r0, r1, r12], 0x0, 0x10, 0xfffffeff}, 0x90) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0), 0x12) 22:48:58 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x63, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x20, &(0x7f0000000700)={&(0x7f0000000640)=""/120, 0x78, 0x0, &(0x7f00000006c0)=""/14, 0xe}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1a, 0xd, &(0x7f0000000040)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x417}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], &(0x7f00000000c0)='GPL\x00', 0x2, 0x6, &(0x7f0000000140)=""/6, 0x40f00, 0x10, '\x00', r2, 0x36, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x4, 0x0, 0x2, 0x6}, 0x10, r4, r0, 0x1, &(0x7f0000000780)=[r1, r1], &(0x7f00000007c0)=[{0x1, 0x5, 0xe, 0x7}], 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:48:58 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 22:48:59 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1477.406892][T30359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1477.414712][T30359] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1477.422520][T30359] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1477.430327][T30359] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1477.438144][T30359] 22:48:59 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x20000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:48:59 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1477.507169][T30378] FAULT_INJECTION: forcing a failure. [ 1477.507169][T30378] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1477.529146][T30378] CPU: 1 PID: 30378 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1477.539316][T30378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1477.549209][T30378] Call Trace: [ 1477.552331][T30378] [ 1477.555109][T30378] dump_stack_lvl+0x151/0x1b7 [ 1477.559622][T30378] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1477.565087][T30378] ? stack_trace_save+0x113/0x1c0 [ 1477.569964][T30378] ? stack_trace_snprint+0xf0/0xf0 [ 1477.574982][T30378] ? stack_trace_snprint+0xf0/0xf0 [ 1477.579931][T30378] dump_stack+0x15/0x17 [ 1477.583925][T30378] should_fail+0x3c6/0x510 [ 1477.588177][T30378] should_fail_alloc_page+0x5a/0x80 [ 1477.593213][T30378] prepare_alloc_pages+0x15c/0x700 [ 1477.598157][T30378] ? __alloc_pages_bulk+0xe40/0xe40 [ 1477.603190][T30378] ? __kasan_check_write+0x14/0x20 [ 1477.608138][T30378] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 1477.613868][T30378] __alloc_pages+0x18c/0x8f0 [ 1477.618293][T30378] ? prep_new_page+0x110/0x110 [ 1477.622891][T30378] ? pcpu_alloc+0xda0/0x13e0 [ 1477.627321][T30378] __get_free_pages+0x10/0x30 [ 1477.631833][T30378] pgd_alloc+0x21/0x2c0 [ 1477.635825][T30378] mm_init+0x5c7/0x970 [ 1477.639729][T30378] copy_mm+0x1e3/0x13e0 [ 1477.643724][T30378] ? _raw_spin_lock+0xa4/0x1b0 [ 1477.648327][T30378] ? copy_signal+0x610/0x610 [ 1477.652750][T30378] ? __kasan_check_write+0x14/0x20 [ 1477.657694][T30378] ? __init_rwsem+0xd6/0x1c0 [ 1477.662123][T30378] ? copy_signal+0x4e3/0x610 [ 1477.666553][T30378] copy_process+0x1149/0x3290 [ 1477.671064][T30378] ? proc_fail_nth_write+0x20b/0x290 [ 1477.676182][T30378] ? fsnotify_perm+0x6a/0x5d0 [ 1477.680699][T30378] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1477.685645][T30378] ? vfs_write+0x9ec/0x1110 [ 1477.689987][T30378] kernel_clone+0x21e/0x9e0 [ 1477.694321][T30378] ? file_end_write+0x1c0/0x1c0 [ 1477.699007][T30378] ? create_io_thread+0x1e0/0x1e0 [ 1477.703867][T30378] ? mutex_unlock+0xb2/0x260 [ 1477.708294][T30378] ? __mutex_lock_slowpath+0x10/0x10 [ 1477.713417][T30378] __x64_sys_clone+0x23f/0x290 [ 1477.718017][T30378] ? __do_sys_vfork+0x130/0x130 [ 1477.722703][T30378] ? ksys_write+0x260/0x2c0 [ 1477.727043][T30378] ? debug_smp_processor_id+0x17/0x20 [ 1477.732248][T30378] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1477.738152][T30378] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1477.743621][T30378] do_syscall_64+0x3d/0xb0 [ 1477.747872][T30378] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1477.753601][T30378] RIP: 0033:0x7f0304509da9 [ 1477.757857][T30378] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1477.777294][T30378] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1477.785539][T30378] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1477.793356][T30378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:48:59 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 22:48:59 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x27030000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1477.801161][T30378] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1477.808974][T30378] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1477.816787][T30378] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1477.824601][T30378] [ 1477.861672][T30390] FAULT_INJECTION: forcing a failure. [ 1477.861672][T30390] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1477.876405][T30390] CPU: 0 PID: 30390 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1477.886561][T30390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1477.896458][T30390] Call Trace: [ 1477.899672][T30390] [ 1477.902445][T30390] dump_stack_lvl+0x151/0x1b7 22:48:59 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:48:59 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x28000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1477.906961][T30390] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1477.912431][T30390] ? __stack_depot_save+0x34/0x470 [ 1477.917374][T30390] dump_stack+0x15/0x17 [ 1477.921367][T30390] should_fail+0x3c6/0x510 [ 1477.925624][T30390] should_fail_alloc_page+0x5a/0x80 [ 1477.930649][T30390] prepare_alloc_pages+0x15c/0x700 [ 1477.935602][T30390] ? __alloc_pages_bulk+0xe40/0xe40 [ 1477.940637][T30390] __alloc_pages+0x18c/0x8f0 [ 1477.945057][T30390] ? prep_new_page+0x110/0x110 [ 1477.949657][T30390] ? __kasan_kmalloc+0x9/0x10 [ 1477.954172][T30390] ? __kmalloc+0x13a/0x270 [ 1477.958427][T30390] ? __vmalloc_node_range+0x2d6/0x8d0 [ 1477.963634][T30390] __vmalloc_node_range+0x482/0x8d0 [ 1477.968666][T30390] dup_task_struct+0x416/0xc60 [ 1477.973264][T30390] ? copy_process+0x5c4/0x3290 [ 1477.977863][T30390] ? __kasan_check_write+0x14/0x20 [ 1477.982815][T30390] copy_process+0x5c4/0x3290 [ 1477.987238][T30390] ? __kasan_check_write+0x14/0x20 [ 1477.992180][T30390] ? proc_fail_nth_write+0x20b/0x290 [ 1477.997314][T30390] ? selinux_file_permission+0x2c4/0x570 [ 1478.002768][T30390] ? fsnotify_perm+0x6a/0x5d0 [ 1478.007284][T30390] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1478.012231][T30390] ? vfs_write+0x9ec/0x1110 [ 1478.016578][T30390] kernel_clone+0x21e/0x9e0 [ 1478.020911][T30390] ? file_end_write+0x1c0/0x1c0 [ 1478.025619][T30390] ? create_io_thread+0x1e0/0x1e0 [ 1478.030461][T30390] ? mutex_unlock+0xb2/0x260 [ 1478.034882][T30390] ? __mutex_lock_slowpath+0x10/0x10 [ 1478.040003][T30390] __x64_sys_clone+0x23f/0x290 [ 1478.044605][T30390] ? __do_sys_vfork+0x130/0x130 [ 1478.049288][T30390] ? ksys_write+0x260/0x2c0 [ 1478.053631][T30390] ? debug_smp_processor_id+0x17/0x20 [ 1478.058836][T30390] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1478.064738][T30390] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1478.070216][T30390] do_syscall_64+0x3d/0xb0 [ 1478.074459][T30390] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1478.080190][T30390] RIP: 0033:0x7f0304509da9 [ 1478.084443][T30390] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1478.103889][T30390] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:48:59 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:48:59 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000538960d4d79bf09005090000000000413efd3bff3b0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:48:59 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x63, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (async) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x20, &(0x7f0000000700)={&(0x7f0000000640)=""/120, 0x78, 0x0, &(0x7f00000006c0)=""/14, 0xe}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1a, 0xd, &(0x7f0000000040)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x417}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], &(0x7f00000000c0)='GPL\x00', 0x2, 0x6, &(0x7f0000000140)=""/6, 0x40f00, 0x10, '\x00', r2, 0x36, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x4, 0x0, 0x2, 0x6}, 0x10, r4, r0, 0x1, &(0x7f0000000780)=[r1, r1], &(0x7f00000007c0)=[{0x1, 0x5, 0xe, 0x7}], 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:48:59 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) [ 1478.112128][T30390] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1478.119938][T30390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1478.127749][T30390] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1478.135562][T30390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1478.143372][T30390] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1478.151188][T30390] 22:48:59 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000538960d4d79bf09005090000000000413efd3bff3b0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) [ 1478.184804][T30407] FAULT_INJECTION: forcing a failure. [ 1478.184804][T30407] name failslab, interval 1, probability 0, space 0, times 0 [ 1478.201503][T30407] CPU: 0 PID: 30407 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1478.211664][T30407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1478.221559][T30407] Call Trace: [ 1478.224683][T30407] [ 1478.227459][T30407] dump_stack_lvl+0x151/0x1b7 [ 1478.231971][T30407] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1478.237439][T30407] ? vmap_pages_range_noflush+0x7d5/0x800 [ 1478.242994][T30407] dump_stack+0x15/0x17 [ 1478.246986][T30407] should_fail+0x3c6/0x510 [ 1478.251244][T30407] __should_failslab+0xa4/0xe0 [ 1478.255838][T30407] ? prepare_creds+0x2f/0x6a0 [ 1478.260353][T30407] should_failslab+0x9/0x20 [ 1478.264693][T30407] slab_pre_alloc_hook+0x37/0xd0 [ 1478.269466][T30407] ? prepare_creds+0x2f/0x6a0 [ 1478.273986][T30407] kmem_cache_alloc+0x44/0x200 [ 1478.278572][T30407] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1478.283867][T30407] prepare_creds+0x2f/0x6a0 [ 1478.288214][T30407] copy_creds+0xf0/0x630 [ 1478.292291][T30407] ? dup_task_struct+0x7e6/0xc60 [ 1478.297061][T30407] copy_process+0x7c3/0x3290 [ 1478.301493][T30407] ? __kasan_check_write+0x14/0x20 [ 1478.306434][T30407] ? proc_fail_nth_write+0x20b/0x290 [ 1478.311554][T30407] ? selinux_file_permission+0x2c4/0x570 [ 1478.317022][T30407] ? fsnotify_perm+0x6a/0x5d0 [ 1478.321538][T30407] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1478.326483][T30407] ? vfs_write+0x9ec/0x1110 [ 1478.330823][T30407] kernel_clone+0x21e/0x9e0 [ 1478.335165][T30407] ? file_end_write+0x1c0/0x1c0 [ 1478.339848][T30407] ? create_io_thread+0x1e0/0x1e0 [ 1478.344707][T30407] ? mutex_unlock+0xb2/0x260 [ 1478.349223][T30407] ? __mutex_lock_slowpath+0x10/0x10 [ 1478.354355][T30407] __x64_sys_clone+0x23f/0x290 [ 1478.358948][T30407] ? __do_sys_vfork+0x130/0x130 [ 1478.363630][T30407] ? ksys_write+0x260/0x2c0 [ 1478.367972][T30407] ? debug_smp_processor_id+0x17/0x20 [ 1478.373177][T30407] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1478.379081][T30407] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1478.384549][T30407] do_syscall_64+0x3d/0xb0 [ 1478.388800][T30407] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1478.394526][T30407] RIP: 0033:0x7f0304509da9 [ 1478.398781][T30407] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1478.418222][T30407] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1478.426483][T30407] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000538960d4d79bf09005090000000000413efd3bff3b0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:00 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40030000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 22:49:00 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x63, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x20, &(0x7f0000000700)={&(0x7f0000000640)=""/120, 0x78, 0x0, &(0x7f00000006c0)=""/14, 0xe}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1a, 0xd, &(0x7f0000000040)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x417}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], &(0x7f00000000c0)='GPL\x00', 0x2, 0x6, &(0x7f0000000140)=""/6, 0x40f00, 0x10, '\x00', r2, 0x36, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x4, 0x0, 0x2, 0x6}, 0x10, r4, r0, 0x1, &(0x7f0000000780)=[r1, r1], &(0x7f00000007c0)=[{0x1, 0x5, 0xe, 0x7}], 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1478.434282][T30407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1478.442091][T30407] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1478.449899][T30407] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1478.457711][T30407] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1478.465532][T30407] 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x71000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) openat$cgroup_int(r2, &(0x7f0000000040)='cpuset.memory_spread_slab\x00', 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='cgroup.controllers\x00', 0x26e1, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f40)={0x18, 0x19, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000df8ea20effffff00000100090000000000faffb90000ea00000000000000001818f8961a224d11000014c10574c67f2ae682ac99a02d539192513dc8eed099a581b36bd85d13050b029fc0377f56795ae942f4a6c3a32ea198dc20e7ff522a05e2a51b10ef1434fe30858494b8e185a4c35ca0712e292510f8bc68f850d77f4eacedef9d843a5be62269dfba91086367d4cb0e5265ea387a5043e3c93fc51af1449c0caf7867945f365742354a37589d6e3b0a08d0c4f3ba0617a620a5e53436bc8f7b0236f6b2086b6fe551fea781a346843342bf81756daa7d293843da14935f72c952097aa80566763a2c1f5482824dcf826ca51eeee4fa93dd02fef9a11f4eb72e65708f4c63f3b7f700e8c8ede58351d651561217ca0de0833f7606f42373c7cf1c60e9be260afbdce067ac9dbcaaaf4248214300d6ed0d736ca6a707026b2d13fdbf9ecfe0aad658f3e515e0a155382f02a8ec606e93069ed03d8885ec35eaa3dfa06823913a9373a6c0cdd0fa365f028a00000000000000", @ANYRES64=r4, @ANYBLOB="0000cf040000008000000000b702000000000000850000008600002020207b1af8ff00400000bf4a00000000000007010000f8ffffffb702000008000000b70300000180ffff85000000060000002394000020ff72250000000000205b0586b3e121c3249fe69c2a893b61b4072ccc1420207b1af8ff00000000bfa1000096b7c2ec637874d817b4f476b9f8d3c484a864fca60b4beffeeb4e41d7754e16f7df32d6203770676fbea428bab6c84c0644bcee2880f587cac779f5146996d7"], &(0x7f0000000440)='syzkaller\x00', 0xb65, 0x5d, &(0x7f0000000680)=""/93, 0x1f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000008c0)={0x3, 0x5, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f00)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x13, 0xb, &(0x7f0000001500)=ANY=[], &(0x7f0000001140)='syzkaller\x00', 0xb9f, 0x91, &(0x7f0000000b00)=""/145, 0x41100, 0x0, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x8, 0xfffffffc}, 0x8, 0x10, &(0x7f0000000c00)={0x0, 0x20000b, 0x0, 0x100000}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000640)=[r6, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000d80)=[{0x0, 0x4, 0x4, 0x6}, {0x2, 0x3, 0xf, 0x2}, {0x3, 0x84, 0x0, 0x4}, {0x2, 0x4, 0x10, 0x9}, {0x0, 0x5, 0x9, 0x2}], 0x10, 0x1}, 0x90) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={0x0, 0xffff0003, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1, &(0x7f00000002c0)=ANY=[@ANYRES16=r5, @ANYRES32=r7], &(0x7f0000000400)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x4000000, 0x5}, 0x8, 0x10, &(0x7f0000000980)={0x1, 0x81, 0x100, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c80)=[r8, r6, r8, 0xffffffffffffffff], 0x0, 0x10, 0x278dfb41}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, [@exit]}, &(0x7f0000000a40)='syzkaller\x00', 0x1ff, 0x1000, &(0x7f0000001ac0)=""/4096, 0x40f00, 0x24, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f0000000c40)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0x9, 0x8, 0x689d}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000e80)=[0xffffffffffffffff], &(0x7f0000000ec0)=[{0x3, 0x5, 0xd, 0x1}, {0x0, 0x1, 0xc, 0x5}], 0x10, 0x6}, 0x90) bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r6}, 0x8) bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r6}, 0x8) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x100, 0x0, r8, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x3}, 0x48) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000740)={@map=r9, 0x31, 0x0, 0x7f, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) r10 = openat$cgroup_int(r6, &(0x7f00000000c0)='memory.swap.high\x00', 0x2, 0x0) write$cgroup_int(r10, &(0x7f00000001c0)=0xfffffffffffffffc, 0x12) 22:49:00 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xa0010000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1478.541892][T30422] FAULT_INJECTION: forcing a failure. [ 1478.541892][T30422] name failslab, interval 1, probability 0, space 0, times 0 [ 1478.555675][T30422] CPU: 0 PID: 30422 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1478.565837][T30422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1478.575721][T30422] Call Trace: [ 1478.578846][T30422] [ 1478.581622][T30422] dump_stack_lvl+0x151/0x1b7 [ 1478.586135][T30422] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1478.591602][T30422] dump_stack+0x15/0x17 [ 1478.595592][T30422] should_fail+0x3c6/0x510 [ 1478.599845][T30422] __should_failslab+0xa4/0xe0 [ 1478.604447][T30422] ? anon_vma_clone+0x9a/0x500 [ 1478.609048][T30422] should_failslab+0x9/0x20 [ 1478.613385][T30422] slab_pre_alloc_hook+0x37/0xd0 [ 1478.618160][T30422] ? anon_vma_clone+0x9a/0x500 [ 1478.622757][T30422] kmem_cache_alloc+0x44/0x200 [ 1478.627359][T30422] anon_vma_clone+0x9a/0x500 [ 1478.631787][T30422] anon_vma_fork+0x91/0x4e0 [ 1478.636125][T30422] ? anon_vma_name+0x4c/0x70 [ 1478.640551][T30422] ? vm_area_dup+0x17a/0x230 [ 1478.644977][T30422] copy_mm+0xa3a/0x13e0 [ 1478.648972][T30422] ? copy_signal+0x610/0x610 [ 1478.653396][T30422] ? __init_rwsem+0xd6/0x1c0 [ 1478.657823][T30422] ? copy_signal+0x4e3/0x610 [ 1478.662249][T30422] copy_process+0x1149/0x3290 [ 1478.666762][T30422] ? proc_fail_nth_write+0x20b/0x290 [ 1478.671886][T30422] ? fsnotify_perm+0x6a/0x5d0 [ 1478.676400][T30422] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1478.681343][T30422] ? vfs_write+0x9ec/0x1110 [ 1478.685682][T30422] kernel_clone+0x21e/0x9e0 [ 1478.690031][T30422] ? file_end_write+0x1c0/0x1c0 [ 1478.694713][T30422] ? create_io_thread+0x1e0/0x1e0 [ 1478.699579][T30422] ? mutex_unlock+0xb2/0x260 [ 1478.703997][T30422] ? __mutex_lock_slowpath+0x10/0x10 [ 1478.709124][T30422] __x64_sys_clone+0x23f/0x290 [ 1478.713719][T30422] ? __do_sys_vfork+0x130/0x130 [ 1478.718404][T30422] ? ksys_write+0x260/0x2c0 [ 1478.722745][T30422] ? debug_smp_processor_id+0x17/0x20 [ 1478.727949][T30422] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1478.733850][T30422] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1478.739321][T30422] do_syscall_64+0x3d/0xb0 [ 1478.743575][T30422] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1478.749299][T30422] RIP: 0033:0x7f0304509da9 [ 1478.753555][T30422] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1478.772994][T30422] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1478.781239][T30422] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:00 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = syz_clone(0x46001080, &(0x7f00000002c0)="00ede46df1eeb9aa1664163c44a3941e7f9063d6084b338861e66e450e869b54e9e0c2ab770c27b7255975b05d7c14658103b5836a1b98449e4a055b99fe8eab825ade8ab1d8e4c0d825ef297a0b8b2db16e647387ab5af229c2c119401eabe538c2ca7e2ffca3d3748f5744b524ac93ad4048a1c82f9d60c6b85b7b6926d1f3083fe1e9830aab717ed2d661c3b3f19d7f8cd2fc7b24c6a633077358173ffcf135d0ca7e158ed44238c89641d7366a736660aa3925a394f851ab9c07595d9009b535ff71e7f3ab4a338fa181b864a487fb2b61d9b1006e7810271a529580e003434dbce7fd80", 0xe6, &(0x7f00000000c0), &(0x7f0000000540), &(0x7f00000003c0)="de01c7568daa6e6d264814d7434fd157dd0b38f56f2883459179b6c72f3e0f179ca724c79eca811f36070640256f4eefef5e65") r4 = perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x9, 0x6, 0x7, 0x2, 0x0, 0x1, 0x200, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x80, 0x1, @perf_config_ext={0x0, 0x7fff}, 0x4000, 0x3ff, 0xfffffffe, 0x7, 0x20, 0x5, 0x1, 0x0, 0x10000001, 0x0, 0x1000}, r3, 0x7, r2, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r6, &(0x7f0000000000), 0x165243) openat$cgroup_ro(r4, &(0x7f0000000140)='memory.numa_stat\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x17, 0x9, 0x0, 0x1f, 0x402, r1, 0x1, '\x00', r5, r6, 0x4, 0x3}, 0x48) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) write$cgroup_int(r8, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) openat$cgroup_int(r2, &(0x7f0000000040)='cpuset.memory_spread_slab\x00', 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='cgroup.controllers\x00', 0x26e1, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f40)={0x18, 0x19, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000df8ea20effffff00000100090000000000faffb90000ea00000000000000001818f8961a224d11000014c10574c67f2ae682ac99a02d539192513dc8eed099a581b36bd85d13050b029fc0377f56795ae942f4a6c3a32ea198dc20e7ff522a05e2a51b10ef1434fe30858494b8e185a4c35ca0712e292510f8bc68f850d77f4eacedef9d843a5be62269dfba91086367d4cb0e5265ea387a5043e3c93fc51af1449c0caf7867945f365742354a37589d6e3b0a08d0c4f3ba0617a620a5e53436bc8f7b0236f6b2086b6fe551fea781a346843342bf81756daa7d293843da14935f72c952097aa80566763a2c1f5482824dcf826ca51eeee4fa93dd02fef9a11f4eb72e65708f4c63f3b7f700e8c8ede58351d651561217ca0de0833f7606f42373c7cf1c60e9be260afbdce067ac9dbcaaaf4248214300d6ed0d736ca6a707026b2d13fdbf9ecfe0aad658f3e515e0a155382f02a8ec606e93069ed03d8885ec35eaa3dfa06823913a9373a6c0cdd0fa365f028a00000000000000", @ANYRES64=r4, @ANYBLOB="0000cf040000008000000000b702000000000000850000008600002020207b1af8ff00400000bf4a00000000000007010000f8ffffffb702000008000000b70300000180ffff85000000060000002394000020ff72250000000000205b0586b3e121c3249fe69c2a893b61b4072ccc1420207b1af8ff00000000bfa1000096b7c2ec637874d817b4f476b9f8d3c484a864fca60b4beffeeb4e41d7754e16f7df32d6203770676fbea428bab6c84c0644bcee2880f587cac779f5146996d7"], &(0x7f0000000440)='syzkaller\x00', 0xb65, 0x5d, &(0x7f0000000680)=""/93, 0x1f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000008c0)={0x3, 0x5, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f00)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x13, 0xb, &(0x7f0000001500)=ANY=[], &(0x7f0000001140)='syzkaller\x00', 0xb9f, 0x91, &(0x7f0000000b00)=""/145, 0x41100, 0x0, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x8, 0xfffffffc}, 0x8, 0x10, &(0x7f0000000c00)={0x0, 0x20000b, 0x0, 0x100000}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000640)=[r6, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000d80)=[{0x0, 0x4, 0x4, 0x6}, {0x2, 0x3, 0xf, 0x2}, {0x3, 0x84, 0x0, 0x4}, {0x2, 0x4, 0x10, 0x9}, {0x0, 0x5, 0x9, 0x2}], 0x10, 0x1}, 0x90) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={0x0, 0xffff0003, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1, &(0x7f00000002c0)=ANY=[@ANYRES16=r5, @ANYRES32=r7], &(0x7f0000000400)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x4000000, 0x5}, 0x8, 0x10, &(0x7f0000000980)={0x1, 0x81, 0x100, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c80)=[r8, r6, r8, 0xffffffffffffffff], 0x0, 0x10, 0x278dfb41}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, [@exit]}, &(0x7f0000000a40)='syzkaller\x00', 0x1ff, 0x1000, &(0x7f0000001ac0)=""/4096, 0x40f00, 0x24, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f0000000c40)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0x9, 0x8, 0x689d}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000e80)=[0xffffffffffffffff], &(0x7f0000000ec0)=[{0x3, 0x5, 0xd, 0x1}, {0x0, 0x1, 0xc, 0x5}], 0x10, 0x6}, 0x90) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r6}, 0x8) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r6}, 0x8) (async) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x100, 0x0, r8, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x3}, 0x48) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000740)={@map=r9, 0x31, 0x0, 0x7f, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) (async) r10 = openat$cgroup_int(r6, &(0x7f00000000c0)='memory.swap.high\x00', 0x2, 0x0) write$cgroup_int(r10, &(0x7f00000001c0)=0xfffffffffffffffc, 0x12) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) openat$cgroup_int(r2, &(0x7f0000000040)='cpuset.memory_spread_slab\x00', 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='cgroup.controllers\x00', 0x26e1, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f40)={0x18, 0x19, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000df8ea20effffff00000100090000000000faffb90000ea00000000000000001818f8961a224d11000014c10574c67f2ae682ac99a02d539192513dc8eed099a581b36bd85d13050b029fc0377f56795ae942f4a6c3a32ea198dc20e7ff522a05e2a51b10ef1434fe30858494b8e185a4c35ca0712e292510f8bc68f850d77f4eacedef9d843a5be62269dfba91086367d4cb0e5265ea387a5043e3c93fc51af1449c0caf7867945f365742354a37589d6e3b0a08d0c4f3ba0617a620a5e53436bc8f7b0236f6b2086b6fe551fea781a346843342bf81756daa7d293843da14935f72c952097aa80566763a2c1f5482824dcf826ca51eeee4fa93dd02fef9a11f4eb72e65708f4c63f3b7f700e8c8ede58351d651561217ca0de0833f7606f42373c7cf1c60e9be260afbdce067ac9dbcaaaf4248214300d6ed0d736ca6a707026b2d13fdbf9ecfe0aad658f3e515e0a155382f02a8ec606e93069ed03d8885ec35eaa3dfa06823913a9373a6c0cdd0fa365f028a00000000000000", @ANYRES64=r4, @ANYBLOB="0000cf040000008000000000b702000000000000850000008600002020207b1af8ff00400000bf4a00000000000007010000f8ffffffb702000008000000b70300000180ffff85000000060000002394000020ff72250000000000205b0586b3e121c3249fe69c2a893b61b4072ccc1420207b1af8ff00000000bfa1000096b7c2ec637874d817b4f476b9f8d3c484a864fca60b4beffeeb4e41d7754e16f7df32d6203770676fbea428bab6c84c0644bcee2880f587cac779f5146996d7"], &(0x7f0000000440)='syzkaller\x00', 0xb65, 0x5d, &(0x7f0000000680)=""/93, 0x1f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000008c0)={0x3, 0x5, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f00)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x13, 0xb, &(0x7f0000001500)=ANY=[], &(0x7f0000001140)='syzkaller\x00', 0xb9f, 0x91, &(0x7f0000000b00)=""/145, 0x41100, 0x0, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x8, 0xfffffffc}, 0x8, 0x10, &(0x7f0000000c00)={0x0, 0x20000b, 0x0, 0x100000}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000640)=[r6, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000d80)=[{0x0, 0x4, 0x4, 0x6}, {0x2, 0x3, 0xf, 0x2}, {0x3, 0x84, 0x0, 0x4}, {0x2, 0x4, 0x10, 0x9}, {0x0, 0x5, 0x9, 0x2}], 0x10, 0x1}, 0x90) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={0x0, 0xffff0003, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1, &(0x7f00000002c0)=ANY=[@ANYRES16=r5, @ANYRES32=r7], &(0x7f0000000400)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x4000000, 0x5}, 0x8, 0x10, &(0x7f0000000980)={0x1, 0x81, 0x100, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c80)=[r8, r6, r8, 0xffffffffffffffff], 0x0, 0x10, 0x278dfb41}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, [@exit]}, &(0x7f0000000a40)='syzkaller\x00', 0x1ff, 0x1000, &(0x7f0000001ac0)=""/4096, 0x40f00, 0x24, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f0000000c40)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0x9, 0x8, 0x689d}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000e80)=[0xffffffffffffffff], &(0x7f0000000ec0)=[{0x3, 0x5, 0xd, 0x1}, {0x0, 0x1, 0xc, 0x5}], 0x10, 0x6}, 0x90) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r6}, 0x8) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r6}, 0x8) (async) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x100, 0x0, r8, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x3}, 0x48) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000740)={@map=r9, 0x31, 0x0, 0x7f, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) (async) r10 = openat$cgroup_int(r6, &(0x7f00000000c0)='memory.swap.high\x00', 0x2, 0x0) write$cgroup_int(r10, &(0x7f00000001c0)=0xfffffffffffffffc, 0x12) [ 1478.789051][T30422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1478.796862][T30422] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1478.804677][T30422] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1478.812484][T30422] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1478.820301][T30422] 22:49:00 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xa0024ccc, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x9, 0x104, 0x1ff, 0x3, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000200), 0x83d, r3}, 0x38) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1b, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000faffffff000000005a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r0, @ANYBLOB="000000000000dbd40bf7848b510000b703000000000002850000000c000000b700000000000000d691e0ff04009d8de4df34736336993f6283bd9088f4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018340000080000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3ff, 0xb3, &(0x7f00000003c0)=""/179, 0x41100, 0x20, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000004c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x4, 0x6, 0xff4e}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000005c0)=[r6], &(0x7f0000000600)=[{0x5, 0x5, 0x6, 0x1}, {0x4, 0x4, 0x10, 0xc}, {0x4, 0x5, 0xa, 0xe0f76dfe8e4ff5b0}, {0x1, 0x1, 0xd, 0xb}, {0x5, 0x3, 0x4, 0x6}, {0x0, 0x2, 0x0, 0xa}, {0x0, 0x4, 0x5, 0xa}, {0x1, 0x5, 0xd, 0x6}, {0x2, 0x4, 0x7, 0x2}], 0x10, 0x5fb}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r1, 0x2, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0x29, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x3, 0x2, 0x2, 0x9, 0x1, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @exit, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x0, 0x7, 0x0, 0x4, 0x30, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x49, '\x00', 0x0, 0x17, r1, 0x8, &(0x7f0000000ac0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x3, 0x9, 0x2, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b40)=[r3], &(0x7f0000000b80)=[{0x1, 0x4, 0x0, 0x1}, {0x2, 0x3, 0xa, 0x3}, {0x5, 0x5, 0xb, 0x3}, {0x5, 0x2, 0x6, 0xb}, {0x4, 0x5, 0x6, 0x6}, {0x4, 0x2, 0x4, 0xa}], 0x10, 0x9}, 0x90) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) openat$cgroup_ro(r2, &(0x7f0000000780)='blkio.bfq.empty_time\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x79000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1478.960168][T30459] FAULT_INJECTION: forcing a failure. [ 1478.960168][T30459] name failslab, interval 1, probability 0, space 0, times 0 [ 1478.972881][T30459] CPU: 1 PID: 30459 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1478.983023][T30459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1478.992919][T30459] Call Trace: [ 1478.996039][T30459] [ 1478.998829][T30459] dump_stack_lvl+0x151/0x1b7 [ 1479.003330][T30459] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1479.008800][T30459] dump_stack+0x15/0x17 [ 1479.012789][T30459] should_fail+0x3c6/0x510 [ 1479.017043][T30459] __should_failslab+0xa4/0xe0 [ 1479.021643][T30459] ? anon_vma_fork+0xf7/0x4e0 [ 1479.026160][T30459] should_failslab+0x9/0x20 [ 1479.030503][T30459] slab_pre_alloc_hook+0x37/0xd0 [ 1479.035274][T30459] ? anon_vma_fork+0xf7/0x4e0 [ 1479.039790][T30459] kmem_cache_alloc+0x44/0x200 [ 1479.044388][T30459] anon_vma_fork+0xf7/0x4e0 [ 1479.048723][T30459] ? anon_vma_name+0x4c/0x70 [ 1479.053146][T30459] ? vm_area_dup+0x17a/0x230 [ 1479.057583][T30459] copy_mm+0xa3a/0x13e0 [ 1479.061573][T30459] ? copy_signal+0x610/0x610 [ 1479.065996][T30459] ? __init_rwsem+0xd6/0x1c0 [ 1479.070421][T30459] ? copy_signal+0x4e3/0x610 [ 1479.074846][T30459] copy_process+0x1149/0x3290 [ 1479.079361][T30459] ? proc_fail_nth_write+0x20b/0x290 [ 1479.084479][T30459] ? fsnotify_perm+0x6a/0x5d0 [ 1479.089001][T30459] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1479.093941][T30459] ? vfs_write+0x9ec/0x1110 [ 1479.098288][T30459] kernel_clone+0x21e/0x9e0 [ 1479.102620][T30459] ? file_end_write+0x1c0/0x1c0 [ 1479.107309][T30459] ? create_io_thread+0x1e0/0x1e0 [ 1479.112173][T30459] ? mutex_unlock+0xb2/0x260 [ 1479.116604][T30459] ? __mutex_lock_slowpath+0x10/0x10 [ 1479.121724][T30459] __x64_sys_clone+0x23f/0x290 [ 1479.126315][T30459] ? __do_sys_vfork+0x130/0x130 [ 1479.131003][T30459] ? ksys_write+0x260/0x2c0 [ 1479.135342][T30459] ? debug_smp_processor_id+0x17/0x20 [ 1479.140550][T30459] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1479.146452][T30459] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1479.151918][T30459] do_syscall_64+0x3d/0xb0 [ 1479.156171][T30459] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1479.161899][T30459] RIP: 0033:0x7f0304509da9 [ 1479.166154][T30459] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1479.185590][T30459] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1479.193837][T30459] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1479.201648][T30459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xa2070000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b601100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1479.209459][T30459] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1479.217270][T30459] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1479.225082][T30459] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1479.232897][T30459] 22:49:00 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 22:49:00 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xcc4c02a0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:00 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x9, 0x104, 0x1ff, 0x3, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000200), 0x83d, r3}, 0x38) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1b, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000faffffff000000005a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r0, @ANYBLOB="000000000000dbd40bf7848b510000b703000000000002850000000c000000b700000000000000d691e0ff04009d8de4df34736336993f6283bd9088f4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018340000080000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3ff, 0xb3, &(0x7f00000003c0)=""/179, 0x41100, 0x20, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000004c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x4, 0x6, 0xff4e}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000005c0)=[r6], &(0x7f0000000600)=[{0x5, 0x5, 0x6, 0x1}, {0x4, 0x4, 0x10, 0xc}, {0x4, 0x5, 0xa, 0xe0f76dfe8e4ff5b0}, {0x1, 0x1, 0xd, 0xb}, {0x5, 0x3, 0x4, 0x6}, {0x0, 0x2, 0x0, 0xa}, {0x0, 0x4, 0x5, 0xa}, {0x1, 0x5, 0xd, 0x6}, {0x2, 0x4, 0x7, 0x2}], 0x10, 0x5fb}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r1, 0x2, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0x29, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x3, 0x2, 0x2, 0x9, 0x1, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @exit, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x0, 0x7, 0x0, 0x4, 0x30, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x49, '\x00', 0x0, 0x17, r1, 0x8, &(0x7f0000000ac0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x3, 0x9, 0x2, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b40)=[r3], &(0x7f0000000b80)=[{0x1, 0x4, 0x0, 0x1}, {0x2, 0x3, 0xa, 0x3}, {0x5, 0x5, 0xb, 0x3}, {0x5, 0x2, 0x6, 0xb}, {0x4, 0x5, 0x6, 0x6}, {0x4, 0x2, 0x4, 0xa}], 0x10, 0x9}, 0x90) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) openat$cgroup_ro(r2, &(0x7f0000000780)='blkio.bfq.empty_time\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (async) openat$cgroup_ro(r1, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) (async) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x9, 0x104, 0x1ff, 0x3, 0x0, 0x1}, 0x48) (async) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000200), 0x83d, r3}, 0x38) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f0000000080)}, 0x10) (async) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x48) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1b, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000faffffff000000005a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r0, @ANYBLOB="000000000000dbd40bf7848b510000b703000000000002850000000c000000b700000000000000d691e0ff04009d8de4df34736336993f6283bd9088f4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018340000080000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3ff, 0xb3, &(0x7f00000003c0)=""/179, 0x41100, 0x20, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000004c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x4, 0x6, 0xff4e}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000005c0)=[r6], &(0x7f0000000600)=[{0x5, 0x5, 0x6, 0x1}, {0x4, 0x4, 0x10, 0xc}, {0x4, 0x5, 0xa, 0xe0f76dfe8e4ff5b0}, {0x1, 0x1, 0xd, 0xb}, {0x5, 0x3, 0x4, 0x6}, {0x0, 0x2, 0x0, 0xa}, {0x0, 0x4, 0x5, 0xa}, {0x1, 0x5, 0xd, 0x6}, {0x2, 0x4, 0x7, 0x2}], 0x10, 0x5fb}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r1, 0x2, 0x0, 0x3}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0x29, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x3, 0x2, 0x2, 0x9, 0x1, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @exit, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x0, 0x7, 0x0, 0x4, 0x30, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x49, '\x00', 0x0, 0x17, r1, 0x8, &(0x7f0000000ac0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x3, 0x9, 0x2, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b40)=[r3], &(0x7f0000000b80)=[{0x1, 0x4, 0x0, 0x1}, {0x2, 0x3, 0xa, 0x3}, {0x5, 0x5, 0xb, 0x3}, {0x5, 0x2, 0x6, 0xb}, {0x4, 0x5, 0x6, 0x6}, {0x4, 0x2, 0x4, 0xa}], 0x10, 0x9}, 0x90) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) (async) openat$cgroup_ro(r2, &(0x7f0000000780)='blkio.bfq.empty_time\x00', 0x0, 0x0) (async) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:00 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 64) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32) r3 = syz_clone(0x46001080, &(0x7f00000002c0)="00ede46df1eeb9aa1664163c44a3941e7f9063d6084b338861e66e450e869b54e9e0c2ab770c27b7255975b05d7c14658103b5836a1b98449e4a055b99fe8eab825ade8ab1d8e4c0d825ef297a0b8b2db16e647387ab5af229c2c119401eabe538c2ca7e2ffca3d3748f5744b524ac93ad4048a1c82f9d60c6b85b7b6926d1f3083fe1e9830aab717ed2d661c3b3f19d7f8cd2fc7b24c6a633077358173ffcf135d0ca7e158ed44238c89641d7366a736660aa3925a394f851ab9c07595d9009b535ff71e7f3ab4a338fa181b864a487fb2b61d9b1006e7810271a529580e003434dbce7fd80", 0xe6, &(0x7f00000000c0), &(0x7f0000000540), &(0x7f00000003c0)="de01c7568daa6e6d264814d7434fd157dd0b38f56f2883459179b6c72f3e0f179ca724c79eca811f36070640256f4eefef5e65") (rerun: 32) r4 = perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x9, 0x6, 0x7, 0x2, 0x0, 0x1, 0x200, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x80, 0x1, @perf_config_ext={0x0, 0x7fff}, 0x4000, 0x3ff, 0xfffffffe, 0x7, 0x20, 0x5, 0x1, 0x0, 0x10000001, 0x0, 0x1000}, r3, 0x7, r2, 0x8) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r6, &(0x7f0000000000), 0x165243) (async) openat$cgroup_ro(r4, &(0x7f0000000140)='memory.numa_stat\x00', 0x0, 0x0) (async, rerun: 64) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x17, 0x9, 0x0, 0x1f, 0x402, r1, 0x1, '\x00', r5, r6, 0x4, 0x3}, 0x48) (async, rerun: 64) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) write$cgroup_int(r8, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1479.386044][T30478] FAULT_INJECTION: forcing a failure. [ 1479.386044][T30478] name failslab, interval 1, probability 0, space 0, times 0 [ 1479.414100][T30478] CPU: 1 PID: 30478 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1479.424264][T30478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1479.434159][T30478] Call Trace: [ 1479.437280][T30478] [ 1479.440055][T30478] dump_stack_lvl+0x151/0x1b7 [ 1479.444571][T30478] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1479.450124][T30478] dump_stack+0x15/0x17 [ 1479.454114][T30478] should_fail+0x3c6/0x510 [ 1479.458369][T30478] __should_failslab+0xa4/0xe0 [ 1479.462967][T30478] should_failslab+0x9/0x20 [ 1479.467307][T30478] slab_pre_alloc_hook+0x37/0xd0 [ 1479.472083][T30478] kmem_cache_alloc_trace+0x48/0x210 [ 1479.477203][T30478] ? alloc_fdtable+0xaf/0x2a0 [ 1479.481727][T30478] alloc_fdtable+0xaf/0x2a0 [ 1479.486057][T30478] dup_fd+0x759/0xb00 [ 1479.489874][T30478] ? avc_has_perm+0x16f/0x260 [ 1479.494391][T30478] copy_files+0xe6/0x200 [ 1479.498465][T30478] ? perf_event_attrs+0x30/0x30 [ 1479.503153][T30478] ? dup_task_struct+0xc60/0xc60 [ 1479.507926][T30478] ? security_task_alloc+0xf9/0x130 [ 1479.512960][T30478] copy_process+0x1080/0x3290 [ 1479.517482][T30478] ? proc_fail_nth_write+0x20b/0x290 [ 1479.522593][T30478] ? fsnotify_perm+0x6a/0x5d0 [ 1479.527108][T30478] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1479.532056][T30478] ? vfs_write+0x9ec/0x1110 [ 1479.536396][T30478] kernel_clone+0x21e/0x9e0 [ 1479.540736][T30478] ? file_end_write+0x1c0/0x1c0 [ 1479.545420][T30478] ? create_io_thread+0x1e0/0x1e0 [ 1479.550280][T30478] ? mutex_unlock+0xb2/0x260 [ 1479.554713][T30478] ? __mutex_lock_slowpath+0x10/0x10 [ 1479.559829][T30478] __x64_sys_clone+0x23f/0x290 [ 1479.564429][T30478] ? __do_sys_vfork+0x130/0x130 [ 1479.569114][T30478] ? ksys_write+0x260/0x2c0 [ 1479.573462][T30478] ? debug_smp_processor_id+0x17/0x20 [ 1479.578660][T30478] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1479.584567][T30478] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1479.590033][T30478] do_syscall_64+0x3d/0xb0 [ 1479.594283][T30478] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1479.600013][T30478] RIP: 0033:0x7f0304509da9 [ 1479.604279][T30478] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1479.623708][T30478] RSP: 002b:00007f030326a078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:01 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xffffffff, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 22:49:01 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 64) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (rerun: 64) r2 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cgroup.kill\x00', 0x0, 0x0) (async, rerun: 64) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) (async, rerun: 64) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x9, 0x104, 0x1ff, 0x3, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000200), 0x83d, r3}, 0x38) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1b, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000faffffff000000005a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r0, @ANYBLOB="000000000000dbd40bf7848b510000b703000000000002850000000c000000b700000000000000d691e0ff04009d8de4df34736336993f6283bd9088f4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018340000080000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3ff, 0xb3, &(0x7f00000003c0)=""/179, 0x41100, 0x20, '\x00', r4, 0x0, r5, 0x8, &(0x7f00000004c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x4, 0x6, 0xff4e}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000005c0)=[r6], &(0x7f0000000600)=[{0x5, 0x5, 0x6, 0x1}, {0x4, 0x4, 0x10, 0xc}, {0x4, 0x5, 0xa, 0xe0f76dfe8e4ff5b0}, {0x1, 0x1, 0xd, 0xb}, {0x5, 0x3, 0x4, 0x6}, {0x0, 0x2, 0x0, 0xa}, {0x0, 0x4, 0x5, 0xa}, {0x1, 0x5, 0xd, 0x6}, {0x2, 0x4, 0x7, 0x2}], 0x10, 0x5fb}, 0x90) (async) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r1, 0x2, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0x29, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x3, 0x2, 0x2, 0x9, 0x1, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @exit, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x0, 0x7, 0x0, 0x4, 0x30, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x49, '\x00', 0x0, 0x17, r1, 0x8, &(0x7f0000000ac0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x3, 0x9, 0x2, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b40)=[r3], &(0x7f0000000b80)=[{0x1, 0x4, 0x0, 0x1}, {0x2, 0x3, 0xa, 0x3}, {0x5, 0x5, 0xb, 0x3}, {0x5, 0x2, 0x6, 0xb}, {0x4, 0x5, 0x6, 0x6}, {0x4, 0x2, 0x4, 0xa}], 0x10, 0x9}, 0x90) (async, rerun: 32) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) (rerun: 32) openat$cgroup_ro(r2, &(0x7f0000000780)='blkio.bfq.empty_time\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) [ 1479.631952][T30478] RAX: ffffffffffffffda RBX: 00007f0304638050 RCX: 00007f0304509da9 [ 1479.639762][T30478] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1479.647574][T30478] RBP: 00007f030326a120 R08: 0000000000000000 R09: 0000000000000000 [ 1479.655386][T30478] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1479.663196][T30478] R13: 000000000000006e R14: 00007f0304638050 R15: 00007fff4710d1d8 [ 1479.671013][T30478] [ 1479.707015][T30501] FAULT_INJECTION: forcing a failure. [ 1479.707015][T30501] name failslab, interval 1, probability 0, space 0, times 0 [ 1479.719541][T30501] CPU: 1 PID: 30501 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1479.729586][T30501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1479.739478][T30501] Call Trace: [ 1479.742603][T30501] [ 1479.745384][T30501] dump_stack_lvl+0x151/0x1b7 [ 1479.749893][T30501] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1479.755359][T30501] ? __kasan_kmalloc+0x9/0x10 [ 1479.759872][T30501] ? alloc_fdtable+0xaf/0x2a0 [ 1479.764384][T30501] ? dup_fd+0x759/0xb00 [ 1479.768378][T30501] ? copy_files+0xe6/0x200 [ 1479.772632][T30501] ? kernel_clone+0x21e/0x9e0 [ 1479.777156][T30501] ? __x64_sys_clone+0x23f/0x290 [ 1479.781922][T30501] ? do_syscall_64+0x3d/0xb0 [ 1479.786343][T30501] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1479.792248][T30501] dump_stack+0x15/0x17 [ 1479.796240][T30501] should_fail+0x3c6/0x510 [ 1479.800493][T30501] __should_failslab+0xa4/0xe0 [ 1479.805098][T30501] should_failslab+0x9/0x20 [ 1479.809433][T30501] slab_pre_alloc_hook+0x37/0xd0 [ 1479.814207][T30501] __kmalloc+0x6d/0x270 [ 1479.818196][T30501] ? kvmalloc_node+0x1f0/0x4d0 [ 1479.822800][T30501] kvmalloc_node+0x1f0/0x4d0 [ 1479.827226][T30501] ? vm_mmap+0xb0/0xb0 [ 1479.831130][T30501] ? __kasan_kmalloc+0x9/0x10 [ 1479.835644][T30501] ? kmem_cache_alloc_trace+0x115/0x210 [ 1479.841023][T30501] ? alloc_fdtable+0xaf/0x2a0 [ 1479.845537][T30501] alloc_fdtable+0xeb/0x2a0 [ 1479.849877][T30501] dup_fd+0x759/0xb00 [ 1479.853781][T30501] ? avc_has_perm+0x16f/0x260 [ 1479.858301][T30501] copy_files+0xe6/0x200 [ 1479.862373][T30501] ? perf_event_attrs+0x30/0x30 [ 1479.867074][T30501] ? dup_task_struct+0xc60/0xc60 [ 1479.871834][T30501] ? security_task_alloc+0xf9/0x130 [ 1479.876868][T30501] copy_process+0x1080/0x3290 [ 1479.881384][T30501] ? proc_fail_nth_write+0x20b/0x290 [ 1479.886504][T30501] ? fsnotify_perm+0x6a/0x5d0 [ 1479.891017][T30501] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1479.895964][T30501] ? vfs_write+0x9ec/0x1110 [ 1479.900305][T30501] kernel_clone+0x21e/0x9e0 [ 1479.904644][T30501] ? file_end_write+0x1c0/0x1c0 [ 1479.909333][T30501] ? create_io_thread+0x1e0/0x1e0 [ 1479.914189][T30501] ? mutex_unlock+0xb2/0x260 [ 1479.918619][T30501] ? __mutex_lock_slowpath+0x10/0x10 [ 1479.923746][T30501] __x64_sys_clone+0x23f/0x290 [ 1479.928366][T30501] ? __do_sys_vfork+0x130/0x130 [ 1479.933023][T30501] ? ksys_write+0x260/0x2c0 [ 1479.937364][T30501] ? debug_smp_processor_id+0x17/0x20 [ 1479.942569][T30501] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1479.948472][T30501] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1479.953949][T30501] do_syscall_64+0x3d/0xb0 [ 1479.958194][T30501] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1479.963920][T30501] RIP: 0033:0x7f0304509da9 [ 1479.968186][T30501] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1479.987614][T30501] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1479.995859][T30501] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:01 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad7d95b4223ddbefa0000095a0c45d7c337afae477b1e1234032fdadd70bb4ec216d1352d8c93ced9a7092ea125ed246c7e2a0af5b05d5d828671b6afc50a86df811e01767e8519dd66751cd9069f79729e6f986102485677620ad3c5782aeb8fbc8496b28c452b47241c7366cd3806a79bccbc9a9b10214f9e03a33d54f5a8710d370857b0747755614c6c10f3a0749c477f5aec4415dd77103f7be16712038bf5047ca6901e6c904a8d9451ca8a6845cdb1636e1fcf50e547a89c71749"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000000)=0x1a) r3 = getpid() syz_open_procfs$namespace(r3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x1f, 0x1, 0x8e, 0x0, 0x0, 0x80, 0x84, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x6, 0xa82}, 0x10301, 0x0, 0x2, 0x3, 0x5, 0xf202, 0x0, 0x0, 0x2, 0x0, 0x4}, r3, 0xffffffffffffffff, r1, 0x1) 22:49:01 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 22:49:01 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad7d95b4223ddbefa0000095a0c45d7c337afae477b1e1234032fdadd70bb4ec216d1352d8c93ced9a7092ea125ed246c7e2a0af5b05d5d828671b6afc50a86df811e01767e8519dd66751cd9069f79729e6f986102485677620ad3c5782aeb8fbc8496b28c452b47241c7366cd3806a79bccbc9a9b10214f9e03a33d54f5a8710d370857b0747755614c6c10f3a0749c477f5aec4415dd77103f7be16712038bf5047ca6901e6c904a8d9451ca8a6845cdb1636e1fcf50e547a89c71749"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000000)=0x1a) r3 = getpid() syz_open_procfs$namespace(r3, 0x0) (async) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x1f, 0x1, 0x8e, 0x0, 0x0, 0x80, 0x84, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x6, 0xa82}, 0x10301, 0x0, 0x2, 0x3, 0x5, 0xf202, 0x0, 0x0, 0x2, 0x0, 0x4}, r3, 0xffffffffffffffff, r1, 0x1) [ 1480.003683][T30501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1480.011482][T30501] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1480.019293][T30501] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1480.027105][T30501] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1480.034925][T30501] 22:49:01 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad7d95b4223ddbefa0000095a0c45d7c337afae477b1e1234032fdadd70bb4ec216d1352d8c93ced9a7092ea125ed246c7e2a0af5b05d5d828671b6afc50a86df811e01767e8519dd66751cd9069f79729e6f986102485677620ad3c5782aeb8fbc8496b28c452b47241c7366cd3806a79bccbc9a9b10214f9e03a33d54f5a8710d370857b0747755614c6c10f3a0749c477f5aec4415dd77103f7be16712038bf5047ca6901e6c904a8d9451ca8a6845cdb1636e1fcf50e547a89c71749"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000000)=0x1a) r3 = getpid() syz_open_procfs$namespace(r3, 0x0) (async) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x1f, 0x1, 0x8e, 0x0, 0x0, 0x80, 0x84, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x6, 0xa82}, 0x10301, 0x0, 0x2, 0x3, 0x5, 0xf202, 0x0, 0x0, 0x2, 0x0, 0x4}, r3, 0xffffffffffffffff, r1, 0x1) 22:49:01 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1480.111058][T30523] FAULT_INJECTION: forcing a failure. [ 1480.111058][T30523] name failslab, interval 1, probability 0, space 0, times 0 [ 1480.142763][T30523] CPU: 1 PID: 30523 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1480.153108][T30523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1480.162992][T30523] Call Trace: [ 1480.166122][T30523] [ 1480.168893][T30523] dump_stack_lvl+0x151/0x1b7 [ 1480.173500][T30523] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1480.178961][T30523] dump_stack+0x15/0x17 [ 1480.182952][T30523] should_fail+0x3c6/0x510 [ 1480.187204][T30523] __should_failslab+0xa4/0xe0 [ 1480.191806][T30523] should_failslab+0x9/0x20 [ 1480.196144][T30523] slab_pre_alloc_hook+0x37/0xd0 [ 1480.200920][T30523] __kmalloc+0x6d/0x270 [ 1480.204925][T30523] ? kvmalloc_node+0x1f0/0x4d0 [ 1480.209514][T30523] kvmalloc_node+0x1f0/0x4d0 [ 1480.213957][T30523] ? vm_mmap+0xb0/0xb0 [ 1480.217849][T30523] ? __kasan_kmalloc+0x9/0x10 [ 1480.222366][T30523] ? kmem_cache_alloc_trace+0x115/0x210 [ 1480.227740][T30523] ? alloc_fdtable+0xaf/0x2a0 [ 1480.232254][T30523] alloc_fdtable+0x163/0x2a0 [ 1480.236678][T30523] dup_fd+0x759/0xb00 [ 1480.240495][T30523] ? avc_has_perm+0x16f/0x260 [ 1480.245014][T30523] copy_files+0xe6/0x200 [ 1480.249088][T30523] ? perf_event_attrs+0x30/0x30 [ 1480.253774][T30523] ? dup_task_struct+0xc60/0xc60 [ 1480.258547][T30523] ? security_task_alloc+0xf9/0x130 [ 1480.263581][T30523] copy_process+0x1080/0x3290 [ 1480.268097][T30523] ? proc_fail_nth_write+0x20b/0x290 [ 1480.273224][T30523] ? fsnotify_perm+0x6a/0x5d0 [ 1480.277730][T30523] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1480.282683][T30523] ? vfs_write+0x9ec/0x1110 [ 1480.287016][T30523] kernel_clone+0x21e/0x9e0 [ 1480.291357][T30523] ? file_end_write+0x1c0/0x1c0 [ 1480.296042][T30523] ? create_io_thread+0x1e0/0x1e0 [ 1480.300901][T30523] ? mutex_unlock+0xb2/0x260 [ 1480.305503][T30523] ? __mutex_lock_slowpath+0x10/0x10 [ 1480.310625][T30523] __x64_sys_clone+0x23f/0x290 [ 1480.315228][T30523] ? __do_sys_vfork+0x130/0x130 [ 1480.319909][T30523] ? ksys_write+0x260/0x2c0 [ 1480.324251][T30523] ? debug_smp_processor_id+0x17/0x20 [ 1480.329456][T30523] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1480.335357][T30523] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1480.340828][T30523] do_syscall_64+0x3d/0xb0 [ 1480.345079][T30523] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1480.350806][T30523] RIP: 0033:0x7f0304509da9 [ 1480.355062][T30523] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1480.374503][T30523] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1480.382747][T30523] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1480.390556][T30523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1480.398372][T30523] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:01 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = syz_clone(0x46001080, &(0x7f00000002c0)="00ede46df1eeb9aa1664163c44a3941e7f9063d6084b338861e66e450e869b54e9e0c2ab770c27b7255975b05d7c14658103b5836a1b98449e4a055b99fe8eab825ade8ab1d8e4c0d825ef297a0b8b2db16e647387ab5af229c2c119401eabe538c2ca7e2ffca3d3748f5744b524ac93ad4048a1c82f9d60c6b85b7b6926d1f3083fe1e9830aab717ed2d661c3b3f19d7f8cd2fc7b24c6a633077358173ffcf135d0ca7e158ed44238c89641d7366a736660aa3925a394f851ab9c07595d9009b535ff71e7f3ab4a338fa181b864a487fb2b61d9b1006e7810271a529580e003434dbce7fd80", 0xe6, &(0x7f00000000c0), &(0x7f0000000540), &(0x7f00000003c0)="de01c7568daa6e6d264814d7434fd157dd0b38f56f2883459179b6c72f3e0f179ca724c79eca811f36070640256f4eefef5e65") r4 = perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x9, 0x6, 0x7, 0x2, 0x0, 0x1, 0x200, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x80, 0x1, @perf_config_ext={0x0, 0x7fff}, 0x4000, 0x3ff, 0xfffffffe, 0x7, 0x20, 0x5, 0x1, 0x0, 0x10000001, 0x0, 0x1000}, r3, 0x7, r2, 0x8) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r1, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async, rerun: 64) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (rerun: 64) write$cgroup_type(r6, &(0x7f0000000000), 0x165243) (async) openat$cgroup_ro(r4, &(0x7f0000000140)='memory.numa_stat\x00', 0x0, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x17, 0x9, 0x0, 0x1f, 0x402, r1, 0x1, '\x00', r5, r6, 0x4, 0x3}, 0x48) (async, rerun: 64) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (rerun: 64) r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8) write$cgroup_int(r8, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:01 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000080)=0x8001) r3 = syz_clone(0x4900000, &(0x7f0000000340)="df9bc65a727882c634132d866b4c3be0440e36be0453550c21cd3ba54264fa9a9c60b034ff6669229b9ab06c0fe237b9fe1452680e17ab4cf8652bcecddfd9d93383b0e904e837b714ce7402d44e032ff0e0dfe0248233e6f1ae46ca8feacd509c7921dea7c28ef48cd26273dd1917b30172566d84505f4893b892d1c4958a734d0fe8c2f48256db59d0bb558d7c7e7eaa", 0x91, &(0x7f0000000140), &(0x7f0000000400), &(0x7f0000000440)="653f9e3f397ec858fb3b800922963212c492b62c5b1667d0a96aee6815516be95111ce0308155c09257aceaa91fa81794b28401d5673d65c9a99363ed6c2d8338d480cf28537fb4832a27ed5b9928fa3b37acc60ddf3af9bcad036ede0764cdc89a1309615b31521fe54f550c4365f47b42fa1e38f56cc4e387e87a1edb503f2b195939f71fa5a1bb520849d13f570e3ef36f78cc9aef262461929ba886593b93d633ad5b19f021318e211b4ad1d8c75f19311528d455dba92af999c7ae6807fb8ba733f56d79061d8b0aa8fa5c5ae447525271aa38500cd388fef4f1451cb78dff1ed4c41126a486624dc4bc9b5") perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0xf9, 0x40, 0x6, 0xb2, 0x0, 0x81, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7f, 0x5, @perf_bp={&(0x7f00000000c0)}, 0x1, 0x80000000, 0x3, 0x3, 0x2, 0x2, 0x5, 0x0, 0x7fff, 0x0, 0x4}, r3, 0x10, 0xffffffffffffffff, 0x1) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x0, 0x0) 22:49:01 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9cffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:01 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) [ 1480.406268][T30523] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1480.414081][T30523] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1480.421895][T30523] 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:02 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1480.490090][T30544] FAULT_INJECTION: forcing a failure. [ 1480.490090][T30544] name failslab, interval 1, probability 0, space 0, times 0 [ 1480.552096][T30544] CPU: 0 PID: 30544 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1480.562256][T30544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1480.572149][T30544] Call Trace: [ 1480.575273][T30544] [ 1480.578053][T30544] dump_stack_lvl+0x151/0x1b7 [ 1480.582565][T30544] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1480.588032][T30544] ? __kasan_check_write+0x14/0x20 [ 1480.592980][T30544] ? _raw_spin_lock+0xa4/0x1b0 [ 1480.597579][T30544] ? _raw_spin_trylock_bh+0x190/0x190 [ 1480.602785][T30544] dump_stack+0x15/0x17 [ 1480.606780][T30544] should_fail+0x3c6/0x510 [ 1480.611031][T30544] __should_failslab+0xa4/0xe0 [ 1480.615633][T30544] ? copy_fs_struct+0x4e/0x230 [ 1480.620234][T30544] should_failslab+0x9/0x20 [ 1480.624659][T30544] slab_pre_alloc_hook+0x37/0xd0 [ 1480.629430][T30544] ? copy_fs_struct+0x4e/0x230 [ 1480.634031][T30544] kmem_cache_alloc+0x44/0x200 [ 1480.638631][T30544] copy_fs_struct+0x4e/0x230 [ 1480.643059][T30544] copy_fs+0x71/0x140 [ 1480.646876][T30544] copy_process+0x10ab/0x3290 [ 1480.651395][T30544] ? proc_fail_nth_write+0x20b/0x290 [ 1480.656510][T30544] ? fsnotify_perm+0x6a/0x5d0 [ 1480.661030][T30544] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1480.665975][T30544] ? vfs_write+0x9ec/0x1110 [ 1480.670311][T30544] kernel_clone+0x21e/0x9e0 [ 1480.674650][T30544] ? file_end_write+0x1c0/0x1c0 [ 1480.679336][T30544] ? create_io_thread+0x1e0/0x1e0 [ 1480.684197][T30544] ? mutex_unlock+0xb2/0x260 [ 1480.688623][T30544] ? __mutex_lock_slowpath+0x10/0x10 [ 1480.693744][T30544] __x64_sys_clone+0x23f/0x290 [ 1480.698346][T30544] ? __do_sys_vfork+0x130/0x130 [ 1480.703033][T30544] ? ksys_write+0x260/0x2c0 [ 1480.707373][T30544] ? debug_smp_processor_id+0x17/0x20 [ 1480.712577][T30544] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1480.718485][T30544] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1480.724040][T30544] do_syscall_64+0x3d/0xb0 [ 1480.728287][T30544] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1480.734015][T30544] RIP: 0033:0x7f0304509da9 [ 1480.738271][T30544] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1480.757883][T30544] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1480.766129][T30544] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1480.773940][T30544] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1480.781751][T30544] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1480.789563][T30544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 22:49:02 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) [ 1480.797377][T30544] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1480.805191][T30544] 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1480.846419][T30558] FAULT_INJECTION: forcing a failure. [ 1480.846419][T30558] name failslab, interval 1, probability 0, space 0, times 0 [ 1480.861748][T30558] CPU: 1 PID: 30558 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1480.871909][T30558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1480.881805][T30558] Call Trace: [ 1480.884927][T30558] [ 1480.887706][T30558] dump_stack_lvl+0x151/0x1b7 [ 1480.892220][T30558] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1480.897691][T30558] dump_stack+0x15/0x17 [ 1480.901682][T30558] should_fail+0x3c6/0x510 [ 1480.905932][T30558] __should_failslab+0xa4/0xe0 [ 1480.910535][T30558] ? vm_area_dup+0x26/0x230 [ 1480.914870][T30558] should_failslab+0x9/0x20 [ 1480.919211][T30558] slab_pre_alloc_hook+0x37/0xd0 [ 1480.923986][T30558] ? vm_area_dup+0x26/0x230 [ 1480.928322][T30558] kmem_cache_alloc+0x44/0x200 [ 1480.932923][T30558] vm_area_dup+0x26/0x230 [ 1480.937091][T30558] copy_mm+0x9a1/0x13e0 [ 1480.941096][T30558] ? copy_signal+0x610/0x610 [ 1480.945507][T30558] ? __init_rwsem+0xd6/0x1c0 [ 1480.949934][T30558] ? copy_signal+0x4e3/0x610 [ 1480.954363][T30558] copy_process+0x1149/0x3290 [ 1480.958875][T30558] ? proc_fail_nth_write+0x20b/0x290 [ 1480.963995][T30558] ? fsnotify_perm+0x6a/0x5d0 [ 1480.968507][T30558] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1480.973453][T30558] ? vfs_write+0x9ec/0x1110 [ 1480.977794][T30558] kernel_clone+0x21e/0x9e0 [ 1480.982223][T30558] ? file_end_write+0x1c0/0x1c0 [ 1480.986908][T30558] ? create_io_thread+0x1e0/0x1e0 [ 1480.991770][T30558] ? mutex_unlock+0xb2/0x260 22:49:02 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000080)=0x8001) (async) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000080)=0x8001) r3 = syz_clone(0x4900000, &(0x7f0000000340)="df9bc65a727882c634132d866b4c3be0440e36be0453550c21cd3ba54264fa9a9c60b034ff6669229b9ab06c0fe237b9fe1452680e17ab4cf8652bcecddfd9d93383b0e904e837b714ce7402d44e032ff0e0dfe0248233e6f1ae46ca8feacd509c7921dea7c28ef48cd26273dd1917b30172566d84505f4893b892d1c4958a734d0fe8c2f48256db59d0bb558d7c7e7eaa", 0x91, &(0x7f0000000140), &(0x7f0000000400), &(0x7f0000000440)="653f9e3f397ec858fb3b800922963212c492b62c5b1667d0a96aee6815516be95111ce0308155c09257aceaa91fa81794b28401d5673d65c9a99363ed6c2d8338d480cf28537fb4832a27ed5b9928fa3b37acc60ddf3af9bcad036ede0764cdc89a1309615b31521fe54f550c4365f47b42fa1e38f56cc4e387e87a1edb503f2b195939f71fa5a1bb520849d13f570e3ef36f78cc9aef262461929ba886593b93d633ad5b19f021318e211b4ad1d8c75f19311528d455dba92af999c7ae6807fb8ba733f56d79061d8b0aa8fa5c5ae447525271aa38500cd388fef4f1451cb78dff1ed4c41126a486624dc4bc9b5") perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0xf9, 0x40, 0x6, 0xb2, 0x0, 0x81, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7f, 0x5, @perf_bp={&(0x7f00000000c0)}, 0x1, 0x80000000, 0x3, 0x3, 0x2, 0x2, 0x5, 0x0, 0x7fff, 0x0, 0x4}, r3, 0x10, 0xffffffffffffffff, 0x1) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x0, 0x0) (async) openat$cgroup_ro(r2, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x0, 0x0) 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1480.996197][T30558] ? __mutex_lock_slowpath+0x10/0x10 [ 1481.001315][T30558] __x64_sys_clone+0x23f/0x290 [ 1481.005915][T30558] ? __do_sys_vfork+0x130/0x130 [ 1481.010600][T30558] ? ksys_write+0x260/0x2c0 [ 1481.014942][T30558] ? debug_smp_processor_id+0x17/0x20 [ 1481.020150][T30558] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1481.026052][T30558] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1481.031520][T30558] do_syscall_64+0x3d/0xb0 [ 1481.035770][T30558] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1481.041497][T30558] RIP: 0033:0x7f0304509da9 [ 1481.045752][T30558] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1481.065196][T30558] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1481.073440][T30558] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1481.081248][T30558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1481.089056][T30558] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1481.096865][T30558] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1481.104685][T30558] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1481.112499][T30558] 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:02 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 22:49:02 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000800008000002875000000435ae3ded17efe"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000140)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x1d, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x0, 0x8, &(0x7f0000000200)=[{}, {}], 0x10, 0x0, 0x0, 0x0, 0x0, 0x12, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x2, &(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0xc2e00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, r4}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000002ec0)={0x11, 0x0, 0x0, &(0x7f0000001480)='GPL\x00', 0xfffffffa, 0xcb, &(0x7f0000002cc0)=""/203, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002e40)={0x2, 0x0, 0x3f}, 0x10, r4, r3}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x3, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x2f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x3ff, 0x2f, &(0x7f00000000c0)=""/47, 0x41000, 0x62, '\x00', r2, 0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xf, 0xc9}, 0x10, r4, r0, 0x2, &(0x7f0000000600)=[r1, r1], &(0x7f0000000640)=[{0x3, 0x4, 0x2, 0x7}, {0x2, 0x1, 0x2, 0xa}], 0x10, 0xff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1481.293044][T30573] FAULT_INJECTION: forcing a failure. [ 1481.293044][T30573] name failslab, interval 1, probability 0, space 0, times 0 [ 1481.328758][T30573] CPU: 1 PID: 30573 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 22:49:02 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1481.338932][T30573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1481.348825][T30573] Call Trace: [ 1481.351949][T30573] [ 1481.354727][T30573] dump_stack_lvl+0x151/0x1b7 [ 1481.359243][T30573] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1481.364712][T30573] dump_stack+0x15/0x17 [ 1481.368789][T30573] should_fail+0x3c6/0x510 [ 1481.373043][T30573] __should_failslab+0xa4/0xe0 [ 1481.377644][T30573] ? copy_signal+0x55/0x610 [ 1481.382004][T30573] should_failslab+0x9/0x20 [ 1481.386319][T30573] slab_pre_alloc_hook+0x37/0xd0 [ 1481.391114][T30573] ? copy_signal+0x55/0x610 [ 1481.395434][T30573] kmem_cache_alloc+0x44/0x200 [ 1481.400033][T30573] copy_signal+0x55/0x610 [ 1481.404199][T30573] copy_process+0x1101/0x3290 [ 1481.408715][T30573] ? proc_fail_nth_write+0x20b/0x290 [ 1481.413833][T30573] ? fsnotify_perm+0x6a/0x5d0 [ 1481.418345][T30573] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1481.423293][T30573] ? vfs_write+0x9ec/0x1110 [ 1481.427633][T30573] kernel_clone+0x21e/0x9e0 [ 1481.431969][T30573] ? file_end_write+0x1c0/0x1c0 [ 1481.436660][T30573] ? create_io_thread+0x1e0/0x1e0 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000080)=0x8001) (async) r3 = syz_clone(0x4900000, &(0x7f0000000340)="df9bc65a727882c634132d866b4c3be0440e36be0453550c21cd3ba54264fa9a9c60b034ff6669229b9ab06c0fe237b9fe1452680e17ab4cf8652bcecddfd9d93383b0e904e837b714ce7402d44e032ff0e0dfe0248233e6f1ae46ca8feacd509c7921dea7c28ef48cd26273dd1917b30172566d84505f4893b892d1c4958a734d0fe8c2f48256db59d0bb558d7c7e7eaa", 0x91, &(0x7f0000000140), &(0x7f0000000400), &(0x7f0000000440)="653f9e3f397ec858fb3b800922963212c492b62c5b1667d0a96aee6815516be95111ce0308155c09257aceaa91fa81794b28401d5673d65c9a99363ed6c2d8338d480cf28537fb4832a27ed5b9928fa3b37acc60ddf3af9bcad036ede0764cdc89a1309615b31521fe54f550c4365f47b42fa1e38f56cc4e387e87a1edb503f2b195939f71fa5a1bb520849d13f570e3ef36f78cc9aef262461929ba886593b93d633ad5b19f021318e211b4ad1d8c75f19311528d455dba92af999c7ae6807fb8ba733f56d79061d8b0aa8fa5c5ae447525271aa38500cd388fef4f1451cb78dff1ed4c41126a486624dc4bc9b5") perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0xf9, 0x40, 0x6, 0xb2, 0x0, 0x81, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7f, 0x5, @perf_bp={&(0x7f00000000c0)}, 0x1, 0x80000000, 0x3, 0x3, 0x2, 0x2, 0x5, 0x0, 0x7fff, 0x0, 0x4}, r3, 0x10, 0xffffffffffffffff, 0x1) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x0, 0x0) [ 1481.441519][T30573] ? mutex_unlock+0xb2/0x260 [ 1481.445942][T30573] ? __mutex_lock_slowpath+0x10/0x10 [ 1481.451065][T30573] __x64_sys_clone+0x23f/0x290 [ 1481.455663][T30573] ? __do_sys_vfork+0x130/0x130 [ 1481.460350][T30573] ? ksys_write+0x260/0x2c0 [ 1481.464692][T30573] ? debug_smp_processor_id+0x17/0x20 [ 1481.469899][T30573] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1481.475799][T30573] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1481.481268][T30573] do_syscall_64+0x3d/0xb0 [ 1481.485525][T30573] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1481.491248][T30573] RIP: 0033:0x7f0304509da9 [ 1481.495501][T30573] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1481.514942][T30573] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1481.523185][T30573] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1481.530994][T30573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000800008000002875000000435ae3ded17efe"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000140)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x1d, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) (async, rerun: 64) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x0, 0x8, &(0x7f0000000200)=[{}, {}], 0x10, 0x0, 0x0, 0x0, 0x0, 0x12, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x2, &(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0xc2e00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, r4}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000002ec0)={0x11, 0x0, 0x0, &(0x7f0000001480)='GPL\x00', 0xfffffffa, 0xcb, &(0x7f0000002cc0)=""/203, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002e40)={0x2, 0x0, 0x3f}, 0x10, r4, r3}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x3, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x2f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x3ff, 0x2f, &(0x7f00000000c0)=""/47, 0x41000, 0x62, '\x00', r2, 0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xf, 0xc9}, 0x10, r4, r0, 0x2, &(0x7f0000000600)=[r1, r1], &(0x7f0000000640)=[{0x3, 0x4, 0x2, 0x7}, {0x2, 0x1, 0x2, 0xa}], 0x10, 0xff}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1481.538804][T30573] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1481.546614][T30573] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1481.554427][T30573] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1481.562244][T30573] 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000800008000002875000000435ae3ded17efe"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000140)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x1d, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x0, 0x8, &(0x7f0000000200)=[{}, {}], 0x10, 0x0, 0x0, 0x0, 0x0, 0x12, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x0, 0x8, &(0x7f0000000200)=[{}, {}], 0x10, 0x0, 0x0, 0x0, 0x0, 0x12, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x2, &(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0xc2e00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, r4}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000002ec0)={0x11, 0x0, 0x0, &(0x7f0000001480)='GPL\x00', 0xfffffffa, 0xcb, &(0x7f0000002cc0)=""/203, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002e40)={0x2, 0x0, 0x3f}, 0x10, r4, r3}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000002ec0)={0x11, 0x0, 0x0, &(0x7f0000001480)='GPL\x00', 0xfffffffa, 0xcb, &(0x7f0000002cc0)=""/203, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002e40)={0x2, 0x0, 0x3f}, 0x10, r4, r3}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x3, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x2f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x3ff, 0x2f, &(0x7f00000000c0)=""/47, 0x41000, 0x62, '\x00', r2, 0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xf, 0xc9}, 0x10, r4, r0, 0x2, &(0x7f0000000600)=[r1, r1], &(0x7f0000000640)=[{0x3, 0x4, 0x2, 0x7}, {0x2, 0x1, 0x2, 0xa}], 0x10, 0xff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="2e8300e02e596957297b18550000000f0000000c"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x60780, 0x4c, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="2e8300e02e596957297b18550000000f0000000c"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x60780, 0x4c, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1c41a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="2e8300e02e596957297b18550000000f0000000c"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x60780, 0x4c, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2340000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5030000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0x12) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff2f0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1481.938595][T30630] FAULT_INJECTION: forcing a failure. [ 1481.938595][T30630] name failslab, interval 1, probability 0, space 0, times 0 [ 1481.976607][T30630] CPU: 0 PID: 30630 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1481.986951][T30630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1481.996849][T30630] Call Trace: [ 1481.999972][T30630] [ 1482.002748][T30630] dump_stack_lvl+0x151/0x1b7 [ 1482.007263][T30630] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1482.012728][T30630] dump_stack+0x15/0x17 [ 1482.016720][T30630] should_fail+0x3c6/0x510 [ 1482.020974][T30630] __should_failslab+0xa4/0xe0 [ 1482.025658][T30630] ? copy_signal+0x55/0x610 [ 1482.030003][T30630] should_failslab+0x9/0x20 [ 1482.034350][T30630] slab_pre_alloc_hook+0x37/0xd0 [ 1482.039115][T30630] ? copy_signal+0x55/0x610 [ 1482.045882][T30630] kmem_cache_alloc+0x44/0x200 [ 1482.050483][T30630] copy_signal+0x55/0x610 [ 1482.054649][T30630] copy_process+0x1101/0x3290 [ 1482.059162][T30630] ? proc_fail_nth_write+0x20b/0x290 [ 1482.064288][T30630] ? fsnotify_perm+0x6a/0x5d0 [ 1482.068796][T30630] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1482.073746][T30630] ? vfs_write+0x9ec/0x1110 [ 1482.078091][T30630] kernel_clone+0x21e/0x9e0 [ 1482.082421][T30630] ? file_end_write+0x1c0/0x1c0 [ 1482.087108][T30630] ? create_io_thread+0x1e0/0x1e0 [ 1482.091966][T30630] ? mutex_unlock+0xb2/0x260 [ 1482.096397][T30630] ? __mutex_lock_slowpath+0x10/0x10 [ 1482.101515][T30630] __x64_sys_clone+0x23f/0x290 [ 1482.106116][T30630] ? __do_sys_vfork+0x130/0x130 [ 1482.110801][T30630] ? ksys_write+0x260/0x2c0 [ 1482.115148][T30630] ? debug_smp_processor_id+0x17/0x20 [ 1482.120347][T30630] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1482.126253][T30630] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1482.131722][T30630] do_syscall_64+0x3d/0xb0 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1482.135974][T30630] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1482.141703][T30630] RIP: 0033:0x7f0304509da9 [ 1482.145960][T30630] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1482.165396][T30630] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1482.173640][T30630] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1482.181451][T30630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000530000f900faff00009400000f00000095000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000530000f900faff00009400000f00000095000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) [ 1482.189271][T30630] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1482.197094][T30630] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1482.204888][T30630] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1482.212708][T30630] 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0xffffffff, 0x9, 0x663c, 0x0, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x6}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x401}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x53, &(0x7f00000002c0)=""/83, 0x41000, 0x3d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0xd, 0xff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000400)=[r1, r3, r1, r1, r1, r1, r2, r1], &(0x7f0000000440)=[{0x2, 0x3, 0x10, 0x3}, {0x0, 0x2, 0x4, 0x3}, {0x2, 0x1, 0xd, 0x7}], 0x10, 0x9}, 0x90) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000530000f900faff00009400000f00000095000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='svcrdma_qp_error\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='svcrdma_qp_error\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='svcrdma_qp_error\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:03 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 22:49:04 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='svcrdma_qp_error\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:04 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0xffffffff, 0x9, 0x663c, 0x0, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x6}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x401}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x53, &(0x7f00000002c0)=""/83, 0x41000, 0x3d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0xd, 0xff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000400)=[r1, r3, r1, r1, r1, r1, r2, r1], &(0x7f0000000440)=[{0x2, 0x3, 0x10, 0x3}, {0x0, 0x2, 0x4, 0x3}, {0x2, 0x1, 0xd, 0x7}], 0x10, 0x9}, 0x90) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r4, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:04 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000008000530000f6fff9ff0000940000000fad413e55000000c150917a95df9016b0d0b97cbe7c6a5a08181655984b81039ca1107c7f11c39c94ab74d8424e1660e2f32fdd15f00afb29d69ec5a9283683899e7773a1fd26f4456d3ea13faf1d007d70feb66f9154b7e39ad7f616e6b20dbce802e0eaa4079993bc2b4d9a0585ba53ab48a862216e8191e00a90bf1e5a001122ddbf7164564d670bf5def640263db50271410bbf99478b4bc98604e185fc9c0c9be1b0886c09b214abf5d323a9ec5a9338b6b7bf528831e99cf7a288"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040)) perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x7f, 0xf7, 0x5, 0x7f, 0x0, 0x0, 0x31807, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xcd3, 0x1, @perf_bp={&(0x7f0000000ac0), 0xf}, 0x8000, 0x4, 0x0, 0x2, 0x6, 0xff, 0xfffd, 0x0, 0xffffff23, 0x0, 0x9}, 0x0, 0x5, r4, 0x1) perf_event_open$cgroup(0x0, r3, 0x9, r4, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='xprtrdma_post_linv_err\x00', r4}, 0x10) [ 1482.637070][T30686] FAULT_INJECTION: forcing a failure. [ 1482.637070][T30686] name failslab, interval 1, probability 0, space 0, times 0 [ 1482.672970][T30686] CPU: 1 PID: 30686 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1482.683312][T30686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1482.693202][T30686] Call Trace: [ 1482.696328][T30686] [ 1482.699108][T30686] dump_stack_lvl+0x151/0x1b7 [ 1482.703616][T30686] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1482.709088][T30686] dump_stack+0x15/0x17 [ 1482.713078][T30686] should_fail+0x3c6/0x510 [ 1482.717332][T30686] __should_failslab+0xa4/0xe0 [ 1482.721943][T30686] ? anon_vma_clone+0x9a/0x500 [ 1482.726533][T30686] should_failslab+0x9/0x20 [ 1482.730870][T30686] slab_pre_alloc_hook+0x37/0xd0 [ 1482.735643][T30686] ? anon_vma_clone+0x9a/0x500 [ 1482.740244][T30686] kmem_cache_alloc+0x44/0x200 [ 1482.744845][T30686] anon_vma_clone+0x9a/0x500 [ 1482.749271][T30686] anon_vma_fork+0x91/0x4e0 [ 1482.753620][T30686] ? anon_vma_name+0x4c/0x70 [ 1482.758317][T30686] ? vm_area_dup+0x17a/0x230 [ 1482.762724][T30686] copy_mm+0xa3a/0x13e0 [ 1482.766722][T30686] ? copy_signal+0x610/0x610 [ 1482.771144][T30686] ? __init_rwsem+0xd6/0x1c0 [ 1482.775570][T30686] ? copy_signal+0x4e3/0x610 [ 1482.779996][T30686] copy_process+0x1149/0x3290 [ 1482.784510][T30686] ? proc_fail_nth_write+0x20b/0x290 [ 1482.789629][T30686] ? fsnotify_perm+0x6a/0x5d0 [ 1482.794144][T30686] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1482.799091][T30686] ? vfs_write+0x9ec/0x1110 [ 1482.803428][T30686] kernel_clone+0x21e/0x9e0 [ 1482.807767][T30686] ? file_end_write+0x1c0/0x1c0 [ 1482.812455][T30686] ? create_io_thread+0x1e0/0x1e0 [ 1482.817314][T30686] ? mutex_unlock+0xb2/0x260 [ 1482.821742][T30686] ? __mutex_lock_slowpath+0x10/0x10 [ 1482.826863][T30686] __x64_sys_clone+0x23f/0x290 [ 1482.831462][T30686] ? __do_sys_vfork+0x130/0x130 [ 1482.836150][T30686] ? ksys_write+0x260/0x2c0 [ 1482.840489][T30686] ? debug_smp_processor_id+0x17/0x20 [ 1482.845695][T30686] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1482.851602][T30686] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1482.857067][T30686] do_syscall_64+0x3d/0xb0 [ 1482.861321][T30686] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1482.867047][T30686] RIP: 0033:0x7f0304509da9 [ 1482.871303][T30686] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1482.890741][T30686] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1482.898988][T30686] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1482.906796][T30686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1482.914607][T30686] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1482.922419][T30686] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1482.930232][T30686] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 22:49:04 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0xffffffff, 0x9, 0x663c, 0x0, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x6}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x401}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x53, &(0x7f00000002c0)=""/83, 0x41000, 0x3d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0xd, 0xff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000400)=[r1, r3, r1, r1, r1, r1, r2, r1], &(0x7f0000000440)=[{0x2, 0x3, 0x10, 0x3}, {0x0, 0x2, 0x4, 0x3}, {0x2, 0x1, 0xd, 0x7}], 0x10, 0x9}, 0x90) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1482.938045][T30686] 22:49:04 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000008000530000f6fff9ff0000940000000fad413e55000000c150917a95df9016b0d0b97cbe7c6a5a08181655984b81039ca1107c7f11c39c94ab74d8424e1660e2f32fdd15f00afb29d69ec5a9283683899e7773a1fd26f4456d3ea13faf1d007d70feb66f9154b7e39ad7f616e6b20dbce802e0eaa4079993bc2b4d9a0585ba53ab48a862216e8191e00a90bf1e5a001122ddbf7164564d670bf5def640263db50271410bbf99478b4bc98604e185fc9c0c9be1b0886c09b214abf5d323a9ec5a9338b6b7bf528831e99cf7a288"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040)) perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x7f, 0xf7, 0x5, 0x7f, 0x0, 0x0, 0x31807, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xcd3, 0x1, @perf_bp={&(0x7f0000000ac0), 0xf}, 0x8000, 0x4, 0x0, 0x2, 0x6, 0xff, 0xfffd, 0x0, 0xffffff23, 0x0, 0x9}, 0x0, 0x5, r4, 0x1) (async) perf_event_open$cgroup(0x0, r3, 0x9, r4, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='xprtrdma_post_linv_err\x00', r4}, 0x10) 22:49:04 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000008000530000f6fff9ff0000940000000fad413e55000000c150917a95df9016b0d0b97cbe7c6a5a08181655984b81039ca1107c7f11c39c94ab74d8424e1660e2f32fdd15f00afb29d69ec5a9283683899e7773a1fd26f4456d3ea13faf1d007d70feb66f9154b7e39ad7f616e6b20dbce802e0eaa4079993bc2b4d9a0585ba53ab48a862216e8191e00a90bf1e5a001122ddbf7164564d670bf5def640263db50271410bbf99478b4bc98604e185fc9c0c9be1b0886c09b214abf5d323a9ec5a9338b6b7bf528831e99cf7a288"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz1\x00', 0x200002, 0x0) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040)) (async) perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x7f, 0xf7, 0x5, 0x7f, 0x0, 0x0, 0x31807, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xcd3, 0x1, @perf_bp={&(0x7f0000000ac0), 0xf}, 0x8000, 0x4, 0x0, 0x2, 0x6, 0xff, 0xfffd, 0x0, 0xffffff23, 0x0, 0x9}, 0x0, 0x5, r4, 0x1) perf_event_open$cgroup(0x0, r3, 0x9, r4, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='xprtrdma_post_linv_err\x00', r4}, 0x10) 22:49:04 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 22:49:04 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:04 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = gettid() perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x3f, 0x1, 0x6, 0x0, 0x0, 0x6, 0x8, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x4, @perf_config_ext={0x401, 0x66}, 0x10, 0x8001, 0x100, 0x1, 0x5, 0x1, 0x8c, 0x0, 0x0, 0x0, 0xed05}, r2, 0x10, r1, 0x3) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) [ 1483.124413][T30715] FAULT_INJECTION: forcing a failure. [ 1483.124413][T30715] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1483.167373][T30715] CPU: 0 PID: 30715 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1483.177543][T30715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1483.187436][T30715] Call Trace: [ 1483.190563][T30715] [ 1483.193338][T30715] dump_stack_lvl+0x151/0x1b7 [ 1483.197853][T30715] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1483.203317][T30715] ? stack_trace_save+0x113/0x1c0 [ 1483.208179][T30715] ? stack_trace_snprint+0xf0/0xf0 22:49:04 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0}, 0x90) [ 1483.213124][T30715] ? stack_trace_snprint+0xf0/0xf0 [ 1483.218073][T30715] dump_stack+0x15/0x17 [ 1483.222067][T30715] should_fail+0x3c6/0x510 [ 1483.226320][T30715] should_fail_alloc_page+0x5a/0x80 [ 1483.231353][T30715] prepare_alloc_pages+0x15c/0x700 [ 1483.236302][T30715] ? __alloc_pages_bulk+0xe40/0xe40 [ 1483.241335][T30715] ? __kasan_check_write+0x14/0x20 [ 1483.246280][T30715] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 1483.252012][T30715] __alloc_pages+0x18c/0x8f0 [ 1483.256437][T30715] ? prep_new_page+0x110/0x110 [ 1483.261036][T30715] ? pcpu_alloc+0xda0/0x13e0 [ 1483.265463][T30715] __get_free_pages+0x10/0x30 [ 1483.269972][T30715] pgd_alloc+0x21/0x2c0 [ 1483.273968][T30715] mm_init+0x5c7/0x970 [ 1483.277878][T30715] copy_mm+0x1e3/0x13e0 [ 1483.281869][T30715] ? _raw_spin_lock+0xa4/0x1b0 [ 1483.286464][T30715] ? copy_signal+0x610/0x610 [ 1483.290890][T30715] ? __kasan_check_write+0x14/0x20 [ 1483.295839][T30715] ? __init_rwsem+0xd6/0x1c0 [ 1483.300263][T30715] ? copy_signal+0x4e3/0x610 [ 1483.304690][T30715] copy_process+0x1149/0x3290 [ 1483.309209][T30715] ? proc_fail_nth_write+0x20b/0x290 [ 1483.314323][T30715] ? fsnotify_perm+0x6a/0x5d0 [ 1483.318840][T30715] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1483.323784][T30715] ? vfs_write+0x9ec/0x1110 [ 1483.328127][T30715] kernel_clone+0x21e/0x9e0 [ 1483.332467][T30715] ? file_end_write+0x1c0/0x1c0 [ 1483.337152][T30715] ? create_io_thread+0x1e0/0x1e0 [ 1483.342012][T30715] ? mutex_unlock+0xb2/0x260 [ 1483.346442][T30715] ? __mutex_lock_slowpath+0x10/0x10 [ 1483.351645][T30715] __x64_sys_clone+0x23f/0x290 [ 1483.356245][T30715] ? __do_sys_vfork+0x130/0x130 [ 1483.360930][T30715] ? ksys_write+0x260/0x2c0 [ 1483.365271][T30715] ? debug_smp_processor_id+0x17/0x20 [ 1483.370476][T30715] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1483.376379][T30715] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1483.381845][T30715] do_syscall_64+0x3d/0xb0 [ 1483.386096][T30715] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1483.391823][T30715] RIP: 0033:0x7f0304509da9 [ 1483.396080][T30715] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 22:49:04 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef) r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x60, 0x10, &(0x7f00000002c0), &(0x7f0000000940), 0x8, 0x90, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) openat$cgroup_ro(r3, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) sendmsg$unix(r4, &(0x7f0000000840)={&(0x7f0000000700)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000140)="2c621445b26964948bc91be792ecde", 0xf}, {&(0x7f0000000ac0)="9a177c96b2e8ca3a1a2a327d27cce3b6a8dfad5d361685a80be797fa9d6d045812c8069a2bb25a461dbe658ed179096bb3cfa083fed6e946d24f03dcf1fd3db1d417e755fdf9c03ae6c7a05bfb7e649748b6c1e4d1493a497a038710d2afc3029d7d54bc14503bb5765434779ff2644ba7eb5ac92496860f024349861ede1e79eef832aab249361c4eb77b7137d8e524c2a59f526ceb2d0f8b2c359ae18500b89447b524a18adf1f18095373371ed11a0f8c0c24d9599d881d", 0xb9}, {&(0x7f0000000780)="f7cd35662865249a64df6739ce24633b2a41e2a9f8c476008e7d79cac99828797805443be1ba45145f5823598b181b19f25bbd68d572ba35525a3613851200c4d52ff0", 0x43}], 0x3, 0x0, 0x0, 0x4001}, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002240)={0x6, 0x5, &(0x7f0000002440)=ANY=[@ANYRES64=0x0], &(0x7f00000005c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x9, '\x00', r5, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x9, 0x5, 0x400}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001c40)=[r4, r3], &(0x7f0000000880)=[{0x0, 0x5, 0x3, 0xa}]}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1d, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @exit, @ldst={0x0, 0x3, 0x2, 0x2, 0x5, 0x2, 0xfffffffffffffff0}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @generic={0x7, 0xf, 0xc, 0x4, 0x8000}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0xdb, &(0x7f00000003c0)=""/219, 0x0, 0x20, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x3, 0xd, 0xfffeffff, 0x9}, 0x10, 0x0, 0x0, 0xa, 0x0, &(0x7f00000004c0)=[{0x0, 0x4, 0x8, 0x7}, {0x1, 0x3, 0xe, 0x2}, {0x5, 0x5, 0x0, 0x4}, {0x3, 0x2, 0x5, 0x9}, {0x3, 0x4, 0xe, 0x7}, {0x3, 0x5, 0x0, 0x5}, {0x1, 0x2, 0xc, 0xa}, {0x5, 0x5, 0xe, 0x2}, {0x3, 0x5, 0xe, 0xb}, {0x4, 0x1, 0xa, 0x1}], 0x10, 0x20}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:05 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90) [ 1483.415520][T30715] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1483.423762][T30715] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1483.431575][T30715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1483.439385][T30715] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1483.447204][T30715] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1483.455008][T30715] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1483.462827][T30715] 22:49:05 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r2 = gettid() perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x3f, 0x1, 0x6, 0x0, 0x0, 0x6, 0x8, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x4, @perf_config_ext={0x401, 0x66}, 0x10, 0x8001, 0x100, 0x1, 0x5, 0x1, 0x8c, 0x0, 0x0, 0x0, 0xed05}, r2, 0x10, r1, 0x3) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0}, 0x90) [ 1483.528622][T30729] FAULT_INJECTION: forcing a failure. [ 1483.528622][T30729] name failslab, interval 1, probability 0, space 0, times 0 [ 1483.563628][T30729] CPU: 1 PID: 30729 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1483.573786][T30729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1483.583678][T30729] Call Trace: [ 1483.586806][T30729] [ 1483.589579][T30729] dump_stack_lvl+0x151/0x1b7 [ 1483.594092][T30729] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1483.599562][T30729] dump_stack+0x15/0x17 [ 1483.603551][T30729] should_fail+0x3c6/0x510 [ 1483.607815][T30729] __should_failslab+0xa4/0xe0 [ 1483.612403][T30729] ? anon_vma_clone+0x9a/0x500 [ 1483.617355][T30729] should_failslab+0x9/0x20 [ 1483.621692][T30729] slab_pre_alloc_hook+0x37/0xd0 [ 1483.626468][T30729] ? anon_vma_clone+0x9a/0x500 [ 1483.631065][T30729] kmem_cache_alloc+0x44/0x200 [ 1483.635665][T30729] anon_vma_clone+0x9a/0x500 [ 1483.640095][T30729] anon_vma_fork+0x91/0x4e0 [ 1483.644432][T30729] ? anon_vma_name+0x4c/0x70 [ 1483.648859][T30729] ? vm_area_dup+0x17a/0x230 [ 1483.653286][T30729] copy_mm+0xa3a/0x13e0 [ 1483.657281][T30729] ? copy_signal+0x610/0x610 [ 1483.661703][T30729] ? __init_rwsem+0xd6/0x1c0 [ 1483.666131][T30729] ? copy_signal+0x4e3/0x610 [ 1483.670557][T30729] copy_process+0x1149/0x3290 [ 1483.675070][T30729] ? proc_fail_nth_write+0x20b/0x290 [ 1483.680190][T30729] ? fsnotify_perm+0x6a/0x5d0 [ 1483.684702][T30729] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1483.689649][T30729] ? vfs_write+0x9ec/0x1110 [ 1483.693991][T30729] kernel_clone+0x21e/0x9e0 [ 1483.698329][T30729] ? file_end_write+0x1c0/0x1c0 [ 1483.703016][T30729] ? create_io_thread+0x1e0/0x1e0 [ 1483.707885][T30729] ? mutex_unlock+0xb2/0x260 [ 1483.712305][T30729] ? __mutex_lock_slowpath+0x10/0x10 [ 1483.717425][T30729] __x64_sys_clone+0x23f/0x290 [ 1483.722022][T30729] ? __do_sys_vfork+0x130/0x130 [ 1483.726709][T30729] ? ksys_write+0x260/0x2c0 [ 1483.731051][T30729] ? debug_smp_processor_id+0x17/0x20 [ 1483.736269][T30729] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1483.742160][T30729] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1483.747630][T30729] do_syscall_64+0x3d/0xb0 [ 1483.751892][T30729] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1483.757615][T30729] RIP: 0033:0x7f0304509da9 [ 1483.761864][T30729] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1483.781391][T30729] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1483.789669][T30729] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1483.797444][T30729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1483.805255][T30729] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1483.813169][T30729] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1483.820973][T30729] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1483.828801][T30729] 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r2 = gettid() perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x3f, 0x1, 0x6, 0x0, 0x0, 0x6, 0x8, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x4, @perf_config_ext={0x401, 0x66}, 0x10, 0x8001, 0x100, 0x1, 0x5, 0x1, 0x8c, 0x0, 0x0, 0x0, 0xed05}, r2, 0x10, r1, 0x3) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0}, 0x90) [ 1484.004646][T30748] FAULT_INJECTION: forcing a failure. [ 1484.004646][T30748] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.030399][T30748] CPU: 0 PID: 30748 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1484.040570][T30748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1484.050456][T30748] Call Trace: [ 1484.053579][T30748] [ 1484.056357][T30748] dump_stack_lvl+0x151/0x1b7 [ 1484.060871][T30748] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1484.066342][T30748] dump_stack+0x15/0x17 [ 1484.070330][T30748] should_fail+0x3c6/0x510 [ 1484.074585][T30748] __should_failslab+0xa4/0xe0 [ 1484.079184][T30748] ? anon_vma_fork+0xf7/0x4e0 [ 1484.083695][T30748] should_failslab+0x9/0x20 [ 1484.088034][T30748] slab_pre_alloc_hook+0x37/0xd0 [ 1484.092810][T30748] ? anon_vma_fork+0xf7/0x4e0 [ 1484.097323][T30748] kmem_cache_alloc+0x44/0x200 [ 1484.101926][T30748] anon_vma_fork+0xf7/0x4e0 [ 1484.106263][T30748] ? anon_vma_name+0x4c/0x70 [ 1484.110697][T30748] ? vm_area_dup+0x17a/0x230 [ 1484.115116][T30748] copy_mm+0xa3a/0x13e0 [ 1484.119204][T30748] ? copy_signal+0x610/0x610 [ 1484.123624][T30748] ? __init_rwsem+0xd6/0x1c0 [ 1484.128050][T30748] ? copy_signal+0x4e3/0x610 [ 1484.132482][T30748] copy_process+0x1149/0x3290 [ 1484.136989][T30748] ? proc_fail_nth_write+0x20b/0x290 [ 1484.142106][T30748] ? fsnotify_perm+0x6a/0x5d0 [ 1484.146622][T30748] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1484.151569][T30748] ? vfs_write+0x9ec/0x1110 [ 1484.155918][T30748] kernel_clone+0x21e/0x9e0 [ 1484.160244][T30748] ? file_end_write+0x1c0/0x1c0 [ 1484.165366][T30748] ? create_io_thread+0x1e0/0x1e0 [ 1484.170225][T30748] ? mutex_unlock+0xb2/0x260 [ 1484.174654][T30748] ? __mutex_lock_slowpath+0x10/0x10 [ 1484.179775][T30748] __x64_sys_clone+0x23f/0x290 [ 1484.184374][T30748] ? __do_sys_vfork+0x130/0x130 [ 1484.189061][T30748] ? ksys_write+0x260/0x2c0 [ 1484.193401][T30748] ? debug_smp_processor_id+0x17/0x20 [ 1484.198608][T30748] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1484.204518][T30748] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1484.209978][T30748] do_syscall_64+0x3d/0xb0 [ 1484.214232][T30748] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1484.219958][T30748] RIP: 0033:0x7f0304509da9 [ 1484.224214][T30748] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1484.243653][T30748] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:05 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0}, 0x90) [ 1484.251898][T30748] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1484.259709][T30748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1484.267519][T30748] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1484.275332][T30748] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1484.283142][T30748] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1484.290957][T30748] 22:49:05 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:05 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 32) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (rerun: 32) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef) r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x60, 0x10, &(0x7f00000002c0), &(0x7f0000000940), 0x8, 0x90, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) openat$cgroup_ro(r3, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (async, rerun: 32) sendmsg$unix(r4, &(0x7f0000000840)={&(0x7f0000000700)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000140)="2c621445b26964948bc91be792ecde", 0xf}, {&(0x7f0000000ac0)="9a177c96b2e8ca3a1a2a327d27cce3b6a8dfad5d361685a80be797fa9d6d045812c8069a2bb25a461dbe658ed179096bb3cfa083fed6e946d24f03dcf1fd3db1d417e755fdf9c03ae6c7a05bfb7e649748b6c1e4d1493a497a038710d2afc3029d7d54bc14503bb5765434779ff2644ba7eb5ac92496860f024349861ede1e79eef832aab249361c4eb77b7137d8e524c2a59f526ceb2d0f8b2c359ae18500b89447b524a18adf1f18095373371ed11a0f8c0c24d9599d881d", 0xb9}, {&(0x7f0000000780)="f7cd35662865249a64df6739ce24633b2a41e2a9f8c476008e7d79cac99828797805443be1ba45145f5823598b181b19f25bbd68d572ba35525a3613851200c4d52ff0", 0x43}], 0x3, 0x0, 0x0, 0x4001}, 0x1) (async, rerun: 32) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002240)={0x6, 0x5, &(0x7f0000002440)=ANY=[@ANYRES64=0x0], &(0x7f00000005c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x9, '\x00', r5, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x9, 0x5, 0x400}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001c40)=[r4, r3], &(0x7f0000000880)=[{0x0, 0x5, 0x3, 0xa}]}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1d, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @exit, @ldst={0x0, 0x3, 0x2, 0x2, 0x5, 0x2, 0xfffffffffffffff0}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @generic={0x7, 0xf, 0xc, 0x4, 0x8000}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0xdb, &(0x7f00000003c0)=""/219, 0x0, 0x20, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x3, 0xd, 0xfffeffff, 0x9}, 0x10, 0x0, 0x0, 0xa, 0x0, &(0x7f00000004c0)=[{0x0, 0x4, 0x8, 0x7}, {0x1, 0x3, 0xe, 0x2}, {0x5, 0x5, 0x0, 0x4}, {0x3, 0x2, 0x5, 0x9}, {0x3, 0x4, 0xe, 0x7}, {0x3, 0x5, 0x0, 0x5}, {0x1, 0x2, 0xc, 0xa}, {0x5, 0x5, 0xe, 0x2}, {0x3, 0x5, 0xe, 0xb}, {0x4, 0x1, 0xa, 0x1}], 0x10, 0x20}, 0x90) (async, rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 64) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:05 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0}, 0x90) [ 1484.354718][T30761] FAULT_INJECTION: forcing a failure. [ 1484.354718][T30761] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.382602][T30761] CPU: 1 PID: 30761 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1484.392770][T30761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1484.402666][T30761] Call Trace: [ 1484.405783][T30761] [ 1484.408559][T30761] dump_stack_lvl+0x151/0x1b7 [ 1484.413070][T30761] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1484.418543][T30761] dump_stack+0x15/0x17 [ 1484.422536][T30761] should_fail+0x3c6/0x510 [ 1484.426785][T30761] __should_failslab+0xa4/0xe0 [ 1484.431386][T30761] ? anon_vma_fork+0x1df/0x4e0 [ 1484.436009][T30761] should_failslab+0x9/0x20 [ 1484.440322][T30761] slab_pre_alloc_hook+0x37/0xd0 [ 1484.445100][T30761] ? anon_vma_fork+0x1df/0x4e0 [ 1484.449697][T30761] kmem_cache_alloc+0x44/0x200 [ 1484.454304][T30761] anon_vma_fork+0x1df/0x4e0 [ 1484.458726][T30761] copy_mm+0xa3a/0x13e0 [ 1484.462719][T30761] ? copy_signal+0x610/0x610 [ 1484.467321][T30761] ? __init_rwsem+0xd6/0x1c0 [ 1484.471743][T30761] ? copy_signal+0x4e3/0x610 [ 1484.476169][T30761] copy_process+0x1149/0x3290 [ 1484.480682][T30761] ? proc_fail_nth_write+0x20b/0x290 [ 1484.485803][T30761] ? fsnotify_perm+0x6a/0x5d0 [ 1484.490317][T30761] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1484.495262][T30761] ? vfs_write+0x9ec/0x1110 [ 1484.499603][T30761] kernel_clone+0x21e/0x9e0 [ 1484.503940][T30761] ? file_end_write+0x1c0/0x1c0 [ 1484.508629][T30761] ? create_io_thread+0x1e0/0x1e0 [ 1484.513487][T30761] ? mutex_unlock+0xb2/0x260 [ 1484.517960][T30761] ? __mutex_lock_slowpath+0x10/0x10 [ 1484.523044][T30761] __x64_sys_clone+0x23f/0x290 [ 1484.527641][T30761] ? __do_sys_vfork+0x130/0x130 [ 1484.532325][T30761] ? ksys_write+0x260/0x2c0 [ 1484.536666][T30761] ? debug_smp_processor_id+0x17/0x20 [ 1484.541871][T30761] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1484.547773][T30761] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1484.553238][T30761] do_syscall_64+0x3d/0xb0 [ 1484.557493][T30761] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1484.563219][T30761] RIP: 0033:0x7f0304509da9 [ 1484.567476][T30761] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1484.587007][T30761] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1484.595246][T30761] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:06 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x51}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1484.603057][T30761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1484.610868][T30761] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1484.618685][T30761] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1484.626495][T30761] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1484.634311][T30761] [ 1484.676875][T30778] FAULT_INJECTION: forcing a failure. [ 1484.676875][T30778] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.689425][T30778] CPU: 1 PID: 30778 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1484.699570][T30778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1484.709465][T30778] Call Trace: [ 1484.712586][T30778] [ 1484.715360][T30778] dump_stack_lvl+0x151/0x1b7 [ 1484.719876][T30778] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1484.725341][T30778] dump_stack+0x15/0x17 [ 1484.729332][T30778] should_fail+0x3c6/0x510 [ 1484.733586][T30778] __should_failslab+0xa4/0xe0 [ 1484.738184][T30778] ? anon_vma_fork+0xf7/0x4e0 [ 1484.742768][T30778] should_failslab+0x9/0x20 [ 1484.747038][T30778] slab_pre_alloc_hook+0x37/0xd0 [ 1484.751812][T30778] ? anon_vma_fork+0xf7/0x4e0 [ 1484.756326][T30778] kmem_cache_alloc+0x44/0x200 [ 1484.760959][T30778] anon_vma_fork+0xf7/0x4e0 [ 1484.765314][T30778] ? anon_vma_name+0x4c/0x70 [ 1484.769690][T30778] ? vm_area_dup+0x17a/0x230 [ 1484.774118][T30778] copy_mm+0xa3a/0x13e0 [ 1484.778113][T30778] ? copy_signal+0x610/0x610 [ 1484.782536][T30778] ? __init_rwsem+0xd6/0x1c0 [ 1484.786962][T30778] ? copy_signal+0x4e3/0x610 [ 1484.791392][T30778] copy_process+0x1149/0x3290 [ 1484.795902][T30778] ? proc_fail_nth_write+0x20b/0x290 [ 1484.801023][T30778] ? fsnotify_perm+0x6a/0x5d0 [ 1484.805537][T30778] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1484.810483][T30778] ? vfs_write+0x9ec/0x1110 [ 1484.814864][T30778] kernel_clone+0x21e/0x9e0 [ 1484.819160][T30778] ? file_end_write+0x1c0/0x1c0 [ 1484.823851][T30778] ? create_io_thread+0x1e0/0x1e0 [ 1484.828710][T30778] ? mutex_unlock+0xb2/0x260 [ 1484.833309][T30778] ? __mutex_lock_slowpath+0x10/0x10 [ 1484.838444][T30778] __x64_sys_clone+0x23f/0x290 [ 1484.843039][T30778] ? __do_sys_vfork+0x130/0x130 [ 1484.847714][T30778] ? ksys_write+0x260/0x2c0 [ 1484.852059][T30778] ? debug_smp_processor_id+0x17/0x20 [ 1484.857263][T30778] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1484.863166][T30778] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1484.868635][T30778] do_syscall_64+0x3d/0xb0 [ 1484.872886][T30778] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1484.878616][T30778] RIP: 0033:0x7f0304509da9 [ 1484.882870][T30778] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1484.902306][T30778] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1484.910552][T30778] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1484.918453][T30778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:06 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x51}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}, 0x90) [ 1484.926261][T30778] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1484.934161][T30778] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1484.941971][T30778] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1484.949790][T30778] 22:49:06 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x51}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 0: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095eae248da0e54fc4d2200000000a1369a7be5ccaaac3b9017dcdd68d5f390c7c90d6047dc99c57d3185698621689079a8b97da4fbb6d6f30dbdc351566425a10d3d9debcd6ed79c2a2e0208db943ac9b02b5dad355e2e2426d6f08a951106000000000000007eb3965439e5e8dc21d13fc68588bd38cd0120be657f01069d37b45efd2b71fca6ee1f55cba542377a61724bc42c075f560836a5985e37cf8c23788c547bd85e5ba99d2c93cdf6e199e1a32d68532fa204ed077aeb64120cd253b5f4005413c9098675b4c6c993a5126c6838646e82f49a2876f7ac5e9ea69bec9c010de2d601effa573ec7c7ccaf06c7395e11769d2bfa21d7faffa428ff2a6d48e19f29c9ef58a5cd26fd420b670b7955d4d91184814713455f244c20c23ee8cd1a1fd01ccca693fd"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) 22:49:06 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 0: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095eae248da0e54fc4d2200000000a1369a7be5ccaaac3b9017dcdd68d5f390c7c90d6047dc99c57d3185698621689079a8b97da4fbb6d6f30dbdc351566425a10d3d9debcd6ed79c2a2e0208db943ac9b02b5dad355e2e2426d6f08a951106000000000000007eb3965439e5e8dc21d13fc68588bd38cd0120be657f01069d37b45efd2b71fca6ee1f55cba542377a61724bc42c075f560836a5985e37cf8c23788c547bd85e5ba99d2c93cdf6e199e1a32d68532fa204ed077aeb64120cd253b5f4005413c9098675b4c6c993a5126c6838646e82f49a2876f7ac5e9ea69bec9c010de2d601effa573ec7c7ccaf06c7395e11769d2bfa21d7faffa428ff2a6d48e19f29c9ef58a5cd26fd420b670b7955d4d91184814713455f244c20c23ee8cd1a1fd01ccca693fd"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1485.037099][T30793] FAULT_INJECTION: forcing a failure. [ 1485.037099][T30793] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.057590][T30793] CPU: 0 PID: 30793 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1485.067753][T30793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1485.077645][T30793] Call Trace: [ 1485.080767][T30793] [ 1485.083547][T30793] dump_stack_lvl+0x151/0x1b7 [ 1485.088060][T30793] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1485.093528][T30793] dump_stack+0x15/0x17 [ 1485.097519][T30793] should_fail+0x3c6/0x510 [ 1485.101774][T30793] __should_failslab+0xa4/0xe0 [ 1485.106371][T30793] ? anon_vma_fork+0x1df/0x4e0 [ 1485.110972][T30793] should_failslab+0x9/0x20 [ 1485.115310][T30793] slab_pre_alloc_hook+0x37/0xd0 [ 1485.120085][T30793] ? anon_vma_fork+0x1df/0x4e0 [ 1485.124685][T30793] kmem_cache_alloc+0x44/0x200 [ 1485.129285][T30793] anon_vma_fork+0x1df/0x4e0 [ 1485.133712][T30793] copy_mm+0xa3a/0x13e0 [ 1485.137707][T30793] ? copy_signal+0x610/0x610 [ 1485.142132][T30793] ? __init_rwsem+0xd6/0x1c0 [ 1485.146557][T30793] ? copy_signal+0x4e3/0x610 [ 1485.150990][T30793] copy_process+0x1149/0x3290 [ 1485.155498][T30793] ? proc_fail_nth_write+0x20b/0x290 [ 1485.160625][T30793] ? fsnotify_perm+0x6a/0x5d0 [ 1485.165130][T30793] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1485.170340][T30793] ? vfs_write+0x9ec/0x1110 [ 1485.174678][T30793] kernel_clone+0x21e/0x9e0 [ 1485.179017][T30793] ? file_end_write+0x1c0/0x1c0 [ 1485.183706][T30793] ? create_io_thread+0x1e0/0x1e0 [ 1485.188562][T30793] ? mutex_unlock+0xb2/0x260 [ 1485.192992][T30793] ? __mutex_lock_slowpath+0x10/0x10 [ 1485.198114][T30793] __x64_sys_clone+0x23f/0x290 [ 1485.202712][T30793] ? __do_sys_vfork+0x130/0x130 [ 1485.207398][T30793] ? ksys_write+0x260/0x2c0 [ 1485.211739][T30793] ? debug_smp_processor_id+0x17/0x20 [ 1485.216943][T30793] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1485.222845][T30793] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1485.228328][T30793] do_syscall_64+0x3d/0xb0 [ 1485.232567][T30793] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1485.238297][T30793] RIP: 0033:0x7f0304509da9 [ 1485.242549][T30793] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1485.262003][T30793] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1485.270237][T30793] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1485.278046][T30793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:06 executing program 0: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095eae248da0e54fc4d2200000000a1369a7be5ccaaac3b9017dcdd68d5f390c7c90d6047dc99c57d3185698621689079a8b97da4fbb6d6f30dbdc351566425a10d3d9debcd6ed79c2a2e0208db943ac9b02b5dad355e2e2426d6f08a951106000000000000007eb3965439e5e8dc21d13fc68588bd38cd0120be657f01069d37b45efd2b71fca6ee1f55cba542377a61724bc42c075f560836a5985e37cf8c23788c547bd85e5ba99d2c93cdf6e199e1a32d68532fa204ed077aeb64120cd253b5f4005413c9098675b4c6c993a5126c6838646e82f49a2876f7ac5e9ea69bec9c010de2d601effa573ec7c7ccaf06c7395e11769d2bfa21d7faffa428ff2a6d48e19f29c9ef58a5cd26fd420b670b7955d4d91184814713455f244c20c23ee8cd1a1fd01ccca693fd"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58}, 0x10) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095eae248da0e54fc4d2200000000a1369a7be5ccaaac3b9017dcdd68d5f390c7c90d6047dc99c57d3185698621689079a8b97da4fbb6d6f30dbdc351566425a10d3d9debcd6ed79c2a2e0208db943ac9b02b5dad355e2e2426d6f08a951106000000000000007eb3965439e5e8dc21d13fc68588bd38cd0120be657f01069d37b45efd2b71fca6ee1f55cba542377a61724bc42c075f560836a5985e37cf8c23788c547bd85e5ba99d2c93cdf6e199e1a32d68532fa204ed077aeb64120cd253b5f4005413c9098675b4c6c993a5126c6838646e82f49a2876f7ac5e9ea69bec9c010de2d601effa573ec7c7ccaf06c7395e11769d2bfa21d7faffa428ff2a6d48e19f29c9ef58a5cd26fd420b670b7955d4d91184814713455f244c20c23ee8cd1a1fd01ccca693fd"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) (async) write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x300, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x327, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1485.285855][T30793] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1485.293669][T30793] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1485.301478][T30793] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1485.309298][T30793] 22:49:06 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) (async) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef) r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x60, 0x10, &(0x7f00000002c0), &(0x7f0000000940), 0x8, 0x90, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x60, 0x10, &(0x7f00000002c0), &(0x7f0000000940), 0x8, 0x90, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) openat$cgroup_ro(r3, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) sendmsg$unix(r4, &(0x7f0000000840)={&(0x7f0000000700)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000140)="2c621445b26964948bc91be792ecde", 0xf}, {&(0x7f0000000ac0)="9a177c96b2e8ca3a1a2a327d27cce3b6a8dfad5d361685a80be797fa9d6d045812c8069a2bb25a461dbe658ed179096bb3cfa083fed6e946d24f03dcf1fd3db1d417e755fdf9c03ae6c7a05bfb7e649748b6c1e4d1493a497a038710d2afc3029d7d54bc14503bb5765434779ff2644ba7eb5ac92496860f024349861ede1e79eef832aab249361c4eb77b7137d8e524c2a59f526ceb2d0f8b2c359ae18500b89447b524a18adf1f18095373371ed11a0f8c0c24d9599d881d", 0xb9}, {&(0x7f0000000780)="f7cd35662865249a64df6739ce24633b2a41e2a9f8c476008e7d79cac99828797805443be1ba45145f5823598b181b19f25bbd68d572ba35525a3613851200c4d52ff0", 0x43}], 0x3, 0x0, 0x0, 0x4001}, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002240)={0x6, 0x5, &(0x7f0000002440)=ANY=[@ANYRES64=0x0], &(0x7f00000005c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x9, '\x00', r5, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x9, 0x5, 0x400}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001c40)=[r4, r3], &(0x7f0000000880)=[{0x0, 0x5, 0x3, 0xa}]}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1d, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @exit, @ldst={0x0, 0x3, 0x2, 0x2, 0x5, 0x2, 0xfffffffffffffff0}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @generic={0x7, 0xf, 0xc, 0x4, 0x8000}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0xdb, &(0x7f00000003c0)=""/219, 0x0, 0x20, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x3, 0xd, 0xfffeffff, 0x9}, 0x10, 0x0, 0x0, 0xa, 0x0, &(0x7f00000004c0)=[{0x0, 0x4, 0x8, 0x7}, {0x1, 0x3, 0xe, 0x2}, {0x5, 0x5, 0x0, 0x4}, {0x3, 0x2, 0x5, 0x9}, {0x3, 0x4, 0xe, 0x7}, {0x3, 0x5, 0x0, 0x5}, {0x1, 0x2, 0xc, 0xa}, {0x5, 0x5, 0xe, 0x2}, {0x3, 0x5, 0xe, 0xb}, {0x4, 0x1, 0xa, 0x1}], 0x10, 0x20}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1d, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @exit, @ldst={0x0, 0x3, 0x2, 0x2, 0x5, 0x2, 0xfffffffffffffff0}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @generic={0x7, 0xf, 0xc, 0x4, 0x8000}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0xdb, &(0x7f00000003c0)=""/219, 0x0, 0x20, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x3, 0xd, 0xfffeffff, 0x9}, 0x10, 0x0, 0x0, 0xa, 0x0, &(0x7f00000004c0)=[{0x0, 0x4, 0x8, 0x7}, {0x1, 0x3, 0xe, 0x2}, {0x5, 0x5, 0x0, 0x4}, {0x3, 0x2, 0x5, 0x9}, {0x3, 0x4, 0xe, 0x7}, {0x3, 0x5, 0x0, 0x5}, {0x1, 0x2, 0xc, 0xa}, {0x5, 0x5, 0xe, 0x2}, {0x3, 0x5, 0xe, 0xb}, {0x4, 0x1, 0xa, 0x1}], 0x10, 0x20}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:06 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f0000009534a4a5c5"], &(0x7f0000000180)='syzkaller\x00', 0x200000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:06 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x340, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0}, 0x90) 22:49:06 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f0000009534a4a5c5"], &(0x7f0000000180)='syzkaller\x00', 0x200000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) [ 1485.358902][T30815] FAULT_INJECTION: forcing a failure. [ 1485.358902][T30815] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1485.376471][T30815] CPU: 1 PID: 30815 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1485.386634][T30815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1485.396535][T30815] Call Trace: [ 1485.399654][T30815] [ 1485.402433][T30815] dump_stack_lvl+0x151/0x1b7 [ 1485.406943][T30815] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1485.412409][T30815] ? kmem_cache_alloc+0x134/0x200 [ 1485.417270][T30815] dump_stack+0x15/0x17 [ 1485.421262][T30815] should_fail+0x3c6/0x510 [ 1485.425515][T30815] should_fail_alloc_page+0x5a/0x80 [ 1485.430554][T30815] prepare_alloc_pages+0x15c/0x700 [ 1485.435497][T30815] ? __alloc_pages_bulk+0xe40/0xe40 [ 1485.440530][T30815] __alloc_pages+0x18c/0x8f0 [ 1485.444960][T30815] ? prep_new_page+0x110/0x110 [ 1485.449556][T30815] ? __alloc_pages+0x3cb/0x8f0 [ 1485.454158][T30815] ? __kasan_check_write+0x14/0x20 [ 1485.459104][T30815] ? _raw_spin_lock+0xa4/0x1b0 [ 1485.463703][T30815] __pmd_alloc+0xb1/0x550 [ 1485.467869][T30815] ? __pud_alloc+0x260/0x260 [ 1485.472293][T30815] ? __pud_alloc+0x213/0x260 [ 1485.476721][T30815] ? do_handle_mm_fault+0x2330/0x2330 [ 1485.481929][T30815] ? __stack_depot_save+0x34/0x470 [ 1485.486876][T30815] ? anon_vma_clone+0x9a/0x500 [ 1485.491480][T30815] copy_page_range+0x2b3d/0x2f90 [ 1485.496250][T30815] ? __kasan_slab_alloc+0xb1/0xe0 [ 1485.501110][T30815] ? slab_post_alloc_hook+0x53/0x2c0 [ 1485.506229][T30815] ? copy_mm+0xa3a/0x13e0 [ 1485.510396][T30815] ? copy_process+0x1149/0x3290 [ 1485.515095][T30815] ? kernel_clone+0x21e/0x9e0 [ 1485.519596][T30815] ? do_syscall_64+0x3d/0xb0 [ 1485.524021][T30815] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1485.529932][T30815] ? pfn_valid+0x1e0/0x1e0 [ 1485.534176][T30815] ? rwsem_write_trylock+0x15b/0x290 [ 1485.539298][T30815] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1485.545545][T30815] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1485.551103][T30815] ? __rb_insert_augmented+0x5de/0x610 [ 1485.556397][T30815] copy_mm+0xc7e/0x13e0 [ 1485.560390][T30815] ? copy_signal+0x610/0x610 [ 1485.564824][T30815] ? __init_rwsem+0xd6/0x1c0 [ 1485.569244][T30815] ? copy_signal+0x4e3/0x610 [ 1485.573668][T30815] copy_process+0x1149/0x3290 [ 1485.578183][T30815] ? proc_fail_nth_write+0x20b/0x290 [ 1485.583301][T30815] ? fsnotify_perm+0x6a/0x5d0 [ 1485.587816][T30815] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1485.592850][T30815] ? vfs_write+0x9ec/0x1110 [ 1485.597192][T30815] kernel_clone+0x21e/0x9e0 [ 1485.601529][T30815] ? file_end_write+0x1c0/0x1c0 [ 1485.606216][T30815] ? create_io_thread+0x1e0/0x1e0 [ 1485.611074][T30815] ? mutex_unlock+0xb2/0x260 [ 1485.615504][T30815] ? __mutex_lock_slowpath+0x10/0x10 [ 1485.620623][T30815] __x64_sys_clone+0x23f/0x290 [ 1485.625222][T30815] ? __do_sys_vfork+0x130/0x130 [ 1485.629908][T30815] ? ksys_write+0x260/0x2c0 [ 1485.634249][T30815] ? debug_smp_processor_id+0x17/0x20 [ 1485.639456][T30815] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1485.645360][T30815] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1485.650827][T30815] do_syscall_64+0x3d/0xb0 [ 1485.655078][T30815] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1485.660806][T30815] RIP: 0033:0x7f0304509da9 [ 1485.665059][T30815] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1485.684503][T30815] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1485.692745][T30815] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1485.700558][T30815] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x500, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x600, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f0000009534a4a5c5"], &(0x7f0000000180)='syzkaller\x00', 0x200000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:07 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 22:49:07 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0}, 0x90) [ 1485.708391][T30815] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1485.716186][T30815] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1485.723991][T30815] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1485.731807][T30815] [ 1485.768763][T30839] FAULT_INJECTION: forcing a failure. [ 1485.768763][T30839] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.781307][T30839] CPU: 0 PID: 30839 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1485.791448][T30839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1485.801342][T30839] Call Trace: [ 1485.804464][T30839] [ 1485.807241][T30839] dump_stack_lvl+0x151/0x1b7 [ 1485.811754][T30839] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1485.817224][T30839] dump_stack+0x15/0x17 [ 1485.821213][T30839] should_fail+0x3c6/0x510 [ 1485.825476][T30839] __should_failslab+0xa4/0xe0 [ 1485.830066][T30839] ? vm_area_dup+0x26/0x230 [ 1485.834407][T30839] should_failslab+0x9/0x20 [ 1485.838748][T30839] slab_pre_alloc_hook+0x37/0xd0 [ 1485.843534][T30839] ? vm_area_dup+0x26/0x230 [ 1485.847859][T30839] kmem_cache_alloc+0x44/0x200 [ 1485.852458][T30839] vm_area_dup+0x26/0x230 [ 1485.856628][T30839] copy_mm+0x9a1/0x13e0 [ 1485.860621][T30839] ? copy_signal+0x610/0x610 [ 1485.865045][T30839] ? __init_rwsem+0xd6/0x1c0 [ 1485.869473][T30839] ? copy_signal+0x4e3/0x610 [ 1485.873897][T30839] copy_process+0x1149/0x3290 [ 1485.878410][T30839] ? proc_fail_nth_write+0x20b/0x290 [ 1485.883535][T30839] ? fsnotify_perm+0x6a/0x5d0 [ 1485.888043][T30839] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1485.892992][T30839] ? vfs_write+0x9ec/0x1110 [ 1485.897331][T30839] kernel_clone+0x21e/0x9e0 [ 1485.901674][T30839] ? file_end_write+0x1c0/0x1c0 [ 1485.906358][T30839] ? create_io_thread+0x1e0/0x1e0 [ 1485.911215][T30839] ? mutex_unlock+0xb2/0x260 [ 1485.915736][T30839] ? __mutex_lock_slowpath+0x10/0x10 [ 1485.920885][T30839] __x64_sys_clone+0x23f/0x290 [ 1485.925452][T30839] ? __do_sys_vfork+0x130/0x130 [ 1485.930136][T30839] ? ksys_write+0x260/0x2c0 [ 1485.934477][T30839] ? debug_smp_processor_id+0x17/0x20 [ 1485.939686][T30839] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1485.945586][T30839] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1485.951054][T30839] do_syscall_64+0x3d/0xb0 [ 1485.955306][T30839] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1485.961122][T30839] RIP: 0033:0x7f0304509da9 [ 1485.965377][T30839] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1485.984815][T30839] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1485.993063][T30839] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1486.000878][T30839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1486.008685][T30839] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:07 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x700, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180080005300000000faff0000940000000fad413e55f01ef1d30000000f000000950000008dcc61cd19b7298b17681e3b5d6b0411450661eb6a73397af90b17ab67e0301abb08a7dba317575f88d9cc6857888cc578ba078d62395d287886a81d202edc1149fe024c517fec41561507c0bcc77347ceb26322b890124139c7465a9164571befe517c9ceba4a3ad9c0e93cac78ca1840e3b180491686ad64e9b3d64c2cd3802975cc02fa30d2e636ff355478b428b8a656123c0ef5c7bd7a32c7fd5931968855c1f6bc85e60a362bcebf3e9a1b958aaeddc4a059a7882713d52594340314027af95873e320f367266fc14d25149e737103aeaef590efddf7dbfde13e15b5447fd55e9f7f097decb8672baade23b621e21202fc6db226239050aba6079542365968c62b0f935018be3bc611ff90a4289438b27e6f0b82a2f6f9ef0548695f73dfa57f00f7ffffff00000000000000ed4d6f6719820943e361c900f354a51f351b1df57340754371b6171ae34cfcfeec17b6bdee91bf945abbda3b8994b45b2a05c0edb7ecf2d4dab018d81d2c106504e93e49c14bcf4fef90abe09489d29f976b30c14a2cd8be150a1cad069b8ce162b2a915e6f475f003c9681669198beddb6a2278cbe80c07078c09f1fdd4db3ebadd44a942a6"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)=r0}, 0x20) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000e80)='freezer.state\x00', 0x26e1, 0x0) write$cgroup_type(r2, &(0x7f0000000000), 0x165243) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ec0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x1, 0x400}, 0x48) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0x7, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x6}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0x3, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)={0x1b, 0x0, 0x0, 0x80, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x4}, 0x48) r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000a80)={0xffffffffffffffff, 0x87ac, 0x10}, 0xc) r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000ac0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x3}, 0x48) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r9, &(0x7f0000000200), 0x43400) r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x9a5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x3}, 0x48) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@base={0x19, 0x1, 0x3, 0x6, 0x8, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x13, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0xbb5, 0x0, 0x0, 0x0, 0x4}, [@map_idx={0x18, 0xb, 0x5, 0x0, 0x3}, @map_idx={0x18, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x1, 0x8, 0xf, 0x8, 0x4}, @call={0x85, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f00000008c0)='syzkaller\x00', 0x1, 0x68, &(0x7f0000000900)=""/104, 0x41000, 0x7e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000009c0)={0x3, 0xb, 0x20, 0x1000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000b40)=[r4, r5, r6, r7, r8, r9, r10, r11], &(0x7f0000000d40)=[{0x3, 0x4, 0x9, 0xa}, {0x5, 0x5, 0x3, 0x5}, {0x2, 0x3, 0x0, 0x7}, {0x1, 0x4, 0x4, 0x5}, {0x1, 0x1, 0x9, 0x9}, {0x2, 0x2, 0xa, 0x5}, {0x0, 0x1, 0x9, 0x3}], 0x10, 0xa3}, 0x90) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) openat$cgroup_ro(r9, &(0x7f0000000f40)='blkio.bfq.io_service_time\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x8, 0x0, 0x0}}, 0x10) r15 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=@bloom_filter={0x1e, 0x0, 0x0, 0x4, 0x1000, 0x1, 0x0, '\x00', r14, r15, 0x0, 0x5}, 0x48) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r16, &(0x7f0000000000), 0xfdef) openat$cgroup_ro(r16, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) openat$cgroup_ro(r16, 0x0, 0x0, 0x0) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x81, '\x00', 0x0, r13, 0x1, 0x2, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x17, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xc8}, @exit, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r13}}, @ldst={0x0, 0x3, 0x1, 0x1, 0x7, 0x30, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0xcf35, 0xf9, &(0x7f00000004c0)=""/249, 0x41100, 0xb, '\x00', r14, 0x0, r16, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x1, 0xfffff801, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r13, r13, r13, r13, r13, r17], 0x0, 0x10, 0x3}, 0x90) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7a2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180080005300000000faff0000940000000fad413e55f01ef1d30000000f000000950000008dcc61cd19b7298b17681e3b5d6b0411450661eb6a73397af90b17ab67e0301abb08a7dba317575f88d9cc6857888cc578ba078d62395d287886a81d202edc1149fe024c517fec41561507c0bcc77347ceb26322b890124139c7465a9164571befe517c9ceba4a3ad9c0e93cac78ca1840e3b180491686ad64e9b3d64c2cd3802975cc02fa30d2e636ff355478b428b8a656123c0ef5c7bd7a32c7fd5931968855c1f6bc85e60a362bcebf3e9a1b958aaeddc4a059a7882713d52594340314027af95873e320f367266fc14d25149e737103aeaef590efddf7dbfde13e15b5447fd55e9f7f097decb8672baade23b621e21202fc6db226239050aba6079542365968c62b0f935018be3bc611ff90a4289438b27e6f0b82a2f6f9ef0548695f73dfa57f00f7ffffff00000000000000ed4d6f6719820943e361c900f354a51f351b1df57340754371b6171ae34cfcfeec17b6bdee91bf945abbda3b8994b45b2a05c0edb7ecf2d4dab018d81d2c106504e93e49c14bcf4fef90abe09489d29f976b30c14a2cd8be150a1cad069b8ce162b2a915e6f475f003c9681669198beddb6a2278cbe80c07078c09f1fdd4db3ebadd44a942a6"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)=r0}, 0x20) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000e80)='freezer.state\x00', 0x26e1, 0x0) write$cgroup_type(r2, &(0x7f0000000000), 0x165243) (async) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ec0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x1, 0x400}, 0x48) (async) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0x7, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x6}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0x3, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)={0x1b, 0x0, 0x0, 0x80, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x4}, 0x48) (async, rerun: 64) r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000a80)={0xffffffffffffffff, 0x87ac, 0x10}, 0xc) (async) r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000ac0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x3}, 0x48) (async, rerun: 64) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) (rerun: 64) write$cgroup_int(r9, &(0x7f0000000200), 0x43400) (async, rerun: 64) r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x9a5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x3}, 0x48) (async, rerun: 64) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@base={0x19, 0x1, 0x3, 0x6, 0x8, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x13, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0xbb5, 0x0, 0x0, 0x0, 0x4}, [@map_idx={0x18, 0xb, 0x5, 0x0, 0x3}, @map_idx={0x18, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x1, 0x8, 0xf, 0x8, 0x4}, @call={0x85, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f00000008c0)='syzkaller\x00', 0x1, 0x68, &(0x7f0000000900)=""/104, 0x41000, 0x7e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000009c0)={0x3, 0xb, 0x20, 0x1000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000b40)=[r4, r5, r6, r7, r8, r9, r10, r11], &(0x7f0000000d40)=[{0x3, 0x4, 0x9, 0xa}, {0x5, 0x5, 0x3, 0x5}, {0x2, 0x3, 0x0, 0x7}, {0x1, 0x4, 0x4, 0x5}, {0x1, 0x1, 0x9, 0x9}, {0x2, 0x2, 0xa, 0x5}, {0x0, 0x1, 0x9, 0x3}], 0x10, 0xa3}, 0x90) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) openat$cgroup_ro(r9, &(0x7f0000000f40)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async, rerun: 32) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x8, 0x0, 0x0}}, 0x10) (async, rerun: 32) r15 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=@bloom_filter={0x1e, 0x0, 0x0, 0x4, 0x1000, 0x1, 0x0, '\x00', r14, r15, 0x0, 0x5}, 0x48) (async) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r16, &(0x7f0000000000), 0xfdef) openat$cgroup_ro(r16, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (async) openat$cgroup_ro(r16, 0x0, 0x0, 0x0) (async) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x81, '\x00', 0x0, r13, 0x1, 0x2, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x17, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xc8}, @exit, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r13}}, @ldst={0x0, 0x3, 0x1, 0x1, 0x7, 0x30, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0xcf35, 0xf9, &(0x7f00000004c0)=""/249, 0x41100, 0xb, '\x00', r14, 0x0, r16, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x1, 0xfffff801, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r13, r13, r13, r13, r13, r17], 0x0, 0x10, 0x3}, 0x90) (async) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) 22:49:07 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0}, 0x90) [ 1486.016497][T30839] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1486.024307][T30839] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1486.032124][T30839] 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x900, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1486.077101][T30852] FAULT_INJECTION: forcing a failure. [ 1486.077101][T30852] name failslab, interval 1, probability 0, space 0, times 0 [ 1486.097816][T30852] CPU: 1 PID: 30852 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1486.107991][T30852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1486.117918][T30852] Call Trace: [ 1486.121012][T30852] 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180080005300000000faff0000940000000fad413e55f01ef1d30000000f000000950000008dcc61cd19b7298b17681e3b5d6b0411450661eb6a73397af90b17ab67e0301abb08a7dba317575f88d9cc6857888cc578ba078d62395d287886a81d202edc1149fe024c517fec41561507c0bcc77347ceb26322b890124139c7465a9164571befe517c9ceba4a3ad9c0e93cac78ca1840e3b180491686ad64e9b3d64c2cd3802975cc02fa30d2e636ff355478b428b8a656123c0ef5c7bd7a32c7fd5931968855c1f6bc85e60a362bcebf3e9a1b958aaeddc4a059a7882713d52594340314027af95873e320f367266fc14d25149e737103aeaef590efddf7dbfde13e15b5447fd55e9f7f097decb8672baade23b621e21202fc6db226239050aba6079542365968c62b0f935018be3bc611ff90a4289438b27e6f0b82a2f6f9ef0548695f73dfa57f00f7ffffff00000000000000ed4d6f6719820943e361c900f354a51f351b1df57340754371b6171ae34cfcfeec17b6bdee91bf945abbda3b8994b45b2a05c0edb7ecf2d4dab018d81d2c106504e93e49c14bcf4fef90abe09489d29f976b30c14a2cd8be150a1cad069b8ce162b2a915e6f475f003c9681669198beddb6a2278cbe80c07078c09f1fdd4db3ebadd44a942a6"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)=r0}, 0x20) (async, rerun: 32) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000e80)='freezer.state\x00', 0x26e1, 0x0) (rerun: 32) write$cgroup_type(r2, &(0x7f0000000000), 0x165243) (async) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ec0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x1, 0x400}, 0x48) (async) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0x7, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x6}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0x3, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)={0x1b, 0x0, 0x0, 0x80, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x4}, 0x48) (async) r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000a80)={0xffffffffffffffff, 0x87ac, 0x10}, 0xc) r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000ac0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x3}, 0x48) (async, rerun: 32) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) (rerun: 32) write$cgroup_int(r9, &(0x7f0000000200), 0x43400) (async) r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x9a5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x3}, 0x48) (async) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@base={0x19, 0x1, 0x3, 0x6, 0x8, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x13, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0xbb5, 0x0, 0x0, 0x0, 0x4}, [@map_idx={0x18, 0xb, 0x5, 0x0, 0x3}, @map_idx={0x18, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x1, 0x8, 0xf, 0x8, 0x4}, @call={0x85, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f00000008c0)='syzkaller\x00', 0x1, 0x68, &(0x7f0000000900)=""/104, 0x41000, 0x7e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000980)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000009c0)={0x3, 0xb, 0x20, 0x1000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000b40)=[r4, r5, r6, r7, r8, r9, r10, r11], &(0x7f0000000d40)=[{0x3, 0x4, 0x9, 0xa}, {0x5, 0x5, 0x3, 0x5}, {0x2, 0x3, 0x0, 0x7}, {0x1, 0x4, 0x4, 0x5}, {0x1, 0x1, 0x9, 0x9}, {0x2, 0x2, 0xa, 0x5}, {0x0, 0x1, 0x9, 0x3}], 0x10, 0xa3}, 0x90) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) (async) openat$cgroup_ro(r9, &(0x7f0000000f40)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x8, 0x0, 0x0}}, 0x10) (async) r15 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=@bloom_filter={0x1e, 0x0, 0x0, 0x4, 0x1000, 0x1, 0x0, '\x00', r14, r15, 0x0, 0x5}, 0x48) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r16, &(0x7f0000000000), 0xfdef) openat$cgroup_ro(r16, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) openat$cgroup_ro(r16, 0x0, 0x0, 0x0) (async) r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x81, '\x00', 0x0, r13, 0x1, 0x2, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x17, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @call={0x85, 0x0, 0x0, 0xc8}, @exit, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r13}}, @ldst={0x0, 0x3, 0x1, 0x1, 0x7, 0x30, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0xcf35, 0xf9, &(0x7f00000004c0)=""/249, 0x41100, 0xb, '\x00', r14, 0x0, r16, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x1, 0xfffff801, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r13, r13, r13, r13, r13, r17], 0x0, 0x10, 0x3}, 0x90) (async) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1486.123788][T30852] dump_stack_lvl+0x151/0x1b7 [ 1486.128305][T30852] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1486.133771][T30852] dump_stack+0x15/0x17 [ 1486.137768][T30852] should_fail+0x3c6/0x510 [ 1486.142017][T30852] __should_failslab+0xa4/0xe0 [ 1486.146612][T30852] ? vm_area_dup+0x26/0x230 [ 1486.150950][T30852] should_failslab+0x9/0x20 [ 1486.155292][T30852] slab_pre_alloc_hook+0x37/0xd0 [ 1486.160065][T30852] ? vm_area_dup+0x26/0x230 [ 1486.164402][T30852] kmem_cache_alloc+0x44/0x200 [ 1486.169005][T30852] vm_area_dup+0x26/0x230 [ 1486.173172][T30852] copy_mm+0x9a1/0x13e0 [ 1486.177165][T30852] ? copy_signal+0x610/0x610 [ 1486.181587][T30852] ? __init_rwsem+0xd6/0x1c0 [ 1486.186016][T30852] ? copy_signal+0x4e3/0x610 [ 1486.190444][T30852] copy_process+0x1149/0x3290 [ 1486.194958][T30852] ? proc_fail_nth_write+0x20b/0x290 [ 1486.200077][T30852] ? fsnotify_perm+0x6a/0x5d0 [ 1486.204590][T30852] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1486.209537][T30852] ? vfs_write+0x9ec/0x1110 [ 1486.213963][T30852] kernel_clone+0x21e/0x9e0 [ 1486.218300][T30852] ? file_end_write+0x1c0/0x1c0 [ 1486.222988][T30852] ? create_io_thread+0x1e0/0x1e0 [ 1486.227843][T30852] ? mutex_unlock+0xb2/0x260 [ 1486.232269][T30852] ? __mutex_lock_slowpath+0x10/0x10 [ 1486.237393][T30852] __x64_sys_clone+0x23f/0x290 [ 1486.241994][T30852] ? __do_sys_vfork+0x130/0x130 [ 1486.246677][T30852] ? ksys_write+0x260/0x2c0 [ 1486.251018][T30852] ? debug_smp_processor_id+0x17/0x20 [ 1486.256223][T30852] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1486.262127][T30852] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1486.267594][T30852] do_syscall_64+0x3d/0xb0 [ 1486.271847][T30852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1486.277575][T30852] RIP: 0033:0x7f0304509da9 [ 1486.281830][T30852] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1486.301273][T30852] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1486.309513][T30852] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1486.317327][T30852] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xd, 0x0, 0x1f, 0x1, 0x0, 0x1, 0xfff, '\x00', 0x0, r4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xa, 0x2, &(0x7f0000000100)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}], &(0x7f00000002c0)='GPL\x00', 0x3, 0xc, &(0x7f0000000380)=""/12, 0x9f71cadf2e2d7e4c, 0x4, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x10, 0x4, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000008c0)=[r5, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000c40)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4251ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d90852a3f3854f11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1caedc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08ee8c952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ecebcc4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7338a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310e7032775cfd75652ff03000000000000643e9146d2478ce31344b554aca78a27aff1aabbf9c9fd61b78237a0873a18152b5e40b522"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x1f2f, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={0x1, 0x58, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x400, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00)={r8, 0xffffffffffffffff}, 0x4) r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000011c0), 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000014c0)={0xffffffffffffffff, 0x20, &(0x7f0000001480)={&(0x7f0000001280)=""/202, 0xca, 0x0, &(0x7f0000001380)=""/205, 0xcd}}, 0x10) r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x9, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x45020000, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r13}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x2, 0x6}, {0x18, 0x2, 0x2, 0x0, r12}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x2, 0x32, &(0x7f0000001680)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085000000c5000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018570000100000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000100008500000006000000186200000200000000000000090000000604000000040000b7080000000000007b8af8ff00000000b7080000000800007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a5000000bf91000000000000b7020000010000008500000000000000b7000000000000009500000000000000"], &(0x7f0000001140)='syzkaller\x00', 0x7ff, 0x17, &(0x7f0000001180)=""/23, 0x41000, 0x0, '\x00', r7, 0x7, r10, 0x8, &(0x7f0000001200)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000001240)={0x5, 0x3, 0x5, 0x1}, 0x10, r11, r6, 0x6, &(0x7f0000001500)=[r8, r8, r8, r8, r13, r6, r8, r8], &(0x7f0000001540)=[{0x0, 0x0, 0x0, 0x4}, {0x1, 0x2, 0x6, 0x9}, {0x5, 0x1, 0x0, 0x2}, {0x1, 0x1, 0x9, 0x1}, {0x4, 0x3, 0xe, 0xa}, {0x0, 0x5, 0x9, 0x5}], 0x10, 0x1}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002140)={0x18, 0x22, &(0x7f0000001ec0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000640)='GPL\x00', 0x200, 0xa7, &(0x7f0000002000)=""/167, 0x41100, 0x20, '\x00', r7, 0x0, r3, 0x8, &(0x7f00000006c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f00000020c0)={0x0, 0xb, 0xfffffff9, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000002100)=[{0x2, 0x4, 0x10}, {0x0, 0x5, 0xf, 0x8}, {0x2, 0x3, 0xd}, {0x0, 0x3, 0x10, 0x1}], 0x10, 0x7}, 0x90) r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r14}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1c, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x9}, [@map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe62c}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x5}, @cb_func={0x18, 0xb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x8}]}, &(0x7f00000002c0)='syzkaller\x00', 0x400, 0x37, &(0x7f0000000340)=""/55, 0x0, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x2, 0x2e, 0x4}, 0x10, 0x0, r14, 0x0, &(0x7f0000000880)=[r4, 0xffffffffffffffff]}, 0x80) r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001b80)={r4, 0xe0, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000700)=[0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7e, &(0x7f0000000840)=[{}, {}], 0x10, 0x10, &(0x7f00000019c0), &(0x7f0000001a00), 0x8, 0xe3, 0x8, 0x8, &(0x7f0000001a40)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001c40)={r5, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x1, &(0x7f0000000240)=@raw=[@func], &(0x7f00000003c0)='GPL\x00', 0x5136, 0x1000, &(0x7f00000009c0)=""/4096, 0x1e00, 0x0, '\x00', r16, 0x0, r15, 0x8, &(0x7f0000001bc0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000001c00)={0x3, 0x5, 0x7533, 0x8}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001c80)=[r17, r3], &(0x7f0000001cc0)=[{0x5, 0x1, 0xc, 0x2}, {0x1, 0x3, 0xb, 0x9}], 0x10, 0x9}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={r2, 0xffffffffffffffff}, 0x4) r19 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa2f, 0x101, 0x36, 0x42, r2, 0x90000000, '\x00', 0x0, r2, 0x5, 0x5, 0x1, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0xd, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}, @generic={0xfb, 0xf, 0x3, 0x40, 0x4}, @call={0x85, 0x0, 0x0, 0x3}, @tail_call]}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xf5, &(0x7f00000002c0)=""/245, 0x41100, 0x42, '\x00', r16, 0x3b, r2, 0x8, &(0x7f0000000140)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0x4, 0x7ff, 0x200}, 0x10, 0xffffffffffffffff, r0, 0x8, &(0x7f00000004c0)=[r2, r18, r2, r19, r2], &(0x7f0000000500)=[{0x2, 0x3, 0xb, 0x3}, {0x1, 0x4, 0xf, 0x2}, {0x5, 0x5, 0x5, 0xc}, {0x2, 0x4, 0x1, 0x3}, {0x3, 0x2, 0x3, 0x6}, {0x3, 0x4, 0x7, 0x6}, {0x2, 0x5, 0xb, 0x4}, {0x1, 0x2, 0x2, 0x4}], 0x10, 0x4}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1100, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:07 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1200, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1300, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1486.325139][T30852] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1486.332950][T30852] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1486.340761][T30852] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1486.348574][T30852] 22:49:07 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1400, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:07 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1500, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1486.417095][T30893] FAULT_INJECTION: forcing a failure. [ 1486.417095][T30893] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1486.436592][T30893] CPU: 0 PID: 30893 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1486.446754][T30893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1486.456646][T30893] Call Trace: [ 1486.459768][T30893] [ 1486.462548][T30893] dump_stack_lvl+0x151/0x1b7 [ 1486.467057][T30893] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1486.472525][T30893] ? ___slab_alloc+0x39e/0x830 [ 1486.477141][T30893] dump_stack+0x15/0x17 [ 1486.481118][T30893] should_fail+0x3c6/0x510 [ 1486.485372][T30893] should_fail_alloc_page+0x5a/0x80 [ 1486.490406][T30893] prepare_alloc_pages+0x15c/0x700 [ 1486.495353][T30893] ? __alloc_pages_bulk+0xe40/0xe40 [ 1486.500389][T30893] __alloc_pages+0x18c/0x8f0 [ 1486.504813][T30893] ? __traceiter_mm_page_alloc+0x3a/0x60 [ 1486.510280][T30893] ? prep_new_page+0x110/0x110 [ 1486.514879][T30893] ? __alloc_pages+0x3cb/0x8f0 [ 1486.519481][T30893] ? __kasan_check_write+0x14/0x20 [ 1486.524426][T30893] ? _raw_spin_lock+0xa4/0x1b0 [ 1486.529028][T30893] __pmd_alloc+0xb1/0x550 [ 1486.533196][T30893] ? __pud_alloc+0x260/0x260 [ 1486.537620][T30893] ? __pud_alloc+0x213/0x260 [ 1486.542047][T30893] ? do_handle_mm_fault+0x2330/0x2330 [ 1486.547255][T30893] ? __stack_depot_save+0x34/0x470 [ 1486.552201][T30893] ? anon_vma_clone+0x9a/0x500 [ 1486.556804][T30893] copy_page_range+0x2b3d/0x2f90 [ 1486.561574][T30893] ? __kasan_slab_alloc+0xb1/0xe0 [ 1486.566433][T30893] ? slab_post_alloc_hook+0x53/0x2c0 [ 1486.571557][T30893] ? copy_mm+0xa3a/0x13e0 [ 1486.575719][T30893] ? copy_process+0x1149/0x3290 [ 1486.580410][T30893] ? kernel_clone+0x21e/0x9e0 [ 1486.584921][T30893] ? do_syscall_64+0x3d/0xb0 [ 1486.589349][T30893] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1486.595254][T30893] ? pfn_valid+0x1e0/0x1e0 [ 1486.599505][T30893] ? rwsem_write_trylock+0x15b/0x290 [ 1486.604622][T30893] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1486.610877][T30893] copy_mm+0xc7e/0x13e0 [ 1486.614867][T30893] ? copy_signal+0x610/0x610 [ 1486.619289][T30893] ? __init_rwsem+0xd6/0x1c0 [ 1486.623717][T30893] ? copy_signal+0x4e3/0x610 [ 1486.628145][T30893] copy_process+0x1149/0x3290 [ 1486.632658][T30893] ? proc_fail_nth_write+0x20b/0x290 [ 1486.637777][T30893] ? fsnotify_perm+0x6a/0x5d0 [ 1486.642294][T30893] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1486.647238][T30893] ? vfs_write+0x9ec/0x1110 [ 1486.651579][T30893] kernel_clone+0x21e/0x9e0 [ 1486.655916][T30893] ? create_io_thread+0x1e0/0x1e0 [ 1486.660783][T30893] __x64_sys_clone+0x23f/0x290 [ 1486.665380][T30893] ? __do_sys_vfork+0x130/0x130 [ 1486.670066][T30893] ? ksys_write+0x260/0x2c0 [ 1486.674409][T30893] ? debug_smp_processor_id+0x17/0x20 [ 1486.679698][T30893] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1486.685602][T30893] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1486.691069][T30893] do_syscall_64+0x3d/0xb0 [ 1486.695318][T30893] ? sysvec_call_function_single+0x52/0xb0 [ 1486.700961][T30893] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1486.706690][T30893] RIP: 0033:0x7f0304509da9 [ 1486.710947][T30893] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1486.730471][T30893] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1486.738717][T30893] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1486.746528][T30893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1486.754337][T30893] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1600, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1700, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1486.762149][T30893] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1486.769961][T30893] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1486.777776][T30893] 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1800, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x71, 0x0, 0x0, 0x0}, 0x90) [ 1486.838752][T30911] FAULT_INJECTION: forcing a failure. [ 1486.838752][T30911] name failslab, interval 1, probability 0, space 0, times 0 [ 1486.888352][T30911] CPU: 1 PID: 30911 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1486.898603][T30911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1486.908496][T30911] Call Trace: [ 1486.911618][T30911] [ 1486.914405][T30911] dump_stack_lvl+0x151/0x1b7 [ 1486.918917][T30911] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1486.924376][T30911] dump_stack+0x15/0x17 [ 1486.928368][T30911] should_fail+0x3c6/0x510 [ 1486.932623][T30911] __should_failslab+0xa4/0xe0 [ 1486.937222][T30911] ? anon_vma_fork+0xf7/0x4e0 [ 1486.941732][T30911] should_failslab+0x9/0x20 [ 1486.946076][T30911] slab_pre_alloc_hook+0x37/0xd0 [ 1486.950848][T30911] ? anon_vma_fork+0xf7/0x4e0 [ 1486.955362][T30911] kmem_cache_alloc+0x44/0x200 [ 1486.959962][T30911] anon_vma_fork+0xf7/0x4e0 [ 1486.964301][T30911] ? anon_vma_name+0x4c/0x70 [ 1486.968739][T30911] ? vm_area_dup+0x17a/0x230 [ 1486.973154][T30911] copy_mm+0xa3a/0x13e0 [ 1486.977148][T30911] ? copy_signal+0x610/0x610 [ 1486.981659][T30911] ? __init_rwsem+0xd6/0x1c0 [ 1486.986084][T30911] ? copy_signal+0x4e3/0x610 [ 1486.990512][T30911] copy_process+0x1149/0x3290 [ 1486.995026][T30911] ? proc_fail_nth_write+0x20b/0x290 [ 1487.000146][T30911] ? fsnotify_perm+0x6a/0x5d0 [ 1487.004660][T30911] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1487.009616][T30911] ? vfs_write+0x9ec/0x1110 [ 1487.013945][T30911] kernel_clone+0x21e/0x9e0 [ 1487.018287][T30911] ? file_end_write+0x1c0/0x1c0 [ 1487.022975][T30911] ? create_io_thread+0x1e0/0x1e0 [ 1487.027832][T30911] ? mutex_unlock+0xb2/0x260 [ 1487.032261][T30911] ? __mutex_lock_slowpath+0x10/0x10 [ 1487.037380][T30911] __x64_sys_clone+0x23f/0x290 [ 1487.041979][T30911] ? __do_sys_vfork+0x130/0x130 [ 1487.046665][T30911] ? ksys_write+0x260/0x2c0 [ 1487.051024][T30911] ? debug_smp_processor_id+0x17/0x20 [ 1487.056212][T30911] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1487.062548][T30911] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1487.068019][T30911] do_syscall_64+0x3d/0xb0 [ 1487.072271][T30911] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1487.077997][T30911] RIP: 0033:0x7f0304509da9 [ 1487.082251][T30911] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1487.101730][T30911] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1487.109937][T30911] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1487.117756][T30911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1487.125563][T30911] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1900, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) (async, rerun: 64) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) (rerun: 64) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xd, 0x0, 0x1f, 0x1, 0x0, 0x1, 0xfff, '\x00', 0x0, r4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xa, 0x2, &(0x7f0000000100)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}], &(0x7f00000002c0)='GPL\x00', 0x3, 0xc, &(0x7f0000000380)=""/12, 0x9f71cadf2e2d7e4c, 0x4, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x10, 0x4, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000008c0)=[r5, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000c40)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4251ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d90852a3f3854f11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1caedc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08ee8c952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ecebcc4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7338a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310e7032775cfd75652ff03000000000000643e9146d2478ce31344b554aca78a27aff1aabbf9c9fd61b78237a0873a18152b5e40b522"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x1f2f, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={0x1, 0x58, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x400, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00)={r8, 0xffffffffffffffff}, 0x4) (async, rerun: 64) r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000011c0), 0x4) (async, rerun: 64) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000014c0)={0xffffffffffffffff, 0x20, &(0x7f0000001480)={&(0x7f0000001280)=""/202, 0xca, 0x0, &(0x7f0000001380)=""/205, 0xcd}}, 0x10) (async, rerun: 32) r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (rerun: 32) r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x9, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x45020000, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r13}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x2, 0x6}, {0x18, 0x2, 0x2, 0x0, r12}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x2, 0x32, &(0x7f0000001680)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085000000c5000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018570000100000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000100008500000006000000186200000200000000000000090000000604000000040000b7080000000000007b8af8ff00000000b7080000000800007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a5000000bf91000000000000b7020000010000008500000000000000b7000000000000009500000000000000"], &(0x7f0000001140)='syzkaller\x00', 0x7ff, 0x17, &(0x7f0000001180)=""/23, 0x41000, 0x0, '\x00', r7, 0x7, r10, 0x8, &(0x7f0000001200)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000001240)={0x5, 0x3, 0x5, 0x1}, 0x10, r11, r6, 0x6, &(0x7f0000001500)=[r8, r8, r8, r8, r13, r6, r8, r8], &(0x7f0000001540)=[{0x0, 0x0, 0x0, 0x4}, {0x1, 0x2, 0x6, 0x9}, {0x5, 0x1, 0x0, 0x2}, {0x1, 0x1, 0x9, 0x1}, {0x4, 0x3, 0xe, 0xa}, {0x0, 0x5, 0x9, 0x5}], 0x10, 0x1}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002140)={0x18, 0x22, &(0x7f0000001ec0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000640)='GPL\x00', 0x200, 0xa7, &(0x7f0000002000)=""/167, 0x41100, 0x20, '\x00', r7, 0x0, r3, 0x8, &(0x7f00000006c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f00000020c0)={0x0, 0xb, 0xfffffff9, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000002100)=[{0x2, 0x4, 0x10}, {0x0, 0x5, 0xf, 0x8}, {0x2, 0x3, 0xd}, {0x0, 0x3, 0x10, 0x1}], 0x10, 0x7}, 0x90) r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r14}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1c, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x9}, [@map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe62c}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x5}, @cb_func={0x18, 0xb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x8}]}, &(0x7f00000002c0)='syzkaller\x00', 0x400, 0x37, &(0x7f0000000340)=""/55, 0x0, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x2, 0x2e, 0x4}, 0x10, 0x0, r14, 0x0, &(0x7f0000000880)=[r4, 0xffffffffffffffff]}, 0x80) r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001b80)={r4, 0xe0, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000700)=[0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7e, &(0x7f0000000840)=[{}, {}], 0x10, 0x10, &(0x7f00000019c0), &(0x7f0000001a00), 0x8, 0xe3, 0x8, 0x8, &(0x7f0000001a40)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001c40)={r5, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x1, &(0x7f0000000240)=@raw=[@func], &(0x7f00000003c0)='GPL\x00', 0x5136, 0x1000, &(0x7f00000009c0)=""/4096, 0x1e00, 0x0, '\x00', r16, 0x0, r15, 0x8, &(0x7f0000001bc0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000001c00)={0x3, 0x5, 0x7533, 0x8}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001c80)=[r17, r3], &(0x7f0000001cc0)=[{0x5, 0x1, 0xc, 0x2}, {0x1, 0x3, 0xb, 0x9}], 0x10, 0x9}, 0x90) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={r2, 0xffffffffffffffff}, 0x4) (async, rerun: 32) r19 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa2f, 0x101, 0x36, 0x42, r2, 0x90000000, '\x00', 0x0, r2, 0x5, 0x5, 0x1, 0x5}, 0x48) (rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0xd, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}, @generic={0xfb, 0xf, 0x3, 0x40, 0x4}, @call={0x85, 0x0, 0x0, 0x3}, @tail_call]}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xf5, &(0x7f00000002c0)=""/245, 0x41100, 0x42, '\x00', r16, 0x3b, r2, 0x8, &(0x7f0000000140)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0x4, 0x7ff, 0x200}, 0x10, 0xffffffffffffffff, r0, 0x8, &(0x7f00000004c0)=[r2, r18, r2, r19, r2], &(0x7f0000000500)=[{0x2, 0x3, 0xb, 0x3}, {0x1, 0x4, 0xf, 0x2}, {0x5, 0x5, 0x5, 0xc}, {0x2, 0x4, 0x1, 0x3}, {0x3, 0x2, 0x3, 0x6}, {0x3, 0x4, 0x7, 0x6}, {0x2, 0x5, 0xb, 0x4}, {0x1, 0x2, 0x2, 0x4}], 0x10, 0x4}, 0x90) [ 1487.133372][T30911] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1487.141358][T30911] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1487.149174][T30911] 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x79, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2703, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2800, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1487.260164][T30942] FAULT_INJECTION: forcing a failure. [ 1487.260164][T30942] name failslab, interval 1, probability 0, space 0, times 0 22:49:08 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4003, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa207, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18100, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x307a00, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1487.354761][T30942] CPU: 1 PID: 30942 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1487.364936][T30942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1487.374832][T30942] Call Trace: [ 1487.377951][T30942] [ 1487.380730][T30942] dump_stack_lvl+0x151/0x1b7 [ 1487.385246][T30942] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1487.390730][T30942] dump_stack+0x15/0x17 [ 1487.394722][T30942] should_fail+0x3c6/0x510 [ 1487.399134][T30942] __should_failslab+0xa4/0xe0 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x500000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:08 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7a3000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1487.403730][T30942] ? anon_vma_fork+0xf7/0x4e0 [ 1487.408242][T30942] should_failslab+0x9/0x20 [ 1487.412670][T30942] slab_pre_alloc_hook+0x37/0xd0 [ 1487.417677][T30942] ? anon_vma_fork+0xf7/0x4e0 [ 1487.422192][T30942] kmem_cache_alloc+0x44/0x200 [ 1487.426786][T30942] anon_vma_fork+0xf7/0x4e0 [ 1487.431124][T30942] ? anon_vma_name+0x4c/0x70 [ 1487.435546][T30942] ? vm_area_dup+0x17a/0x230 [ 1487.439975][T30942] copy_mm+0xa3a/0x13e0 [ 1487.443973][T30942] ? copy_signal+0x610/0x610 [ 1487.448391][T30942] ? __init_rwsem+0xd6/0x1c0 [ 1487.452815][T30942] ? copy_signal+0x4e3/0x610 [ 1487.457245][T30942] copy_process+0x1149/0x3290 [ 1487.461757][T30942] ? proc_fail_nth_write+0x20b/0x290 [ 1487.466886][T30942] ? fsnotify_perm+0x6a/0x5d0 [ 1487.471388][T30942] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1487.476338][T30942] ? vfs_write+0x9ec/0x1110 [ 1487.480680][T30942] kernel_clone+0x21e/0x9e0 [ 1487.485016][T30942] ? file_end_write+0x1c0/0x1c0 [ 1487.489702][T30942] ? create_io_thread+0x1e0/0x1e0 [ 1487.494561][T30942] ? mutex_unlock+0xb2/0x260 [ 1487.498990][T30942] ? __mutex_lock_slowpath+0x10/0x10 [ 1487.504112][T30942] __x64_sys_clone+0x23f/0x290 [ 1487.508709][T30942] ? __do_sys_vfork+0x130/0x130 [ 1487.513490][T30942] ? ksys_write+0x260/0x2c0 [ 1487.517824][T30942] ? debug_smp_processor_id+0x17/0x20 [ 1487.523039][T30942] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1487.528932][T30942] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1487.534400][T30942] do_syscall_64+0x3d/0xb0 [ 1487.538677][T30942] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1487.544381][T30942] RIP: 0033:0x7f0304509da9 [ 1487.548638][T30942] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1487.568075][T30942] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1487.576320][T30942] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1487.584130][T30942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1487.591944][T30942] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x810100, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 22:49:09 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000540)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xd, 0x0, 0x1f, 0x1, 0x0, 0x1, 0xfff, '\x00', 0x0, r4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xa, 0x2, &(0x7f0000000100)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}], &(0x7f00000002c0)='GPL\x00', 0x3, 0xc, &(0x7f0000000380)=""/12, 0x9f71cadf2e2d7e4c, 0x4, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x10, 0x4, 0x400}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000008c0)=[r5, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000c40)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4251ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d90852a3f3854f11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1caedc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08ee8c952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ecebcc4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7338a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310e7032775cfd75652ff03000000000000643e9146d2478ce31344b554aca78a27aff1aabbf9c9fd61b78237a0873a18152b5e40b522"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x1f2f, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={0x1, 0x58, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x400, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00)={r8, 0xffffffffffffffff}, 0x4) (async) r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000011c0), 0x4) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000014c0)={0xffffffffffffffff, 0x20, &(0x7f0000001480)={&(0x7f0000001280)=""/202, 0xca, 0x0, &(0x7f0000001380)=""/205, 0xcd}}, 0x10) r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async) r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x9, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x45020000, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r13}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x2, 0x6}, {0x18, 0x2, 0x2, 0x0, r12}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x2, 0x32, &(0x7f0000001680)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085000000c5000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018570000100000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000100008500000006000000186200000200000000000000090000000604000000040000b7080000000000007b8af8ff00000000b7080000000800007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a5000000bf91000000000000b7020000010000008500000000000000b7000000000000009500000000000000"], &(0x7f0000001140)='syzkaller\x00', 0x7ff, 0x17, &(0x7f0000001180)=""/23, 0x41000, 0x0, '\x00', r7, 0x7, r10, 0x8, &(0x7f0000001200)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000001240)={0x5, 0x3, 0x5, 0x1}, 0x10, r11, r6, 0x6, &(0x7f0000001500)=[r8, r8, r8, r8, r13, r6, r8, r8], &(0x7f0000001540)=[{0x0, 0x0, 0x0, 0x4}, {0x1, 0x2, 0x6, 0x9}, {0x5, 0x1, 0x0, 0x2}, {0x1, 0x1, 0x9, 0x1}, {0x4, 0x3, 0xe, 0xa}, {0x0, 0x5, 0x9, 0x5}], 0x10, 0x1}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002140)={0x18, 0x22, &(0x7f0000001ec0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000640)='GPL\x00', 0x200, 0xa7, &(0x7f0000002000)=""/167, 0x41100, 0x20, '\x00', r7, 0x0, r3, 0x8, &(0x7f00000006c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f00000020c0)={0x0, 0xb, 0xfffffff9, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000002100)=[{0x2, 0x4, 0x10}, {0x0, 0x5, 0xf, 0x8}, {0x2, 0x3, 0xd}, {0x0, 0x3, 0x10, 0x1}], 0x10, 0x7}, 0x90) r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r14}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1c, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x9}, [@map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe62c}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x5}, @cb_func={0x18, 0xb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x8}]}, &(0x7f00000002c0)='syzkaller\x00', 0x400, 0x37, &(0x7f0000000340)=""/55, 0x0, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x2, 0x2e, 0x4}, 0x10, 0x0, r14, 0x0, &(0x7f0000000880)=[r4, 0xffffffffffffffff]}, 0x80) (async, rerun: 64) r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async, rerun: 64) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001b80)={r4, 0xe0, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000700)=[0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7e, &(0x7f0000000840)=[{}, {}], 0x10, 0x10, &(0x7f00000019c0), &(0x7f0000001a00), 0x8, 0xe3, 0x8, 0x8, &(0x7f0000001a40)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001c40)={r5, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x1, &(0x7f0000000240)=@raw=[@func], &(0x7f00000003c0)='GPL\x00', 0x5136, 0x1000, &(0x7f00000009c0)=""/4096, 0x1e00, 0x0, '\x00', r16, 0x0, r15, 0x8, &(0x7f0000001bc0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000001c00)={0x3, 0x5, 0x7533, 0x8}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000001c80)=[r17, r3], &(0x7f0000001cc0)=[{0x5, 0x1, 0xc, 0x2}, {0x1, 0x3, 0xb, 0x9}], 0x10, 0x9}, 0x90) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={r2, 0xffffffffffffffff}, 0x4) (async) r19 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa2f, 0x101, 0x36, 0x42, r2, 0x90000000, '\x00', 0x0, r2, 0x5, 0x5, 0x1, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0xd, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}, @generic={0xfb, 0xf, 0x3, 0x40, 0x4}, @call={0x85, 0x0, 0x0, 0x3}, @tail_call]}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xf5, &(0x7f00000002c0)=""/245, 0x41100, 0x42, '\x00', r16, 0x3b, r2, 0x8, &(0x7f0000000140)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0x4, 0x7ff, 0x200}, 0x10, 0xffffffffffffffff, r0, 0x8, &(0x7f00000004c0)=[r2, r18, r2, r19, r2], &(0x7f0000000500)=[{0x2, 0x3, 0xb, 0x3}, {0x1, 0x4, 0xf, 0x2}, {0x5, 0x5, 0x5, 0xc}, {0x2, 0x4, 0x1, 0x3}, {0x3, 0x2, 0x3, 0x6}, {0x3, 0x4, 0x7, 0x6}, {0x2, 0x5, 0xb, 0x4}, {0x1, 0x2, 0x2, 0x4}], 0x10, 0x4}, 0x90) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00530000ffeda54fae6efaff0000940000000dad413e550000000f"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00530000ffeda54fae6efaff0000940000000dad413e550000000f"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0, 0x0, 0x0, 0x0}, 0x90) [ 1487.599759][T30942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1487.607568][T30942] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1487.615391][T30942] 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00530000ffeda54fae6efaff0000940000000dad413e550000000f"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x129, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1487.661985][T30987] FAULT_INJECTION: forcing a failure. [ 1487.661985][T30987] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1487.702827][T30987] CPU: 0 PID: 30987 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1487.712995][T30987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1487.722888][T30987] Call Trace: [ 1487.726010][T30987] [ 1487.728791][T30987] dump_stack_lvl+0x151/0x1b7 [ 1487.733300][T30987] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1487.738770][T30987] ? bpf_trace_run4+0x144/0x270 [ 1487.743457][T30987] dump_stack+0x15/0x17 [ 1487.747454][T30987] should_fail+0x3c6/0x510 [ 1487.751723][T30987] should_fail_alloc_page+0x5a/0x80 [ 1487.756740][T30987] prepare_alloc_pages+0x15c/0x700 [ 1487.761685][T30987] ? __alloc_pages_bulk+0xe40/0xe40 [ 1487.766721][T30987] __alloc_pages+0x18c/0x8f0 [ 1487.771145][T30987] ? prep_new_page+0x110/0x110 [ 1487.775748][T30987] get_zeroed_page+0x1b/0x40 [ 1487.780167][T30987] __pud_alloc+0x8b/0x260 [ 1487.784333][T30987] ? stack_trace_snprint+0xf0/0xf0 [ 1487.789284][T30987] ? do_handle_mm_fault+0x2330/0x2330 [ 1487.794490][T30987] ? __stack_depot_save+0x34/0x470 [ 1487.799436][T30987] ? anon_vma_clone+0x9a/0x500 [ 1487.804042][T30987] copy_page_range+0x2bcf/0x2f90 [ 1487.808812][T30987] ? __kasan_slab_alloc+0xb1/0xe0 [ 1487.813669][T30987] ? slab_post_alloc_hook+0x53/0x2c0 [ 1487.818792][T30987] ? copy_mm+0xa3a/0x13e0 [ 1487.822963][T30987] ? copy_process+0x1149/0x3290 [ 1487.827648][T30987] ? kernel_clone+0x21e/0x9e0 [ 1487.832158][T30987] ? __x64_sys_clone+0x23f/0x290 [ 1487.836935][T30987] ? do_syscall_64+0x3d/0xb0 [ 1487.841355][T30987] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1487.847269][T30987] ? pfn_valid+0x1e0/0x1e0 [ 1487.851512][T30987] ? rwsem_write_trylock+0x15b/0x290 [ 1487.856640][T30987] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1487.862881][T30987] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1487.868438][T30987] ? __rb_insert_augmented+0x5de/0x610 [ 1487.873745][T30987] copy_mm+0xc7e/0x13e0 [ 1487.877740][T30987] ? copy_signal+0x610/0x610 [ 1487.882161][T30987] ? __init_rwsem+0xd6/0x1c0 [ 1487.886584][T30987] ? copy_signal+0x4e3/0x610 [ 1487.891023][T30987] copy_process+0x1149/0x3290 [ 1487.895517][T30987] ? proc_fail_nth_write+0x20b/0x290 [ 1487.900635][T30987] ? fsnotify_perm+0x6a/0x5d0 [ 1487.905155][T30987] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1487.910095][T30987] ? vfs_write+0x9ec/0x1110 [ 1487.914437][T30987] kernel_clone+0x21e/0x9e0 [ 1487.918779][T30987] ? file_end_write+0x1c0/0x1c0 [ 1487.923461][T30987] ? create_io_thread+0x1e0/0x1e0 [ 1487.928320][T30987] ? mutex_unlock+0xb2/0x260 [ 1487.932756][T30987] ? __mutex_lock_slowpath+0x10/0x10 [ 1487.937872][T30987] __x64_sys_clone+0x23f/0x290 [ 1487.942474][T30987] ? __do_sys_vfork+0x130/0x130 [ 1487.947155][T30987] ? ksys_write+0x260/0x2c0 [ 1487.951499][T30987] ? debug_smp_processor_id+0x17/0x20 [ 1487.956705][T30987] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1487.962606][T30987] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1487.968098][T30987] do_syscall_64+0x3d/0xb0 [ 1487.972326][T30987] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1487.978052][T30987] RIP: 0033:0x7f0304509da9 [ 1487.982309][T30987] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x90) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) [ 1488.001747][T30987] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1488.009992][T30987] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1488.017804][T30987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1488.025617][T30987] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1488.033428][T30987] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1488.041327][T30987] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1488.049139][T30987] 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x90) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x235, 0x0, 0x0, 0x0}, 0x90) [ 1488.093004][T31025] FAULT_INJECTION: forcing a failure. [ 1488.093004][T31025] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.111006][T31025] CPU: 1 PID: 31025 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1488.121170][T31025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1488.131064][T31025] Call Trace: [ 1488.134187][T31025] [ 1488.136965][T31025] dump_stack_lvl+0x151/0x1b7 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1488.141483][T31025] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1488.146946][T31025] dump_stack+0x15/0x17 [ 1488.150942][T31025] should_fail+0x3c6/0x510 [ 1488.155190][T31025] __should_failslab+0xa4/0xe0 [ 1488.159791][T31025] ? anon_vma_clone+0x9a/0x500 [ 1488.164389][T31025] should_failslab+0x9/0x20 [ 1488.168727][T31025] slab_pre_alloc_hook+0x37/0xd0 [ 1488.173505][T31025] ? anon_vma_clone+0x9a/0x500 [ 1488.178100][T31025] kmem_cache_alloc+0x44/0x200 [ 1488.182703][T31025] anon_vma_clone+0x9a/0x500 [ 1488.187131][T31025] anon_vma_fork+0x91/0x4e0 [ 1488.191462][T31025] ? anon_vma_name+0x4c/0x70 [ 1488.195888][T31025] ? vm_area_dup+0x17a/0x230 [ 1488.200315][T31025] copy_mm+0xa3a/0x13e0 [ 1488.204310][T31025] ? copy_signal+0x610/0x610 [ 1488.208736][T31025] ? __init_rwsem+0xd6/0x1c0 [ 1488.213159][T31025] ? copy_signal+0x4e3/0x610 [ 1488.217587][T31025] copy_process+0x1149/0x3290 [ 1488.222102][T31025] ? proc_fail_nth_write+0x20b/0x290 [ 1488.227219][T31025] ? fsnotify_perm+0x6a/0x5d0 [ 1488.231735][T31025] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1488.236682][T31025] ? vfs_write+0x9ec/0x1110 [ 1488.241021][T31025] kernel_clone+0x21e/0x9e0 [ 1488.245364][T31025] ? file_end_write+0x1c0/0x1c0 [ 1488.250047][T31025] ? create_io_thread+0x1e0/0x1e0 [ 1488.254906][T31025] ? mutex_unlock+0xb2/0x260 [ 1488.259333][T31025] ? __mutex_lock_slowpath+0x10/0x10 [ 1488.264455][T31025] __x64_sys_clone+0x23f/0x290 [ 1488.269064][T31025] ? __do_sys_vfork+0x130/0x130 [ 1488.273740][T31025] ? ksys_write+0x260/0x2c0 [ 1488.278084][T31025] ? debug_smp_processor_id+0x17/0x20 [ 1488.283289][T31025] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1488.289190][T31025] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1488.294656][T31025] do_syscall_64+0x3d/0xb0 [ 1488.298912][T31025] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1488.304638][T31025] RIP: 0033:0x7f0304509da9 [ 1488.308897][T31025] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1488.328421][T31025] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 0: bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000009c0)={0xffffffffffffffff, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0], 0x0, 0x88, &(0x7f00000007c0)=[{}], 0x8, 0x10, &(0x7f0000000800), &(0x7f0000000840), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000880)}}, 0x10) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b80)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc4, 0xc4, 0x3, [@const={0xb, 0x0, 0x0, 0xa, 0x1}, @enum={0x8, 0x6, 0x0, 0x6, 0x4, [{0x5, 0x8000}, {0x1, 0x6}, {0xe, 0x5}, {0xc, 0x80000001}, {0x5, 0x1f}, {0x3, 0x5463}]}, @ptr={0xa, 0x0, 0x0, 0x2, 0x1}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @fwd={0x3}, @restrict={0x7, 0x0, 0x0, 0xb, 0x1}, @enum={0x10, 0x5, 0x0, 0x6, 0x4, [{0x6, 0x9}, {0x7, 0x1}, {0xe, 0x9}, {0xd, 0x8}, {0x10, 0x3}]}, @fwd={0x6}, @restrict={0x2, 0x0, 0x0, 0xb, 0x1}]}, {0x0, [0x61]}}, &(0x7f0000000b00)=""/123, 0xdf, 0x7b, 0x1}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c00)={0xeb89, 0x0}, 0x8) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000c40)={0xffffffffffffffff}, 0x4) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x101, 0x8}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d40)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000cc0), &(0x7f0000000d00)}, 0x20) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000d80)='cpuset.effective_mems\x00', 0x0, 0x0) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000e00)=@o_path={&(0x7f0000000dc0)='./file0\x00', 0x0, 0xc010}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xe, 0x2e, &(0x7f0000000440)=@raw=[@jmp={0x5, 0x0, 0xa, 0x1, 0x2, 0x2}, @tail_call, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0x98}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f00000005c0)='GPL\x00', 0x3, 0xe5, &(0x7f0000000600)=""/229, 0x41100, 0x4, '\x00', r3, 0x1e, r4, 0x8, &(0x7f0000000bc0)={0x0, 0x2}, 0x8, 0x10, 0x0, 0x0, r5, r6, 0x5, &(0x7f0000000e40)=[r7, r8, r9, r10], &(0x7f0000000e80)=[{0x4, 0x5, 0x3, 0x7}, {0x2, 0x2, 0xc}, {0x3, 0x10000, 0x4, 0x3}, {0x1, 0x6, 0x14, 0x1}, {0x2, 0x2, 0x9, 0x8}], 0x10, 0x3}, 0x90) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180040faff0000945be94aaf1a0621500e00191d00"/31], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r11}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x4, '\x00', 0x0, r14, 0x1, 0x3, 0x3}, 0x48) [ 1488.336662][T31025] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1488.344475][T31025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1488.352287][T31025] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1488.360099][T31025] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1488.367909][T31025] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1488.375725][T31025] 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25f, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 22:49:09 executing program 0: bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000009c0)={0xffffffffffffffff, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0], 0x0, 0x88, &(0x7f00000007c0)=[{}], 0x8, 0x10, &(0x7f0000000800), &(0x7f0000000840), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000880)}}, 0x10) (async) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b80)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc4, 0xc4, 0x3, [@const={0xb, 0x0, 0x0, 0xa, 0x1}, @enum={0x8, 0x6, 0x0, 0x6, 0x4, [{0x5, 0x8000}, {0x1, 0x6}, {0xe, 0x5}, {0xc, 0x80000001}, {0x5, 0x1f}, {0x3, 0x5463}]}, @ptr={0xa, 0x0, 0x0, 0x2, 0x1}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @fwd={0x3}, @restrict={0x7, 0x0, 0x0, 0xb, 0x1}, @enum={0x10, 0x5, 0x0, 0x6, 0x4, [{0x6, 0x9}, {0x7, 0x1}, {0xe, 0x9}, {0xd, 0x8}, {0x10, 0x3}]}, @fwd={0x6}, @restrict={0x2, 0x0, 0x0, 0xb, 0x1}]}, {0x0, [0x61]}}, &(0x7f0000000b00)=""/123, 0xdf, 0x7b, 0x1}, 0x20) (async, rerun: 32) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c00)={0xeb89, 0x0}, 0x8) (async, rerun: 32) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000c40)={0xffffffffffffffff}, 0x4) (async, rerun: 32) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x101, 0x8}, 0xc) (async, rerun: 32) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d40)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000cc0), &(0x7f0000000d00)}, 0x20) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000d80)='cpuset.effective_mems\x00', 0x0, 0x0) (async) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000e00)=@o_path={&(0x7f0000000dc0)='./file0\x00', 0x0, 0xc010}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xe, 0x2e, &(0x7f0000000440)=@raw=[@jmp={0x5, 0x0, 0xa, 0x1, 0x2, 0x2}, @tail_call, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0x98}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f00000005c0)='GPL\x00', 0x3, 0xe5, &(0x7f0000000600)=""/229, 0x41100, 0x4, '\x00', r3, 0x1e, r4, 0x8, &(0x7f0000000bc0)={0x0, 0x2}, 0x8, 0x10, 0x0, 0x0, r5, r6, 0x5, &(0x7f0000000e40)=[r7, r8, r9, r10], &(0x7f0000000e80)=[{0x4, 0x5, 0x3, 0x7}, {0x2, 0x2, 0xc}, {0x3, 0x10000, 0x4, 0x3}, {0x1, 0x6, 0x14, 0x1}, {0x2, 0x2, 0x9, 0x8}], 0x10, 0x3}, 0x90) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180040faff0000945be94aaf1a0621500e00191d00"/31], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r11}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x4, '\x00', 0x0, r14, 0x1, 0x3, 0x3}, 0x48) 22:49:09 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x261, 0x0, 0x0, 0x0}, 0x90) 22:49:09 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1488.463222][T31058] FAULT_INJECTION: forcing a failure. [ 1488.463222][T31058] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.482567][T31058] CPU: 0 PID: 31058 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1488.492741][T31058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1488.502632][T31058] Call Trace: [ 1488.505754][T31058] [ 1488.508529][T31058] dump_stack_lvl+0x151/0x1b7 [ 1488.513040][T31058] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1488.518511][T31058] dump_stack+0x15/0x17 [ 1488.522586][T31058] should_fail+0x3c6/0x510 [ 1488.526840][T31058] __should_failslab+0xa4/0xe0 [ 1488.531440][T31058] ? anon_vma_clone+0x9a/0x500 [ 1488.536040][T31058] should_failslab+0x9/0x20 [ 1488.540381][T31058] slab_pre_alloc_hook+0x37/0xd0 [ 1488.545152][T31058] ? anon_vma_clone+0x9a/0x500 [ 1488.549752][T31058] kmem_cache_alloc+0x44/0x200 [ 1488.554355][T31058] anon_vma_clone+0x9a/0x500 [ 1488.558780][T31058] anon_vma_fork+0x91/0x4e0 [ 1488.563118][T31058] ? anon_vma_name+0x4c/0x70 [ 1488.567638][T31058] ? vm_area_dup+0x17a/0x230 [ 1488.572066][T31058] copy_mm+0xa3a/0x13e0 [ 1488.576059][T31058] ? copy_signal+0x610/0x610 [ 1488.580484][T31058] ? __init_rwsem+0xd6/0x1c0 [ 1488.584910][T31058] ? copy_signal+0x4e3/0x610 [ 1488.589337][T31058] copy_process+0x1149/0x3290 [ 1488.593850][T31058] ? proc_fail_nth_write+0x20b/0x290 [ 1488.598971][T31058] ? fsnotify_perm+0x6a/0x5d0 [ 1488.603488][T31058] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1488.608430][T31058] ? vfs_write+0x9ec/0x1110 [ 1488.612776][T31058] kernel_clone+0x21e/0x9e0 [ 1488.617109][T31058] ? file_end_write+0x1c0/0x1c0 [ 1488.621798][T31058] ? create_io_thread+0x1e0/0x1e0 [ 1488.626655][T31058] ? mutex_unlock+0xb2/0x260 [ 1488.631083][T31058] ? __mutex_lock_slowpath+0x10/0x10 [ 1488.636207][T31058] __x64_sys_clone+0x23f/0x290 [ 1488.640804][T31058] ? __do_sys_vfork+0x130/0x130 [ 1488.645491][T31058] ? ksys_write+0x260/0x2c0 [ 1488.649833][T31058] ? debug_smp_processor_id+0x17/0x20 [ 1488.655037][T31058] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1488.660942][T31058] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1488.666407][T31058] do_syscall_64+0x3d/0xb0 [ 1488.670661][T31058] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1488.676390][T31058] RIP: 0033:0x7f0304509da9 [ 1488.680644][T31058] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1488.700084][T31058] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff7676945674abe64659ab370000000f000000955244ad0300000000000000cc4e3680f5e33c2310c228bb4e0af93ad305d5a8160c0004f2b514c88a5843bcb3dd8b12fd73958292c97787bec757279570cffb1dc87d0851acf2f0aaee66ee3557898b97ef72319236f7e16304b10c25b6e0ad18105d858a5e1d85de6319dcd7970a4c2f9239b024cd72f19cbd702a61f3b4afcdceef6f0a0a339eae977f59824e929e05a32657a91b59288f64570a59f0bda26ef6b31a2452f2f72d05b3e8c533b15cfdf3613c94c6e800fb1f0a558484feedcd029d99305c64175e08bca3491430056b24265d1236dad15ce6bb5bfdd6fe1701eba0531223ed62710211a5a5eda4b32f4ddb6b228b1b2611712a8aad9926137a7e2934da9968f438de"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 0: bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{0x1, 0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20) (async, rerun: 32) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={0x1, 0xffffffffffffffff}, 0x4) (rerun: 32) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000009c0)={0xffffffffffffffff, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0], 0x0, 0x88, &(0x7f00000007c0)=[{}], 0x8, 0x10, &(0x7f0000000800), &(0x7f0000000840), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000880)}}, 0x10) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b80)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc4, 0xc4, 0x3, [@const={0xb, 0x0, 0x0, 0xa, 0x1}, @enum={0x8, 0x6, 0x0, 0x6, 0x4, [{0x5, 0x8000}, {0x1, 0x6}, {0xe, 0x5}, {0xc, 0x80000001}, {0x5, 0x1f}, {0x3, 0x5463}]}, @ptr={0xa, 0x0, 0x0, 0x2, 0x1}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @fwd={0x3}, @restrict={0x7, 0x0, 0x0, 0xb, 0x1}, @enum={0x10, 0x5, 0x0, 0x6, 0x4, [{0x6, 0x9}, {0x7, 0x1}, {0xe, 0x9}, {0xd, 0x8}, {0x10, 0x3}]}, @fwd={0x6}, @restrict={0x2, 0x0, 0x0, 0xb, 0x1}]}, {0x0, [0x61]}}, &(0x7f0000000b00)=""/123, 0xdf, 0x7b, 0x1}, 0x20) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c00)={0xeb89, 0x0}, 0x8) (async, rerun: 64) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000c40)={0xffffffffffffffff}, 0x4) (async, rerun: 64) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c80)={0xffffffffffffffff, 0x101, 0x8}, 0xc) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d40)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000cc0), &(0x7f0000000d00)}, 0x20) (async) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000d80)='cpuset.effective_mems\x00', 0x0, 0x0) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000e00)=@o_path={&(0x7f0000000dc0)='./file0\x00', 0x0, 0xc010}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0xe, 0x2e, &(0x7f0000000440)=@raw=[@jmp={0x5, 0x0, 0xa, 0x1, 0x2, 0x2}, @tail_call, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0x98}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f00000005c0)='GPL\x00', 0x3, 0xe5, &(0x7f0000000600)=""/229, 0x41100, 0x4, '\x00', r3, 0x1e, r4, 0x8, &(0x7f0000000bc0)={0x0, 0x2}, 0x8, 0x10, 0x0, 0x0, r5, r6, 0x5, &(0x7f0000000e40)=[r7, r8, r9, r10], &(0x7f0000000e80)=[{0x4, 0x5, 0x3, 0x7}, {0x2, 0x2, 0xc}, {0x3, 0x10000, 0x4, 0x3}, {0x1, 0x6, 0x14, 0x1}, {0x2, 0x2, 0x9, 0x8}], 0x10, 0x3}, 0x90) (async) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180040faff0000945be94aaf1a0621500e00191d00"/31], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r11}, 0x10) r13 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r12}, 0x8) write$cgroup_int(r13, &(0x7f00000001c0), 0xfffffdef) (async, rerun: 32) r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) (rerun: 32) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, r13, 0x4, '\x00', 0x0, r14, 0x1, 0x3, 0x3}, 0x48) 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x327, 0x0, 0x0, 0x0}, 0x90) [ 1488.708330][T31058] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1488.716138][T31058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1488.723950][T31058] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1488.731760][T31058] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1488.739668][T31058] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1488.747482][T31058] 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff7676945674abe64659ab370000000f000000955244ad0300000000000000cc4e3680f5e33c2310c228bb4e0af93ad305d5a8160c0004f2b514c88a5843bcb3dd8b12fd73958292c97787bec757279570cffb1dc87d0851acf2f0aaee66ee3557898b97ef72319236f7e16304b10c25b6e0ad18105d858a5e1d85de6319dcd7970a4c2f9239b024cd72f19cbd702a61f3b4afcdceef6f0a0a339eae977f59824e929e05a32657a91b59288f64570a59f0bda26ef6b31a2452f2f72d05b3e8c533b15cfdf3613c94c6e800fb1f0a558484feedcd029d99305c64175e08bca3491430056b24265d1236dad15ce6bb5bfdd6fe1701eba0531223ed62710211a5a5eda4b32f4ddb6b228b1b2611712a8aad9926137a7e2934da9968f438de"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 32) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e5, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000f000000000000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x80) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea4804415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006f23cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77e74e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8796dc89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3ed18761ec7a4aac4a4041f76a28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413b4adafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff87588a9af1da3763722f4f17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9fff2ffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f81531ff0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7c91301fb897316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee06c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc938bd71c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a8310fb800000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e399a9d412030100000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377082e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba7935d643b1d8daa9f38e4b62c1e2af28c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacbafdb27817770e39ff2ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a98d86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252916d3a4d"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_request_blocks\x00', r5}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r3, 0xe0, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001440)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x9, &(0x7f0000001480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7a, &(0x7f0000001540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001580), &(0x7f00000015c0), 0x8, 0x93, 0x8, 0x8, &(0x7f0000001600)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001840)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000017c0), &(0x7f0000001800)=r4}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001900)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000001880), &(0x7f00000018c0)=r5}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000019c0)={0xf, 0x5, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@alu={0x4, 0x1, 0x7, 0x5, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f00000005c0)='syzkaller\x00', 0x2, 0x93, &(0x7f0000000840)=""/147, 0x41000, 0x6, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r4, 0x4, &(0x7f0000001940)=[0x1, r7, r8, r9, 0xffffffffffffffff], &(0x7f0000001980)=[{0x0, 0x1, 0xd, 0xc}, {0x5, 0x4, 0x7, 0x5}, {0x0, 0x3, 0xd, 0x7}, {0x4, 0x3, 0x8, 0x5}], 0x10, 0x10000}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r7, 0x58, &(0x7f0000000040)}, 0x10) 22:49:10 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff7676945674abe64659ab370000000f000000955244ad0300000000000000cc4e3680f5e33c2310c228bb4e0af93ad305d5a8160c0004f2b514c88a5843bcb3dd8b12fd73958292c97787bec757279570cffb1dc87d0851acf2f0aaee66ee3557898b97ef72319236f7e16304b10c25b6e0ad18105d858a5e1d85de6319dcd7970a4c2f9239b024cd72f19cbd702a61f3b4afcdceef6f0a0a339eae977f59824e929e05a32657a91b59288f64570a59f0bda26ef6b31a2452f2f72d05b3e8c533b15cfdf3613c94c6e800fb1f0a558484feedcd029d99305c64175e08bca3491430056b24265d1236dad15ce6bb5bfdd6fe1701eba0531223ed62710211a5a5eda4b32f4ddb6b228b1b2611712a8aad9926137a7e2934da9968f438de"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000f000000000000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x80) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea4804415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006f23cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77e74e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8796dc89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3ed18761ec7a4aac4a4041f76a28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413b4adafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff87588a9af1da3763722f4f17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9fff2ffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f81531ff0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7c91301fb897316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee06c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc938bd71c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a8310fb800000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e399a9d412030100000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377082e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba7935d643b1d8daa9f38e4b62c1e2af28c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacbafdb27817770e39ff2ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a98d86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252916d3a4d"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_request_blocks\x00', r5}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r3, 0xe0, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001440)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x9, &(0x7f0000001480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7a, &(0x7f0000001540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001580), &(0x7f00000015c0), 0x8, 0x93, 0x8, 0x8, &(0x7f0000001600)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) (async, rerun: 32) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001840)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000017c0), &(0x7f0000001800)=r4}, 0x20) (async, rerun: 32) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001900)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000001880), &(0x7f00000018c0)=r5}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000019c0)={0xf, 0x5, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@alu={0x4, 0x1, 0x7, 0x5, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f00000005c0)='syzkaller\x00', 0x2, 0x93, &(0x7f0000000840)=""/147, 0x41000, 0x6, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r4, 0x4, &(0x7f0000001940)=[0x1, r7, r8, r9, 0xffffffffffffffff], &(0x7f0000001980)=[{0x0, 0x1, 0xd, 0xc}, {0x5, 0x4, 0x7, 0x5}, {0x0, 0x3, 0xd, 0x7}, {0x4, 0x3, 0x8, 0x5}], 0x10, 0x10000}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r7, 0x58, &(0x7f0000000040)}, 0x10) 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0}, 0x90) [ 1488.845306][T31108] FAULT_INJECTION: forcing a failure. [ 1488.845306][T31108] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.861944][T31108] CPU: 1 PID: 31108 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1488.872106][T31108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1488.881995][T31108] Call Trace: [ 1488.885117][T31108] [ 1488.887895][T31108] dump_stack_lvl+0x151/0x1b7 [ 1488.892409][T31108] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1488.897880][T31108] dump_stack+0x15/0x17 [ 1488.901869][T31108] should_fail+0x3c6/0x510 [ 1488.906122][T31108] __should_failslab+0xa4/0xe0 [ 1488.910724][T31108] ? anon_vma_fork+0xf7/0x4e0 [ 1488.915235][T31108] should_failslab+0x9/0x20 [ 1488.919575][T31108] slab_pre_alloc_hook+0x37/0xd0 [ 1488.924347][T31108] ? anon_vma_fork+0xf7/0x4e0 [ 1488.928860][T31108] kmem_cache_alloc+0x44/0x200 [ 1488.933461][T31108] anon_vma_fork+0xf7/0x4e0 [ 1488.937799][T31108] ? anon_vma_name+0x4c/0x70 [ 1488.942226][T31108] ? vm_area_dup+0x17a/0x230 [ 1488.946661][T31108] copy_mm+0xa3a/0x13e0 [ 1488.950736][T31108] ? copy_signal+0x610/0x610 [ 1488.955157][T31108] ? __init_rwsem+0xd6/0x1c0 [ 1488.959597][T31108] ? copy_signal+0x4e3/0x610 [ 1488.964014][T31108] copy_process+0x1149/0x3290 [ 1488.968528][T31108] ? proc_fail_nth_write+0x20b/0x290 [ 1488.973645][T31108] ? fsnotify_perm+0x6a/0x5d0 [ 1488.978159][T31108] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1488.983105][T31108] ? vfs_write+0x9ec/0x1110 [ 1488.987448][T31108] kernel_clone+0x21e/0x9e0 [ 1488.991786][T31108] ? file_end_write+0x1c0/0x1c0 [ 1488.996476][T31108] ? create_io_thread+0x1e0/0x1e0 [ 1489.001333][T31108] ? mutex_unlock+0xb2/0x260 [ 1489.005759][T31108] ? __mutex_lock_slowpath+0x10/0x10 [ 1489.010879][T31108] __x64_sys_clone+0x23f/0x290 [ 1489.015487][T31108] ? __do_sys_vfork+0x130/0x130 [ 1489.020166][T31108] ? ksys_write+0x260/0x2c0 [ 1489.024507][T31108] ? debug_smp_processor_id+0x17/0x20 [ 1489.029718][T31108] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1489.035615][T31108] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1489.041097][T31108] do_syscall_64+0x3d/0xb0 [ 1489.045340][T31108] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1489.051067][T31108] RIP: 0033:0x7f0304509da9 [ 1489.055321][T31108] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1489.074766][T31108] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1489.083002][T31108] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000001f279e5196dba066abdd376a4f85b9db36bfbda4679f5f65e5272666ca03f8fae5da413e552a771967b7dbdb18ecd78b52b25cc547d66d0f96c54d33baca230284d486d4196ebb0be28ab82c9ba33ab399c9173dace48c5438c4c0b84d44cc695ce5cb328da7d9a33ace8071c59fb423dcdd6b94dae55f4e6c0a9b7bd0104bb304bc0eaf9f93a8390894857f770b25fc9d43c7ef62a66eca1cb214befcb2be13a932a99a183e3755d159fe4fd2d4c4ca99526574b66f833dd3b3cef01c34ab8c0d41955b68964a66ffece482f98f9a04fad715e52f88d9c013bdb55bb70c3b81d0a4ede85e2578af0167197d87b1dfe93d6f6eb800be41a48f6f5284c71c5e00c660777f294f4c0b1fe441c5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000001f279e5196dba066abdd376a4f85b9db36bfbda4679f5f65e5272666ca03f8fae5da413e552a771967b7dbdb18ecd78b52b25cc547d66d0f96c54d33baca230284d486d4196ebb0be28ab82c9ba33ab399c9173dace48c5438c4c0b84d44cc695ce5cb328da7d9a33ace8071c59fb423dcdd6b94dae55f4e6c0a9b7bd0104bb304bc0eaf9f93a8390894857f770b25fc9d43c7ef62a66eca1cb214befcb2be13a932a99a183e3755d159fe4fd2d4c4ca99526574b66f833dd3b3cef01c34ab8c0d41955b68964a66ffece482f98f9a04fad715e52f88d9c013bdb55bb70c3b81d0a4ede85e2578af0167197d87b1dfe93d6f6eb800be41a48f6f5284c71c5e00c660777f294f4c0b1fe441c5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000f000000000000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x80) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea4804415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006f23cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77e74e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8796dc89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3ed18761ec7a4aac4a4041f76a28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413b4adafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff87588a9af1da3763722f4f17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9fff2ffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f81531ff0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7c91301fb897316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee06c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc938bd71c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a8310fb800000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e399a9d412030100000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377082e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba7935d643b1d8daa9f38e4b62c1e2af28c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacbafdb27817770e39ff2ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a98d86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252916d3a4d"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_request_blocks\x00', r5}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r3, 0xe0, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001440)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x9, &(0x7f0000001480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7a, &(0x7f0000001540)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001580), &(0x7f00000015c0), 0x8, 0x93, 0x8, 0x8, &(0x7f0000001600)}}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001840)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000017c0), &(0x7f0000001800)=r4}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001900)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000001880), &(0x7f00000018c0)=r5}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000019c0)={0xf, 0x5, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@alu={0x4, 0x1, 0x7, 0x5, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f00000005c0)='syzkaller\x00', 0x2, 0x93, &(0x7f0000000840)=""/147, 0x41000, 0x6, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, r6, r4, 0x4, &(0x7f0000001940)=[0x1, r7, r8, r9, 0xffffffffffffffff], &(0x7f0000001980)=[{0x0, 0x1, 0xd, 0xc}, {0x5, 0x4, 0x7, 0x5}, {0x0, 0x3, 0xd, 0x7}, {0x4, 0x3, 0x8, 0x5}], 0x10, 0x10000}, 0x90) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r7, 0x58, &(0x7f0000000040)}, 0x10) 22:49:10 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 22:49:10 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, 0x0}, 0x90) [ 1489.090812][T31108] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1489.098624][T31108] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1489.106441][T31108] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1489.114250][T31108] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1489.122064][T31108] 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000001f279e5196dba066abdd376a4f85b9db36bfbda4679f5f65e5272666ca03f8fae5da413e552a771967b7dbdb18ecd78b52b25cc547d66d0f96c54d33baca230284d486d4196ebb0be28ab82c9ba33ab399c9173dace48c5438c4c0b84d44cc695ce5cb328da7d9a33ace8071c59fb423dcdd6b94dae55f4e6c0a9b7bd0104bb304bc0eaf9f93a8390894857f770b25fc9d43c7ef62a66eca1cb214befcb2be13a932a99a183e3755d159fe4fd2d4c4ca99526574b66f833dd3b3cef01c34ab8c0d41955b68964a66ffece482f98f9a04fad715e52f88d9c013bdb55bb70c3b81d0a4ede85e2578af0167197d87b1dfe93d6f6eb800be41a48f6f5284c71c5e00c660777f294f4c0b1fe441c5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:10 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffdef) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r2, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000100)) r3 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8) [ 1489.178785][T31132] FAULT_INJECTION: forcing a failure. [ 1489.178785][T31132] name failslab, interval 1, probability 0, space 0, times 0 [ 1489.198782][T31132] CPU: 1 PID: 31132 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1489.208949][T31132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1489.218976][T31132] Call Trace: [ 1489.222096][T31132] [ 1489.224873][T31132] dump_stack_lvl+0x151/0x1b7 [ 1489.229397][T31132] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1489.234952][T31132] dump_stack+0x15/0x17 [ 1489.238932][T31132] should_fail+0x3c6/0x510 [ 1489.243184][T31132] __should_failslab+0xa4/0xe0 [ 1489.247785][T31132] ? anon_vma_clone+0x9a/0x500 [ 1489.252383][T31132] should_failslab+0x9/0x20 [ 1489.256722][T31132] slab_pre_alloc_hook+0x37/0xd0 [ 1489.261496][T31132] ? anon_vma_clone+0x9a/0x500 [ 1489.266097][T31132] kmem_cache_alloc+0x44/0x200 [ 1489.270711][T31132] anon_vma_clone+0x9a/0x500 [ 1489.275127][T31132] anon_vma_fork+0x91/0x4e0 [ 1489.279469][T31132] ? anon_vma_name+0x4c/0x70 [ 1489.283890][T31132] ? vm_area_dup+0x17a/0x230 [ 1489.288316][T31132] copy_mm+0xa3a/0x13e0 [ 1489.292312][T31132] ? copy_signal+0x610/0x610 [ 1489.296734][T31132] ? __init_rwsem+0xd6/0x1c0 [ 1489.301158][T31132] ? copy_signal+0x4e3/0x610 [ 1489.305588][T31132] copy_process+0x1149/0x3290 [ 1489.310102][T31132] ? proc_fail_nth_write+0x20b/0x290 [ 1489.315220][T31132] ? fsnotify_perm+0x6a/0x5d0 [ 1489.319734][T31132] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1489.324680][T31132] ? vfs_write+0x9ec/0x1110 [ 1489.329021][T31132] kernel_clone+0x21e/0x9e0 [ 1489.333361][T31132] ? file_end_write+0x1c0/0x1c0 [ 1489.338049][T31132] ? create_io_thread+0x1e0/0x1e0 [ 1489.342905][T31132] ? mutex_unlock+0xb2/0x260 [ 1489.347333][T31132] ? __mutex_lock_slowpath+0x10/0x10 [ 1489.352454][T31132] __x64_sys_clone+0x23f/0x290 [ 1489.357057][T31132] ? __do_sys_vfork+0x130/0x130 [ 1489.361742][T31132] ? __bpf_trace_sys_enter+0x62/0x70 [ 1489.366860][T31132] ? syscall_enter_from_user_mode+0x14d/0x1b0 [ 1489.372762][T31132] do_syscall_64+0x3d/0xb0 [ 1489.377016][T31132] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1489.382744][T31132] RIP: 0033:0x7f0304509da9 [ 1489.386997][T31132] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1489.406441][T31132] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1489.414683][T31132] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:10 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:10 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:11 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffdef) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) (async) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r2, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000100)) (async) r3 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.422494][T31132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1489.430308][T31132] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1489.438117][T31132] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1489.445928][T31132] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1489.453742][T31132] 22:49:11 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x1a0, 0x12) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async, rerun: 32) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffdef) (rerun: 32) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) (async) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r2, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) (async) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000100)) (async) r3 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r3}, 0x8) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x17000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.534049][T31170] FAULT_INJECTION: forcing a failure. [ 1489.534049][T31170] name failslab, interval 1, probability 0, space 0, times 0 [ 1489.561402][T31170] CPU: 0 PID: 31170 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1489.571586][T31170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.581470][T31170] Call Trace: [ 1489.584590][T31170] [ 1489.587365][T31170] dump_stack_lvl+0x151/0x1b7 [ 1489.591882][T31170] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1489.597350][T31170] dump_stack+0x15/0x17 [ 1489.601342][T31170] should_fail+0x3c6/0x510 [ 1489.605607][T31170] __should_failslab+0xa4/0xe0 [ 1489.610195][T31170] ? vm_area_dup+0x26/0x230 [ 1489.614532][T31170] should_failslab+0x9/0x20 [ 1489.618876][T31170] slab_pre_alloc_hook+0x37/0xd0 [ 1489.623647][T31170] ? vm_area_dup+0x26/0x230 [ 1489.627987][T31170] kmem_cache_alloc+0x44/0x200 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27030000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.632584][T31170] vm_area_dup+0x26/0x230 [ 1489.636751][T31170] copy_mm+0x9a1/0x13e0 [ 1489.640751][T31170] ? copy_signal+0x610/0x610 [ 1489.645171][T31170] ? __init_rwsem+0xd6/0x1c0 [ 1489.649596][T31170] ? copy_signal+0x4e3/0x610 [ 1489.654025][T31170] copy_process+0x1149/0x3290 [ 1489.658541][T31170] ? proc_fail_nth_write+0x20b/0x290 [ 1489.663657][T31170] ? fsnotify_perm+0x6a/0x5d0 [ 1489.668172][T31170] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1489.673118][T31170] ? vfs_write+0x9ec/0x1110 [ 1489.677462][T31170] kernel_clone+0x21e/0x9e0 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40000000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40030000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa0010000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa0024ccc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa2070000, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xcc4c02a0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.681794][T31170] ? file_end_write+0x1c0/0x1c0 [ 1489.686485][T31170] ? create_io_thread+0x1e0/0x1e0 [ 1489.691344][T31170] ? mutex_unlock+0xb2/0x260 [ 1489.695771][T31170] ? __mutex_lock_slowpath+0x10/0x10 [ 1489.700900][T31170] __x64_sys_clone+0x23f/0x290 [ 1489.705490][T31170] ? __do_sys_vfork+0x130/0x130 [ 1489.710175][T31170] ? ksys_write+0x260/0x2c0 [ 1489.714514][T31170] ? debug_smp_processor_id+0x17/0x20 [ 1489.719723][T31170] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1489.725626][T31170] ? exit_to_user_mode_prepare+0x39/0xa0 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xffffffff, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1489.731097][T31170] do_syscall_64+0x3d/0xb0 [ 1489.735351][T31170] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1489.741074][T31170] RIP: 0033:0x7f0304509da9 [ 1489.745327][T31170] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1489.764771][T31170] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1489.773018][T31170] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r1, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000480)=[{}], 0x8, 0x10, &(0x7f00000004c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x20, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xc, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0xeb34}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @generic={0x3, 0x8, 0x6, 0x8000, 0x2}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}]}, &(0x7f00000000c0)='syzkaller\x00', 0xfffff800, 0x0, 0x0, 0x41000, 0x1, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x3, 0x7, 0x1}, 0x10, 0x4225, r0, 0x7, 0x0, &(0x7f0000000600)=[{0x5, 0x5, 0x4, 0x2}, {0x3, 0x1, 0x0, 0xa}, {0x5, 0x5, 0xd}, {0x3, 0x1, 0xe, 0x9}, {0x1, 0x5, 0xd, 0xb}, {0x1, 0x2, 0x4, 0x2}, {0x2, 0x5, 0xe, 0x1}], 0x10, 0x7017486d}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r0) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:11 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000080)='memory.swap.events\x00', 0x0, 0x0) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0}, 0x90) [ 1489.780825][T31170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1489.788636][T31170] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1489.796451][T31170] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1489.804265][T31170] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1489.812079][T31170] 22:49:11 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2703, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2901, 0x0, 0x0, 0x0}, 0x90) [ 1489.887149][T31240] FAULT_INJECTION: forcing a failure. [ 1489.887149][T31240] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1489.925557][T31240] CPU: 1 PID: 31240 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1489.935737][T31240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1489.945635][T31240] Call Trace: [ 1489.948747][T31240] [ 1489.951540][T31240] dump_stack_lvl+0x151/0x1b7 [ 1489.956040][T31240] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1489.961518][T31240] dump_stack+0x15/0x17 [ 1489.965494][T31240] should_fail+0x3c6/0x510 [ 1489.969751][T31240] should_fail_alloc_page+0x5a/0x80 [ 1489.974782][T31240] prepare_alloc_pages+0x15c/0x700 [ 1489.979730][T31240] ? __alloc_pages_bulk+0xe40/0xe40 [ 1489.984764][T31240] __alloc_pages+0x18c/0x8f0 [ 1489.989185][T31240] ? prep_new_page+0x110/0x110 [ 1489.993784][T31240] ? __alloc_pages+0x3cb/0x8f0 [ 1489.998387][T31240] ? __kasan_check_write+0x14/0x20 [ 1490.003333][T31240] ? _raw_spin_lock+0xa4/0x1b0 [ 1490.007934][T31240] __pmd_alloc+0xb1/0x550 [ 1490.012099][T31240] ? __pud_alloc+0x260/0x260 [ 1490.016523][T31240] ? __pud_alloc+0x213/0x260 [ 1490.020950][T31240] ? do_handle_mm_fault+0x2330/0x2330 [ 1490.026160][T31240] ? __stack_depot_save+0x34/0x470 [ 1490.031107][T31240] ? anon_vma_clone+0x9a/0x500 [ 1490.035705][T31240] copy_page_range+0x2b3d/0x2f90 [ 1490.040478][T31240] ? __kasan_slab_alloc+0xb1/0xe0 [ 1490.045337][T31240] ? slab_post_alloc_hook+0x53/0x2c0 [ 1490.050459][T31240] ? copy_mm+0xa3a/0x13e0 [ 1490.054624][T31240] ? copy_process+0x1149/0x3290 [ 1490.059320][T31240] ? kernel_clone+0x21e/0x9e0 [ 1490.063836][T31240] ? do_syscall_64+0x3d/0xb0 [ 1490.068254][T31240] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1490.074164][T31240] ? pfn_valid+0x1e0/0x1e0 [ 1490.078409][T31240] ? rwsem_write_trylock+0x15b/0x290 [ 1490.083527][T31240] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1490.089777][T31240] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1490.095420][T31240] ? __rb_insert_augmented+0x5de/0x610 [ 1490.100715][T31240] copy_mm+0xc7e/0x13e0 [ 1490.104707][T31240] ? copy_signal+0x610/0x610 [ 1490.109133][T31240] ? __init_rwsem+0xd6/0x1c0 [ 1490.113556][T31240] ? copy_signal+0x4e3/0x610 [ 1490.117988][T31240] copy_process+0x1149/0x3290 [ 1490.122504][T31240] ? proc_fail_nth_write+0x20b/0x290 [ 1490.127708][T31240] ? fsnotify_perm+0x6a/0x5d0 [ 1490.132218][T31240] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1490.137168][T31240] ? vfs_write+0x9ec/0x1110 [ 1490.141504][T31240] kernel_clone+0x21e/0x9e0 [ 1490.145843][T31240] ? file_end_write+0x1c0/0x1c0 [ 1490.150533][T31240] ? create_io_thread+0x1e0/0x1e0 [ 1490.155391][T31240] ? mutex_unlock+0xb2/0x260 [ 1490.159817][T31240] ? __mutex_lock_slowpath+0x10/0x10 [ 1490.164937][T31240] __x64_sys_clone+0x23f/0x290 [ 1490.169541][T31240] ? __do_sys_vfork+0x130/0x130 [ 1490.174225][T31240] ? ksys_write+0x260/0x2c0 [ 1490.178565][T31240] ? debug_smp_processor_id+0x17/0x20 [ 1490.183771][T31240] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1490.189675][T31240] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1490.195140][T31240] do_syscall_64+0x3d/0xb0 [ 1490.199394][T31240] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1490.205126][T31240] RIP: 0033:0x7f0304509da9 [ 1490.209377][T31240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1490.228819][T31240] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:11 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r1, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000480)=[{}], 0x8, 0x10, &(0x7f00000004c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x20, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xc, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0xeb34}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @generic={0x3, 0x8, 0x6, 0x8000, 0x2}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}]}, &(0x7f00000000c0)='syzkaller\x00', 0xfffff800, 0x0, 0x0, 0x41000, 0x1, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x3, 0x7, 0x1}, 0x10, 0x4225, r0, 0x7, 0x0, &(0x7f0000000600)=[{0x5, 0x5, 0x4, 0x2}, {0x3, 0x1, 0x0, 0xa}, {0x5, 0x5, 0xd}, {0x3, 0x1, 0xe, 0x9}, {0x1, 0x5, 0xd, 0xb}, {0x1, 0x2, 0x4, 0x2}, {0x2, 0x5, 0xe, 0x1}], 0x10, 0x7017486d}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r0) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) (async) close(r1) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r1, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000480)=[{}], 0x8, 0x10, &(0x7f00000004c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x20, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xc, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0xeb34}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @generic={0x3, 0x8, 0x6, 0x8000, 0x2}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}]}, &(0x7f00000000c0)='syzkaller\x00', 0xfffff800, 0x0, 0x0, 0x41000, 0x1, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x3, 0x7, 0x1}, 0x10, 0x4225, r0, 0x7, 0x0, &(0x7f0000000600)=[{0x5, 0x5, 0x4, 0x2}, {0x3, 0x1, 0x0, 0xa}, {0x5, 0x5, 0xd}, {0x3, 0x1, 0xe, 0x9}, {0x1, 0x5, 0xd, 0xb}, {0x1, 0x2, 0x4, 0x2}, {0x2, 0x5, 0xe, 0x1}], 0x10, 0x7017486d}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) (async) close(r0) (async) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:11 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) 22:49:11 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:11 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000080)='memory.swap.events\x00', 0x0, 0x0) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2fff, 0x0, 0x0, 0x0}, 0x90) [ 1490.237060][T31240] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1490.245020][T31240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1490.252829][T31240] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1490.260635][T31240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1490.268446][T31240] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1490.276263][T31240] 22:49:11 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34d2, 0x0, 0x0, 0x0}, 0x90) [ 1490.352474][T31256] FAULT_INJECTION: forcing a failure. [ 1490.352474][T31256] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1490.370160][T31256] CPU: 1 PID: 31256 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1490.380323][T31256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1490.390208][T31256] Call Trace: [ 1490.393330][T31256] [ 1490.396110][T31256] dump_stack_lvl+0x151/0x1b7 [ 1490.400629][T31256] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1490.406095][T31256] dump_stack+0x15/0x17 [ 1490.410083][T31256] should_fail+0x3c6/0x510 [ 1490.414335][T31256] should_fail_alloc_page+0x5a/0x80 [ 1490.419367][T31256] prepare_alloc_pages+0x15c/0x700 [ 1490.424314][T31256] ? __alloc_pages_bulk+0xe40/0xe40 [ 1490.429347][T31256] __alloc_pages+0x18c/0x8f0 [ 1490.433769][T31256] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 1490.439242][T31256] ? prep_new_page+0x110/0x110 [ 1490.443838][T31256] ? __alloc_pages+0x3cb/0x8f0 [ 1490.448439][T31256] ? __kasan_check_write+0x14/0x20 [ 1490.453386][T31256] ? _raw_spin_lock+0xa4/0x1b0 [ 1490.458072][T31256] pte_alloc_one+0x73/0x1b0 [ 1490.462412][T31256] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1490.467446][T31256] ? __pmd_alloc+0x48d/0x550 [ 1490.471873][T31256] __pte_alloc+0x86/0x350 [ 1490.476037][T31256] ? __pud_alloc+0x260/0x260 [ 1490.480466][T31256] ? __pud_alloc+0x213/0x260 [ 1490.484899][T31256] ? free_pgtables+0x280/0x280 [ 1490.489489][T31256] ? do_handle_mm_fault+0x2330/0x2330 [ 1490.494699][T31256] ? __stack_depot_save+0x34/0x470 [ 1490.499646][T31256] ? anon_vma_clone+0x9a/0x500 [ 1490.504247][T31256] copy_page_range+0x28a8/0x2f90 [ 1490.509020][T31256] ? __kasan_slab_alloc+0xb1/0xe0 [ 1490.513889][T31256] ? slab_post_alloc_hook+0x53/0x2c0 [ 1490.519002][T31256] ? kernel_clone+0x21e/0x9e0 [ 1490.523513][T31256] ? do_syscall_64+0x3d/0xb0 [ 1490.527938][T31256] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1490.533849][T31256] ? pfn_valid+0x1e0/0x1e0 [ 1490.538094][T31256] ? rwsem_write_trylock+0x15b/0x290 [ 1490.543213][T31256] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1490.549464][T31256] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1490.555018][T31256] ? __rb_insert_augmented+0x5de/0x610 [ 1490.560318][T31256] copy_mm+0xc7e/0x13e0 [ 1490.564308][T31256] ? copy_signal+0x610/0x610 [ 1490.568735][T31256] ? __init_rwsem+0xd6/0x1c0 [ 1490.573159][T31256] ? copy_signal+0x4e3/0x610 [ 1490.577585][T31256] copy_process+0x1149/0x3290 [ 1490.582100][T31256] ? proc_fail_nth_write+0x20b/0x290 [ 1490.587222][T31256] ? fsnotify_perm+0x6a/0x5d0 [ 1490.591736][T31256] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1490.596684][T31256] ? vfs_write+0x9ec/0x1110 [ 1490.601019][T31256] kernel_clone+0x21e/0x9e0 [ 1490.605360][T31256] ? file_end_write+0x1c0/0x1c0 [ 1490.610046][T31256] ? create_io_thread+0x1e0/0x1e0 [ 1490.614906][T31256] ? mutex_unlock+0xb2/0x260 [ 1490.619335][T31256] ? __mutex_lock_slowpath+0x10/0x10 [ 1490.624455][T31256] __x64_sys_clone+0x23f/0x290 [ 1490.629051][T31256] ? __do_sys_vfork+0x130/0x130 [ 1490.633737][T31256] ? ksys_write+0x260/0x2c0 [ 1490.638081][T31256] ? debug_smp_processor_id+0x17/0x20 [ 1490.643288][T31256] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1490.649190][T31256] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1490.654657][T31256] do_syscall_64+0x3d/0xb0 [ 1490.658907][T31256] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1490.664637][T31256] RIP: 0033:0x7f0304509da9 [ 1490.668892][T31256] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1490.688332][T31256] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1490.696575][T31256] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:12 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:12 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r1, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000480)=[{}], 0x8, 0x10, &(0x7f00000004c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x20, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xc, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0xeb34}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @generic={0x3, 0x8, 0x6, 0x8000, 0x2}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}]}, &(0x7f00000000c0)='syzkaller\x00', 0xfffff800, 0x0, 0x0, 0x41000, 0x1, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x3, 0x7, 0x1}, 0x10, 0x4225, r0, 0x7, 0x0, &(0x7f0000000600)=[{0x5, 0x5, 0x4, 0x2}, {0x3, 0x1, 0x0, 0xa}, {0x5, 0x5, 0xd}, {0x3, 0x1, 0xe, 0x9}, {0x1, 0x5, 0xd, 0xb}, {0x1, 0x2, 0x4, 0x2}, {0x2, 0x5, 0xe, 0x1}], 0x10, 0x7017486d}, 0x90) (async) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) close(r0) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:12 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) 22:49:12 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000080)='memory.swap.events\x00', 0x0, 0x0) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:12 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3502, 0x0, 0x0, 0x0}, 0x90) [ 1490.704388][T31256] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1490.712197][T31256] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1490.720010][T31256] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1490.727822][T31256] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1490.735636][T31256] 22:49:12 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00, 0x0, 0x0, 0x0}, 0x90) [ 1490.778528][T31273] FAULT_INJECTION: forcing a failure. [ 1490.778528][T31273] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1490.814251][T31273] CPU: 0 PID: 31273 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1490.824418][T31273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1490.834315][T31273] Call Trace: [ 1490.837437][T31273] [ 1490.840214][T31273] dump_stack_lvl+0x151/0x1b7 [ 1490.844724][T31273] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1490.850191][T31273] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1490.855661][T31273] dump_stack+0x15/0x17 [ 1490.859652][T31273] should_fail+0x3c6/0x510 [ 1490.863904][T31273] should_fail_alloc_page+0x5a/0x80 [ 1490.868941][T31273] prepare_alloc_pages+0x15c/0x700 [ 1490.873886][T31273] ? __alloc_pages_bulk+0xe40/0xe40 [ 1490.878919][T31273] ? sched_clock+0x9/0x10 [ 1490.883086][T31273] ? native_set_ldt+0x360/0x360 [ 1490.887772][T31273] __alloc_pages+0x18c/0x8f0 [ 1490.892198][T31273] ? _raw_spin_unlock+0x4d/0x70 [ 1490.896884][T31273] ? prep_new_page+0x110/0x110 [ 1490.901487][T31273] pte_alloc_one+0x73/0x1b0 [ 1490.905824][T31273] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1490.910858][T31273] ? preempt_schedule+0xd9/0xe0 [ 1490.915546][T31273] ? preempt_schedule_common+0xbe/0xf0 [ 1490.920840][T31273] __pte_alloc+0x86/0x350 [ 1490.925008][T31273] ? free_pgtables+0x280/0x280 [ 1490.929605][T31273] ? _raw_spin_lock+0xa4/0x1b0 [ 1490.934207][T31273] ? __kasan_check_write+0x14/0x20 [ 1490.939154][T31273] copy_page_range+0x28a8/0x2f90 [ 1490.943927][T31273] ? __kasan_slab_alloc+0xb1/0xe0 [ 1490.948794][T31273] ? pfn_valid+0x1e0/0x1e0 [ 1490.953042][T31273] ? vma_interval_tree_augment_rotate+0x1a3/0x1d0 [ 1490.959309][T31273] copy_mm+0xc7e/0x13e0 [ 1490.963282][T31273] ? copy_signal+0x610/0x610 [ 1490.967707][T31273] ? __init_rwsem+0xd6/0x1c0 [ 1490.972133][T31273] ? copy_signal+0x4e3/0x610 [ 1490.976559][T31273] copy_process+0x1149/0x3290 [ 1490.981073][T31273] ? proc_fail_nth_write+0x20b/0x290 [ 1490.986192][T31273] ? fsnotify_perm+0x6a/0x5d0 [ 1490.990708][T31273] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1490.995654][T31273] ? vfs_write+0x9ec/0x1110 [ 1490.999995][T31273] kernel_clone+0x21e/0x9e0 [ 1491.004332][T31273] ? file_end_write+0x1c0/0x1c0 [ 1491.009019][T31273] ? create_io_thread+0x1e0/0x1e0 [ 1491.013879][T31273] ? mutex_unlock+0xb2/0x260 [ 1491.018305][T31273] ? __mutex_lock_slowpath+0x10/0x10 [ 1491.023429][T31273] __x64_sys_clone+0x23f/0x290 [ 1491.028030][T31273] ? __do_sys_vfork+0x130/0x130 [ 1491.032712][T31273] ? ksys_write+0x260/0x2c0 [ 1491.037058][T31273] ? debug_smp_processor_id+0x17/0x20 [ 1491.042263][T31273] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1491.048165][T31273] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1491.053634][T31273] do_syscall_64+0x3d/0xb0 [ 1491.057887][T31273] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1491.063612][T31273] RIP: 0033:0x7f0304509da9 [ 1491.067868][T31273] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1491.087312][T31273] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1491.095554][T31273] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1491.103362][T31273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1491.111173][T31273] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1491.118986][T31273] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 22:49:12 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:12 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 22:49:12 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1491.126796][T31273] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1491.134613][T31273] 22:49:12 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00, 0x0, 0x0, 0x0}, 0x90) [ 1491.200531][T31289] FAULT_INJECTION: forcing a failure. [ 1491.200531][T31289] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.213221][T31289] CPU: 0 PID: 31289 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1491.223372][T31289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1491.233263][T31289] Call Trace: [ 1491.236390][T31289] [ 1491.239165][T31289] dump_stack_lvl+0x151/0x1b7 [ 1491.243677][T31289] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1491.249159][T31289] dump_stack+0x15/0x17 [ 1491.253135][T31289] should_fail+0x3c6/0x510 [ 1491.257391][T31289] __should_failslab+0xa4/0xe0 [ 1491.261988][T31289] ? vm_area_dup+0x26/0x230 [ 1491.266328][T31289] should_failslab+0x9/0x20 [ 1491.270667][T31289] slab_pre_alloc_hook+0x37/0xd0 [ 1491.275453][T31289] ? vm_area_dup+0x26/0x230 [ 1491.279793][T31289] kmem_cache_alloc+0x44/0x200 [ 1491.284384][T31289] vm_area_dup+0x26/0x230 [ 1491.288548][T31289] copy_mm+0x9a1/0x13e0 [ 1491.292542][T31289] ? copy_signal+0x610/0x610 [ 1491.296966][T31289] ? __init_rwsem+0xd6/0x1c0 [ 1491.301394][T31289] ? copy_signal+0x4e3/0x610 [ 1491.305818][T31289] copy_process+0x1149/0x3290 [ 1491.310356][T31289] ? proc_fail_nth_write+0x20b/0x290 [ 1491.315451][T31289] ? fsnotify_perm+0x6a/0x5d0 [ 1491.319968][T31289] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1491.324915][T31289] ? vfs_write+0x9ec/0x1110 [ 1491.329254][T31289] kernel_clone+0x21e/0x9e0 [ 1491.333592][T31289] ? file_end_write+0x1c0/0x1c0 [ 1491.338280][T31289] ? create_io_thread+0x1e0/0x1e0 [ 1491.343140][T31289] ? mutex_unlock+0xb2/0x260 [ 1491.347577][T31289] ? __mutex_lock_slowpath+0x10/0x10 [ 1491.352691][T31289] __x64_sys_clone+0x23f/0x290 [ 1491.357289][T31289] ? __do_sys_vfork+0x130/0x130 [ 1491.361980][T31289] ? ksys_write+0x260/0x2c0 [ 1491.366316][T31289] ? debug_smp_processor_id+0x17/0x20 [ 1491.371519][T31289] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1491.377426][T31289] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1491.382890][T31289] do_syscall_64+0x3d/0xb0 [ 1491.387143][T31289] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1491.392871][T31289] RIP: 0033:0x7f0304509da9 [ 1491.397125][T31289] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1491.416567][T31289] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1491.424809][T31289] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1491.432621][T31289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1491.440434][T31289] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:13 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0}, 0x90) [ 1491.448243][T31289] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1491.456142][T31289] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1491.463959][T31289] 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYBLOB="eaabf8d3475c919e1da6b3f8374568d148629d4ccd6d97d181e5309f2c758e0786480da8a56d417c96527b5332bb39d1df84e5f985d5", @ANYRES8, @ANYRES32=0x0, @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0x260, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000ac0)={0xffffffffffffffff, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r1, 0xe0, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000c00)=[0x0, 0x0, 0x0], &(0x7f0000000c40)=[0x0], 0x0, 0x8, &(0x7f0000000c80)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000d80), &(0x7f0000000dc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000e00)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0xf, 0x31, &(0x7f0000000f40)=ANY=[@ANYBLOB="18000000060000000000000041d9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001865000006000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000851700000082000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018430000ffffffff0000000000000000184a0000fcffffff00000000000000001f087609fc270000b7080000000000007b8af8ff00000000b708000050ffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="00400000020000000000000008000000850000b7020000010000008500000084000000b7000000000000009500"/64], &(0x7f0000000a00)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0xe6, '\x00', r3, 0x29, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x2, 0x8, 0x5}, 0x10, r4, 0xffffffffffffffff, 0x6, &(0x7f0000001200)=[0xffffffffffffffff, 0x1, 0x1], &(0x7f0000001240)=[{0x4, 0x8005, 0x1, 0x9}, {0x1, 0x3, 0x10}, {0x5, 0x4, 0xd, 0x4}, {0x3, 0x4, 0xf, 0x6}, {0x1, 0x1, 0x7, 0xc}, {0x1, 0x2, 0xf, 0x1}], 0x10, 0x1ff}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002840)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x4, '\x00', r3, r5, 0x4, 0x3, 0x5}, 0x48) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001700)=ANY=[@ANYBLOB="9feb01001800000000000000b3000000b30000aeecde00030000000c0000000000000a03000000030000000200000f0300000003000000bdce00000300000004000000070000001f0000005eff1a0300000006000005010000000e00000004000000030000000c00000003000000030000000300000004000000060000000b00000003000000030000000e00000001000000070000008100000005000000010000000700000001000006040000000900000069000000030000000000000b040000000b000000000000090100000000000000"], &(0x7f0000000480)=""/4096, 0xcf, 0x1000, 0x1, 0x7}, 0x20) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@base={0x1, 0x5, 0xcf, 0x9, 0x1000, 0xffffffffffffffff, 0xb4d, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5a}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x6, 0xa, 0xa, 0x1, 0xfffffffffffffffc}]}, &(0x7f0000000140)='syzkaller\x00', 0x10001, 0x3e, &(0x7f0000000240)=""/62, 0x41000, 0x22, '\x00', r3, 0x0, r6, 0x8, &(0x7f0000001480)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001580)=[r7], &(0x7f00000015c0)=[{0x4, 0x2, 0xe, 0x6}, {0x4, 0x2, 0x3}, {0x3, 0x4, 0x8, 0x4}, {0x5, 0x5, 0xe, 0x1}, {0x3, 0x2, 0xe, 0xa}, {0x4, 0x5, 0x8, 0x4}, {0x5, 0x2, 0x7, 0x5}], 0x10, 0x5082}, 0x90) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, 0xffffffffffffffff) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="180000000080005300000008faff000094cac456cb16e8900000000fad413e550000000f00000095f1f69337842d61425ca93137e65c94995021ebcfaa1b5b7fc79df1ea975562b7a7072e69416a36b0aab20000cfaa1c73d2e57bcc78b36a96c2859c85f03479"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) r3 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r3, r2, 0x0, 0xa, &(0x7f00000000c0)='syzkaller\x00'}, 0x30) openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001480)={r2, 0x0, 0xf3, 0x71, &(0x7f00000002c0)="7e99b775681b00bcd866f0fef2813f58fcbc1d1310ca43da7b86f9c5bc6a4ab759c6fa581e3e07fecd280f00a7cc995b21cdc736dc75fe8739310aafef5ec67820a03612accab45badd98e0db27746f4f81a6e2e553ef9eb28ac8840451f19222aaf58310ed2f3342195ab56fa6c22e256711e77b86e199b17120a1280e8a6d889b2379c9d63d81c8e2c56cc8ef04941c02a10ed977f1941eab5516a3bab2aa6cd04bb6f977b65500cb77723a70623ff546d49360a1d5eabf8f8b68386693c22789b1260226252d630bbeeb1958e32271c1897514e1e2af54a438332574c6005a335fa3900"/243, &(0x7f0000000040)=""/113, 0x3fb, 0x0, 0x86, 0x1000, &(0x7f00000003c0)="630f2d65cfaf4ddbb6048c1d768f3059cce945284856a70fd8983500e755958dd74b409b2a79e17da7f9b42341418bd353fd286f62d87be6dafa63da16299850506fb6937c1b80c2798c33ce0961d5c894406326a56d852dc52b28425985f8f12f634be9a3a52a28e7ed2d164dd525b3442982bf17c10708f59bb3abf0fbc73882de590ec869", &(0x7f0000000480)="1ef365ffb04467e3a16570367596425fabd007933d176bba5c7cbc05e1d28ae245dbc5ad52c2468f2305686eb4428b7101100c5e79e6f9387236db32aad79fc0f5d8f42236ddb6f091b5d79d4d1aef78939f9c42e69e5a3d0f36109ee0f28405ca550c9241c4e20335a375ac2c5e36c66f9868376c567c16fdaba3832850dc450aa99ef7ad50330592597cead5ab86370fd5a4e0838f60077f997eda87fec2c99b07f7571f4137c136079d722e0f898d55e8db9eff35793198f456c29f6b340d783176dd58f4e3173de08d9cfd11e4dd5bc259fdce705cc74b281e496749585321002f0b1782fec7f83e12cd0b8065263f4c7f8ba4a983fac91e0dd9e00231d38dd33734365db5002364ca08e9e93d1f9ca734ab1ec9679193f9977f0868ca6314572602ff60f9c12c7af375f651d0938f281761bd5ef72dfe3ca07f80be540b59a7e99610b082969c4b536a5e00a42eb13f19b54c47ca4d6fabf6c1539f842a24be466947a20ef1771a894824c8604ae6481ff419bd2a3310ec4a7cb5ccbb59e96eecd681a3619975a8a39c3aabd645812c22390a0e739558688a38d987ddad54276cf52ea1b95652c21db132d45ec86cd10130837eb36c0ed55086c5fa4425f06515416dae8254e79d8174382e9c8eda61769f25ae9cf3efd5158d8353a771b4a702f4284851d96f45dc418ba8d52ca71e289e6df0fee5a2f2a1ece33419b677af02130757a8bfdb23a265521513724c99efedc051dd787aaf9798124bbf06b3dd0b5a508c4f9457be22d9d88e60bb9278a210a5a58b709d1d107654e35f12632a6efa6b9887df282b52ee54a6719934dc66005718b878324ff643bc55f1c321173fc9fab42a6cb3e0e16b5795fe30fb2c518381b25c6a6d341f6a1aafaba526abf672b6604c4d38785bfebe413ebc6af6cc65bc7adbd3d051db4d74d96ccc1e764f5916c0fe054b2f06d752c900714df16a539488dec98c6261fea4b6d9291d786442f46682e80f84827ce5fbc0b3bd599c8198e9c57fff8b21a9c41474a638785924ef59b42e4c6cbfeb38098bb64659888584884fd173ed20643f4e7170339e7548e0e5b135ec3f65d0fc6dc16e9e534d0148818941b432e541d187228ba3c37648e1a4691a58074b95aaf6281bc80cdbd9caad549abc7507892331e281bcc183ba93a46d84afb0eb1cf7ba0a9f5ee2b612a3ee9251fd350433f0867afe6c6c119d5d0d19dcddfc58e02cfa758e6b56c25e936146be654a5fead422f81387222e50e47b7488e561aa15bceb433acd3e0cb4d1ae8d4a89d9f8dbbd134c9764538cdd163f11771e23bb3a4e18071e0b372c9ba0e10e6eb041f05a76d7f4252f935ab1f5a27a56e315ab86c70400c0713c6d7dff1f9a92d55a003849a055aa22aa2f1d24fa823a28a3285b559b5af6d35ab1633362ee0c96d7a4997316b7dfdeb34fb6273ddfa194919e52389e16de4234cff9c79411c00b3dc62aca4192b2d4b494bab0cad570de35a61e706d15fced1a629cf67d9759f06e95cfe85167ddc2cb0103211c87c3e099b69332f95d89a0e460f1aa92890f77519dcf501071814e61f5bd6a4bae6e749f9b564803f8c6985b59d1ef3b86938b74946a2beb00286b76b013eae2f59d7c8824387935dd8b8b2932d4f66fec11a6f6d7fef91cfda6653c38774c588db575dcc74d822eac8173cb54e4f6ceb844c6156678903fdb29354a012650cb4dc14f92ad48ef7507ef518116dc64520de88b0380c63572aa276b68af24dd4c6cd20b3058bf79885cbfa1ef10ec9800cd538c03f09c35c267786d23b3c8243267393b9daef762738804d04807e33f06066c04f58f420912c73357a677c460497c21448dbaab268bf5500b71362da4754ad5fc00df6b32e5144e74463f52f5abace4c5af59ced97307ae364a51858b71eefbb101fef6e1a46a9028162c41965bc7764edc21993d127f10d49b623e3ef38d62a05ae16cdd6b8f9c8a0ea33b755956de9bd70a3e615406c93546507bc13f7db2128412476a5bb7994d0ee3c67863f49bc19212cfb803bb5c881b4edc65dfa98beb7a0fb7d3fc2d18ed8469b2f20faa95401ff5937205cd467ff8a894879689b30caf7d816ae8888e1180d2fb58d8dbf34a35193db178ad7865781c80d26a96f6ab040c15d2c51fc1132ecc262caa77ec76483e3eb53ce173b099bf54aa33a1187b2cf724ce5699b8982bfafd86b95dea82af7b56470ad23970c42377e3fadc527b45c5034b7c3617fb3b8f5b2726b07378245b35068ddbe8a826aa73b5e4b743bb6949cde59153e662850178c36b12828c50533694f882acc5f710f4d5a81cd2b31407ecdbcfc453c46956130814636b98467852d9f3677cb6edaa9ab90db2464d31a6f38fc931c9943649729848035e4cc9174441c7e5577eaeff8d5802726bec5e6263df2a850abd7ed9b828144d1e2a86d058bbcbc3c574475658ee78a3360ad48a217f732d39bd300b93777d33053c30e8f6b7487313b84454c86b44ea82e921331259af1e13b49def69d9601f0cd272518e447e46938c6713c2f5e5ee3e01ddc0ce7e916616bdb1bf0f1ff7f5f0ab2874e799d646ea39ae085e4f93a1e8ee0275b1c9f2313ea11fe900c350cde882d4043f8ca83bd7060b27275bf57a3d7668c190f86e06480b5cefcea51c1ef3e06a61ac406d96242e6a69407fcad717781b935d495b2cd9523cbb713d52ca61606dbf2e77d020d0c4fb97fa8953e9606b78b1ab37ee41dcc3f63f9f4565f277f6a7007f6697786714e5bcd5e38644b45f4abff9e9ab580d6eabef96e92078c1470df89f755e3a59a620bc17abb577ee780cf3aec34a684dd41783cbb244573e0d1413eb75863c62800dacccd2f430458a4e7852526ee2c1219c0acd2b5fdfab15fcf1ec16150ba72e0379554983eb0b86e22a248b72963418f51a05d2a07a2e5df77133d34bd7e60e664647a5a8ab01a028aadfcf2265586b0baa60362b87eb1d083f272a776a96b6bea0bc6a5a4679ec8fe9d605ab694f06d33154d2d2e1f085b5a776cdd9e1b6e2cab0990247359920d78f3003da252e4f2967eff9dcb559c6f472da671c949c9e75b39e6b1aa445a626710baaaee71b0b5456be213ac66185c7aeb83813d6ea036d69f484fda8aee14074e511ba7ddaed155e7f40f608d004b38154f26b581d047e9fc53f06f32cd64ff9d36f3ab2ffc3fc33c52c0f200f35f15ecda22bc61f3b7fb13cd9648ba470b408a3b4a64fd199c97f4415d6527c0fa193b91937c6606f202963d09ecacb0a775fd0169b1fc82608bca26997a11692573be5f04f370a7c6e4e087e75d68503e719f0a6008595171afabdc5d9aee732881f612743351e9cc0d415a420ad700d511a98d7498a1f34a528791d8a6619eb3d1e2e544b3ff6b619962639c111e3ce4583250734f09f68a2d9d091f738e0c295be290649c55edd5887b7839bc4a35b3ca53bcd995a36bc877576ee39022719ab65fdb3e685ee26337cb1b39b773dca4658a6263f5be146f23c0f11a2f0891842ecb552a7deac455755dd49180d81ec9810caaf1e45aa5ac0efdd1709675499967d71a3900b77fa5af7bc1815708c88e79c96bbe30889157a1ff7a1cbdc824c70336e3a2c0e63b7559f63ca598ab2c6ce9b7c657244350c5eb71384486012d90317d52f51f5c5e8e21f6757e18519228505ff2f599d0c22ff3a004cd5b3e49a17d38e76e36305a2c3e7cdb2f51e3836aada71d0090456baa68d007483ccc36cfe3d31ade2f0b922aefb71fc0896ecfc1562aaa0eb8057ecd01e68c6b4f06fdb3f785671df1bff06aee97f793cf8d8096c748e4b6ca1306a87b8bee20a87e1ab9b64cfb2373010f45c44e0d035b2eeb703816ba91d358cc258884e84948cfcf272bc268008f53eacf78c3e56463b1060a772ef8f77d52ed5ac474fbafe71d4755e7378e644bae3200d5f5bf7bc4f0d7a0ba1271f8bab17cb501919f6df77f554369fd5a991cd0bf77e6ea3f44a79bdc2c0554429b807fc7815d4e059d32a8f6547238de8bd9049b3ac23f61977753661d2d6860fe250b8c21ca84c7778f1ba0b8153a82af678d88bd43b1365d87a2498a2ba8735c6b4fccf2207fca305722edac964f4a8976a7377e30a5e9e3f4fd73acbcf54cccdab17c1de5065089d1f284437fb53f9d8f6fdc63bd89ddd9d39f457f4301f57f6743219006baf5827242a6128ce9bd2808a3ef03f9c5cdf907b9533c6343b193c5664b61cd5616b374e9e2cd532d6b7e813eba5587fc11095785a417598c35b70a75de085c81d368e27fda61fd0793954d6b2865d64caeb7ea2cd111b994011417a766b96844e95f9e469b8e009550da57ad24b4702ccb46d1d423badddc614057314fe338e8045e5d39100ae76a8ec08644c53cef31ef9675416277512d2ab2d68ea0aa3893b0081cc0fcddf437a161b594a13bad8c162e70579a1a7170e8b327f8d52aacbddde415ac694cb11f5b343296c516e85d2562eb738fc7546c967edcc76d22ff78ea7fe5128da52a0ffa6c19294fae146a7468eb742ad4a362aac96e419fc013b25729181d40b2a82a603bafb17f500cd1ea477605ad53c9a9fa5d6d744e57e3f10e0ab53e79470f7e21e09f57912b28dd26a01234bb48e7fd3c23740ffbcc4c046760005539abacc0aa3766fad0cc905415a2e66306a1aae1be6db8441393f1c46d572604e6876eb4b7841516fd3b077558347e89c6c3a4bb27243313c2ad3968761416a0fb5f8d35ece0a431f0c8b72e4c681f53439739e0520c1363af89a1eae1d6a3bca749aedf917651188f769ff80f84f8e461a6f076306c232259a2cd3cfa0d9dd59b0417dc1a0593e770cc14dc02858ff1c87ea103aaeba40a282264fdfa581bd1c801f022e87f7378022f52511061c35b3fab1d8b0e1f67a55b0a22dbe1f3849c3c401f26120246f6fed3814a1feedb51976c6b1b76db7b6cb3afcfd712316a53a23393042360f4a4f28efdcde502f838eb363c5c3afc921b75763189670892a6882afe279abb834073a95619ee3b0f45c47cada230117a889ae77785d687e59c75939b6809c70197580d59bfbd7500793159cb10488cea5088ca811e28cd2e514719f10029b852ed694a995a61dda9cac854ebb2fce766823a4d4a8a872ee7f9c540aedd85af673bd985c65092cbf374de50edbff3a92dc7d1e7cb7947addb8472724c4150880947d6c9df9883dbd1c18068e0791c6136e3daa9a4192a5fcea00cbfd92fc431307947176444846fa97e59293f2ae5cefe14123ac312692d22b03933e2befcb3a408d0f89638fa624b1eb6adb0f7d94a0b2c11ab915f3e358b34ae588bc65fb96240839bfce549fda4fa2af6a03983002861c7e207d83dda1575de054626b85415e1b989e0a5f2428ccd7b2b9d98e0f90d1310876bbd33065840086ca71ddddfd2f9d8a7c951dd5c8d82f03f3d85c5773b4fef4c0e67ba72b379b040c7fd00e7e48b8ba1a7b7be4b01d99a3f172d33adc85eb9a55ef0ca7222d366651585ea53e2474ecaa1503d7d91eeab60225d3b3df38adfcb4a33a7c8d0ea0c3d05a53408c02af2d96d13bdb6279258273d7365839bcbf5103245ac9a7cdd110daecd69c09327bc81d7e08149b3023736a02b2be794eff2e8f2461b382c40c80808c0a146d78d9ab232d2a75211946729aa231b1fe5fdbbae2590469837e622ce79cafd7d317be83677a3e4be2753a34f6c36a203b39a62e899e74d55df6d0c2b2988a8f6782a912a43184a01355520fb9044362ff970e", 0x1, 0x0, 0x1}, 0x50) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYBLOB="eaabf8d3475c919e1da6b3f8374568d148629d4ccd6d97d181e5309f2c758e0786480da8a56d417c96527b5332bb39d1df84e5f985d5", @ANYRES8, @ANYRES32=0x0, @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0x260, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x90) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYBLOB="eaabf8d3475c919e1da6b3f8374568d148629d4ccd6d97d181e5309f2c758e0786480da8a56d417c96527b5332bb39d1df84e5f985d5", @ANYRES8, @ANYRES32=0x0, @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0x260, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000ac0)={0xffffffffffffffff, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r1, 0xe0, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000c00)=[0x0, 0x0, 0x0], &(0x7f0000000c40)=[0x0], 0x0, 0x8, &(0x7f0000000c80)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000d80), &(0x7f0000000dc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000e00)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0xf, 0x31, &(0x7f0000000f40)=ANY=[@ANYBLOB="18000000060000000000000041d9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001865000006000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000851700000082000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018430000ffffffff0000000000000000184a0000fcffffff00000000000000001f087609fc270000b7080000000000007b8af8ff00000000b708000050ffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="00400000020000000000000008000000850000b7020000010000008500000084000000b7000000000000009500"/64], &(0x7f0000000a00)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0xe6, '\x00', r3, 0x29, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x2, 0x8, 0x5}, 0x10, r4, 0xffffffffffffffff, 0x6, &(0x7f0000001200)=[0xffffffffffffffff, 0x1, 0x1], &(0x7f0000001240)=[{0x4, 0x8005, 0x1, 0x9}, {0x1, 0x3, 0x10}, {0x5, 0x4, 0xd, 0x4}, {0x3, 0x4, 0xf, 0x6}, {0x1, 0x1, 0x7, 0xc}, {0x1, 0x2, 0xf, 0x1}], 0x10, 0x1ff}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0xf, 0x31, &(0x7f0000000f40)=ANY=[@ANYBLOB="18000000060000000000000041d9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001865000006000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000851700000082000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018430000ffffffff0000000000000000184a0000fcffffff00000000000000001f087609fc270000b7080000000000007b8af8ff00000000b708000050ffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="00400000020000000000000008000000850000b7020000010000008500000084000000b7000000000000009500"/64], &(0x7f0000000a00)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0xe6, '\x00', r3, 0x29, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x2, 0x8, 0x5}, 0x10, r4, 0xffffffffffffffff, 0x6, &(0x7f0000001200)=[0xffffffffffffffff, 0x1, 0x1], &(0x7f0000001240)=[{0x4, 0x8005, 0x1, 0x9}, {0x1, 0x3, 0x10}, {0x5, 0x4, 0xd, 0x4}, {0x3, 0x4, 0xf, 0x6}, {0x1, 0x1, 0x7, 0xc}, {0x1, 0x2, 0xf, 0x1}], 0x10, 0x1ff}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002840)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x4, '\x00', r3, r5, 0x4, 0x3, 0x5}, 0x48) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001700)=ANY=[@ANYBLOB="9feb01001800000000000000b3000000b30000aeecde00030000000c0000000000000a03000000030000000200000f0300000003000000bdce00000300000004000000070000001f0000005eff1a0300000006000005010000000e00000004000000030000000c00000003000000030000000300000004000000060000000b00000003000000030000000e00000001000000070000008100000005000000010000000700000001000006040000000900000069000000030000000000000b040000000b000000000000090100000000000000"], &(0x7f0000000480)=""/4096, 0xcf, 0x1000, 0x1, 0x7}, 0x20) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@base={0x1, 0x5, 0xcf, 0x9, 0x1000, 0xffffffffffffffff, 0xb4d, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5a}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x6, 0xa, 0xa, 0x1, 0xfffffffffffffffc}]}, &(0x7f0000000140)='syzkaller\x00', 0x10001, 0x3e, &(0x7f0000000240)=""/62, 0x41000, 0x22, '\x00', r3, 0x0, r6, 0x8, &(0x7f0000001480)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001580)=[r7], &(0x7f00000015c0)=[{0x4, 0x2, 0xe, 0x6}, {0x4, 0x2, 0x3}, {0x3, 0x4, 0x8, 0x4}, {0x5, 0x5, 0xe, 0x1}, {0x3, 0x2, 0xe, 0xa}, {0x4, 0x5, 0x8, 0x4}, {0x5, 0x2, 0x7, 0x5}], 0x10, 0x5082}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, 0xffffffffffffffff) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8) (async) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) [ 1491.541918][T31295] FAULT_INJECTION: forcing a failure. [ 1491.541918][T31295] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1491.573737][T31295] CPU: 1 PID: 31295 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1491.583906][T31295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1491.593800][T31295] Call Trace: [ 1491.596925][T31295] [ 1491.599702][T31295] dump_stack_lvl+0x151/0x1b7 [ 1491.604298][T31295] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1491.609765][T31295] ? _raw_spin_lock+0xa4/0x1b0 [ 1491.614363][T31295] ? _raw_spin_trylock_bh+0x190/0x190 [ 1491.619572][T31295] ? preempt_schedule+0xd9/0xe0 [ 1491.624354][T31295] dump_stack+0x15/0x17 [ 1491.628340][T31295] should_fail+0x3c6/0x510 [ 1491.632593][T31295] should_fail_alloc_page+0x5a/0x80 [ 1491.637722][T31295] prepare_alloc_pages+0x15c/0x700 [ 1491.642662][T31295] ? __kasan_check_write+0x14/0x20 [ 1491.647793][T31295] ? __alloc_pages_bulk+0xe40/0xe40 [ 1491.652826][T31295] ? copy_page_range+0x2d59/0x2f90 [ 1491.657764][T31295] __alloc_pages+0x18c/0x8f0 [ 1491.662189][T31295] ? prep_new_page+0x110/0x110 [ 1491.666792][T31295] new_slab+0x9a/0x4e0 [ 1491.670694][T31295] ___slab_alloc+0x39e/0x830 [ 1491.675118][T31295] ? vm_area_dup+0x26/0x230 [ 1491.679463][T31295] ? vm_area_dup+0x26/0x230 [ 1491.683798][T31295] __slab_alloc+0x4a/0x90 [ 1491.687991][T31295] ? vm_area_dup+0x26/0x230 [ 1491.692305][T31295] kmem_cache_alloc+0x134/0x200 [ 1491.696997][T31295] vm_area_dup+0x26/0x230 [ 1491.701333][T31295] copy_mm+0x9a1/0x13e0 [ 1491.705325][T31295] ? copy_signal+0x610/0x610 [ 1491.709751][T31295] ? __init_rwsem+0xd6/0x1c0 [ 1491.714176][T31295] ? copy_signal+0x4e3/0x610 [ 1491.718604][T31295] copy_process+0x1149/0x3290 [ 1491.723118][T31295] ? proc_fail_nth_write+0x20b/0x290 [ 1491.728237][T31295] ? fsnotify_perm+0x6a/0x5d0 [ 1491.732748][T31295] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1491.737696][T31295] ? vfs_write+0x9ec/0x1110 [ 1491.742039][T31295] kernel_clone+0x21e/0x9e0 [ 1491.746377][T31295] ? file_end_write+0x1c0/0x1c0 [ 1491.751064][T31295] ? create_io_thread+0x1e0/0x1e0 [ 1491.755922][T31295] ? mutex_unlock+0xb2/0x260 [ 1491.760348][T31295] ? __mutex_lock_slowpath+0x10/0x10 [ 1491.765470][T31295] __x64_sys_clone+0x23f/0x290 [ 1491.770070][T31295] ? __do_sys_vfork+0x130/0x130 [ 1491.774755][T31295] ? ksys_write+0x260/0x2c0 [ 1491.779111][T31295] ? debug_smp_processor_id+0x17/0x20 [ 1491.784306][T31295] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1491.790206][T31295] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1491.795675][T31295] do_syscall_64+0x3d/0xb0 [ 1491.799926][T31295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1491.805654][T31295] RIP: 0033:0x7f0304509da9 [ 1491.809908][T31295] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1491.829356][T31295] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="180000000080005300000008faff000094cac456cb16e8900000000fad413e550000000f00000095f1f69337842d61425ca93137e65c94995021ebcfaa1b5b7fc79df1ea975562b7a7072e69416a36b0aab20000cfaa1c73d2e57bcc78b36a96c2859c85f03479"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) r3 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r3, r2, 0x0, 0xa, &(0x7f00000000c0)='syzkaller\x00'}, 0x30) (async) openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001480)={r2, 0x0, 0xf3, 0x71, &(0x7f00000002c0)="7e99b775681b00bcd866f0fef2813f58fcbc1d1310ca43da7b86f9c5bc6a4ab759c6fa581e3e07fecd280f00a7cc995b21cdc736dc75fe8739310aafef5ec67820a03612accab45badd98e0db27746f4f81a6e2e553ef9eb28ac8840451f19222aaf58310ed2f3342195ab56fa6c22e256711e77b86e199b17120a1280e8a6d889b2379c9d63d81c8e2c56cc8ef04941c02a10ed977f1941eab5516a3bab2aa6cd04bb6f977b65500cb77723a70623ff546d49360a1d5eabf8f8b68386693c22789b1260226252d630bbeeb1958e32271c1897514e1e2af54a438332574c6005a335fa3900"/243, &(0x7f0000000040)=""/113, 0x3fb, 0x0, 0x86, 0x1000, &(0x7f00000003c0)="630f2d65cfaf4ddbb6048c1d768f3059cce945284856a70fd8983500e755958dd74b409b2a79e17da7f9b42341418bd353fd286f62d87be6dafa63da16299850506fb6937c1b80c2798c33ce0961d5c894406326a56d852dc52b28425985f8f12f634be9a3a52a28e7ed2d164dd525b3442982bf17c10708f59bb3abf0fbc73882de590ec869", &(0x7f0000000480)="1ef365ffb04467e3a16570367596425fabd007933d176bba5c7cbc05e1d28ae245dbc5ad52c2468f2305686eb4428b7101100c5e79e6f9387236db32aad79fc0f5d8f42236ddb6f091b5d79d4d1aef78939f9c42e69e5a3d0f36109ee0f28405ca550c9241c4e20335a375ac2c5e36c66f9868376c567c16fdaba3832850dc450aa99ef7ad50330592597cead5ab86370fd5a4e0838f60077f997eda87fec2c99b07f7571f4137c136079d722e0f898d55e8db9eff35793198f456c29f6b340d783176dd58f4e3173de08d9cfd11e4dd5bc259fdce705cc74b281e496749585321002f0b1782fec7f83e12cd0b8065263f4c7f8ba4a983fac91e0dd9e00231d38dd33734365db5002364ca08e9e93d1f9ca734ab1ec9679193f9977f0868ca6314572602ff60f9c12c7af375f651d0938f281761bd5ef72dfe3ca07f80be540b59a7e99610b082969c4b536a5e00a42eb13f19b54c47ca4d6fabf6c1539f842a24be466947a20ef1771a894824c8604ae6481ff419bd2a3310ec4a7cb5ccbb59e96eecd681a3619975a8a39c3aabd645812c22390a0e739558688a38d987ddad54276cf52ea1b95652c21db132d45ec86cd10130837eb36c0ed55086c5fa4425f06515416dae8254e79d8174382e9c8eda61769f25ae9cf3efd5158d8353a771b4a702f4284851d96f45dc418ba8d52ca71e289e6df0fee5a2f2a1ece33419b677af02130757a8bfdb23a265521513724c99efedc051dd787aaf9798124bbf06b3dd0b5a508c4f9457be22d9d88e60bb9278a210a5a58b709d1d107654e35f12632a6efa6b9887df282b52ee54a6719934dc66005718b878324ff643bc55f1c321173fc9fab42a6cb3e0e16b5795fe30fb2c518381b25c6a6d341f6a1aafaba526abf672b6604c4d38785bfebe413ebc6af6cc65bc7adbd3d051db4d74d96ccc1e764f5916c0fe054b2f06d752c900714df16a539488dec98c6261fea4b6d9291d786442f46682e80f84827ce5fbc0b3bd599c8198e9c57fff8b21a9c41474a638785924ef59b42e4c6cbfeb38098bb64659888584884fd173ed20643f4e7170339e7548e0e5b135ec3f65d0fc6dc16e9e534d0148818941b432e541d187228ba3c37648e1a4691a58074b95aaf6281bc80cdbd9caad549abc7507892331e281bcc183ba93a46d84afb0eb1cf7ba0a9f5ee2b612a3ee9251fd350433f0867afe6c6c119d5d0d19dcddfc58e02cfa758e6b56c25e936146be654a5fead422f81387222e50e47b7488e561aa15bceb433acd3e0cb4d1ae8d4a89d9f8dbbd134c9764538cdd163f11771e23bb3a4e18071e0b372c9ba0e10e6eb041f05a76d7f4252f935ab1f5a27a56e315ab86c70400c0713c6d7dff1f9a92d55a003849a055aa22aa2f1d24fa823a28a3285b559b5af6d35ab1633362ee0c96d7a4997316b7dfdeb34fb6273ddfa194919e52389e16de4234cff9c79411c00b3dc62aca4192b2d4b494bab0cad570de35a61e706d15fced1a629cf67d9759f06e95cfe85167ddc2cb0103211c87c3e099b69332f95d89a0e460f1aa92890f77519dcf501071814e61f5bd6a4bae6e749f9b564803f8c6985b59d1ef3b86938b74946a2beb00286b76b013eae2f59d7c8824387935dd8b8b2932d4f66fec11a6f6d7fef91cfda6653c38774c588db575dcc74d822eac8173cb54e4f6ceb844c6156678903fdb29354a012650cb4dc14f92ad48ef7507ef518116dc64520de88b0380c63572aa276b68af24dd4c6cd20b3058bf79885cbfa1ef10ec9800cd538c03f09c35c267786d23b3c8243267393b9daef762738804d04807e33f06066c04f58f420912c73357a677c460497c21448dbaab268bf5500b71362da4754ad5fc00df6b32e5144e74463f52f5abace4c5af59ced97307ae364a51858b71eefbb101fef6e1a46a9028162c41965bc7764edc21993d127f10d49b623e3ef38d62a05ae16cdd6b8f9c8a0ea33b755956de9bd70a3e615406c93546507bc13f7db2128412476a5bb7994d0ee3c67863f49bc19212cfb803bb5c881b4edc65dfa98beb7a0fb7d3fc2d18ed8469b2f20faa95401ff5937205cd467ff8a894879689b30caf7d816ae8888e1180d2fb58d8dbf34a35193db178ad7865781c80d26a96f6ab040c15d2c51fc1132ecc262caa77ec76483e3eb53ce173b099bf54aa33a1187b2cf724ce5699b8982bfafd86b95dea82af7b56470ad23970c42377e3fadc527b45c5034b7c3617fb3b8f5b2726b07378245b35068ddbe8a826aa73b5e4b743bb6949cde59153e662850178c36b12828c50533694f882acc5f710f4d5a81cd2b31407ecdbcfc453c46956130814636b98467852d9f3677cb6edaa9ab90db2464d31a6f38fc931c9943649729848035e4cc9174441c7e5577eaeff8d5802726bec5e6263df2a850abd7ed9b828144d1e2a86d058bbcbc3c574475658ee78a3360ad48a217f732d39bd300b93777d33053c30e8f6b7487313b84454c86b44ea82e921331259af1e13b49def69d9601f0cd272518e447e46938c6713c2f5e5ee3e01ddc0ce7e916616bdb1bf0f1ff7f5f0ab2874e799d646ea39ae085e4f93a1e8ee0275b1c9f2313ea11fe900c350cde882d4043f8ca83bd7060b27275bf57a3d7668c190f86e06480b5cefcea51c1ef3e06a61ac406d96242e6a69407fcad717781b935d495b2cd9523cbb713d52ca61606dbf2e77d020d0c4fb97fa8953e9606b78b1ab37ee41dcc3f63f9f4565f277f6a7007f6697786714e5bcd5e38644b45f4abff9e9ab580d6eabef96e92078c1470df89f755e3a59a620bc17abb577ee780cf3aec34a684dd41783cbb244573e0d1413eb75863c62800dacccd2f430458a4e7852526ee2c1219c0acd2b5fdfab15fcf1ec16150ba72e0379554983eb0b86e22a248b72963418f51a05d2a07a2e5df77133d34bd7e60e664647a5a8ab01a028aadfcf2265586b0baa60362b87eb1d083f272a776a96b6bea0bc6a5a4679ec8fe9d605ab694f06d33154d2d2e1f085b5a776cdd9e1b6e2cab0990247359920d78f3003da252e4f2967eff9dcb559c6f472da671c949c9e75b39e6b1aa445a626710baaaee71b0b5456be213ac66185c7aeb83813d6ea036d69f484fda8aee14074e511ba7ddaed155e7f40f608d004b38154f26b581d047e9fc53f06f32cd64ff9d36f3ab2ffc3fc33c52c0f200f35f15ecda22bc61f3b7fb13cd9648ba470b408a3b4a64fd199c97f4415d6527c0fa193b91937c6606f202963d09ecacb0a775fd0169b1fc82608bca26997a11692573be5f04f370a7c6e4e087e75d68503e719f0a6008595171afabdc5d9aee732881f612743351e9cc0d415a420ad700d511a98d7498a1f34a528791d8a6619eb3d1e2e544b3ff6b619962639c111e3ce4583250734f09f68a2d9d091f738e0c295be290649c55edd5887b7839bc4a35b3ca53bcd995a36bc877576ee39022719ab65fdb3e685ee26337cb1b39b773dca4658a6263f5be146f23c0f11a2f0891842ecb552a7deac455755dd49180d81ec9810caaf1e45aa5ac0efdd1709675499967d71a3900b77fa5af7bc1815708c88e79c96bbe30889157a1ff7a1cbdc824c70336e3a2c0e63b7559f63ca598ab2c6ce9b7c657244350c5eb71384486012d90317d52f51f5c5e8e21f6757e18519228505ff2f599d0c22ff3a004cd5b3e49a17d38e76e36305a2c3e7cdb2f51e3836aada71d0090456baa68d007483ccc36cfe3d31ade2f0b922aefb71fc0896ecfc1562aaa0eb8057ecd01e68c6b4f06fdb3f785671df1bff06aee97f793cf8d8096c748e4b6ca1306a87b8bee20a87e1ab9b64cfb2373010f45c44e0d035b2eeb703816ba91d358cc258884e84948cfcf272bc268008f53eacf78c3e56463b1060a772ef8f77d52ed5ac474fbafe71d4755e7378e644bae3200d5f5bf7bc4f0d7a0ba1271f8bab17cb501919f6df77f554369fd5a991cd0bf77e6ea3f44a79bdc2c0554429b807fc7815d4e059d32a8f6547238de8bd9049b3ac23f61977753661d2d6860fe250b8c21ca84c7778f1ba0b8153a82af678d88bd43b1365d87a2498a2ba8735c6b4fccf2207fca305722edac964f4a8976a7377e30a5e9e3f4fd73acbcf54cccdab17c1de5065089d1f284437fb53f9d8f6fdc63bd89ddd9d39f457f4301f57f6743219006baf5827242a6128ce9bd2808a3ef03f9c5cdf907b9533c6343b193c5664b61cd5616b374e9e2cd532d6b7e813eba5587fc11095785a417598c35b70a75de085c81d368e27fda61fd0793954d6b2865d64caeb7ea2cd111b994011417a766b96844e95f9e469b8e009550da57ad24b4702ccb46d1d423badddc614057314fe338e8045e5d39100ae76a8ec08644c53cef31ef9675416277512d2ab2d68ea0aa3893b0081cc0fcddf437a161b594a13bad8c162e70579a1a7170e8b327f8d52aacbddde415ac694cb11f5b343296c516e85d2562eb738fc7546c967edcc76d22ff78ea7fe5128da52a0ffa6c19294fae146a7468eb742ad4a362aac96e419fc013b25729181d40b2a82a603bafb17f500cd1ea477605ad53c9a9fa5d6d744e57e3f10e0ab53e79470f7e21e09f57912b28dd26a01234bb48e7fd3c23740ffbcc4c046760005539abacc0aa3766fad0cc905415a2e66306a1aae1be6db8441393f1c46d572604e6876eb4b7841516fd3b077558347e89c6c3a4bb27243313c2ad3968761416a0fb5f8d35ece0a431f0c8b72e4c681f53439739e0520c1363af89a1eae1d6a3bca749aedf917651188f769ff80f84f8e461a6f076306c232259a2cd3cfa0d9dd59b0417dc1a0593e770cc14dc02858ff1c87ea103aaeba40a282264fdfa581bd1c801f022e87f7378022f52511061c35b3fab1d8b0e1f67a55b0a22dbe1f3849c3c401f26120246f6fed3814a1feedb51976c6b1b76db7b6cb3afcfd712316a53a23393042360f4a4f28efdcde502f838eb363c5c3afc921b75763189670892a6882afe279abb834073a95619ee3b0f45c47cada230117a889ae77785d687e59c75939b6809c70197580d59bfbd7500793159cb10488cea5088ca811e28cd2e514719f10029b852ed694a995a61dda9cac854ebb2fce766823a4d4a8a872ee7f9c540aedd85af673bd985c65092cbf374de50edbff3a92dc7d1e7cb7947addb8472724c4150880947d6c9df9883dbd1c18068e0791c6136e3daa9a4192a5fcea00cbfd92fc431307947176444846fa97e59293f2ae5cefe14123ac312692d22b03933e2befcb3a408d0f89638fa624b1eb6adb0f7d94a0b2c11ab915f3e358b34ae588bc65fb96240839bfce549fda4fa2af6a03983002861c7e207d83dda1575de054626b85415e1b989e0a5f2428ccd7b2b9d98e0f90d1310876bbd33065840086ca71ddddfd2f9d8a7c951dd5c8d82f03f3d85c5773b4fef4c0e67ba72b379b040c7fd00e7e48b8ba1a7b7be4b01d99a3f172d33adc85eb9a55ef0ca7222d366651585ea53e2474ecaa1503d7d91eeab60225d3b3df38adfcb4a33a7c8d0ea0c3d05a53408c02af2d96d13bdb6279258273d7365839bcbf5103245ac9a7cdd110daecd69c09327bc81d7e08149b3023736a02b2be794eff2e8f2461b382c40c80808c0a146d78d9ab232d2a75211946729aa231b1fe5fdbbae2590469837e622ce79cafd7d317be83677a3e4be2753a34f6c36a203b39a62e899e74d55df6d0c2b2988a8f6782a912a43184a01355520fb9044362ff970e", 0x1, 0x0, 0x1}, 0x50) 22:49:13 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYBLOB="eaabf8d3475c919e1da6b3f8374568d148629d4ccd6d97d181e5309f2c758e0786480da8a56d417c96527b5332bb39d1df84e5f985d5", @ANYRES8, @ANYRES32=0x0, @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0x260, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x90) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYBLOB="eaabf8d3475c919e1da6b3f8374568d148629d4ccd6d97d181e5309f2c758e0786480da8a56d417c96527b5332bb39d1df84e5f985d5", @ANYRES8, @ANYRES32=0x0, @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0x260, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) (async) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000ac0)={0xffffffffffffffff, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e40)={r1, 0xe0, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000c00)=[0x0, 0x0, 0x0], &(0x7f0000000c40)=[0x0], 0x0, 0x8, &(0x7f0000000c80)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000d80), &(0x7f0000000dc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000e00)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0xf, 0x31, &(0x7f0000000f40)=ANY=[@ANYBLOB="18000000060000000000000041d9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001865000006000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000851700000082000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018430000ffffffff0000000000000000184a0000fcffffff00000000000000001f087609fc270000b7080000000000007b8af8ff00000000b708000050ffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="00400000020000000000000008000000850000b7020000010000008500000084000000b7000000000000009500"/64], &(0x7f0000000a00)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0xe6, '\x00', r3, 0x29, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x2, 0x8, 0x5}, 0x10, r4, 0xffffffffffffffff, 0x6, &(0x7f0000001200)=[0xffffffffffffffff, 0x1, 0x1], &(0x7f0000001240)=[{0x4, 0x8005, 0x1, 0x9}, {0x1, 0x3, 0x10}, {0x5, 0x4, 0xd, 0x4}, {0x3, 0x4, 0xf, 0x6}, {0x1, 0x1, 0x7, 0xc}, {0x1, 0x2, 0xf, 0x1}], 0x10, 0x1ff}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002840)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x4, '\x00', r3, r5, 0x4, 0x3, 0x5}, 0x48) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001700)=ANY=[@ANYBLOB="9feb01001800000000000000b3000000b30000aeecde00030000000c0000000000000a03000000030000000200000f0300000003000000bdce00000300000004000000070000001f0000005eff1a0300000006000005010000000e00000004000000030000000c00000003000000030000000300000004000000060000000b00000003000000030000000e00000001000000070000008100000005000000010000000700000001000006040000000900000069000000030000000000000b040000000b000000000000090100000000000000"], &(0x7f0000000480)=""/4096, 0xcf, 0x1000, 0x1, 0x7}, 0x20) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@base={0x1, 0x5, 0xcf, 0x9, 0x1000, 0xffffffffffffffff, 0xb4d, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5a}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x6, 0xa, 0xa, 0x1, 0xfffffffffffffffc}]}, &(0x7f0000000140)='syzkaller\x00', 0x10001, 0x3e, &(0x7f0000000240)=""/62, 0x41000, 0x22, '\x00', r3, 0x0, r6, 0x8, &(0x7f0000001480)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001580)=[r7], &(0x7f00000015c0)=[{0x4, 0x2, 0xe, 0x6}, {0x4, 0x2, 0x3}, {0x3, 0x4, 0x8, 0x4}, {0x5, 0x5, 0xe, 0x1}, {0x3, 0x2, 0xe, 0xa}, {0x4, 0x5, 0x8, 0x4}, {0x5, 0x2, 0x7, 0x5}], 0x10, 0x5082}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5a}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x6, 0xa, 0xa, 0x1, 0xfffffffffffffffc}]}, &(0x7f0000000140)='syzkaller\x00', 0x10001, 0x3e, &(0x7f0000000240)=""/62, 0x41000, 0x22, '\x00', r3, 0x0, r6, 0x8, &(0x7f0000001480)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001580)=[r7], &(0x7f00000015c0)=[{0x4, 0x2, 0xe, 0x6}, {0x4, 0x2, 0x3}, {0x3, 0x4, 0x8, 0x4}, {0x5, 0x5, 0xe, 0x1}, {0x3, 0x2, 0xe, 0xa}, {0x4, 0x5, 0x8, 0x4}, {0x5, 0x2, 0x7, 0x5}], 0x10, 0x5082}, 0x90) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, 0xffffffffffffffff) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8) write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="180000000080005300000008faff000094cac456cb16e8900000000fad413e550000000f00000095f1f69337842d61425ca93137e65c94995021ebcfaa1b5b7fc79df1ea975562b7a7072e69416a36b0aab20000cfaa1c73d2e57bcc78b36a96c2859c85f03479"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) r3 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r3, r2, 0x0, 0xa, &(0x7f00000000c0)='syzkaller\x00'}, 0x30) openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001480)={r2, 0x0, 0xf3, 0x71, &(0x7f00000002c0)="7e99b775681b00bcd866f0fef2813f58fcbc1d1310ca43da7b86f9c5bc6a4ab759c6fa581e3e07fecd280f00a7cc995b21cdc736dc75fe8739310aafef5ec67820a03612accab45badd98e0db27746f4f81a6e2e553ef9eb28ac8840451f19222aaf58310ed2f3342195ab56fa6c22e256711e77b86e199b17120a1280e8a6d889b2379c9d63d81c8e2c56cc8ef04941c02a10ed977f1941eab5516a3bab2aa6cd04bb6f977b65500cb77723a70623ff546d49360a1d5eabf8f8b68386693c22789b1260226252d630bbeeb1958e32271c1897514e1e2af54a438332574c6005a335fa3900"/243, &(0x7f0000000040)=""/113, 0x3fb, 0x0, 0x86, 0x1000, &(0x7f00000003c0)="630f2d65cfaf4ddbb6048c1d768f3059cce945284856a70fd8983500e755958dd74b409b2a79e17da7f9b42341418bd353fd286f62d87be6dafa63da16299850506fb6937c1b80c2798c33ce0961d5c894406326a56d852dc52b28425985f8f12f634be9a3a52a28e7ed2d164dd525b3442982bf17c10708f59bb3abf0fbc73882de590ec869", &(0x7f0000000480)="1ef365ffb04467e3a16570367596425fabd007933d176bba5c7cbc05e1d28ae245dbc5ad52c2468f2305686eb4428b7101100c5e79e6f9387236db32aad79fc0f5d8f42236ddb6f091b5d79d4d1aef78939f9c42e69e5a3d0f36109ee0f28405ca550c9241c4e20335a375ac2c5e36c66f9868376c567c16fdaba3832850dc450aa99ef7ad50330592597cead5ab86370fd5a4e0838f60077f997eda87fec2c99b07f7571f4137c136079d722e0f898d55e8db9eff35793198f456c29f6b340d783176dd58f4e3173de08d9cfd11e4dd5bc259fdce705cc74b281e496749585321002f0b1782fec7f83e12cd0b8065263f4c7f8ba4a983fac91e0dd9e00231d38dd33734365db5002364ca08e9e93d1f9ca734ab1ec9679193f9977f0868ca6314572602ff60f9c12c7af375f651d0938f281761bd5ef72dfe3ca07f80be540b59a7e99610b082969c4b536a5e00a42eb13f19b54c47ca4d6fabf6c1539f842a24be466947a20ef1771a894824c8604ae6481ff419bd2a3310ec4a7cb5ccbb59e96eecd681a3619975a8a39c3aabd645812c22390a0e739558688a38d987ddad54276cf52ea1b95652c21db132d45ec86cd10130837eb36c0ed55086c5fa4425f06515416dae8254e79d8174382e9c8eda61769f25ae9cf3efd5158d8353a771b4a702f4284851d96f45dc418ba8d52ca71e289e6df0fee5a2f2a1ece33419b677af02130757a8bfdb23a265521513724c99efedc051dd787aaf9798124bbf06b3dd0b5a508c4f9457be22d9d88e60bb9278a210a5a58b709d1d107654e35f12632a6efa6b9887df282b52ee54a6719934dc66005718b878324ff643bc55f1c321173fc9fab42a6cb3e0e16b5795fe30fb2c518381b25c6a6d341f6a1aafaba526abf672b6604c4d38785bfebe413ebc6af6cc65bc7adbd3d051db4d74d96ccc1e764f5916c0fe054b2f06d752c900714df16a539488dec98c6261fea4b6d9291d786442f46682e80f84827ce5fbc0b3bd599c8198e9c57fff8b21a9c41474a638785924ef59b42e4c6cbfeb38098bb64659888584884fd173ed20643f4e7170339e7548e0e5b135ec3f65d0fc6dc16e9e534d0148818941b432e541d187228ba3c37648e1a4691a58074b95aaf6281bc80cdbd9caad549abc7507892331e281bcc183ba93a46d84afb0eb1cf7ba0a9f5ee2b612a3ee9251fd350433f0867afe6c6c119d5d0d19dcddfc58e02cfa758e6b56c25e936146be654a5fead422f81387222e50e47b7488e561aa15bceb433acd3e0cb4d1ae8d4a89d9f8dbbd134c9764538cdd163f11771e23bb3a4e18071e0b372c9ba0e10e6eb041f05a76d7f4252f935ab1f5a27a56e315ab86c70400c0713c6d7dff1f9a92d55a003849a055aa22aa2f1d24fa823a28a3285b559b5af6d35ab1633362ee0c96d7a4997316b7dfdeb34fb6273ddfa194919e52389e16de4234cff9c79411c00b3dc62aca4192b2d4b494bab0cad570de35a61e706d15fced1a629cf67d9759f06e95cfe85167ddc2cb0103211c87c3e099b69332f95d89a0e460f1aa92890f77519dcf501071814e61f5bd6a4bae6e749f9b564803f8c6985b59d1ef3b86938b74946a2beb00286b76b013eae2f59d7c8824387935dd8b8b2932d4f66fec11a6f6d7fef91cfda6653c38774c588db575dcc74d822eac8173cb54e4f6ceb844c6156678903fdb29354a012650cb4dc14f92ad48ef7507ef518116dc64520de88b0380c63572aa276b68af24dd4c6cd20b3058bf79885cbfa1ef10ec9800cd538c03f09c35c267786d23b3c8243267393b9daef762738804d04807e33f06066c04f58f420912c73357a677c460497c21448dbaab268bf5500b71362da4754ad5fc00df6b32e5144e74463f52f5abace4c5af59ced97307ae364a51858b71eefbb101fef6e1a46a9028162c41965bc7764edc21993d127f10d49b623e3ef38d62a05ae16cdd6b8f9c8a0ea33b755956de9bd70a3e615406c93546507bc13f7db2128412476a5bb7994d0ee3c67863f49bc19212cfb803bb5c881b4edc65dfa98beb7a0fb7d3fc2d18ed8469b2f20faa95401ff5937205cd467ff8a894879689b30caf7d816ae8888e1180d2fb58d8dbf34a35193db178ad7865781c80d26a96f6ab040c15d2c51fc1132ecc262caa77ec76483e3eb53ce173b099bf54aa33a1187b2cf724ce5699b8982bfafd86b95dea82af7b56470ad23970c42377e3fadc527b45c5034b7c3617fb3b8f5b2726b07378245b35068ddbe8a826aa73b5e4b743bb6949cde59153e662850178c36b12828c50533694f882acc5f710f4d5a81cd2b31407ecdbcfc453c46956130814636b98467852d9f3677cb6edaa9ab90db2464d31a6f38fc931c9943649729848035e4cc9174441c7e5577eaeff8d5802726bec5e6263df2a850abd7ed9b828144d1e2a86d058bbcbc3c574475658ee78a3360ad48a217f732d39bd300b93777d33053c30e8f6b7487313b84454c86b44ea82e921331259af1e13b49def69d9601f0cd272518e447e46938c6713c2f5e5ee3e01ddc0ce7e916616bdb1bf0f1ff7f5f0ab2874e799d646ea39ae085e4f93a1e8ee0275b1c9f2313ea11fe900c350cde882d4043f8ca83bd7060b27275bf57a3d7668c190f86e06480b5cefcea51c1ef3e06a61ac406d96242e6a69407fcad717781b935d495b2cd9523cbb713d52ca61606dbf2e77d020d0c4fb97fa8953e9606b78b1ab37ee41dcc3f63f9f4565f277f6a7007f6697786714e5bcd5e38644b45f4abff9e9ab580d6eabef96e92078c1470df89f755e3a59a620bc17abb577ee780cf3aec34a684dd41783cbb244573e0d1413eb75863c62800dacccd2f430458a4e7852526ee2c1219c0acd2b5fdfab15fcf1ec16150ba72e0379554983eb0b86e22a248b72963418f51a05d2a07a2e5df77133d34bd7e60e664647a5a8ab01a028aadfcf2265586b0baa60362b87eb1d083f272a776a96b6bea0bc6a5a4679ec8fe9d605ab694f06d33154d2d2e1f085b5a776cdd9e1b6e2cab0990247359920d78f3003da252e4f2967eff9dcb559c6f472da671c949c9e75b39e6b1aa445a626710baaaee71b0b5456be213ac66185c7aeb83813d6ea036d69f484fda8aee14074e511ba7ddaed155e7f40f608d004b38154f26b581d047e9fc53f06f32cd64ff9d36f3ab2ffc3fc33c52c0f200f35f15ecda22bc61f3b7fb13cd9648ba470b408a3b4a64fd199c97f4415d6527c0fa193b91937c6606f202963d09ecacb0a775fd0169b1fc82608bca26997a11692573be5f04f370a7c6e4e087e75d68503e719f0a6008595171afabdc5d9aee732881f612743351e9cc0d415a420ad700d511a98d7498a1f34a528791d8a6619eb3d1e2e544b3ff6b619962639c111e3ce4583250734f09f68a2d9d091f738e0c295be290649c55edd5887b7839bc4a35b3ca53bcd995a36bc877576ee39022719ab65fdb3e685ee26337cb1b39b773dca4658a6263f5be146f23c0f11a2f0891842ecb552a7deac455755dd49180d81ec9810caaf1e45aa5ac0efdd1709675499967d71a3900b77fa5af7bc1815708c88e79c96bbe30889157a1ff7a1cbdc824c70336e3a2c0e63b7559f63ca598ab2c6ce9b7c657244350c5eb71384486012d90317d52f51f5c5e8e21f6757e18519228505ff2f599d0c22ff3a004cd5b3e49a17d38e76e36305a2c3e7cdb2f51e3836aada71d0090456baa68d007483ccc36cfe3d31ade2f0b922aefb71fc0896ecfc1562aaa0eb8057ecd01e68c6b4f06fdb3f785671df1bff06aee97f793cf8d8096c748e4b6ca1306a87b8bee20a87e1ab9b64cfb2373010f45c44e0d035b2eeb703816ba91d358cc258884e84948cfcf272bc268008f53eacf78c3e56463b1060a772ef8f77d52ed5ac474fbafe71d4755e7378e644bae3200d5f5bf7bc4f0d7a0ba1271f8bab17cb501919f6df77f554369fd5a991cd0bf77e6ea3f44a79bdc2c0554429b807fc7815d4e059d32a8f6547238de8bd9049b3ac23f61977753661d2d6860fe250b8c21ca84c7778f1ba0b8153a82af678d88bd43b1365d87a2498a2ba8735c6b4fccf2207fca305722edac964f4a8976a7377e30a5e9e3f4fd73acbcf54cccdab17c1de5065089d1f284437fb53f9d8f6fdc63bd89ddd9d39f457f4301f57f6743219006baf5827242a6128ce9bd2808a3ef03f9c5cdf907b9533c6343b193c5664b61cd5616b374e9e2cd532d6b7e813eba5587fc11095785a417598c35b70a75de085c81d368e27fda61fd0793954d6b2865d64caeb7ea2cd111b994011417a766b96844e95f9e469b8e009550da57ad24b4702ccb46d1d423badddc614057314fe338e8045e5d39100ae76a8ec08644c53cef31ef9675416277512d2ab2d68ea0aa3893b0081cc0fcddf437a161b594a13bad8c162e70579a1a7170e8b327f8d52aacbddde415ac694cb11f5b343296c516e85d2562eb738fc7546c967edcc76d22ff78ea7fe5128da52a0ffa6c19294fae146a7468eb742ad4a362aac96e419fc013b25729181d40b2a82a603bafb17f500cd1ea477605ad53c9a9fa5d6d744e57e3f10e0ab53e79470f7e21e09f57912b28dd26a01234bb48e7fd3c23740ffbcc4c046760005539abacc0aa3766fad0cc905415a2e66306a1aae1be6db8441393f1c46d572604e6876eb4b7841516fd3b077558347e89c6c3a4bb27243313c2ad3968761416a0fb5f8d35ece0a431f0c8b72e4c681f53439739e0520c1363af89a1eae1d6a3bca749aedf917651188f769ff80f84f8e461a6f076306c232259a2cd3cfa0d9dd59b0417dc1a0593e770cc14dc02858ff1c87ea103aaeba40a282264fdfa581bd1c801f022e87f7378022f52511061c35b3fab1d8b0e1f67a55b0a22dbe1f3849c3c401f26120246f6fed3814a1feedb51976c6b1b76db7b6cb3afcfd712316a53a23393042360f4a4f28efdcde502f838eb363c5c3afc921b75763189670892a6882afe279abb834073a95619ee3b0f45c47cada230117a889ae77785d687e59c75939b6809c70197580d59bfbd7500793159cb10488cea5088ca811e28cd2e514719f10029b852ed694a995a61dda9cac854ebb2fce766823a4d4a8a872ee7f9c540aedd85af673bd985c65092cbf374de50edbff3a92dc7d1e7cb7947addb8472724c4150880947d6c9df9883dbd1c18068e0791c6136e3daa9a4192a5fcea00cbfd92fc431307947176444846fa97e59293f2ae5cefe14123ac312692d22b03933e2befcb3a408d0f89638fa624b1eb6adb0f7d94a0b2c11ab915f3e358b34ae588bc65fb96240839bfce549fda4fa2af6a03983002861c7e207d83dda1575de054626b85415e1b989e0a5f2428ccd7b2b9d98e0f90d1310876bbd33065840086ca71ddddfd2f9d8a7c951dd5c8d82f03f3d85c5773b4fef4c0e67ba72b379b040c7fd00e7e48b8ba1a7b7be4b01d99a3f172d33adc85eb9a55ef0ca7222d366651585ea53e2474ecaa1503d7d91eeab60225d3b3df38adfcb4a33a7c8d0ea0c3d05a53408c02af2d96d13bdb6279258273d7365839bcbf5103245ac9a7cdd110daecd69c09327bc81d7e08149b3023736a02b2be794eff2e8f2461b382c40c80808c0a146d78d9ab232d2a75211946729aa231b1fe5fdbbae2590469837e622ce79cafd7d317be83677a3e4be2753a34f6c36a203b39a62e899e74d55df6d0c2b2988a8f6782a912a43184a01355520fb9044362ff970e", 0x1, 0x0, 0x1}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="180000000080005300000008faff000094cac456cb16e8900000000fad413e550000000f00000095f1f69337842d61425ca93137e65c94995021ebcfaa1b5b7fc79df1ea975562b7a7072e69416a36b0aab20000cfaa1c73d2e57bcc78b36a96c2859c85f03479"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) getpid() (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r3, r2, 0x0, 0xa, &(0x7f00000000c0)='syzkaller\x00'}, 0x30) (async) openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001480)={r2, 0x0, 0xf3, 0x71, &(0x7f00000002c0)="7e99b775681b00bcd866f0fef2813f58fcbc1d1310ca43da7b86f9c5bc6a4ab759c6fa581e3e07fecd280f00a7cc995b21cdc736dc75fe8739310aafef5ec67820a03612accab45badd98e0db27746f4f81a6e2e553ef9eb28ac8840451f19222aaf58310ed2f3342195ab56fa6c22e256711e77b86e199b17120a1280e8a6d889b2379c9d63d81c8e2c56cc8ef04941c02a10ed977f1941eab5516a3bab2aa6cd04bb6f977b65500cb77723a70623ff546d49360a1d5eabf8f8b68386693c22789b1260226252d630bbeeb1958e32271c1897514e1e2af54a438332574c6005a335fa3900"/243, &(0x7f0000000040)=""/113, 0x3fb, 0x0, 0x86, 0x1000, &(0x7f00000003c0)="630f2d65cfaf4ddbb6048c1d768f3059cce945284856a70fd8983500e755958dd74b409b2a79e17da7f9b42341418bd353fd286f62d87be6dafa63da16299850506fb6937c1b80c2798c33ce0961d5c894406326a56d852dc52b28425985f8f12f634be9a3a52a28e7ed2d164dd525b3442982bf17c10708f59bb3abf0fbc73882de590ec869", &(0x7f0000000480)="1ef365ffb04467e3a16570367596425fabd007933d176bba5c7cbc05e1d28ae245dbc5ad52c2468f2305686eb4428b7101100c5e79e6f9387236db32aad79fc0f5d8f42236ddb6f091b5d79d4d1aef78939f9c42e69e5a3d0f36109ee0f28405ca550c9241c4e20335a375ac2c5e36c66f9868376c567c16fdaba3832850dc450aa99ef7ad50330592597cead5ab86370fd5a4e0838f60077f997eda87fec2c99b07f7571f4137c136079d722e0f898d55e8db9eff35793198f456c29f6b340d783176dd58f4e3173de08d9cfd11e4dd5bc259fdce705cc74b281e496749585321002f0b1782fec7f83e12cd0b8065263f4c7f8ba4a983fac91e0dd9e00231d38dd33734365db5002364ca08e9e93d1f9ca734ab1ec9679193f9977f0868ca6314572602ff60f9c12c7af375f651d0938f281761bd5ef72dfe3ca07f80be540b59a7e99610b082969c4b536a5e00a42eb13f19b54c47ca4d6fabf6c1539f842a24be466947a20ef1771a894824c8604ae6481ff419bd2a3310ec4a7cb5ccbb59e96eecd681a3619975a8a39c3aabd645812c22390a0e739558688a38d987ddad54276cf52ea1b95652c21db132d45ec86cd10130837eb36c0ed55086c5fa4425f06515416dae8254e79d8174382e9c8eda61769f25ae9cf3efd5158d8353a771b4a702f4284851d96f45dc418ba8d52ca71e289e6df0fee5a2f2a1ece33419b677af02130757a8bfdb23a265521513724c99efedc051dd787aaf9798124bbf06b3dd0b5a508c4f9457be22d9d88e60bb9278a210a5a58b709d1d107654e35f12632a6efa6b9887df282b52ee54a6719934dc66005718b878324ff643bc55f1c321173fc9fab42a6cb3e0e16b5795fe30fb2c518381b25c6a6d341f6a1aafaba526abf672b6604c4d38785bfebe413ebc6af6cc65bc7adbd3d051db4d74d96ccc1e764f5916c0fe054b2f06d752c900714df16a539488dec98c6261fea4b6d9291d786442f46682e80f84827ce5fbc0b3bd599c8198e9c57fff8b21a9c41474a638785924ef59b42e4c6cbfeb38098bb64659888584884fd173ed20643f4e7170339e7548e0e5b135ec3f65d0fc6dc16e9e534d0148818941b432e541d187228ba3c37648e1a4691a58074b95aaf6281bc80cdbd9caad549abc7507892331e281bcc183ba93a46d84afb0eb1cf7ba0a9f5ee2b612a3ee9251fd350433f0867afe6c6c119d5d0d19dcddfc58e02cfa758e6b56c25e936146be654a5fead422f81387222e50e47b7488e561aa15bceb433acd3e0cb4d1ae8d4a89d9f8dbbd134c9764538cdd163f11771e23bb3a4e18071e0b372c9ba0e10e6eb041f05a76d7f4252f935ab1f5a27a56e315ab86c70400c0713c6d7dff1f9a92d55a003849a055aa22aa2f1d24fa823a28a3285b559b5af6d35ab1633362ee0c96d7a4997316b7dfdeb34fb6273ddfa194919e52389e16de4234cff9c79411c00b3dc62aca4192b2d4b494bab0cad570de35a61e706d15fced1a629cf67d9759f06e95cfe85167ddc2cb0103211c87c3e099b69332f95d89a0e460f1aa92890f77519dcf501071814e61f5bd6a4bae6e749f9b564803f8c6985b59d1ef3b86938b74946a2beb00286b76b013eae2f59d7c8824387935dd8b8b2932d4f66fec11a6f6d7fef91cfda6653c38774c588db575dcc74d822eac8173cb54e4f6ceb844c6156678903fdb29354a012650cb4dc14f92ad48ef7507ef518116dc64520de88b0380c63572aa276b68af24dd4c6cd20b3058bf79885cbfa1ef10ec9800cd538c03f09c35c267786d23b3c8243267393b9daef762738804d04807e33f06066c04f58f420912c73357a677c460497c21448dbaab268bf5500b71362da4754ad5fc00df6b32e5144e74463f52f5abace4c5af59ced97307ae364a51858b71eefbb101fef6e1a46a9028162c41965bc7764edc21993d127f10d49b623e3ef38d62a05ae16cdd6b8f9c8a0ea33b755956de9bd70a3e615406c93546507bc13f7db2128412476a5bb7994d0ee3c67863f49bc19212cfb803bb5c881b4edc65dfa98beb7a0fb7d3fc2d18ed8469b2f20faa95401ff5937205cd467ff8a894879689b30caf7d816ae8888e1180d2fb58d8dbf34a35193db178ad7865781c80d26a96f6ab040c15d2c51fc1132ecc262caa77ec76483e3eb53ce173b099bf54aa33a1187b2cf724ce5699b8982bfafd86b95dea82af7b56470ad23970c42377e3fadc527b45c5034b7c3617fb3b8f5b2726b07378245b35068ddbe8a826aa73b5e4b743bb6949cde59153e662850178c36b12828c50533694f882acc5f710f4d5a81cd2b31407ecdbcfc453c46956130814636b98467852d9f3677cb6edaa9ab90db2464d31a6f38fc931c9943649729848035e4cc9174441c7e5577eaeff8d5802726bec5e6263df2a850abd7ed9b828144d1e2a86d058bbcbc3c574475658ee78a3360ad48a217f732d39bd300b93777d33053c30e8f6b7487313b84454c86b44ea82e921331259af1e13b49def69d9601f0cd272518e447e46938c6713c2f5e5ee3e01ddc0ce7e916616bdb1bf0f1ff7f5f0ab2874e799d646ea39ae085e4f93a1e8ee0275b1c9f2313ea11fe900c350cde882d4043f8ca83bd7060b27275bf57a3d7668c190f86e06480b5cefcea51c1ef3e06a61ac406d96242e6a69407fcad717781b935d495b2cd9523cbb713d52ca61606dbf2e77d020d0c4fb97fa8953e9606b78b1ab37ee41dcc3f63f9f4565f277f6a7007f6697786714e5bcd5e38644b45f4abff9e9ab580d6eabef96e92078c1470df89f755e3a59a620bc17abb577ee780cf3aec34a684dd41783cbb244573e0d1413eb75863c62800dacccd2f430458a4e7852526ee2c1219c0acd2b5fdfab15fcf1ec16150ba72e0379554983eb0b86e22a248b72963418f51a05d2a07a2e5df77133d34bd7e60e664647a5a8ab01a028aadfcf2265586b0baa60362b87eb1d083f272a776a96b6bea0bc6a5a4679ec8fe9d605ab694f06d33154d2d2e1f085b5a776cdd9e1b6e2cab0990247359920d78f3003da252e4f2967eff9dcb559c6f472da671c949c9e75b39e6b1aa445a626710baaaee71b0b5456be213ac66185c7aeb83813d6ea036d69f484fda8aee14074e511ba7ddaed155e7f40f608d004b38154f26b581d047e9fc53f06f32cd64ff9d36f3ab2ffc3fc33c52c0f200f35f15ecda22bc61f3b7fb13cd9648ba470b408a3b4a64fd199c97f4415d6527c0fa193b91937c6606f202963d09ecacb0a775fd0169b1fc82608bca26997a11692573be5f04f370a7c6e4e087e75d68503e719f0a6008595171afabdc5d9aee732881f612743351e9cc0d415a420ad700d511a98d7498a1f34a528791d8a6619eb3d1e2e544b3ff6b619962639c111e3ce4583250734f09f68a2d9d091f738e0c295be290649c55edd5887b7839bc4a35b3ca53bcd995a36bc877576ee39022719ab65fdb3e685ee26337cb1b39b773dca4658a6263f5be146f23c0f11a2f0891842ecb552a7deac455755dd49180d81ec9810caaf1e45aa5ac0efdd1709675499967d71a3900b77fa5af7bc1815708c88e79c96bbe30889157a1ff7a1cbdc824c70336e3a2c0e63b7559f63ca598ab2c6ce9b7c657244350c5eb71384486012d90317d52f51f5c5e8e21f6757e18519228505ff2f599d0c22ff3a004cd5b3e49a17d38e76e36305a2c3e7cdb2f51e3836aada71d0090456baa68d007483ccc36cfe3d31ade2f0b922aefb71fc0896ecfc1562aaa0eb8057ecd01e68c6b4f06fdb3f785671df1bff06aee97f793cf8d8096c748e4b6ca1306a87b8bee20a87e1ab9b64cfb2373010f45c44e0d035b2eeb703816ba91d358cc258884e84948cfcf272bc268008f53eacf78c3e56463b1060a772ef8f77d52ed5ac474fbafe71d4755e7378e644bae3200d5f5bf7bc4f0d7a0ba1271f8bab17cb501919f6df77f554369fd5a991cd0bf77e6ea3f44a79bdc2c0554429b807fc7815d4e059d32a8f6547238de8bd9049b3ac23f61977753661d2d6860fe250b8c21ca84c7778f1ba0b8153a82af678d88bd43b1365d87a2498a2ba8735c6b4fccf2207fca305722edac964f4a8976a7377e30a5e9e3f4fd73acbcf54cccdab17c1de5065089d1f284437fb53f9d8f6fdc63bd89ddd9d39f457f4301f57f6743219006baf5827242a6128ce9bd2808a3ef03f9c5cdf907b9533c6343b193c5664b61cd5616b374e9e2cd532d6b7e813eba5587fc11095785a417598c35b70a75de085c81d368e27fda61fd0793954d6b2865d64caeb7ea2cd111b994011417a766b96844e95f9e469b8e009550da57ad24b4702ccb46d1d423badddc614057314fe338e8045e5d39100ae76a8ec08644c53cef31ef9675416277512d2ab2d68ea0aa3893b0081cc0fcddf437a161b594a13bad8c162e70579a1a7170e8b327f8d52aacbddde415ac694cb11f5b343296c516e85d2562eb738fc7546c967edcc76d22ff78ea7fe5128da52a0ffa6c19294fae146a7468eb742ad4a362aac96e419fc013b25729181d40b2a82a603bafb17f500cd1ea477605ad53c9a9fa5d6d744e57e3f10e0ab53e79470f7e21e09f57912b28dd26a01234bb48e7fd3c23740ffbcc4c046760005539abacc0aa3766fad0cc905415a2e66306a1aae1be6db8441393f1c46d572604e6876eb4b7841516fd3b077558347e89c6c3a4bb27243313c2ad3968761416a0fb5f8d35ece0a431f0c8b72e4c681f53439739e0520c1363af89a1eae1d6a3bca749aedf917651188f769ff80f84f8e461a6f076306c232259a2cd3cfa0d9dd59b0417dc1a0593e770cc14dc02858ff1c87ea103aaeba40a282264fdfa581bd1c801f022e87f7378022f52511061c35b3fab1d8b0e1f67a55b0a22dbe1f3849c3c401f26120246f6fed3814a1feedb51976c6b1b76db7b6cb3afcfd712316a53a23393042360f4a4f28efdcde502f838eb363c5c3afc921b75763189670892a6882afe279abb834073a95619ee3b0f45c47cada230117a889ae77785d687e59c75939b6809c70197580d59bfbd7500793159cb10488cea5088ca811e28cd2e514719f10029b852ed694a995a61dda9cac854ebb2fce766823a4d4a8a872ee7f9c540aedd85af673bd985c65092cbf374de50edbff3a92dc7d1e7cb7947addb8472724c4150880947d6c9df9883dbd1c18068e0791c6136e3daa9a4192a5fcea00cbfd92fc431307947176444846fa97e59293f2ae5cefe14123ac312692d22b03933e2befcb3a408d0f89638fa624b1eb6adb0f7d94a0b2c11ab915f3e358b34ae588bc65fb96240839bfce549fda4fa2af6a03983002861c7e207d83dda1575de054626b85415e1b989e0a5f2428ccd7b2b9d98e0f90d1310876bbd33065840086ca71ddddfd2f9d8a7c951dd5c8d82f03f3d85c5773b4fef4c0e67ba72b379b040c7fd00e7e48b8ba1a7b7be4b01d99a3f172d33adc85eb9a55ef0ca7222d366651585ea53e2474ecaa1503d7d91eeab60225d3b3df38adfcb4a33a7c8d0ea0c3d05a53408c02af2d96d13bdb6279258273d7365839bcbf5103245ac9a7cdd110daecd69c09327bc81d7e08149b3023736a02b2be794eff2e8f2461b382c40c80808c0a146d78d9ab232d2a75211946729aa231b1fe5fdbbae2590469837e622ce79cafd7d317be83677a3e4be2753a34f6c36a203b39a62e899e74d55df6d0c2b2988a8f6782a912a43184a01355520fb9044362ff970e", 0x1, 0x0, 0x1}, 0x50) (async) 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095a6168b5659fec4685155f7e5946e61d485399fa5fac29321810a0397d8600febabf83e5f979b5827c03e5ce90f52b8d4f5a72ffd0990fa0340abf81cf50a83a5294e7230098b8eabd55e2d0e2e657e9f0fd6cfda6f0e2088f29032423457e7e7741a7290b58de468b6b8a4"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x17, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_val={0x18, 0x9, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x1000}]}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x42, &(0x7f0000000380)=""/66, 0x41100, 0x0, '\x00', 0x0, 0x1d, r2, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x10, 0x7fff, 0xffff}, 0x10, 0x0, r0, 0x4, &(0x7f0000000440)=[r2, r2], &(0x7f0000000480)=[{0x5, 0x2, 0x4, 0x4}, {0x4, 0x3, 0x2}, {0x1, 0x4, 0x10, 0x6}, {0x0, 0x3, 0xd, 0xa}], 0x10, 0x8}, 0x90) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f02, 0x0, 0x0, 0x0}, 0x90) [ 1491.837595][T31295] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1491.845407][T31295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1491.853214][T31295] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1491.861029][T31295] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1491.868840][T31295] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1491.876653][T31295] 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000840)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000004c0), 0x0, 0x0, 0x1000010, 0x8, 0x0, 0x0}}, 0x10) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x80, 0x80, 0xc, [@func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{0xd, 0x3}, {0xa, 0x1}, {0x1}, {0xf, 0x3}, {0x6, 0x4}, {}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0x3}, {0x2, 0x1}, {0x8, 0x1}, {0x0, 0x5}, {0xb, 0x3}, {0xa, 0x5}, {0x8, 0x2}]}]}, {0x0, [0x0, 0x5f, 0x30, 0x5f, 0x0, 0x61, 0x5f, 0x30, 0x5f, 0x61]}}, &(0x7f0000000300)=""/90, 0xa4, 0x5a, 0x1, 0x7f9}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x9, 0x3, 0x7, 0x1080, r2, 0x2, '\x00', r3, r4, 0x4, 0x0, 0x1}, 0x48) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0xd, 0x1, 0x0, 0x4, 0x1, 0x5, [{0xf, 0x4, 0x1f}]}]}, {0x0, [0x5f, 0x5f, 0x30, 0x30]}}, &(0x7f0000000380)=""/104, 0x36, 0x68, 0x0, 0x9}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) r8 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae698c06152d163c3c79f9c4a7f0b8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edf376fce4c7a184f14951fdb2e996cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e524f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad688ef4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976a00"/230], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, r6, 0x0, 0x0, &(0x7f0000000680)}, 0x90) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000c40)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYRESHEX=r7, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b367bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94d"], &(0x7f0000000000)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r10, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@map_fd={0x18, 0xa, 0x1, 0x0, r10}]}, &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r7, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, r6, r9, 0x4, &(0x7f0000000900)=[r8, r7, r10], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xc, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x1f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x7, 0x0, 0x4, 0x0, 0x3, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x9, 0xa8, &(0x7f00000002c0)=""/168, 0x41100, 0x20, '\x00', r3, 0x13, r5, 0x8, &(0x7f0000000440)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x0, 0x10000, 0x20}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f00000004c0)=[r0, r1, r1], &(0x7f0000000500)=[{0x5, 0x2, 0x1, 0x1}, {0x3, 0x4, 0xa, 0x8}, {0x1, 0x5, 0x7, 0x1}], 0x10, 0x10001}, 0x90) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r12 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r11}, 0x8) write$cgroup_int(r12, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095a6168b5659fec4685155f7e5946e61d485399fa5fac29321810a0397d8600febabf83e5f979b5827c03e5ce90f52b8d4f5a72ffd0990fa0340abf81cf50a83a5294e7230098b8eabd55e2d0e2e657e9f0fd6cfda6f0e2088f29032423457e7e7741a7290b58de468b6b8a4"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x17, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_val={0x18, 0x9, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x1000}]}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x42, &(0x7f0000000380)=""/66, 0x41100, 0x0, '\x00', 0x0, 0x1d, r2, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x10, 0x7fff, 0xffff}, 0x10, 0x0, r0, 0x4, &(0x7f0000000440)=[r2, r2], &(0x7f0000000480)=[{0x5, 0x2, 0x4, 0x4}, {0x4, 0x3, 0x2}, {0x1, 0x4, 0x10, 0x6}, {0x0, 0x3, 0xd, 0xa}], 0x10, 0x8}, 0x90) 22:49:13 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095a6168b5659fec4685155f7e5946e61d485399fa5fac29321810a0397d8600febabf83e5f979b5827c03e5ce90f52b8d4f5a72ffd0990fa0340abf81cf50a83a5294e7230098b8eabd55e2d0e2e657e9f0fd6cfda6f0e2088f29032423457e7e7741a7290b58de468b6b8a4"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095a6168b5659fec4685155f7e5946e61d485399fa5fac29321810a0397d8600febabf83e5f979b5827c03e5ce90f52b8d4f5a72ffd0990fa0340abf81cf50a83a5294e7230098b8eabd55e2d0e2e657e9f0fd6cfda6f0e2088f29032423457e7e7741a7290b58de468b6b8a4"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x17, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_val={0x18, 0x9, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x1000}]}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x42, &(0x7f0000000380)=""/66, 0x41100, 0x0, '\x00', 0x0, 0x1d, r2, 0x8, &(0x7f0000000140)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x10, 0x7fff, 0xffff}, 0x10, 0x0, r0, 0x4, &(0x7f0000000440)=[r2, r2], &(0x7f0000000480)=[{0x5, 0x2, 0x4, 0x4}, {0x4, 0x3, 0x2}, {0x1, 0x4, 0x10, 0x6}, {0x0, 0x3, 0xd, 0xa}], 0x10, 0x8}, 0x90) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000840)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000004c0), 0x0, 0x0, 0x1000010, 0x8, 0x0, 0x0}}, 0x10) (async) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x80, 0x80, 0xc, [@func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{0xd, 0x3}, {0xa, 0x1}, {0x1}, {0xf, 0x3}, {0x6, 0x4}, {}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0x3}, {0x2, 0x1}, {0x8, 0x1}, {0x0, 0x5}, {0xb, 0x3}, {0xa, 0x5}, {0x8, 0x2}]}]}, {0x0, [0x0, 0x5f, 0x30, 0x5f, 0x0, 0x61, 0x5f, 0x30, 0x5f, 0x61]}}, &(0x7f0000000300)=""/90, 0xa4, 0x5a, 0x1, 0x7f9}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x9, 0x3, 0x7, 0x1080, r2, 0x2, '\x00', r3, r4, 0x4, 0x0, 0x1}, 0x48) (async) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0xd, 0x1, 0x0, 0x4, 0x1, 0x5, [{0xf, 0x4, 0x1f}]}]}, {0x0, [0x5f, 0x5f, 0x30, 0x30]}}, &(0x7f0000000380)=""/104, 0x36, 0x68, 0x0, 0x9}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) (async, rerun: 64) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) (rerun: 64) r8 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae698c06152d163c3c79f9c4a7f0b8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edf376fce4c7a184f14951fdb2e996cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e524f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad688ef4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976a00"/230], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, r6, 0x0, 0x0, &(0x7f0000000680)}, 0x90) (async) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000c40)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYRESHEX=r7, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b367bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94d"], &(0x7f0000000000)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) (async) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r10, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async, rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@map_fd={0x18, 0xa, 0x1, 0x0, r10}]}, &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r7, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, r6, r9, 0x4, &(0x7f0000000900)=[r8, r7, r10], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) (rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xc, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x1f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x7, 0x0, 0x4, 0x0, 0x3, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x9, 0xa8, &(0x7f00000002c0)=""/168, 0x41100, 0x20, '\x00', r3, 0x13, r5, 0x8, &(0x7f0000000440)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x0, 0x10000, 0x20}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f00000004c0)=[r0, r1, r1], &(0x7f0000000500)=[{0x5, 0x2, 0x1, 0x1}, {0x3, 0x4, 0xa, 0x8}, {0x1, 0x5, 0x7, 0x1}], 0x10, 0x10001}, 0x90) (async) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r12 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r11}, 0x8) write$cgroup_int(r12, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:13 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800053601905000000000000940000000000007fffffff000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='f2fs_gc_end\x00', r0}, 0x10) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6100, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000840)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000004c0), 0x0, 0x0, 0x1000010, 0x8, 0x0, 0x0}}, 0x10) (async) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x80, 0x80, 0xc, [@func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{0xd, 0x3}, {0xa, 0x1}, {0x1}, {0xf, 0x3}, {0x6, 0x4}, {}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0x3}, {0x2, 0x1}, {0x8, 0x1}, {0x0, 0x5}, {0xb, 0x3}, {0xa, 0x5}, {0x8, 0x2}]}]}, {0x0, [0x0, 0x5f, 0x30, 0x5f, 0x0, 0x61, 0x5f, 0x30, 0x5f, 0x61]}}, &(0x7f0000000300)=""/90, 0xa4, 0x5a, 0x1, 0x7f9}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x9, 0x3, 0x7, 0x1080, r2, 0x2, '\x00', r3, r4, 0x4, 0x0, 0x1}, 0x48) (async) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0xd, 0x1, 0x0, 0x4, 0x1, 0x5, [{0xf, 0x4, 0x1f}]}]}, {0x0, [0x5f, 0x5f, 0x30, 0x30]}}, &(0x7f0000000380)=""/104, 0x36, 0x68, 0x0, 0x9}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) (async) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) (async) r8 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae698c06152d163c3c79f9c4a7f0b8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edf376fce4c7a184f14951fdb2e996cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e524f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad688ef4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976a00"/230], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, r6, 0x0, 0x0, &(0x7f0000000680)}, 0x90) (async) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000c40)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYRESHEX=r7, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b367bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94d"], &(0x7f0000000000)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) (async) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r10, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@map_fd={0x18, 0xa, 0x1, 0x0, r10}]}, &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r7, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, r6, r9, 0x4, &(0x7f0000000900)=[r8, r7, r10], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xc, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x1f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x7, 0x0, 0x4, 0x0, 0x3, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x9, 0xa8, &(0x7f00000002c0)=""/168, 0x41100, 0x20, '\x00', r3, 0x13, r5, 0x8, &(0x7f0000000440)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x0, 0x10000, 0x20}, 0x10, r6, 0xffffffffffffffff, 0x3, &(0x7f00000004c0)=[r0, r1, r1], &(0x7f0000000500)=[{0x5, 0x2, 0x1, 0x1}, {0x3, 0x4, 0xa, 0x8}, {0x1, 0x5, 0x7, 0x1}], 0x10, 0x10001}, 0x90) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r12 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r11}, 0x8) write$cgroup_int(r12, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1492.005118][T31353] FAULT_INJECTION: forcing a failure. [ 1492.005118][T31353] name failslab, interval 1, probability 0, space 0, times 0 [ 1492.019524][T31353] CPU: 1 PID: 31353 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1492.029687][T31353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1492.039586][T31353] Call Trace: [ 1492.042700][T31353] [ 1492.045478][T31353] dump_stack_lvl+0x151/0x1b7 [ 1492.049993][T31353] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1492.055461][T31353] dump_stack+0x15/0x17 [ 1492.059457][T31353] should_fail+0x3c6/0x510 [ 1492.063704][T31353] __should_failslab+0xa4/0xe0 [ 1492.068306][T31353] ? vm_area_dup+0x26/0x230 [ 1492.072643][T31353] should_failslab+0x9/0x20 [ 1492.076982][T31353] slab_pre_alloc_hook+0x37/0xd0 [ 1492.081757][T31353] ? vm_area_dup+0x26/0x230 [ 1492.086096][T31353] kmem_cache_alloc+0x44/0x200 [ 1492.090696][T31353] vm_area_dup+0x26/0x230 [ 1492.094862][T31353] copy_mm+0x9a1/0x13e0 [ 1492.098859][T31353] ? copy_signal+0x610/0x610 [ 1492.103281][T31353] ? __init_rwsem+0xd6/0x1c0 [ 1492.107709][T31353] ? copy_signal+0x4e3/0x610 [ 1492.112142][T31353] copy_process+0x1149/0x3290 [ 1492.116648][T31353] ? proc_fail_nth_write+0x20b/0x290 [ 1492.121770][T31353] ? fsnotify_perm+0x6a/0x5d0 [ 1492.126284][T31353] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1492.131229][T31353] ? vfs_write+0x9ec/0x1110 [ 1492.135570][T31353] kernel_clone+0x21e/0x9e0 [ 1492.139906][T31353] ? file_end_write+0x1c0/0x1c0 [ 1492.144595][T31353] ? create_io_thread+0x1e0/0x1e0 [ 1492.149453][T31353] ? mutex_unlock+0xb2/0x260 [ 1492.153880][T31353] ? __mutex_lock_slowpath+0x10/0x10 [ 1492.159012][T31353] __x64_sys_clone+0x23f/0x290 [ 1492.163602][T31353] ? __do_sys_vfork+0x130/0x130 [ 1492.168288][T31353] ? ksys_write+0x260/0x2c0 [ 1492.172640][T31353] ? debug_smp_processor_id+0x17/0x20 [ 1492.177834][T31353] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1492.183736][T31353] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1492.189301][T31353] do_syscall_64+0x3d/0xb0 [ 1492.193552][T31353] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1492.199279][T31353] RIP: 0033:0x7f0304509da9 [ 1492.203552][T31353] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1492.222975][T31353] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1492.231218][T31353] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1492.239221][T31353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1492.247027][T31353] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800053601905000000000000940000000000007fffffff000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='f2fs_gc_end\x00', r0}, 0x10) 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800053601905000000000000940000000000007fffffff000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='f2fs_gc_end\x00', r0}, 0x10) 22:49:13 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 2: r0 = bpf$ITER_CREATE(0x21, &(0x7f00000006c0), 0x8) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@generic={&(0x7f0000000c00)='./file0\x00', 0x0, 0x10}, 0x18) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x18, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000740)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000bc0)={0x2, 0x0, 0x6, 0xe3}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000cc0)=[0xffffffffffffffff, r1, r2, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x2, 0x1, 0xd, 0xb}, {0x2, 0x4, 0xd, 0x379378c80573493e}, {0x2, 0x2, 0x3, 0xa}], 0x10, 0x5}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r2, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1d, &(0x7f0000000500)=[{}], 0x8, 0x10, &(0x7f0000000600), &(0x7f0000000680), 0x8, 0x31, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000ec0)={0x1b, 0x0, 0x0, 0x7f, 0x0, r4, 0x3, '\x00', r3, r0, 0x2, 0x5, 0x1}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x2a) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='mm_compaction_end\x00', r5}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:13 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000080)=@nfc, 0x80, &(0x7f0000001840)=[{&(0x7f0000000380)=""/254, 0xfe}, {&(0x7f0000000200)=""/142, 0x8e}, {&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000140)=""/6, 0x6}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/116, 0x74}, {&(0x7f0000001600)=""/96, 0x60}, {&(0x7f0000001680)=""/186, 0xba}, {&(0x7f0000001740)=""/255, 0xff}], 0x9, &(0x7f0000001900)=""/86, 0x56}, 0x1) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6102, 0x0, 0x0, 0x0}, 0x90) [ 1492.254839][T31353] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1492.262647][T31353] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1492.270472][T31353] 22:49:13 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) (async) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000080)=@nfc, 0x80, &(0x7f0000001840)=[{&(0x7f0000000380)=""/254, 0xfe}, {&(0x7f0000000200)=""/142, 0x8e}, {&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000140)=""/6, 0x6}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/116, 0x74}, {&(0x7f0000001600)=""/96, 0x60}, {&(0x7f0000001680)=""/186, 0xba}, {&(0x7f0000001740)=""/255, 0xff}], 0x9, &(0x7f0000001900)=""/86, 0x56}, 0x1) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) (async) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) 22:49:13 executing program 2: r0 = bpf$ITER_CREATE(0x21, &(0x7f00000006c0), 0x8) (async) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@generic={&(0x7f0000000c00)='./file0\x00', 0x0, 0x10}, 0x18) (async) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x18, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000740)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000bc0)={0x2, 0x0, 0x6, 0xe3}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000cc0)=[0xffffffffffffffff, r1, r2, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x2, 0x1, 0xd, 0xb}, {0x2, 0x4, 0xd, 0x379378c80573493e}, {0x2, 0x2, 0x3, 0xa}], 0x10, 0x5}, 0x90) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r2, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1d, &(0x7f0000000500)=[{}], 0x8, 0x10, &(0x7f0000000600), &(0x7f0000000680), 0x8, 0x31, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async, rerun: 64) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (rerun: 64) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000ec0)={0x1b, 0x0, 0x0, 0x7f, 0x0, r4, 0x3, '\x00', r3, r0, 0x2, 0x5, 0x1}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x2a) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='mm_compaction_end\x00', r5}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6200, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) (async) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000080)=@nfc, 0x80, &(0x7f0000001840)=[{&(0x7f0000000380)=""/254, 0xfe}, {&(0x7f0000000200)=""/142, 0x8e}, {&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000140)=""/6, 0x6}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/116, 0x74}, {&(0x7f0000001600)=""/96, 0x60}, {&(0x7f0000001680)=""/186, 0xba}, {&(0x7f0000001740)=""/255, 0xff}], 0x9, &(0x7f0000001900)=""/86, 0x56}, 0x1) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) (async) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 2: r0 = bpf$ITER_CREATE(0x21, &(0x7f00000006c0), 0x8) (async) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)=@generic={&(0x7f0000000c00)='./file0\x00', 0x0, 0x10}, 0x18) (async) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x18, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000740)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000bc0)={0x2, 0x0, 0x6, 0xe3}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000cc0)=[0xffffffffffffffff, r1, r2, 0xffffffffffffffff], &(0x7f0000000d00)=[{0x2, 0x1, 0xd, 0xb}, {0x2, 0x4, 0xd, 0x379378c80573493e}, {0x2, 0x2, 0x3, 0xa}], 0x10, 0x5}, 0x90) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r2, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1d, &(0x7f0000000500)=[{}], 0x8, 0x10, &(0x7f0000000600), &(0x7f0000000680), 0x8, 0x31, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000ec0)={0x1b, 0x0, 0x0, 0x7f, 0x0, r4, 0x3, '\x00', r3, r0, 0x2, 0x5, 0x1}, 0x48) (async) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x2a) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='mm_compaction_end\x00', r5}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) write$cgroup_int(r7, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:13 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18fff2000080005300000017faff0000940000000fad413e550000000f00000007068db7702210b951724691838007b64142e659aefb3c35642e9df0eb8c26cfd1afee5f8874331216c2aaff250b0e22512bceeba5c6a802279b31bb5463f38c9a7fcf79e6070bfd58f5e94380a2b87845615bae284f136bab8f0a2d8b1a46132934c51d03147d41d3924f09f25519aefcd04ee14f7ae031a76ee0489482066d6e4a599b49275e794fe817e127ed6c960a9b1a158f598372b6bf02ea75fa315e13421b536f8682bb6cebc3aa065617c4052f4efa510e3ce3e4ac08f32022598d93e61af34174992db9f2c75a451a3600c00435296f40e056796fceba1e1207f2c73e650a828b7a3217983fdf11bee4b86839b4f3964865430972cd7a2aac8a5092dc16381375425c5ced9914be5245474c36e30d3665772d3f7eb70461b70293f85d0baa9e0e923ed268d43c8d597d414f074b5d0465c8b2617632735d57fff3804d54165ea93673769db191f497b3e1103daed513ec4952622f200a7eb442bcfa345fcd88539e472bf176d6ec640f9820509bf47e9ef71ce9ee796e88a2a6bd731b3c6867b84fdb8f5574fa2da468f4e571b9cd0c233a096a324c1fc53d11efab6f3c42c0917fa5e7ca62544afdeb3e954de09db309298b4ef3051fc6623942c8d84621d11d0f3a13dfb81a81591d3cf497de05db2b3eb8b8e2b0f58a003d4f92f3bb9d63f09100be21a5eb3741ed8defc58b79509f1908173e885b1aa4d744f8"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:13 executing program 2: bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffc70) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) mkdirat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x1ff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0xc8, 0x3d, &(0x7f00000002c0)="95e044dcfc64a2bee38fbe2fdfa6362f18839f9f0893e2bed56b39e972fd2e70a5ed71e581d4ec73b289731336cde6823036db4431591baa5e7f2cb85b03512f93f36159b1c9aa4fb3536928fb3c6622e2ad2d75edd092cabd398945ed2a63f9f81f62bdb844d3052aca69879b4b9a910f1d8f25295cb3f94e067ca7c3a9af1f8255547582aadeaa904096cb4c50e25d1a0328016080be34da1d1fb926d1358bee8359ed4e9db24b0b189f8b81b38b0db4e6b04ffff4c3c0fa7cf8faee4f25df213afbe80dfdb40a", &(0x7f0000000040)=""/61, 0x800, 0x0, 0x51, 0x4a, &(0x7f0000000080)="0797ffbcb98d1429aa96e335202c51b5281ead86c425f77ee8acee08161e26c23945fa06aa7173dfc6fa68aa5ac4ac2e5602e3080ae438c1d60e403f76b63ba2864c4250421c8e7ed25b735c6b872a60a2", &(0x7f00000003c0)="6d8e160b500c7d10ecaa29f7648a1292689a6daa009c016e17e760f2bc0aa23fd4b0623bd6478a9f5d5bbc63d9dc15a55cbb873f7973c31cf43b344e8233a3acb8162ce5b1571dbf521a", 0x2, 0x0, 0x99a}, 0x50) write$cgroup_int(r1, &(0x7f00000001c0)=0x400, 0x12) close(r0) 22:49:13 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6300, 0x0, 0x0, 0x0}, 0x90) [ 1492.370646][T31387] FAULT_INJECTION: forcing a failure. [ 1492.370646][T31387] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1492.416571][T31387] CPU: 0 PID: 31387 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1492.426750][T31387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1492.436638][T31387] Call Trace: [ 1492.439759][T31387] [ 1492.442536][T31387] dump_stack_lvl+0x151/0x1b7 [ 1492.447051][T31387] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1492.452516][T31387] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1492.457984][T31387] dump_stack+0x15/0x17 [ 1492.461983][T31387] should_fail+0x3c6/0x510 [ 1492.466234][T31387] should_fail_alloc_page+0x5a/0x80 [ 1492.471262][T31387] prepare_alloc_pages+0x15c/0x700 [ 1492.476211][T31387] ? __alloc_pages_bulk+0xe40/0xe40 [ 1492.481245][T31387] ? sched_clock+0x9/0x10 [ 1492.485410][T31387] ? native_set_ldt+0x360/0x360 [ 1492.490099][T31387] __alloc_pages+0x18c/0x8f0 [ 1492.494522][T31387] ? _raw_spin_unlock+0x4d/0x70 [ 1492.499212][T31387] ? prep_new_page+0x110/0x110 [ 1492.503812][T31387] pte_alloc_one+0x73/0x1b0 [ 1492.508149][T31387] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1492.513186][T31387] ? preempt_schedule+0xd9/0xe0 [ 1492.517871][T31387] ? preempt_schedule_common+0xbe/0xf0 [ 1492.523166][T31387] __pte_alloc+0x86/0x350 [ 1492.527331][T31387] ? free_pgtables+0x280/0x280 [ 1492.531937][T31387] ? _raw_spin_lock+0xa4/0x1b0 [ 1492.536532][T31387] ? __kasan_check_write+0x14/0x20 [ 1492.541490][T31387] copy_page_range+0x28a8/0x2f90 [ 1492.546251][T31387] ? __kasan_slab_alloc+0xb1/0xe0 [ 1492.551116][T31387] ? pfn_valid+0x1e0/0x1e0 [ 1492.555366][T31387] ? vma_gap_callbacks_rotate+0x1b7/0x210 [ 1492.560921][T31387] ? __rb_insert_augmented+0x5de/0x610 [ 1492.566217][T31387] copy_mm+0xc7e/0x13e0 [ 1492.570209][T31387] ? copy_signal+0x610/0x610 [ 1492.574634][T31387] ? __init_rwsem+0xd6/0x1c0 [ 1492.579061][T31387] ? copy_signal+0x4e3/0x610 [ 1492.583484][T31387] copy_process+0x1149/0x3290 [ 1492.588001][T31387] ? proc_fail_nth_write+0x20b/0x290 [ 1492.593122][T31387] ? fsnotify_perm+0x6a/0x5d0 [ 1492.597633][T31387] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1492.602579][T31387] ? vfs_write+0x9ec/0x1110 [ 1492.606922][T31387] kernel_clone+0x21e/0x9e0 [ 1492.611258][T31387] ? file_end_write+0x1c0/0x1c0 [ 1492.615959][T31387] ? create_io_thread+0x1e0/0x1e0 [ 1492.620804][T31387] ? mutex_unlock+0xb2/0x260 [ 1492.625235][T31387] ? __mutex_lock_slowpath+0x10/0x10 [ 1492.630441][T31387] __x64_sys_clone+0x23f/0x290 [ 1492.635045][T31387] ? __do_sys_vfork+0x130/0x130 [ 1492.639727][T31387] ? ksys_write+0x260/0x2c0 [ 1492.644068][T31387] ? debug_smp_processor_id+0x17/0x20 [ 1492.649275][T31387] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1492.655174][T31387] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1492.660643][T31387] do_syscall_64+0x3d/0xb0 [ 1492.664895][T31387] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1492.670623][T31387] RIP: 0033:0x7f0304509da9 [ 1492.674885][T31387] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1492.694317][T31387] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1492.702563][T31387] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1492.710374][T31387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:13 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18fff2000080005300000017faff0000940000000fad413e550000000f00000007068db7702210b951724691838007b64142e659aefb3c35642e9df0eb8c26cfd1afee5f8874331216c2aaff250b0e22512bceeba5c6a802279b31bb5463f38c9a7fcf79e6070bfd58f5e94380a2b87845615bae284f136bab8f0a2d8b1a46132934c51d03147d41d3924f09f25519aefcd04ee14f7ae031a76ee0489482066d6e4a599b49275e794fe817e127ed6c960a9b1a158f598372b6bf02ea75fa315e13421b536f8682bb6cebc3aa065617c4052f4efa510e3ce3e4ac08f32022598d93e61af34174992db9f2c75a451a3600c00435296f40e056796fceba1e1207f2c73e650a828b7a3217983fdf11bee4b86839b4f3964865430972cd7a2aac8a5092dc16381375425c5ced9914be5245474c36e30d3665772d3f7eb70461b70293f85d0baa9e0e923ed268d43c8d597d414f074b5d0465c8b2617632735d57fff3804d54165ea93673769db191f497b3e1103daed513ec4952622f200a7eb442bcfa345fcd88539e472bf176d6ec640f9820509bf47e9ef71ce9ee796e88a2a6bd731b3c6867b84fdb8f5574fa2da468f4e571b9cd0c233a096a324c1fc53d11efab6f3c42c0917fa5e7ca62544afdeb3e954de09db309298b4ef3051fc6623942c8d84621d11d0f3a13dfb81a81591d3cf497de05db2b3eb8b8e2b0f58a003d4f92f3bb9d63f09100be21a5eb3741ed8defc58b79509f1908173e885b1aa4d744f8"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6900, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 2: bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffc70) (async) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) mkdirat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x1ff) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0xc8, 0x3d, &(0x7f00000002c0)="95e044dcfc64a2bee38fbe2fdfa6362f18839f9f0893e2bed56b39e972fd2e70a5ed71e581d4ec73b289731336cde6823036db4431591baa5e7f2cb85b03512f93f36159b1c9aa4fb3536928fb3c6622e2ad2d75edd092cabd398945ed2a63f9f81f62bdb844d3052aca69879b4b9a910f1d8f25295cb3f94e067ca7c3a9af1f8255547582aadeaa904096cb4c50e25d1a0328016080be34da1d1fb926d1358bee8359ed4e9db24b0b189f8b81b38b0db4e6b04ffff4c3c0fa7cf8faee4f25df213afbe80dfdb40a", &(0x7f0000000040)=""/61, 0x800, 0x0, 0x51, 0x4a, &(0x7f0000000080)="0797ffbcb98d1429aa96e335202c51b5281ead86c425f77ee8acee08161e26c23945fa06aa7173dfc6fa68aa5ac4ac2e5602e3080ae438c1d60e403f76b63ba2864c4250421c8e7ed25b735c6b872a60a2", &(0x7f00000003c0)="6d8e160b500c7d10ecaa29f7648a1292689a6daa009c016e17e760f2bc0aa23fd4b0623bd6478a9f5d5bbc63d9dc15a55cbb873f7973c31cf43b344e8233a3acb8162ce5b1571dbf521a", 0x2, 0x0, 0x99a}, 0x50) write$cgroup_int(r1, &(0x7f00000001c0)=0x400, 0x12) (async) close(r0) 22:49:14 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18fff2000080005300000017faff0000940000000fad413e550000000f00000007068db7702210b951724691838007b64142e659aefb3c35642e9df0eb8c26cfd1afee5f8874331216c2aaff250b0e22512bceeba5c6a802279b31bb5463f38c9a7fcf79e6070bfd58f5e94380a2b87845615bae284f136bab8f0a2d8b1a46132934c51d03147d41d3924f09f25519aefcd04ee14f7ae031a76ee0489482066d6e4a599b49275e794fe817e127ed6c960a9b1a158f598372b6bf02ea75fa315e13421b536f8682bb6cebc3aa065617c4052f4efa510e3ce3e4ac08f32022598d93e61af34174992db9f2c75a451a3600c00435296f40e056796fceba1e1207f2c73e650a828b7a3217983fdf11bee4b86839b4f3964865430972cd7a2aac8a5092dc16381375425c5ced9914be5245474c36e30d3665772d3f7eb70461b70293f85d0baa9e0e923ed268d43c8d597d414f074b5d0465c8b2617632735d57fff3804d54165ea93673769db191f497b3e1103daed513ec4952622f200a7eb442bcfa345fcd88539e472bf176d6ec640f9820509bf47e9ef71ce9ee796e88a2a6bd731b3c6867b84fdb8f5574fa2da468f4e571b9cd0c233a096a324c1fc53d11efab6f3c42c0917fa5e7ca62544afdeb3e954de09db309298b4ef3051fc6623942c8d84621d11d0f3a13dfb81a81591d3cf497de05db2b3eb8b8e2b0f58a003d4f92f3bb9d63f09100be21a5eb3741ed8defc58b79509f1908173e885b1aa4d744f8"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:14 executing program 2: bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffc70) (async) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) mkdirat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x1ff) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0xc8, 0x3d, &(0x7f00000002c0)="95e044dcfc64a2bee38fbe2fdfa6362f18839f9f0893e2bed56b39e972fd2e70a5ed71e581d4ec73b289731336cde6823036db4431591baa5e7f2cb85b03512f93f36159b1c9aa4fb3536928fb3c6622e2ad2d75edd092cabd398945ed2a63f9f81f62bdb844d3052aca69879b4b9a910f1d8f25295cb3f94e067ca7c3a9af1f8255547582aadeaa904096cb4c50e25d1a0328016080be34da1d1fb926d1358bee8359ed4e9db24b0b189f8b81b38b0db4e6b04ffff4c3c0fa7cf8faee4f25df213afbe80dfdb40a", &(0x7f0000000040)=""/61, 0x800, 0x0, 0x51, 0x4a, &(0x7f0000000080)="0797ffbcb98d1429aa96e335202c51b5281ead86c425f77ee8acee08161e26c23945fa06aa7173dfc6fa68aa5ac4ac2e5602e3080ae438c1d60e403f76b63ba2864c4250421c8e7ed25b735c6b872a60a2", &(0x7f00000003c0)="6d8e160b500c7d10ecaa29f7648a1292689a6daa009c016e17e760f2bc0aa23fd4b0623bd6478a9f5d5bbc63d9dc15a55cbb873f7973c31cf43b344e8233a3acb8162ce5b1571dbf521a", 0x2, 0x0, 0x99a}, 0x50) (async) write$cgroup_int(r1, &(0x7f00000001c0)=0x400, 0x12) close(r0) 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a00, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) 22:49:14 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18fffffffff9ff0000940000000fad413e5500000e0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) openat$cgroup_ro(r2, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) [ 1492.718185][T31387] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1492.726021][T31387] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1492.733808][T31387] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1492.741623][T31387] 22:49:14 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vlan0\x00', 0x600}) 22:49:14 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b00, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18fffffffff9ff0000940000000fad413e5500000e0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) openat$cgroup_ro(r2, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) 22:49:14 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18fffffffff9ff0000940000000fad413e5500000e0f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) openat$cgroup_ro(r2, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) [ 1492.830050][T31433] FAULT_INJECTION: forcing a failure. [ 1492.830050][T31433] name failslab, interval 1, probability 0, space 0, times 0 22:49:14 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e5500000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001740)={0x2, 0x80, 0x40, 0xff, 0x4, 0x4, 0x0, 0x8, 0x10100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0xdb62a33, 0x0, @perf_config_ext={0x4, 0x6}, 0x440, 0x5, 0x0, 0x9, 0x1, 0x9, 0x0, 0x0, 0x9, 0x0, 0xe52b}, 0xffffffffffffffff, 0x7, r3, 0x1) perf_event_open(&(0x7f00000017c0)={0x4, 0x80, 0x0, 0xf7, 0x0, 0x3, 0x0, 0x80000001, 0x40004, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3ff, 0x4, @perf_bp={&(0x7f0000001640), 0x8}, 0x2000, 0x82, 0x80000000, 0x7, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0xb38d38}, 0x0, 0xd, r4, 0x2) r5 = openat$cgroup_procs(r0, &(0x7f0000001e40)='cgroup.procs\x00', 0x2, 0x0) r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xff, 0x2, 0x0, 0x5, 0x0, 0x10000, 0x12, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x4, @perf_config_ext={0x3, 0x7fff}, 0x702, 0x0, 0x68, 0x6, 0x6, 0x0, 0x4, 0x0, 0x5, 0x0, 0x100000001}, r7, 0x6, r6, 0x4) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x29, 0x1, 0x9, 0x0, 0x3f0000000000000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f0000000180), 0x5}, 0x86, 0x5, 0x12d, 0x9, 0xe4d, 0x0, 0x3, 0x0, 0xfff, 0x0, 0x1}, r7, 0x3, r6, 0x1) write$cgroup_pid(r5, &(0x7f0000001e80)=r7, 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e80)=@bpf_lsm={0x1d, 0x4, &(0x7f0000001440)=ANY=[@ANYBLOB="180004000600000000000000fc73000009000000000000001f877575f658353bedec17e8ba1c3a42d599ed387cfbbcadf6c6fdedf909f4ef2c0bc38e831da4da049a78b7d3a86cd52eff461687de0600582ba57dab57606a8afcd737df387fbb3a51c2a1f05d597dbe6dfecb4c475e378c25db161187feff9fd4269ee6177e9c60d4145f275a7664020091c75a71254e8b1c9fcafbeb594138045b218500000000000000e0ffffffffffffff00000000000000000000000000000000000000aa1b810865241b23b840d0cd6c8fad0bbcf8febf4aa21bfee9a98a5df0f8824c97f855c8ce5c256fbd9019789c9bb6c8c8423b50043c2cd3dd6152acce4b5f40e04d55e0bdc5da50d14c5f3d5134f5c5debef33ef1373a5ad82c5e94b7c18e942505194819e78a01a048d7761dc91b4eceefc3e47e4dc3eb2ab90b769fe4884d831e58339416e04d50dd68e3e4963703c602f219b0baefce4fc62d9e77a7d5b4ae0b9cbc1443d181e6fb420af4a1690ae6a3283ef307b774b6088cd7d3455623d66b7ef066dda67625f099920596fb5a808e00de55099e38eb6d98365f2f2861"], &(0x7f0000000880)='GPL\x00', 0x1f, 0x93, &(0x7f0000000cc0)=""/147, 0x0, 0x2, '\x00', r8, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x9}, 0x8, 0x10, 0x0, 0x0, r9}, 0x90) r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x7, [@int={0x6, 0x0, 0x0, 0x1, 0x0, 0x4c, 0x0, 0x2c, 0x2}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x66, 0x0, 0x74, 0xa0feed678f9a5941}, @fwd={0x3}, @int={0x5, 0x0, 0x0, 0x1, 0x0, 0x13, 0x0, 0x46, 0x5}]}, {0x0, [0x61, 0x2e, 0x2e, 0x30, 0x30]}}, &(0x7f0000000340)=""/133, 0x67, 0x85, 0x0, 0x10001}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={r0, 0x20, &(0x7f00000015c0)={&(0x7f00000004c0)=""/204, 0xcc, 0x0, &(0x7f00000005c0)=""/4096, 0x1000}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x15, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xddaa}, [@ldst={0x3, 0x3, 0x3, 0x6, 0x0, 0x18, 0xfffffffffffffff0}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xe}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}]}, &(0x7f00000000c0)='syzkaller\x00', 0xcc98, 0x29, &(0x7f0000000140)=""/41, 0x41000, 0x20, '\x00', r8, 0x3, r10, 0x8, &(0x7f0000000440)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x6, 0x4000000, 0x6}, 0x10, r11, r1, 0x0, 0x0, &(0x7f0000001640), 0x10, 0x2}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c00)={0xffffffffffffffff, 0xe0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001940)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000019c0)=[0x0], 0x0, 0x90, &(0x7f0000001a00)=[{}, {}], 0x10, 0x10, &(0x7f0000001a40), &(0x7f0000001a80), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001ac0)}}, 0x10) perf_event_open(&(0x7f0000001ec0)={0x4, 0x80, 0x6, 0x2, 0x0, 0xb6, 0x0, 0x0, 0x2000, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x5, 0x3}, 0x48, 0x8000, 0x5, 0x6, 0x2e, 0xfff, 0xc000, 0x0, 0x6, 0x0, 0x6}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001c40)=@bloom_filter={0x1e, 0x3, 0x3f, 0x1f, 0x20, r0, 0x1, '\x00', r8, r0, 0x3, 0x5, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x1b, 0x3, &(0x7f0000001840)=@raw=[@map_val={0x18, 0x8, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xfffffffb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000001880)='GPL\x00', 0x101, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0xa2a9ff8432f5b6a3, r10, 0x8, &(0x7f00000018c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001900)={0x2, 0x6, 0x508, 0x5}, 0x10, r12, r0, 0x6, &(0x7f0000001cc0)=[r0, r2, r0, r13], &(0x7f0000001d00)=[{0x5, 0x4, 0x0, 0x9}, {0x2, 0x3, 0xc, 0xa}, {0x4, 0x3, 0xf, 0x1}, {0x2, 0x5, 0x6, 0xa}, {0x1, 0x5, 0xb, 0x9}, {0x2, 0x5, 0xe, 0xa}], 0x10, 0x1ad}, 0x90) r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r15 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r14}, 0x8) write$cgroup_int(r15, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1492.877368][T31433] CPU: 1 PID: 31433 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1492.887539][T31433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1492.897435][T31433] Call Trace: [ 1492.900557][T31433] [ 1492.903342][T31433] dump_stack_lvl+0x151/0x1b7 [ 1492.907851][T31433] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1492.913315][T31433] dump_stack+0x15/0x17 [ 1492.917301][T31433] should_fail+0x3c6/0x510 [ 1492.921555][T31433] __should_failslab+0xa4/0xe0 [ 1492.926155][T31433] ? anon_vma_fork+0x1df/0x4e0 [ 1492.930754][T31433] should_failslab+0x9/0x20 [ 1492.935095][T31433] slab_pre_alloc_hook+0x37/0xd0 [ 1492.939879][T31433] ? anon_vma_fork+0x1df/0x4e0 [ 1492.944468][T31433] kmem_cache_alloc+0x44/0x200 [ 1492.949068][T31433] anon_vma_fork+0x1df/0x4e0 [ 1492.953496][T31433] copy_mm+0xa3a/0x13e0 [ 1492.957489][T31433] ? copy_signal+0x610/0x610 [ 1492.961919][T31433] ? __init_rwsem+0xd6/0x1c0 [ 1492.966338][T31433] ? copy_signal+0x4e3/0x610 [ 1492.970767][T31433] copy_process+0x1149/0x3290 [ 1492.975281][T31433] ? proc_fail_nth_write+0x20b/0x290 [ 1492.980400][T31433] ? fsnotify_perm+0x6a/0x5d0 [ 1492.984919][T31433] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1492.989863][T31433] ? vfs_write+0x9ec/0x1110 [ 1492.994200][T31433] kernel_clone+0x21e/0x9e0 [ 1492.998540][T31433] ? file_end_write+0x1c0/0x1c0 [ 1493.003231][T31433] ? create_io_thread+0x1e0/0x1e0 [ 1493.008088][T31433] ? mutex_unlock+0xb2/0x260 [ 1493.012514][T31433] ? __mutex_lock_slowpath+0x10/0x10 [ 1493.017634][T31433] __x64_sys_clone+0x23f/0x290 [ 1493.022235][T31433] ? __do_sys_vfork+0x130/0x130 [ 1493.026923][T31433] ? ksys_write+0x260/0x2c0 [ 1493.031269][T31433] ? debug_smp_processor_id+0x17/0x20 [ 1493.036467][T31433] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1493.042371][T31433] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1493.047839][T31433] do_syscall_64+0x3d/0xb0 [ 1493.052088][T31433] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1493.057818][T31433] RIP: 0033:0x7f0304509da9 [ 1493.062070][T31433] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1493.081518][T31433] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1493.089757][T31433] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1493.097567][T31433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1493.105377][T31433] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1493.113191][T31433] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vlan0\x00', 0x600}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vlan0\x00', 0x600}) (async) 22:49:14 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 22:49:14 executing program 2: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) (async) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e5500000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001740)={0x2, 0x80, 0x40, 0xff, 0x4, 0x4, 0x0, 0x8, 0x10100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0xdb62a33, 0x0, @perf_config_ext={0x4, 0x6}, 0x440, 0x5, 0x0, 0x9, 0x1, 0x9, 0x0, 0x0, 0x9, 0x0, 0xe52b}, 0xffffffffffffffff, 0x7, r3, 0x1) perf_event_open(&(0x7f00000017c0)={0x4, 0x80, 0x0, 0xf7, 0x0, 0x3, 0x0, 0x80000001, 0x40004, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3ff, 0x4, @perf_bp={&(0x7f0000001640), 0x8}, 0x2000, 0x82, 0x80000000, 0x7, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0xb38d38}, 0x0, 0xd, r4, 0x2) r5 = openat$cgroup_procs(r0, &(0x7f0000001e40)='cgroup.procs\x00', 0x2, 0x0) r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xff, 0x2, 0x0, 0x5, 0x0, 0x10000, 0x12, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x4, @perf_config_ext={0x3, 0x7fff}, 0x702, 0x0, 0x68, 0x6, 0x6, 0x0, 0x4, 0x0, 0x5, 0x0, 0x100000001}, r7, 0x6, r6, 0x4) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x29, 0x1, 0x9, 0x0, 0x3f0000000000000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f0000000180), 0x5}, 0x86, 0x5, 0x12d, 0x9, 0xe4d, 0x0, 0x3, 0x0, 0xfff, 0x0, 0x1}, r7, 0x3, r6, 0x1) (async) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x29, 0x1, 0x9, 0x0, 0x3f0000000000000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f0000000180), 0x5}, 0x86, 0x5, 0x12d, 0x9, 0xe4d, 0x0, 0x3, 0x0, 0xfff, 0x0, 0x1}, r7, 0x3, r6, 0x1) write$cgroup_pid(r5, &(0x7f0000001e80)=r7, 0x12) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e80)=@bpf_lsm={0x1d, 0x4, &(0x7f0000001440)=ANY=[@ANYBLOB="180004000600000000000000fc73000009000000000000001f877575f658353bedec17e8ba1c3a42d599ed387cfbbcadf6c6fdedf909f4ef2c0bc38e831da4da049a78b7d3a86cd52eff461687de0600582ba57dab57606a8afcd737df387fbb3a51c2a1f05d597dbe6dfecb4c475e378c25db161187feff9fd4269ee6177e9c60d4145f275a7664020091c75a71254e8b1c9fcafbeb594138045b218500000000000000e0ffffffffffffff00000000000000000000000000000000000000aa1b810865241b23b840d0cd6c8fad0bbcf8febf4aa21bfee9a98a5df0f8824c97f855c8ce5c256fbd9019789c9bb6c8c8423b50043c2cd3dd6152acce4b5f40e04d55e0bdc5da50d14c5f3d5134f5c5debef33ef1373a5ad82c5e94b7c18e942505194819e78a01a048d7761dc91b4eceefc3e47e4dc3eb2ab90b769fe4884d831e58339416e04d50dd68e3e4963703c602f219b0baefce4fc62d9e77a7d5b4ae0b9cbc1443d181e6fb420af4a1690ae6a3283ef307b774b6088cd7d3455623d66b7ef066dda67625f099920596fb5a808e00de55099e38eb6d98365f2f2861"], &(0x7f0000000880)='GPL\x00', 0x1f, 0x93, &(0x7f0000000cc0)=""/147, 0x0, 0x2, '\x00', r8, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x9}, 0x8, 0x10, 0x0, 0x0, r9}, 0x90) r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x7, [@int={0x6, 0x0, 0x0, 0x1, 0x0, 0x4c, 0x0, 0x2c, 0x2}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x66, 0x0, 0x74, 0xa0feed678f9a5941}, @fwd={0x3}, @int={0x5, 0x0, 0x0, 0x1, 0x0, 0x13, 0x0, 0x46, 0x5}]}, {0x0, [0x61, 0x2e, 0x2e, 0x30, 0x30]}}, &(0x7f0000000340)=""/133, 0x67, 0x85, 0x0, 0x10001}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={r0, 0x20, &(0x7f00000015c0)={&(0x7f00000004c0)=""/204, 0xcc, 0x0, &(0x7f00000005c0)=""/4096, 0x1000}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x15, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xddaa}, [@ldst={0x3, 0x3, 0x3, 0x6, 0x0, 0x18, 0xfffffffffffffff0}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xe}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}]}, &(0x7f00000000c0)='syzkaller\x00', 0xcc98, 0x29, &(0x7f0000000140)=""/41, 0x41000, 0x20, '\x00', r8, 0x3, r10, 0x8, &(0x7f0000000440)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x6, 0x4000000, 0x6}, 0x10, r11, r1, 0x0, 0x0, &(0x7f0000001640), 0x10, 0x2}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x15, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xddaa}, [@ldst={0x3, 0x3, 0x3, 0x6, 0x0, 0x18, 0xfffffffffffffff0}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xe}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}]}, &(0x7f00000000c0)='syzkaller\x00', 0xcc98, 0x29, &(0x7f0000000140)=""/41, 0x41000, 0x20, '\x00', r8, 0x3, r10, 0x8, &(0x7f0000000440)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x6, 0x4000000, 0x6}, 0x10, r11, r1, 0x0, 0x0, &(0x7f0000001640), 0x10, 0x2}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c00)={0xffffffffffffffff, 0xe0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001940)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000019c0)=[0x0], 0x0, 0x90, &(0x7f0000001a00)=[{}, {}], 0x10, 0x10, &(0x7f0000001a40), &(0x7f0000001a80), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001ac0)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c00)={0xffffffffffffffff, 0xe0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001940)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000019c0)=[0x0], 0x0, 0x90, &(0x7f0000001a00)=[{}, {}], 0x10, 0x10, &(0x7f0000001a40), &(0x7f0000001a80), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001ac0)}}, 0x10) perf_event_open(&(0x7f0000001ec0)={0x4, 0x80, 0x6, 0x2, 0x0, 0xb6, 0x0, 0x0, 0x2000, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x5, 0x3}, 0x48, 0x8000, 0x5, 0x6, 0x2e, 0xfff, 0xc000, 0x0, 0x6, 0x0, 0x6}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001c40)=@bloom_filter={0x1e, 0x3, 0x3f, 0x1f, 0x20, r0, 0x1, '\x00', r8, r0, 0x3, 0x5, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x1b, 0x3, &(0x7f0000001840)=@raw=[@map_val={0x18, 0x8, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xfffffffb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000001880)='GPL\x00', 0x101, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0xa2a9ff8432f5b6a3, r10, 0x8, &(0x7f00000018c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001900)={0x2, 0x6, 0x508, 0x5}, 0x10, r12, r0, 0x6, &(0x7f0000001cc0)=[r0, r2, r0, r13], &(0x7f0000001d00)=[{0x5, 0x4, 0x0, 0x9}, {0x2, 0x3, 0xc, 0xa}, {0x4, 0x3, 0xf, 0x1}, {0x2, 0x5, 0x6, 0xa}, {0x1, 0x5, 0xb, 0x9}, {0x2, 0x5, 0xe, 0xa}], 0x10, 0x1ad}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) (async) r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r15 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r14}, 0x8) write$cgroup_int(r15, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r15, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1493.121000][T31433] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1493.128816][T31433] 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7100, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e5500000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 64) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001740)={0x2, 0x80, 0x40, 0xff, 0x4, 0x4, 0x0, 0x8, 0x10100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0xdb62a33, 0x0, @perf_config_ext={0x4, 0x6}, 0x440, 0x5, 0x0, 0x9, 0x1, 0x9, 0x0, 0x0, 0x9, 0x0, 0xe52b}, 0xffffffffffffffff, 0x7, r3, 0x1) perf_event_open(&(0x7f00000017c0)={0x4, 0x80, 0x0, 0xf7, 0x0, 0x3, 0x0, 0x80000001, 0x40004, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3ff, 0x4, @perf_bp={&(0x7f0000001640), 0x8}, 0x2000, 0x82, 0x80000000, 0x7, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0xb38d38}, 0x0, 0xd, r4, 0x2) (async) r5 = openat$cgroup_procs(r0, &(0x7f0000001e40)='cgroup.procs\x00', 0x2, 0x0) r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r7 = gettid() perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xff, 0x2, 0x0, 0x5, 0x0, 0x10000, 0x12, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x4, @perf_config_ext={0x3, 0x7fff}, 0x702, 0x0, 0x68, 0x6, 0x6, 0x0, 0x4, 0x0, 0x5, 0x0, 0x100000001}, r7, 0x6, r6, 0x4) (async) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x29, 0x1, 0x9, 0x0, 0x3f0000000000000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f0000000180), 0x5}, 0x86, 0x5, 0x12d, 0x9, 0xe4d, 0x0, 0x3, 0x0, 0xfff, 0x0, 0x1}, r7, 0x3, r6, 0x1) (async) write$cgroup_pid(r5, &(0x7f0000001e80)=r7, 0x12) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e80)=@bpf_lsm={0x1d, 0x4, &(0x7f0000001440)=ANY=[@ANYBLOB="180004000600000000000000fc73000009000000000000001f877575f658353bedec17e8ba1c3a42d599ed387cfbbcadf6c6fdedf909f4ef2c0bc38e831da4da049a78b7d3a86cd52eff461687de0600582ba57dab57606a8afcd737df387fbb3a51c2a1f05d597dbe6dfecb4c475e378c25db161187feff9fd4269ee6177e9c60d4145f275a7664020091c75a71254e8b1c9fcafbeb594138045b218500000000000000e0ffffffffffffff00000000000000000000000000000000000000aa1b810865241b23b840d0cd6c8fad0bbcf8febf4aa21bfee9a98a5df0f8824c97f855c8ce5c256fbd9019789c9bb6c8c8423b50043c2cd3dd6152acce4b5f40e04d55e0bdc5da50d14c5f3d5134f5c5debef33ef1373a5ad82c5e94b7c18e942505194819e78a01a048d7761dc91b4eceefc3e47e4dc3eb2ab90b769fe4884d831e58339416e04d50dd68e3e4963703c602f219b0baefce4fc62d9e77a7d5b4ae0b9cbc1443d181e6fb420af4a1690ae6a3283ef307b774b6088cd7d3455623d66b7ef066dda67625f099920596fb5a808e00de55099e38eb6d98365f2f2861"], &(0x7f0000000880)='GPL\x00', 0x1f, 0x93, &(0x7f0000000cc0)=""/147, 0x0, 0x2, '\x00', r8, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x9}, 0x8, 0x10, 0x0, 0x0, r9}, 0x90) (async, rerun: 32) r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x7, [@int={0x6, 0x0, 0x0, 0x1, 0x0, 0x4c, 0x0, 0x2c, 0x2}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x66, 0x0, 0x74, 0xa0feed678f9a5941}, @fwd={0x3}, @int={0x5, 0x0, 0x0, 0x1, 0x0, 0x13, 0x0, 0x46, 0x5}]}, {0x0, [0x61, 0x2e, 0x2e, 0x30, 0x30]}}, &(0x7f0000000340)=""/133, 0x67, 0x85, 0x0, 0x10001}, 0x20) (rerun: 32) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001600)={r0, 0x20, &(0x7f00000015c0)={&(0x7f00000004c0)=""/204, 0xcc, 0x0, &(0x7f00000005c0)=""/4096, 0x1000}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x15, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xddaa}, [@ldst={0x3, 0x3, 0x3, 0x6, 0x0, 0x18, 0xfffffffffffffff0}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xe}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}]}, &(0x7f00000000c0)='syzkaller\x00', 0xcc98, 0x29, &(0x7f0000000140)=""/41, 0x41000, 0x20, '\x00', r8, 0x3, r10, 0x8, &(0x7f0000000440)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x6, 0x4000000, 0x6}, 0x10, r11, r1, 0x0, 0x0, &(0x7f0000001640), 0x10, 0x2}, 0x90) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c00)={0xffffffffffffffff, 0xe0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001940)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000019c0)=[0x0], 0x0, 0x90, &(0x7f0000001a00)=[{}, {}], 0x10, 0x10, &(0x7f0000001a40), &(0x7f0000001a80), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001ac0)}}, 0x10) (async, rerun: 64) perf_event_open(&(0x7f0000001ec0)={0x4, 0x80, 0x6, 0x2, 0x0, 0xb6, 0x0, 0x0, 0x2000, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x5, 0x3}, 0x48, 0x8000, 0x5, 0x6, 0x2e, 0xfff, 0xc000, 0x0, 0x6, 0x0, 0x6}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) (async, rerun: 64) r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001c40)=@bloom_filter={0x1e, 0x3, 0x3f, 0x1f, 0x20, r0, 0x1, '\x00', r8, r0, 0x3, 0x5, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x1b, 0x3, &(0x7f0000001840)=@raw=[@map_val={0x18, 0x8, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xfffffffb}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000001880)='GPL\x00', 0x101, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0xa2a9ff8432f5b6a3, r10, 0x8, &(0x7f00000018c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001900)={0x2, 0x6, 0x508, 0x5}, 0x10, r12, r0, 0x6, &(0x7f0000001cc0)=[r0, r2, r0, r13], &(0x7f0000001d00)=[{0x5, 0x4, 0x0, 0x9}, {0x2, 0x3, 0xc, 0xa}, {0x4, 0x3, 0xf, 0x1}, {0x2, 0x5, 0x6, 0xa}, {0x1, 0x5, 0xb, 0x9}, {0x2, 0x5, 0xe, 0xa}], 0x10, 0x1ad}, 0x90) (async) r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r15 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r14}, 0x8) write$cgroup_int(r15, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7200, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:14 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000140)=r0}, 0x20) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={r1, 0x58, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x48) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0xc028660f, &(0x7f00000005c0)=0x400000001) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)='%-010d \x00'}, 0x20) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0x1, 0x800, 0xfffffffe, 0x4020, r1, 0x7fff8000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0x2e, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x8, 0x1, 0x0, r3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0xe, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xed}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x108}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x92, &(0x7f00000004c0)=""/146, 0x41000, 0x24, '\x00', r5, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x1, 0x9, 0x25dd1749}, 0x10, 0x0, r0, 0x1, &(0x7f0000000880)=[r6, r7, r8, r1, r9, r1, r1, r1], &(0x7f00000008c0)=[{0x2, 0x5, 0xf, 0x1}], 0x10, 0x6}, 0x90) r10 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r10, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:14 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7300, 0x0, 0x0, 0x0}, 0x90) [ 1493.250757][T31473] FAULT_INJECTION: forcing a failure. [ 1493.250757][T31473] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1493.272003][T31473] CPU: 1 PID: 31473 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1493.282160][T31473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1493.292065][T31473] Call Trace: [ 1493.295178][T31473] [ 1493.297957][T31473] dump_stack_lvl+0x151/0x1b7 [ 1493.302472][T31473] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1493.307940][T31473] ? bpf_trace_run3+0x250/0x250 [ 1493.312632][T31473] dump_stack+0x15/0x17 [ 1493.316616][T31473] should_fail+0x3c6/0x510 [ 1493.320872][T31473] should_fail_alloc_page+0x5a/0x80 [ 1493.325906][T31473] prepare_alloc_pages+0x15c/0x700 [ 1493.330852][T31473] ? __alloc_pages_bulk+0xe40/0xe40 [ 1493.335886][T31473] __alloc_pages+0x18c/0x8f0 [ 1493.340312][T31473] ? prep_new_page+0x110/0x110 [ 1493.344919][T31473] get_zeroed_page+0x1b/0x40 [ 1493.349334][T31473] __pud_alloc+0x8b/0x260 [ 1493.353497][T31473] ? stack_trace_snprint+0xf0/0xf0 [ 1493.358444][T31473] ? do_handle_mm_fault+0x2330/0x2330 [ 1493.363652][T31473] ? __stack_depot_save+0x34/0x470 [ 1493.368599][T31473] ? anon_vma_clone+0x9a/0x500 [ 1493.373200][T31473] copy_page_range+0x2bcf/0x2f90 [ 1493.377976][T31473] ? __kasan_slab_alloc+0xb1/0xe0 [ 1493.382834][T31473] ? slab_post_alloc_hook+0x53/0x2c0 [ 1493.387972][T31473] ? copy_mm+0xa3a/0x13e0 [ 1493.392119][T31473] ? copy_process+0x1149/0x3290 [ 1493.396808][T31473] ? kernel_clone+0x21e/0x9e0 [ 1493.401320][T31473] ? __x64_sys_clone+0x23f/0x290 [ 1493.406092][T31473] ? do_syscall_64+0x3d/0xb0 [ 1493.410526][T31473] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1493.416428][T31473] ? pfn_valid+0x1e0/0x1e0 [ 1493.420675][T31473] ? rwsem_write_trylock+0x15b/0x290 [ 1493.425795][T31473] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1493.432046][T31473] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1493.437599][T31473] ? __rb_insert_augmented+0x5de/0x610 [ 1493.442895][T31473] copy_mm+0xc7e/0x13e0 [ 1493.446888][T31473] ? copy_signal+0x610/0x610 [ 1493.451312][T31473] ? __init_rwsem+0xd6/0x1c0 [ 1493.455738][T31473] ? copy_signal+0x4e3/0x610 [ 1493.460168][T31473] copy_process+0x1149/0x3290 [ 1493.464678][T31473] ? proc_fail_nth_write+0x20b/0x290 [ 1493.469800][T31473] ? fsnotify_perm+0x6a/0x5d0 [ 1493.474311][T31473] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1493.479260][T31473] ? vfs_write+0x9ec/0x1110 [ 1493.483601][T31473] kernel_clone+0x21e/0x9e0 [ 1493.487939][T31473] ? file_end_write+0x1c0/0x1c0 [ 1493.492625][T31473] ? create_io_thread+0x1e0/0x1e0 [ 1493.497484][T31473] ? mutex_unlock+0xb2/0x260 [ 1493.501919][T31473] ? __mutex_lock_slowpath+0x10/0x10 [ 1493.507034][T31473] __x64_sys_clone+0x23f/0x290 [ 1493.511638][T31473] ? __do_sys_vfork+0x130/0x130 [ 1493.516321][T31473] ? ksys_write+0x260/0x2c0 [ 1493.520665][T31473] ? debug_smp_processor_id+0x17/0x20 [ 1493.525955][T31473] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1493.531856][T31473] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1493.537324][T31473] do_syscall_64+0x3d/0xb0 [ 1493.541578][T31473] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1493.547305][T31473] RIP: 0033:0x7f0304509da9 [ 1493.551567][T31473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1493.571085][T31473] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1493.579333][T31473] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1493.587142][T31473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:15 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7900, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) 22:49:15 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (rerun: 64) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x18) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000140)=r0}, 0x20) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={r1, 0x58, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async, rerun: 32) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x48) (async, rerun: 32) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0xc028660f, &(0x7f00000005c0)=0x400000001) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)='%-010d \x00'}, 0x20) (async, rerun: 32) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0x1, 0x800, 0xfffffffe, 0x4020, r1, 0x7fff8000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x4}, 0x48) (rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0x2e, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x8, 0x1, 0x0, r3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0xe, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xed}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x108}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x92, &(0x7f00000004c0)=""/146, 0x41000, 0x24, '\x00', r5, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x1, 0x9, 0x25dd1749}, 0x10, 0x0, r0, 0x1, &(0x7f0000000880)=[r6, r7, r8, r1, r9, r1, r1, r1], &(0x7f00000008c0)=[{0x2, 0x5, 0xf, 0x1}], 0x10, 0x6}, 0x90) (async) r10 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r10, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:15 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00, 0x0, 0x0, 0x0}, 0x90) [ 1493.594953][T31473] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1493.602761][T31473] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1493.610574][T31473] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1493.618392][T31473] [ 1493.674422][T31485] FAULT_INJECTION: forcing a failure. [ 1493.674422][T31485] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1493.696004][T31485] CPU: 0 PID: 31485 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1493.706166][T31485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1493.716060][T31485] Call Trace: [ 1493.719181][T31485] [ 1493.721959][T31485] dump_stack_lvl+0x151/0x1b7 [ 1493.726470][T31485] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1493.731949][T31485] ? sched_clock+0x9/0x10 [ 1493.736106][T31485] dump_stack+0x15/0x17 [ 1493.740097][T31485] should_fail+0x3c6/0x510 [ 1493.744350][T31485] should_fail_alloc_page+0x5a/0x80 [ 1493.749383][T31485] prepare_alloc_pages+0x15c/0x700 [ 1493.754332][T31485] ? __alloc_pages_bulk+0xe40/0xe40 [ 1493.759367][T31485] __alloc_pages+0x18c/0x8f0 [ 1493.763798][T31485] ? prep_new_page+0x110/0x110 [ 1493.768395][T31485] get_zeroed_page+0x1b/0x40 [ 1493.772819][T31485] __pud_alloc+0x8b/0x260 [ 1493.776984][T31485] ? stack_trace_snprint+0xf0/0xf0 [ 1493.781929][T31485] ? do_handle_mm_fault+0x2330/0x2330 [ 1493.787141][T31485] ? __stack_depot_save+0x34/0x470 [ 1493.792085][T31485] ? anon_vma_clone+0x9a/0x500 [ 1493.796688][T31485] copy_page_range+0x2bcf/0x2f90 [ 1493.801459][T31485] ? __kasan_slab_alloc+0xb1/0xe0 [ 1493.806319][T31485] ? slab_post_alloc_hook+0x53/0x2c0 [ 1493.811440][T31485] ? copy_mm+0xa3a/0x13e0 [ 1493.815604][T31485] ? copy_process+0x1149/0x3290 [ 1493.820291][T31485] ? kernel_clone+0x21e/0x9e0 [ 1493.824814][T31485] ? __x64_sys_clone+0x23f/0x290 [ 1493.829578][T31485] ? do_syscall_64+0x3d/0xb0 [ 1493.834005][T31485] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1493.840608][T31485] ? pfn_valid+0x1e0/0x1e0 [ 1493.844857][T31485] ? rwsem_write_trylock+0x15b/0x290 [ 1493.849976][T31485] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1493.856226][T31485] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1493.861782][T31485] ? __rb_insert_augmented+0x5de/0x610 [ 1493.867077][T31485] copy_mm+0xc7e/0x13e0 [ 1493.871069][T31485] ? copy_signal+0x610/0x610 [ 1493.875493][T31485] ? __init_rwsem+0xd6/0x1c0 [ 1493.879919][T31485] ? copy_signal+0x4e3/0x610 [ 1493.884345][T31485] copy_process+0x1149/0x3290 [ 1493.888860][T31485] ? proc_fail_nth_write+0x20b/0x290 [ 1493.893979][T31485] ? fsnotify_perm+0x6a/0x5d0 [ 1493.898493][T31485] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1493.903441][T31485] ? vfs_write+0x9ec/0x1110 [ 1493.907780][T31485] kernel_clone+0x21e/0x9e0 [ 1493.912121][T31485] ? file_end_write+0x1c0/0x1c0 [ 1493.916807][T31485] ? create_io_thread+0x1e0/0x1e0 [ 1493.921664][T31485] ? mutex_unlock+0xb2/0x260 [ 1493.926091][T31485] ? __mutex_lock_slowpath+0x10/0x10 [ 1493.931214][T31485] __x64_sys_clone+0x23f/0x290 [ 1493.935813][T31485] ? __do_sys_vfork+0x130/0x130 [ 1493.940499][T31485] ? ksys_write+0x260/0x2c0 [ 1493.944840][T31485] ? debug_smp_processor_id+0x17/0x20 [ 1493.950045][T31485] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1493.955949][T31485] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1493.961416][T31485] do_syscall_64+0x3d/0xb0 [ 1493.965671][T31485] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1493.971397][T31485] RIP: 0033:0x7f0304509da9 [ 1493.975651][T31485] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1493.995093][T31485] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1494.003336][T31485] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1494.011146][T31485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:15 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vlan0\x00', 0x600}) 22:49:15 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b00, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) [ 1494.018958][T31485] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1494.026770][T31485] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1494.034585][T31485] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1494.042397][T31485] 22:49:15 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8300, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x18) (async, rerun: 32) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000140)=r0}, 0x20) (async, rerun: 32) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={r1, 0x58, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x48) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0xc028660f, &(0x7f00000005c0)=0x400000001) (async, rerun: 64) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)='%-010d \x00'}, 0x20) (rerun: 64) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0x1, 0x800, 0xfffffffe, 0x4020, r1, 0x7fff8000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0x2e, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x8, 0x1, 0x0, r3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0xe, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xed}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x108}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x92, &(0x7f00000004c0)=""/146, 0x41000, 0x24, '\x00', r5, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x1, 0x9, 0x25dd1749}, 0x10, 0x0, r0, 0x1, &(0x7f0000000880)=[r6, r7, r8, r1, r9, r1, r1, r1], &(0x7f00000008c0)=[{0x2, 0x5, 0xf, 0x1}], 0x10, 0x6}, 0x90) (async, rerun: 64) r10 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) (rerun: 64) write$cgroup_int(r10, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1494.130601][T31501] FAULT_INJECTION: forcing a failure. [ 1494.130601][T31501] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:49:15 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000, 0x0, 0x0, 0x0}, 0x90) 22:49:15 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff000094000000f01ff3dcebec850fad413e550000000f0000009544a5ea27c512e4368fbefab5baeddbd6f6ea7f6bd68491ef29795014363d1e186fbb58bc8244b870b483b501109f1b6b4bc4d60a226505be94950d5b25b7a557bdaa079b2327eeb63be7af4404569c61a6f18f068518dbf26307413c92cf65a7add31788202bcead9837893a0609298f16b96f78e882"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='svcsock_tcp_recv_short\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1494.175285][T31501] CPU: 1 PID: 31501 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1494.185544][T31501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1494.195442][T31501] Call Trace: [ 1494.198562][T31501] [ 1494.201337][T31501] dump_stack_lvl+0x151/0x1b7 [ 1494.205864][T31501] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1494.211328][T31501] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 1494.216790][T31501] dump_stack+0x15/0x17 [ 1494.220784][T31501] should_fail+0x3c6/0x510 [ 1494.225041][T31501] should_fail_alloc_page+0x5a/0x80 [ 1494.230067][T31501] prepare_alloc_pages+0x15c/0x700 [ 1494.235013][T31501] ? __alloc_pages_bulk+0xe40/0xe40 [ 1494.240048][T31501] ? sched_clock+0x9/0x10 [ 1494.244212][T31501] ? native_set_ldt+0x360/0x360 [ 1494.248898][T31501] __alloc_pages+0x18c/0x8f0 [ 1494.253323][T31501] ? _raw_spin_unlock+0x4d/0x70 [ 1494.258010][T31501] ? prep_new_page+0x110/0x110 [ 1494.262611][T31501] pte_alloc_one+0x73/0x1b0 [ 1494.266947][T31501] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1494.272067][T31501] ? preempt_schedule+0xd9/0xe0 [ 1494.276757][T31501] ? preempt_schedule_common+0xbe/0xf0 [ 1494.282050][T31501] __pte_alloc+0x86/0x350 [ 1494.286230][T31501] ? free_pgtables+0x280/0x280 [ 1494.290832][T31501] ? _raw_spin_lock+0xa4/0x1b0 [ 1494.295427][T31501] ? __kasan_check_write+0x14/0x20 [ 1494.300453][T31501] copy_page_range+0x28a8/0x2f90 [ 1494.305226][T31501] ? __kasan_slab_alloc+0xb1/0xe0 [ 1494.310090][T31501] ? pfn_valid+0x1e0/0x1e0 [ 1494.314338][T31501] ? vma_interval_tree_augment_rotate+0x1a3/0x1d0 [ 1494.320590][T31501] copy_mm+0xc7e/0x13e0 [ 1494.324580][T31501] ? copy_signal+0x610/0x610 [ 1494.329004][T31501] ? __init_rwsem+0xd6/0x1c0 [ 1494.333435][T31501] ? copy_signal+0x4e3/0x610 [ 1494.337859][T31501] copy_process+0x1149/0x3290 [ 1494.342374][T31501] ? proc_fail_nth_write+0x20b/0x290 [ 1494.347492][T31501] ? fsnotify_perm+0x6a/0x5d0 [ 1494.352008][T31501] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1494.356957][T31501] ? vfs_write+0x9ec/0x1110 [ 1494.361306][T31501] kernel_clone+0x21e/0x9e0 [ 1494.365634][T31501] ? file_end_write+0x1c0/0x1c0 [ 1494.370319][T31501] ? create_io_thread+0x1e0/0x1e0 [ 1494.375176][T31501] ? mutex_unlock+0xb2/0x260 [ 1494.379606][T31501] ? __mutex_lock_slowpath+0x10/0x10 [ 1494.384725][T31501] __x64_sys_clone+0x23f/0x290 [ 1494.389328][T31501] ? __do_sys_vfork+0x130/0x130 [ 1494.394010][T31501] ? ksys_write+0x260/0x2c0 [ 1494.398354][T31501] ? debug_smp_processor_id+0x17/0x20 [ 1494.403565][T31501] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1494.409462][T31501] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1494.414929][T31501] do_syscall_64+0x3d/0xb0 [ 1494.419184][T31501] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1494.424908][T31501] RIP: 0033:0x7f0304509da9 [ 1494.429163][T31501] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1494.448603][T31501] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1494.456871][T31501] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1494.464672][T31501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x2, 0x1, 0x0, 0x0, 0x700000000, 0x1000, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, @perf_config_ext={0x9, 0x7ff}, 0x2020, 0x0, 0x400, 0x3, 0x1, 0x7f, 0xfff7, 0x0, 0x8, 0x0, 0x8}, r2, 0x0, r2, 0x7) 22:49:16 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff000094000000f01ff3dcebec850fad413e550000000f0000009544a5ea27c512e4368fbefab5baeddbd6f6ea7f6bd68491ef29795014363d1e186fbb58bc8244b870b483b501109f1b6b4bc4d60a226505be94950d5b25b7a557bdaa079b2327eeb63be7af4404569c61a6f18f068518dbf26307413c92cf65a7add31788202bcead9837893a0609298f16b96f78e882"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='svcsock_tcp_recv_short\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1494.472475][T31501] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1494.480282][T31501] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1494.488098][T31501] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1494.495922][T31501] 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd234, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000080005300000000faff000094000000f01ff3dcebec850fad413e550000000f0000009544a5ea27c512e4368fbefab5baeddbd6f6ea7f6bd68491ef29795014363d1e186fbb58bc8244b870b483b501109f1b6b4bc4d60a226505be94950d5b25b7a557bdaa079b2327eeb63be7af4404569c61a6f18f068518dbf26307413c92cf65a7add31788202bcead9837893a0609298f16b96f78e882"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='svcsock_tcp_recv_short\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe503, 0x0, 0x0, 0x0}, 0x90) [ 1494.570087][T31529] FAULT_INJECTION: forcing a failure. [ 1494.570087][T31529] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080103220000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1494.612930][T31529] CPU: 1 PID: 31529 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1494.623104][T31529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1494.633003][T31529] Call Trace: [ 1494.636122][T31529] [ 1494.638897][T31529] dump_stack_lvl+0x151/0x1b7 [ 1494.643413][T31529] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1494.648878][T31529] dump_stack+0x15/0x17 [ 1494.652867][T31529] should_fail+0x3c6/0x510 [ 1494.657121][T31529] should_fail_alloc_page+0x5a/0x80 [ 1494.662152][T31529] prepare_alloc_pages+0x15c/0x700 [ 1494.667101][T31529] ? __alloc_pages_bulk+0xe40/0xe40 [ 1494.672137][T31529] __alloc_pages+0x18c/0x8f0 [ 1494.676565][T31529] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 1494.682029][T31529] ? prep_new_page+0x110/0x110 [ 1494.686629][T31529] ? __alloc_pages+0x3cb/0x8f0 [ 1494.691229][T31529] ? __kasan_check_write+0x14/0x20 [ 1494.696174][T31529] ? _raw_spin_lock+0xa4/0x1b0 [ 1494.700776][T31529] pte_alloc_one+0x73/0x1b0 [ 1494.705115][T31529] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1494.710149][T31529] ? __pmd_alloc+0x48d/0x550 [ 1494.714575][T31529] __pte_alloc+0x86/0x350 [ 1494.718746][T31529] ? __pud_alloc+0x260/0x260 [ 1494.723166][T31529] ? __pud_alloc+0x213/0x260 [ 1494.727595][T31529] ? free_pgtables+0x280/0x280 [ 1494.732194][T31529] ? do_handle_mm_fault+0x2330/0x2330 [ 1494.737400][T31529] ? __stack_depot_save+0x34/0x470 [ 1494.742349][T31529] ? anon_vma_clone+0x9a/0x500 [ 1494.746949][T31529] copy_page_range+0x28a8/0x2f90 [ 1494.751724][T31529] ? __kasan_slab_alloc+0xb1/0xe0 [ 1494.756619][T31529] ? slab_post_alloc_hook+0x53/0x2c0 [ 1494.761703][T31529] ? kernel_clone+0x21e/0x9e0 [ 1494.766216][T31529] ? do_syscall_64+0x3d/0xb0 [ 1494.770644][T31529] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1494.776552][T31529] ? pfn_valid+0x1e0/0x1e0 [ 1494.780797][T31529] ? rwsem_write_trylock+0x15b/0x290 [ 1494.785918][T31529] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 1494.792169][T31529] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1494.797726][T31529] ? __rb_insert_augmented+0x5de/0x610 [ 1494.803019][T31529] copy_mm+0xc7e/0x13e0 [ 1494.807009][T31529] ? copy_signal+0x610/0x610 [ 1494.811437][T31529] ? __init_rwsem+0xd6/0x1c0 [ 1494.815862][T31529] ? copy_signal+0x4e3/0x610 [ 1494.820287][T31529] copy_process+0x1149/0x3290 [ 1494.824803][T31529] ? proc_fail_nth_write+0x20b/0x290 [ 1494.829926][T31529] ? fsnotify_perm+0x6a/0x5d0 [ 1494.834435][T31529] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1494.839383][T31529] ? vfs_write+0x9ec/0x1110 [ 1494.843722][T31529] kernel_clone+0x21e/0x9e0 [ 1494.848061][T31529] ? file_end_write+0x1c0/0x1c0 [ 1494.852752][T31529] ? create_io_thread+0x1e0/0x1e0 [ 1494.857610][T31529] ? mutex_unlock+0xb2/0x260 [ 1494.862036][T31529] ? __mutex_lock_slowpath+0x10/0x10 [ 1494.867156][T31529] __x64_sys_clone+0x23f/0x290 [ 1494.871771][T31529] ? __do_sys_vfork+0x130/0x130 [ 1494.876440][T31529] ? ksys_write+0x260/0x2c0 [ 1494.880794][T31529] ? debug_smp_processor_id+0x17/0x20 [ 1494.885991][T31529] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1494.891891][T31529] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1494.897359][T31529] do_syscall_64+0x3d/0xb0 [ 1494.901611][T31529] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1494.907339][T31529] RIP: 0033:0x7f0304509da9 [ 1494.911593][T31529] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1494.931123][T31529] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1494.939367][T31529] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1494.947176][T31529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1494.954988][T31529] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080103220000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 32) bpf$MAP_CREATE(0x0, 0x0, 0x0) (rerun: 32) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:16 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 22:49:16 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x2, 0x1, 0x0, 0x0, 0x700000000, 0x1000, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, @perf_config_ext={0x9, 0x7ff}, 0x2020, 0x0, 0x400, 0x3, 0x1, 0x7f, 0xfff7, 0x0, 0x8, 0x0, 0x8}, r2, 0x0, r2, 0x7) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff2f, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080103220000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) [ 1494.962800][T31529] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1494.970612][T31529] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1494.978426][T31529] [ 1495.039460][T31552] FAULT_INJECTION: forcing a failure. [ 1495.039460][T31552] name failslab, interval 1, probability 0, space 0, times 0 [ 1495.055579][T31552] CPU: 0 PID: 31552 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1495.065740][T31552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1495.075632][T31552] Call Trace: [ 1495.078756][T31552] [ 1495.081531][T31552] dump_stack_lvl+0x151/0x1b7 [ 1495.086045][T31552] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1495.091513][T31552] dump_stack+0x15/0x17 [ 1495.095505][T31552] should_fail+0x3c6/0x510 [ 1495.099782][T31552] __should_failslab+0xa4/0xe0 [ 1495.104357][T31552] ? vm_area_dup+0x26/0x230 [ 1495.108698][T31552] should_failslab+0x9/0x20 [ 1495.113037][T31552] slab_pre_alloc_hook+0x37/0xd0 [ 1495.117811][T31552] ? vm_area_dup+0x26/0x230 [ 1495.122149][T31552] kmem_cache_alloc+0x44/0x200 [ 1495.126750][T31552] vm_area_dup+0x26/0x230 [ 1495.130917][T31552] copy_mm+0x9a1/0x13e0 [ 1495.134911][T31552] ? copy_signal+0x610/0x610 [ 1495.139337][T31552] ? __init_rwsem+0xd6/0x1c0 [ 1495.143762][T31552] ? copy_signal+0x4e3/0x610 [ 1495.148189][T31552] copy_process+0x1149/0x3290 [ 1495.152703][T31552] ? proc_fail_nth_write+0x20b/0x290 [ 1495.157823][T31552] ? fsnotify_perm+0x6a/0x5d0 [ 1495.162335][T31552] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1495.167281][T31552] ? vfs_write+0x9ec/0x1110 [ 1495.171622][T31552] kernel_clone+0x21e/0x9e0 [ 1495.175960][T31552] ? file_end_write+0x1c0/0x1c0 [ 1495.180648][T31552] ? create_io_thread+0x1e0/0x1e0 [ 1495.185506][T31552] ? mutex_unlock+0xb2/0x260 [ 1495.189934][T31552] ? __mutex_lock_slowpath+0x10/0x10 [ 1495.195058][T31552] __x64_sys_clone+0x23f/0x290 [ 1495.199656][T31552] ? __do_sys_vfork+0x130/0x130 [ 1495.204343][T31552] ? ksys_write+0x260/0x2c0 [ 1495.208683][T31552] ? debug_smp_processor_id+0x17/0x20 [ 1495.213889][T31552] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1495.221441][T31552] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1495.226909][T31552] do_syscall_64+0x3d/0xb0 [ 1495.231161][T31552] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1495.236889][T31552] RIP: 0033:0x7f0304509da9 [ 1495.241143][T31552] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1495.260591][T31552] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1495.268829][T31552] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1495.276644][T31552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2f, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xa5, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000780)='blkio.bfq.io_serviced\x00', 0x0, 0x0) r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000ac0)={r7}, 0xffffff7f) r9 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0xa, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000d902b10000a708000000000000000000", @ANYRES32, @ANYBLOB="000000000000000018300000000000000000eeb824309d01e303c0fffd15ed"], &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x40f00, 0x5, '\x00', 0x0, 0x16, r9, 0x8, &(0x7f0000000c80)={0x0, 0x3}, 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r8], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000380)={0x0, r8}, 0x10) openat$cgroup_ro(r8, &(0x7f00000005c0)='blkio.throttle.io_serviced\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x11, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000010000000000000000000f8b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800811285000000d4d600008500000090000000950000000000436e"], &(0x7f0000000bc0)='GPL\x00', 0x4633, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000c00)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x5, 0xd, 0x7f, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=[r7, r8, r3, r0], &(0x7f0000000d00), 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xd, 0x6, &(0x7f0000000880)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x464}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000008c0)='syzkaller\x00', 0x3, 0x28, &(0x7f0000000900)=""/40, 0x41100, 0x58, '\x00', r5, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, r6, r8, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x3, 0xe, 0x9}, {0x0, 0x5, 0xc, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x5, 0x1, 0x6, 0x5}, {0x3, 0x5, 0x0, 0xb}, {0x1, 0x3, 0x8, 0xb}, {0x1, 0x3, 0x3, 0x2}, {0x4, 0x2, 0x5, 0xa}], 0x10, 0x7}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x22, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffd}, @alu={0x7, 0x1, 0x1, 0x3, 0x6, 0x30, 0x1}, @ldst={0x2, 0x0, 0x6, 0x5, 0x9, 0xfffffffffffffffc, 0x4}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x44, &(0x7f0000000400)=""/68, 0x41000, 0x4, '\x00', r5, 0x0, r3, 0x8, &(0x7f0000000700)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000740)={0x5, 0xa, 0x1f, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000780)=[r3, r3, r3, r3, r1, r1], 0x0, 0x10, 0x7c}, 0x90) 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11607b, 0x0, 0x0, 0x0}, 0x90) [ 1495.284453][T31552] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1495.292264][T31552] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1495.300074][T31552] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1495.307908][T31552] 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ac4d1, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 22:49:16 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0}, 0x90) 22:49:16 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (rerun: 32) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2f, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xa5, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000780)='blkio.bfq.io_serviced\x00', 0x0, 0x0) r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000ac0)={r7}, 0xffffff7f) r9 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0xa, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000d902b10000a708000000000000000000", @ANYRES32, @ANYBLOB="000000000000000018300000000000000000eeb824309d01e303c0fffd15ed"], &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x40f00, 0x5, '\x00', 0x0, 0x16, r9, 0x8, &(0x7f0000000c80)={0x0, 0x3}, 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r8], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000380)={0x0, r8}, 0x10) (async) openat$cgroup_ro(r8, &(0x7f00000005c0)='blkio.throttle.io_serviced\x00', 0x0, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x11, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000010000000000000000000f8b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800811285000000d4d600008500000090000000950000000000436e"], &(0x7f0000000bc0)='GPL\x00', 0x4633, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000c00)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x5, 0xd, 0x7f, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=[r7, r8, r3, r0], &(0x7f0000000d00), 0x10, 0x7}, 0x90) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xd, 0x6, &(0x7f0000000880)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x464}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000008c0)='syzkaller\x00', 0x3, 0x28, &(0x7f0000000900)=""/40, 0x41100, 0x58, '\x00', r5, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, r6, r8, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x3, 0xe, 0x9}, {0x0, 0x5, 0xc, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x5, 0x1, 0x6, 0x5}, {0x3, 0x5, 0x0, 0xb}, {0x1, 0x3, 0x8, 0xb}, {0x1, 0x3, 0x3, 0x2}, {0x4, 0x2, 0x5, 0xa}], 0x10, 0x7}, 0x90) (rerun: 32) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x22, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffd}, @alu={0x7, 0x1, 0x1, 0x3, 0x6, 0x30, 0x1}, @ldst={0x2, 0x0, 0x6, 0x5, 0x9, 0xfffffffffffffffc, 0x4}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x44, &(0x7f0000000400)=""/68, 0x41000, 0x4, '\x00', r5, 0x0, r3, 0x8, &(0x7f0000000700)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000740)={0x5, 0xa, 0x1f, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000780)=[r3, r3, r3, r3, r1, r1], 0x0, 0x10, 0x7c}, 0x90) 22:49:16 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1495.428711][T31575] FAULT_INJECTION: forcing a failure. [ 1495.428711][T31575] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1495.453876][T31575] CPU: 0 PID: 31575 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1495.464136][T31575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1495.474146][T31575] Call Trace: [ 1495.477265][T31575] [ 1495.480045][T31575] dump_stack_lvl+0x151/0x1b7 [ 1495.484556][T31575] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1495.490025][T31575] dump_stack+0x15/0x17 [ 1495.494014][T31575] should_fail+0x3c6/0x510 [ 1495.498264][T31575] should_fail_alloc_page+0x5a/0x80 [ 1495.503301][T31575] prepare_alloc_pages+0x15c/0x700 [ 1495.508247][T31575] ? __alloc_pages_bulk+0xe40/0xe40 [ 1495.513280][T31575] __alloc_pages+0x18c/0x8f0 [ 1495.517795][T31575] ? prep_new_page+0x110/0x110 [ 1495.522393][T31575] ? 0xffffffffa0010000 [ 1495.526384][T31575] ? is_bpf_text_address+0x172/0x190 [ 1495.531508][T31575] pte_alloc_one+0x73/0x1b0 [ 1495.535847][T31575] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1495.540878][T31575] ? arch_stack_walk+0xf3/0x140 [ 1495.545567][T31575] __pte_alloc+0x86/0x350 [ 1495.549732][T31575] ? free_pgtables+0x280/0x280 [ 1495.554332][T31575] ? _raw_spin_lock+0xa4/0x1b0 [ 1495.558933][T31575] ? __kasan_check_write+0x14/0x20 [ 1495.563881][T31575] copy_page_range+0x28a8/0x2f90 [ 1495.568666][T31575] ? __kasan_slab_alloc+0xb1/0xe0 [ 1495.573529][T31575] ? pfn_valid+0x1e0/0x1e0 [ 1495.577775][T31575] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1495.583326][T31575] ? __rb_insert_augmented+0x5de/0x610 [ 1495.588622][T31575] copy_mm+0xc7e/0x13e0 [ 1495.592610][T31575] ? copy_signal+0x610/0x610 [ 1495.597034][T31575] ? __init_rwsem+0xd6/0x1c0 [ 1495.601464][T31575] ? copy_signal+0x4e3/0x610 [ 1495.605889][T31575] copy_process+0x1149/0x3290 [ 1495.610400][T31575] ? proc_fail_nth_write+0x20b/0x290 [ 1495.615520][T31575] ? fsnotify_perm+0x6a/0x5d0 [ 1495.620034][T31575] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1495.624981][T31575] ? vfs_write+0x9ec/0x1110 [ 1495.629320][T31575] kernel_clone+0x21e/0x9e0 [ 1495.633658][T31575] ? file_end_write+0x1c0/0x1c0 [ 1495.638347][T31575] ? create_io_thread+0x1e0/0x1e0 [ 1495.643205][T31575] ? mutex_unlock+0xb2/0x260 [ 1495.647632][T31575] ? __mutex_lock_slowpath+0x10/0x10 [ 1495.652755][T31575] __x64_sys_clone+0x23f/0x290 [ 1495.657357][T31575] ? __do_sys_vfork+0x130/0x130 [ 1495.662040][T31575] ? ksys_write+0x260/0x2c0 [ 1495.666380][T31575] ? debug_smp_processor_id+0x17/0x20 [ 1495.671602][T31575] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1495.677489][T31575] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1495.682957][T31575] do_syscall_64+0x3d/0xb0 [ 1495.687210][T31575] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1495.692940][T31575] RIP: 0033:0x7f0304509da9 [ 1495.697194][T31575] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1495.716632][T31575] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:17 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 22:49:17 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x2, 0x1, 0x0, 0x0, 0x700000000, 0x1000, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, @perf_config_ext={0x9, 0x7ff}, 0x2020, 0x0, 0x400, 0x3, 0x1, 0x7f, 0xfff7, 0x0, 0x8, 0x0, 0x8}, r2, 0x0, r2, 0x7) 22:49:17 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000, 0x0, 0x0, 0x0}, 0x90) [ 1495.724875][T31575] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1495.732696][T31575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1495.740501][T31575] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1495.748310][T31575] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1495.756121][T31575] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1495.763938][T31575] 22:49:17 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1495.811328][T31584] FAULT_INJECTION: forcing a failure. [ 1495.811328][T31584] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1495.824654][T31584] CPU: 0 PID: 31584 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1495.834897][T31584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1495.844797][T31584] Call Trace: [ 1495.847910][T31584] [ 1495.850695][T31584] dump_stack_lvl+0x151/0x1b7 [ 1495.855200][T31584] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1495.860670][T31584] dump_stack+0x15/0x17 [ 1495.864662][T31584] should_fail+0x3c6/0x510 [ 1495.868915][T31584] should_fail_alloc_page+0x5a/0x80 [ 1495.873948][T31584] prepare_alloc_pages+0x15c/0x700 [ 1495.878897][T31584] ? __alloc_pages_bulk+0xe40/0xe40 [ 1495.883933][T31584] __alloc_pages+0x18c/0x8f0 [ 1495.888357][T31584] ? prep_new_page+0x110/0x110 [ 1495.892959][T31584] ? 0xffffffffa0010000 [ 1495.896947][T31584] ? is_bpf_text_address+0x172/0x190 [ 1495.902069][T31584] pte_alloc_one+0x73/0x1b0 [ 1495.906407][T31584] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1495.911444][T31584] ? arch_stack_walk+0xf3/0x140 [ 1495.916129][T31584] __pte_alloc+0x86/0x350 [ 1495.920295][T31584] ? free_pgtables+0x280/0x280 [ 1495.924896][T31584] ? _raw_spin_lock+0xa4/0x1b0 [ 1495.929497][T31584] ? __kasan_check_write+0x14/0x20 [ 1495.934442][T31584] copy_page_range+0x28a8/0x2f90 [ 1495.939217][T31584] ? __kasan_slab_alloc+0xb1/0xe0 [ 1495.944081][T31584] ? pfn_valid+0x1e0/0x1e0 [ 1495.948340][T31584] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1495.953885][T31584] ? __rb_insert_augmented+0x5de/0x610 [ 1495.959183][T31584] copy_mm+0xc7e/0x13e0 [ 1495.963176][T31584] ? copy_signal+0x610/0x610 [ 1495.967597][T31584] ? __init_rwsem+0xd6/0x1c0 [ 1495.972024][T31584] ? copy_signal+0x4e3/0x610 [ 1495.976451][T31584] copy_process+0x1149/0x3290 [ 1495.980964][T31584] ? proc_fail_nth_write+0x20b/0x290 [ 1495.986084][T31584] ? fsnotify_perm+0x6a/0x5d0 [ 1495.990597][T31584] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1495.995544][T31584] ? vfs_write+0x9ec/0x1110 [ 1495.999885][T31584] kernel_clone+0x21e/0x9e0 [ 1496.004235][T31584] ? file_end_write+0x1c0/0x1c0 [ 1496.008911][T31584] ? create_io_thread+0x1e0/0x1e0 [ 1496.013770][T31584] ? mutex_unlock+0xb2/0x260 [ 1496.018196][T31584] ? __mutex_lock_slowpath+0x10/0x10 [ 1496.023317][T31584] __x64_sys_clone+0x23f/0x290 [ 1496.027918][T31584] ? __do_sys_vfork+0x130/0x130 [ 1496.032602][T31584] ? ksys_write+0x260/0x2c0 [ 1496.036956][T31584] ? debug_smp_processor_id+0x17/0x20 [ 1496.042150][T31584] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1496.048055][T31584] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1496.053522][T31584] do_syscall_64+0x3d/0xb0 [ 1496.057774][T31584] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1496.063503][T31584] RIP: 0033:0x7f0304509da9 [ 1496.067757][T31584] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1496.087630][T31584] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1496.095875][T31584] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1496.103687][T31584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1496.111496][T31584] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1496.119310][T31584] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1496.127122][T31584] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1496.134939][T31584] 22:49:17 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0}, 0x90) 22:49:17 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:17 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) 22:49:17 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x0, 0x0}, 0x90) [ 1496.230030][T31599] FAULT_INJECTION: forcing a failure. [ 1496.230030][T31599] name failslab, interval 1, probability 0, space 0, times 0 [ 1496.255336][T31599] CPU: 1 PID: 31599 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1496.265509][T31599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1496.275492][T31599] Call Trace: [ 1496.278612][T31599] [ 1496.281385][T31599] dump_stack_lvl+0x151/0x1b7 [ 1496.285899][T31599] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1496.291370][T31599] dump_stack+0x15/0x17 [ 1496.295357][T31599] should_fail+0x3c6/0x510 [ 1496.299615][T31599] __should_failslab+0xa4/0xe0 [ 1496.304211][T31599] ? vm_area_dup+0x26/0x230 [ 1496.308550][T31599] should_failslab+0x9/0x20 [ 1496.312890][T31599] slab_pre_alloc_hook+0x37/0xd0 [ 1496.317668][T31599] ? vm_area_dup+0x26/0x230 [ 1496.322007][T31599] kmem_cache_alloc+0x44/0x200 [ 1496.326606][T31599] vm_area_dup+0x26/0x230 [ 1496.330772][T31599] copy_mm+0x9a1/0x13e0 [ 1496.334765][T31599] ? copy_signal+0x610/0x610 [ 1496.339193][T31599] ? __init_rwsem+0xd6/0x1c0 [ 1496.343615][T31599] ? copy_signal+0x4e3/0x610 [ 1496.348041][T31599] copy_process+0x1149/0x3290 [ 1496.352555][T31599] ? proc_fail_nth_write+0x20b/0x290 [ 1496.357675][T31599] ? fsnotify_perm+0x6a/0x5d0 [ 1496.362189][T31599] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1496.367142][T31599] ? vfs_write+0x9ec/0x1110 [ 1496.371475][T31599] kernel_clone+0x21e/0x9e0 [ 1496.375816][T31599] ? file_end_write+0x1c0/0x1c0 [ 1496.380502][T31599] ? create_io_thread+0x1e0/0x1e0 [ 1496.385360][T31599] ? mutex_unlock+0xb2/0x260 [ 1496.389786][T31599] ? __mutex_lock_slowpath+0x10/0x10 [ 1496.394915][T31599] __x64_sys_clone+0x23f/0x290 [ 1496.399606][T31599] ? __do_sys_vfork+0x130/0x130 [ 1496.404285][T31599] ? ksys_write+0x260/0x2c0 [ 1496.408626][T31599] ? debug_smp_processor_id+0x17/0x20 [ 1496.413831][T31599] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1496.419731][T31599] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1496.425286][T31599] do_syscall_64+0x3d/0xb0 [ 1496.429538][T31599] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1496.435265][T31599] RIP: 0033:0x7f0304509da9 [ 1496.439520][T31599] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1496.459021][T31599] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1496.467203][T31599] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2f, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xa5, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000780)='blkio.bfq.io_serviced\x00', 0x0, 0x0) r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000ac0)={r7}, 0xffffff7f) r9 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0xa, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000d902b10000a708000000000000000000", @ANYRES32, @ANYBLOB="000000000000000018300000000000000000eeb824309d01e303c0fffd15ed"], &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x40f00, 0x5, '\x00', 0x0, 0x16, r9, 0x8, &(0x7f0000000c80)={0x0, 0x3}, 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r8], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000380)={0x0, r8}, 0x10) (async) openat$cgroup_ro(r8, &(0x7f00000005c0)='blkio.throttle.io_serviced\x00', 0x0, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x11, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000010000000000000000000f8b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800811285000000d4d600008500000090000000950000000000436e"], &(0x7f0000000bc0)='GPL\x00', 0x4633, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000c00)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x5, 0xd, 0x7f, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=[r7, r8, r3, r0], &(0x7f0000000d00), 0x10, 0x7}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0xd, 0x6, &(0x7f0000000880)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x464}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}], &(0x7f00000008c0)='syzkaller\x00', 0x3, 0x28, &(0x7f0000000900)=""/40, 0x41100, 0x58, '\x00', r5, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, r6, r8, 0x8, 0x0, &(0x7f0000000980)=[{0x4, 0x3, 0xe, 0x9}, {0x0, 0x5, 0xc, 0xc}, {0x0, 0x4, 0x5, 0x7}, {0x5, 0x1, 0x6, 0x5}, {0x3, 0x5, 0x0, 0xb}, {0x1, 0x3, 0x8, 0xb}, {0x1, 0x3, 0x3, 0x2}, {0x4, 0x2, 0x5, 0xa}], 0x10, 0x7}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x22, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3f}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffd}, @alu={0x7, 0x1, 0x1, 0x3, 0x6, 0x30, 0x1}, @ldst={0x2, 0x0, 0x6, 0x5, 0x9, 0xfffffffffffffffc, 0x4}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x44, &(0x7f0000000400)=""/68, 0x41000, 0x4, '\x00', r5, 0x0, r3, 0x8, &(0x7f0000000700)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000740)={0x5, 0xa, 0x1f, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000780)=[r3, r3, r3, r3, r1, r1], 0x0, 0x10, 0x7c}, 0x90) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad2d1e550000000f0000009524e389a4628ae1eee23e27703c114f77d4fbe5604440c9f6539f37f505e72dc7e618eeaa625c089bfe9d4f7584df3b610fe67ffb063243fa1fb0515b9d022a9df2651e3e8e7f11a72abe0e59da63a4fafd32a423cbaf2a921d5e015c88637b525cd073963caa5cdf85277da92ffc8067816d6a66b42ade1564d6148b3b49816af4ede5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0xfff, 0x0, 0x1, 0xcd0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x4}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa4, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x4c, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) openat$cgroup(r3, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x87, &(0x7f0000000840)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x35, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r6, &(0x7f0000000200), 0x23000) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x16, 0x11, &(0x7f00000003c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x2, 0x2, 0x4, 0x4, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @map_fd={0x18, 0xb, 0x1, 0x0, r6}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x8d, &(0x7f0000000480)=""/141, 0x41100, 0x46, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{0x1, 0xffffffffffffffff}, &(0x7f0000000a80), &(0x7f0000000ac0)=r0}, 0x20) r9 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r9, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b40)={0xffffffffffffffff, 0x9, 0x18}, 0xc) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0x32600) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x10, 0x11, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xb4, &(0x7f0000000380)=""/180, 0x41100, 0x20, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0xf, 0x4}, 0x10, r4, r0, 0x4, &(0x7f0000000b80)=[r5, r8, r9, 0xffffffffffffffff, r10, 0xffffffffffffffff, 0xffffffffffffffff, r11], &(0x7f0000000bc0)=[{0x5, 0x3, 0x4, 0xc}, {0x5, 0x5, 0x9, 0x4}, {0x0, 0x2, 0xd, 0x2}, {0x3, 0x5, 0x2, 0xb}], 0x10, 0xd769}, 0x90) r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) r13 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae694842ca9e163c3c79e18cff0bb8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edfe941376fce4c7a184f14951fdb2e8d6cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e5a4f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad0100f4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976af84f0e710e48b435d48227f7ff00"/232], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680)}, 0x90) r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000014c0)=ANY=[@ANYRESDEC=r13, @ANYRES32=0x0, @ANYRESHEX=r12, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b376bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94dc0a6db1bb45216502d950a645abe349842cf06fc86d04e3b0b0ae4d5ce779ce9ff19308789af92238606f5959e4e6966472e0c987bd45dcd214b54367d766238ed83d82b3b1b56eabc21d64229e2788ba50bd425f68a43f38730e287783db618bf0c9044d24b6ca0a77bca7422284ccb72fe11dcc8370320fc09ab0ade4cc423cdc1a78feafd31168bf0be5c2ca69d945101ec86bb5141f8302baa7b40eb478f07ddb96ba09673772400a16940ac7bc8f6"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r15, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000070000000000000001000000181a0000", @ANYRES32=r15, @ANYBLOB="0000000000000000c86afe315674a964"], &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r12, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r14, 0x4, &(0x7f0000000900)=[r13, r12, r15], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x10, 0x9, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000e40)='GPL\x00', 0x8a1, 0xc, &(0x7f0000000e80)=""/12, 0x41000, 0x38, '\x00', r2, 0x21, r5, 0x8, &(0x7f0000000ec0)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r7, 0x6, &(0x7f0000000f00)=[r6, r1, r1, r8, r3], &(0x7f0000000f40)=[{0x4, 0x3, 0xa, 0xc}, {0x1, 0x5, 0xb, 0xc}, {0x2, 0x4, 0xd, 0xb}, {0x0, 0x4, 0x6, 0x1}, {0x3, 0x5, 0xd, 0x1}, {0x4, 0x5, 0x0, 0x2}]}, 0x90) r16 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r17 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r16}, 0x8) openat$cgroup_ro(r11, &(0x7f0000000d80)='freezer.state\x00', 0x0, 0x0) write$cgroup_int(r17, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad2d1e550000000f0000009524e389a4628ae1eee23e27703c114f77d4fbe5604440c9f6539f37f505e72dc7e618eeaa625c089bfe9d4f7584df3b610fe67ffb063243fa1fb0515b9d022a9df2651e3e8e7f11a72abe0e59da63a4fafd32a423cbaf2a921d5e015c88637b525cd073963caa5cdf85277da92ffc8067816d6a66b42ade1564d6148b3b49816af4ede5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0xfff, 0x0, 0x1, 0xcd0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x4}, 0x48) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa4, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x4c, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) openat$cgroup(r3, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x87, &(0x7f0000000840)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x35, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r6, &(0x7f0000000200), 0x23000) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x16, 0x11, &(0x7f00000003c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x2, 0x2, 0x4, 0x4, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @map_fd={0x18, 0xb, 0x1, 0x0, r6}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x8d, &(0x7f0000000480)=""/141, 0x41100, 0x46, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) (async) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{0x1, 0xffffffffffffffff}, &(0x7f0000000a80), &(0x7f0000000ac0)=r0}, 0x20) r9 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r9, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b40)={0xffffffffffffffff, 0x9, 0x18}, 0xc) (async) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0x32600) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x10, 0x11, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xb4, &(0x7f0000000380)=""/180, 0x41100, 0x20, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0xf, 0x4}, 0x10, r4, r0, 0x4, &(0x7f0000000b80)=[r5, r8, r9, 0xffffffffffffffff, r10, 0xffffffffffffffff, 0xffffffffffffffff, r11], &(0x7f0000000bc0)=[{0x5, 0x3, 0x4, 0xc}, {0x5, 0x5, 0x9, 0x4}, {0x0, 0x2, 0xd, 0x2}, {0x3, 0x5, 0x2, 0xb}], 0x10, 0xd769}, 0x90) r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) (async) r13 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae694842ca9e163c3c79e18cff0bb8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edfe941376fce4c7a184f14951fdb2e8d6cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e5a4f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad0100f4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976af84f0e710e48b435d48227f7ff00"/232], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680)}, 0x90) r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000014c0)=ANY=[@ANYRESDEC=r13, @ANYRES32=0x0, @ANYRESHEX=r12, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b376bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94dc0a6db1bb45216502d950a645abe349842cf06fc86d04e3b0b0ae4d5ce779ce9ff19308789af92238606f5959e4e6966472e0c987bd45dcd214b54367d766238ed83d82b3b1b56eabc21d64229e2788ba50bd425f68a43f38730e287783db618bf0c9044d24b6ca0a77bca7422284ccb72fe11dcc8370320fc09ab0ade4cc423cdc1a78feafd31168bf0be5c2ca69d945101ec86bb5141f8302baa7b40eb478f07ddb96ba09673772400a16940ac7bc8f6"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r15, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000070000000000000001000000181a0000", @ANYRES32=r15, @ANYBLOB="0000000000000000c86afe315674a964"], &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r12, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r14, 0x4, &(0x7f0000000900)=[r13, r12, r15], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x10, 0x9, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000e40)='GPL\x00', 0x8a1, 0xc, &(0x7f0000000e80)=""/12, 0x41000, 0x38, '\x00', r2, 0x21, r5, 0x8, &(0x7f0000000ec0)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r7, 0x6, &(0x7f0000000f00)=[r6, r1, r1, r8, r3], &(0x7f0000000f40)=[{0x4, 0x3, 0xa, 0xc}, {0x1, 0x5, 0xb, 0xc}, {0x2, 0x4, 0xd, 0xb}, {0x0, 0x4, 0x6, 0x1}, {0x3, 0x5, 0xd, 0x1}, {0x4, 0x5, 0x0, 0x2}]}, 0x90) r16 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r17 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r16}, 0x8) openat$cgroup_ro(r11, &(0x7f0000000d80)='freezer.state\x00', 0x0, 0x0) (async) write$cgroup_int(r17, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) [ 1496.475015][T31599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1496.482830][T31599] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1496.490641][T31599] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1496.498451][T31599] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1496.506266][T31599] 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40286608, &(0x7f0000000040)=0x8) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x80000001, 0x0}, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001c40)={r1, 0x58, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0xa, 0x3, &(0x7f0000001b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x81}}, &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x4, '\x00', r4, 0x30, r5, 0x8, &(0x7f0000001c80)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, 0x0, &(0x7f0000001cc0)=[{0x4, 0x4, 0x0, 0x1}, {0x3, 0x5, 0xb, 0xb}], 0x10, 0x5}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) r7 = gettid() perf_event_open(&(0x7f0000000640)={0x0, 0x80, 0x0, 0x3, 0x62, 0xec, 0x0, 0x2, 0x12, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000600), 0x11}, 0x1040, 0x9, 0x0, 0x2, 0x4, 0x9, 0x1, 0x0, 0x8, 0x0, 0xffff}, r7, 0x1, 0xffffffffffffffff, 0xa) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000480), &(0x7f0000000580)=r0}, 0x20) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r9, 0x58, &(0x7f0000000580)}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a40)={r6, 0xe0, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001780)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001800)=[0x0], 0x0, 0x7c, &(0x7f0000001840)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001880), &(0x7f00000018c0), 0x8, 0x5a, 0x8, 0x8, &(0x7f0000001900)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x10, 0x18, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000018270000", @ANYRES32=r9, @ANYBLOB="04000000010000008500000010001904d133ec8178a625e5a389ff8a2c966f", @ANYRES32=r6, @ANYBLOB="0000000001000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x500000, 0x1000, &(0x7f0000000700)=""/4096, 0x41100, 0x21, '\x00', 0x0, 0x1f, r6, 0x8, &(0x7f0000001700)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001740)={0x2, 0x7, 0x307b, 0x7fff}, 0x10, r10, r6, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x90) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x401c5820, &(0x7f0000000000)=0x8000) write$cgroup_type(r6, &(0x7f0000000200), 0x9) ioctl$TUNSETLINK(r6, 0x400454cd, 0x320) recvmsg(r6, 0x0, 0x0) close(r6) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x17, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x131c}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x3, 0x1, 0x0, r1}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x1, 0x8, 0x8, 0xa, 0xfffffffffffffffe, 0x1}, @alu={0x4, 0x0, 0x3, 0x6, 0x4, 0xfffffffffffffff0, 0x4}, @generic={0x9, 0x2, 0x6, 0x1000, 0x80000000}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x8, 0x0, 0x0, 0xc3000, 0x0, '\x00', 0x0, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xd, 0x20, 0x2}, 0x10, r3, r0, 0x0, &(0x7f0000000440)=[r1, r1, r1, r1, r6, 0xffffffffffffffff, r1], &(0x7f0000000480), 0x10, 0x7fff}, 0x90) r11 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0)=0x1a0, 0xfffffdef) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x3, 0x8, 0x7, 0x0, 0x3, 0x10008, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000040), 0x16}, 0x14000, 0x1, 0x0, 0x0, 0x6, 0x40, 0xffff, 0x0, 0x4c, 0x0, 0x7f}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad2d1e550000000f0000009524e389a4628ae1eee23e27703c114f77d4fbe5604440c9f6539f37f505e72dc7e618eeaa625c089bfe9d4f7584df3b610fe67ffb063243fa1fb0515b9d022a9df2651e3e8e7f11a72abe0e59da63a4fafd32a423cbaf2a921d5e015c88637b525cd073963caa5cdf85277da92ffc8067816d6a66b42ade1564d6148b3b49816af4ede5"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0xfff, 0x0, 0x1, 0xcd0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x4}, 0x48) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa4, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x4c, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) openat$cgroup(r3, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x87, &(0x7f0000000840)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x35, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) (async) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.controllers\x00', 0x100002, 0x0) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r6, &(0x7f0000000200), 0x23000) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x16, 0x11, &(0x7f00000003c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x2, 0x2, 0x4, 0x4, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @map_fd={0x18, 0xb, 0x1, 0x0, r6}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x8d, &(0x7f0000000480)=""/141, 0x41100, 0x46, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{0x1, 0xffffffffffffffff}, &(0x7f0000000a80), &(0x7f0000000ac0)=r0}, 0x20) r9 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000a798400000000000000000001811", @ANYRES32=r9, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b40)={0xffffffffffffffff, 0x9, 0x18}, 0xc) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0x32600) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x10, 0x11, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x6, 0xb4, &(0x7f0000000380)=""/180, 0x41100, 0x20, '\x00', r2, 0x9, r3, 0x8, &(0x7f0000000700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0xf, 0x4}, 0x10, r4, r0, 0x4, &(0x7f0000000b80)=[r5, r8, r9, 0xffffffffffffffff, r10, 0xffffffffffffffff, 0xffffffffffffffff, r11], &(0x7f0000000bc0)=[{0x5, 0x3, 0x4, 0xc}, {0x5, 0x5, 0x9, 0x4}, {0x0, 0x2, 0xd, 0x2}, {0x3, 0x5, 0x2, 0xb}], 0x10, 0xd769}, 0x90) (async, rerun: 64) r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8) (rerun: 64) r13 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_lsm={0x1d, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="032000000100000018000000db00000000000000ffffffff85200000050000005180ff0000001800000008000000000000000300000095b068db1297e621ae694842ca9e163c3c79e18cff0bb8f084d873d5d122f3b4d9a5838122526517d8d9c9af5b9edfe941376fce4c7a184f14951fdb2e8d6cbf952b52cf4a482fad2ac0e8195a2454ce2cdb6fac48e5a4f61bf5c040a96d1c3d1c66ef6e5c585855bc05b47354d3e9da6f72c3f9173f782e14ad0100f4bc56e24303d7bee5bd09081f5e128856cabd18aee3083e062c444b86976af84f0e710e48b435d48227f7ff00"/232], &(0x7f0000000300)='GPL\x00', 0x6, 0x44, &(0x7f0000000480)=""/68, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xd, 0x9, 0xffffff01}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680)}, 0x90) (async) r14 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000014c0)=ANY=[@ANYRESDEC=r13, @ANYRES32=0x0, @ANYRESHEX=r12, @ANYBLOB="1b8b72abe3da16161fa09c067ff284d0abbc0df3d6c33cad0568287ef6d73adb3d5a8f0b7f2dc5b3edfa670286196f2bdc327ae1579540c1701c577d98570484f3b376bd8e31e9bcf9b74ceccdaa6ee0fe90b59a657ab2e9361cc2706b99e83bc7ba6f8ce9ab74d8b5317837715835fe0ccf16b1421683d384ca7da83e498b0089cca7a1a001e4dee0cc206c25eb6f3319a2ccdbe3a9a49f564240b422d839507ba1de19d71f7495555cbc372714af9442213e5a56346fa73b177292393e3fb4718fa0cc2e786b0b24b0a42f2dfb06ad22f94dc0a6db1bb45216502d950a645abe349842cf06fc86d04e3b0b0ae4d5ce779ce9ff19308789af92238606f5959e4e6966472e0c987bd45dcd214b54367d766238ed83d82b3b1b56eabc21d64229e2788ba50bd425f68a43f38730e287783db618bf0c9044d24b6ca0a77bca7422284ccb72fe11dcc8370320fc09ab0ade4cc423cdc1a78feafd31168bf0be5c2ca69d945101ec86bb5141f8302baa7b40eb478f07ddb96ba09673772400a16940ac7bc8f6"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x0, 0x0) openat$cgroup_ro(r15, &(0x7f0000000880)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xc, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000070000000000000001000000181a0000", @ANYRES32=r15, @ANYBLOB="0000000000000000c86afe315674a964"], &(0x7f0000000780)='syzkaller\x00', 0x8, 0x1e, &(0x7f0000000a80)=""/30, 0x41000, 0x20, '\x00', 0x0, 0xf, r12, 0x8, &(0x7f00000008c0)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r14, 0x4, &(0x7f0000000900)=[r13, r12, r15], &(0x7f0000000a40)=[{0x3, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xa, 0xa}, {0x5, 0x5, 0x8, 0x5}, {0x5, 0x5, 0xb, 0x7}], 0x10, 0x8}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x10, 0x9, &(0x7f0000000dc0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000e40)='GPL\x00', 0x8a1, 0xc, &(0x7f0000000e80)=""/12, 0x41000, 0x38, '\x00', r2, 0x21, r5, 0x8, &(0x7f0000000ec0)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r7, 0x6, &(0x7f0000000f00)=[r6, r1, r1, r8, r3], &(0x7f0000000f40)=[{0x4, 0x3, 0xa, 0xc}, {0x1, 0x5, 0xb, 0xc}, {0x2, 0x4, 0xd, 0xb}, {0x0, 0x4, 0x6, 0x1}, {0x3, 0x5, 0xd, 0x1}, {0x4, 0x5, 0x0, 0x2}]}, 0x90) (async, rerun: 64) r16 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (rerun: 64) r17 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r16}, 0x8) openat$cgroup_ro(r11, &(0x7f0000000d80)='freezer.state\x00', 0x0, 0x0) (async) write$cgroup_int(r17, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1010000, 0x0, 0x0, 0x0}, 0x90) [ 1496.580417][T31625] FAULT_INJECTION: forcing a failure. [ 1496.580417][T31625] name failslab, interval 1, probability 0, space 0, times 0 [ 1496.607172][T31625] CPU: 1 PID: 31625 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1496.617338][T31625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1496.627239][T31625] Call Trace: 22:49:18 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1496.630350][T31625] [ 1496.633128][T31625] dump_stack_lvl+0x151/0x1b7 [ 1496.637643][T31625] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1496.643110][T31625] ? avc_denied+0x1b0/0x1b0 [ 1496.647448][T31625] dump_stack+0x15/0x17 [ 1496.651444][T31625] should_fail+0x3c6/0x510 [ 1496.655694][T31625] __should_failslab+0xa4/0xe0 [ 1496.660291][T31625] ? vm_area_dup+0x26/0x230 [ 1496.664630][T31625] should_failslab+0x9/0x20 [ 1496.668968][T31625] slab_pre_alloc_hook+0x37/0xd0 [ 1496.673743][T31625] ? vm_area_dup+0x26/0x230 [ 1496.678081][T31625] kmem_cache_alloc+0x44/0x200 [ 1496.682680][T31625] vm_area_dup+0x26/0x230 [ 1496.686848][T31625] copy_mm+0x9a1/0x13e0 [ 1496.690851][T31625] ? copy_signal+0x610/0x610 [ 1496.695265][T31625] ? __init_rwsem+0xd6/0x1c0 [ 1496.699693][T31625] ? copy_signal+0x4e3/0x610 [ 1496.704118][T31625] copy_process+0x1149/0x3290 [ 1496.708633][T31625] ? proc_fail_nth_write+0x20b/0x290 [ 1496.713754][T31625] ? fsnotify_perm+0x6a/0x5d0 [ 1496.718265][T31625] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1496.723213][T31625] ? vfs_write+0x9ec/0x1110 [ 1496.727557][T31625] kernel_clone+0x21e/0x9e0 [ 1496.731896][T31625] ? file_end_write+0x1c0/0x1c0 [ 1496.736581][T31625] ? create_io_thread+0x1e0/0x1e0 [ 1496.741437][T31625] ? mutex_unlock+0xb2/0x260 [ 1496.745866][T31625] ? __mutex_lock_slowpath+0x10/0x10 [ 1496.750987][T31625] __x64_sys_clone+0x23f/0x290 [ 1496.755588][T31625] ? __do_sys_vfork+0x130/0x130 [ 1496.760272][T31625] ? ksys_write+0x260/0x2c0 [ 1496.764615][T31625] ? debug_smp_processor_id+0x17/0x20 [ 1496.769822][T31625] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1496.775723][T31625] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1496.781191][T31625] do_syscall_64+0x3d/0xb0 [ 1496.785441][T31625] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1496.791170][T31625] RIP: 0033:0x7f0304509da9 [ 1496.795424][T31625] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1496.814955][T31625] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1496.823198][T31625] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:18 executing program 0: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f00000000c0)='memory.oom.group\x00', 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000001840), 0x9) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000040)={'geneve1\x00', @multicast}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) 22:49:18 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 22:49:18 executing program 0: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f00000000c0)='memory.oom.group\x00', 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000001840), 0x9) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000040)={'geneve1\x00', @multicast}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) (async) openat$cgroup_int(r0, &(0x7f00000000c0)='memory.oom.group\x00', 0x2, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (async) write$cgroup_type(r1, &(0x7f0000001840), 0x9) (async) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000040)={'geneve1\x00', @multicast}) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, 0x2}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) (async) 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0}, 0x90) [ 1496.831009][T31625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1496.838905][T31625] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1496.846718][T31625] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1496.854528][T31625] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1496.862347][T31625] 22:49:18 executing program 0: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f00000000c0)='memory.oom.group\x00', 0x2, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000001840), 0x9) (async) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000040)={'geneve1\x00', @multicast}) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) [ 1496.917893][T31643] FAULT_INJECTION: forcing a failure. [ 1496.917893][T31643] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1496.946349][T31643] CPU: 0 PID: 31643 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1496.956514][T31643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1496.966412][T31643] Call Trace: [ 1496.969534][T31643] [ 1496.972311][T31643] dump_stack_lvl+0x151/0x1b7 [ 1496.976827][T31643] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1496.982287][T31643] ? __alloc_pages+0x27e/0x8f0 [ 1496.986887][T31643] dump_stack+0x15/0x17 [ 1496.990878][T31643] should_fail+0x3c6/0x510 [ 1496.995130][T31643] should_fail_alloc_page+0x5a/0x80 [ 1497.000168][T31643] prepare_alloc_pages+0x15c/0x700 [ 1497.005111][T31643] ? page_ext_put+0x1c/0x30 [ 1497.009453][T31643] ? __alloc_pages_bulk+0xe40/0xe40 [ 1497.014484][T31643] ? post_alloc_hook+0x1a3/0x1b0 [ 1497.019263][T31643] __alloc_pages+0x18c/0x8f0 [ 1497.023689][T31643] ? prep_new_page+0x110/0x110 [ 1497.028287][T31643] ? 0xffffffffa0010000 [ 1497.032277][T31643] ? is_bpf_text_address+0x172/0x190 [ 1497.037400][T31643] pte_alloc_one+0x73/0x1b0 [ 1497.041739][T31643] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1497.046773][T31643] ? arch_stack_walk+0xf3/0x140 [ 1497.051460][T31643] __pte_alloc+0x86/0x350 [ 1497.055626][T31643] ? free_pgtables+0x280/0x280 [ 1497.060229][T31643] ? _raw_spin_lock+0xa4/0x1b0 [ 1497.064828][T31643] ? __kasan_check_write+0x14/0x20 [ 1497.069772][T31643] copy_page_range+0x28a8/0x2f90 [ 1497.074545][T31643] ? __kasan_slab_alloc+0xb1/0xe0 [ 1497.079413][T31643] ? pfn_valid+0x1e0/0x1e0 [ 1497.083659][T31643] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1497.089214][T31643] ? __rb_insert_augmented+0x5de/0x610 [ 1497.094597][T31643] copy_mm+0xc7e/0x13e0 [ 1497.098592][T31643] ? copy_signal+0x610/0x610 [ 1497.103022][T31643] ? __init_rwsem+0xd6/0x1c0 [ 1497.107441][T31643] ? copy_signal+0x4e3/0x610 [ 1497.111870][T31643] copy_process+0x1149/0x3290 [ 1497.116386][T31643] ? proc_fail_nth_write+0x20b/0x290 [ 1497.121501][T31643] ? fsnotify_perm+0x6a/0x5d0 [ 1497.126101][T31643] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1497.131144][T31643] ? vfs_write+0x9ec/0x1110 [ 1497.135501][T31643] kernel_clone+0x21e/0x9e0 [ 1497.139817][T31643] ? file_end_write+0x1c0/0x1c0 [ 1497.144500][T31643] ? create_io_thread+0x1e0/0x1e0 [ 1497.149360][T31643] ? mutex_unlock+0xb2/0x260 [ 1497.153804][T31643] ? __mutex_lock_slowpath+0x10/0x10 [ 1497.158909][T31643] __x64_sys_clone+0x23f/0x290 [ 1497.163511][T31643] ? __do_sys_vfork+0x130/0x130 [ 1497.168193][T31643] ? ksys_write+0x260/0x2c0 [ 1497.172536][T31643] ? debug_smp_processor_id+0x17/0x20 [ 1497.177742][T31643] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1497.183645][T31643] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1497.189111][T31643] do_syscall_64+0x3d/0xb0 [ 1497.193367][T31643] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1497.199092][T31643] RIP: 0033:0x7f0304509da9 [ 1497.203345][T31643] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1497.222787][T31643] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1497.231139][T31643] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1497.238932][T31643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1497.246749][T31643] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1497.254553][T31643] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40286608, &(0x7f0000000040)=0x8) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x80000001, 0x0}, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001c40)={r1, 0x58, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async, rerun: 64) r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0) (rerun: 64) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0xa, 0x3, &(0x7f0000001b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x81}}, &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x4, '\x00', r4, 0x30, r5, 0x8, &(0x7f0000001c80)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, 0x0, &(0x7f0000001cc0)=[{0x4, 0x4, 0x0, 0x1}, {0x3, 0x5, 0xb, 0xb}], 0x10, 0x5}, 0x90) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) (async) r7 = gettid() perf_event_open(&(0x7f0000000640)={0x0, 0x80, 0x0, 0x3, 0x62, 0xec, 0x0, 0x2, 0x12, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000600), 0x11}, 0x1040, 0x9, 0x0, 0x2, 0x4, 0x9, 0x1, 0x0, 0x8, 0x0, 0xffff}, r7, 0x1, 0xffffffffffffffff, 0xa) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000480), &(0x7f0000000580)=r0}, 0x20) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r9, 0x58, &(0x7f0000000580)}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a40)={r6, 0xe0, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001780)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001800)=[0x0], 0x0, 0x7c, &(0x7f0000001840)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001880), &(0x7f00000018c0), 0x8, 0x5a, 0x8, 0x8, &(0x7f0000001900)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x10, 0x18, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000018270000", @ANYRES32=r9, @ANYBLOB="04000000010000008500000010001904d133ec8178a625e5a389ff8a2c966f", @ANYRES32=r6, @ANYBLOB="0000000001000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x500000, 0x1000, &(0x7f0000000700)=""/4096, 0x41100, 0x21, '\x00', 0x0, 0x1f, r6, 0x8, &(0x7f0000001700)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001740)={0x2, 0x7, 0x307b, 0x7fff}, 0x10, r10, r6, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x90) (async) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x401c5820, &(0x7f0000000000)=0x8000) (async) write$cgroup_type(r6, &(0x7f0000000200), 0x9) (async) ioctl$TUNSETLINK(r6, 0x400454cd, 0x320) recvmsg(r6, 0x0, 0x0) (async) close(r6) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x17, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x131c}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x3, 0x1, 0x0, r1}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x1, 0x8, 0x8, 0xa, 0xfffffffffffffffe, 0x1}, @alu={0x4, 0x0, 0x3, 0x6, 0x4, 0xfffffffffffffff0, 0x4}, @generic={0x9, 0x2, 0x6, 0x1000, 0x80000000}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x8, 0x0, 0x0, 0xc3000, 0x0, '\x00', 0x0, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xd, 0x20, 0x2}, 0x10, r3, r0, 0x0, &(0x7f0000000440)=[r1, r1, r1, r1, r6, 0xffffffffffffffff, r1], &(0x7f0000000480), 0x10, 0x7fff}, 0x90) r11 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0)=0x1a0, 0xfffffdef) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x3, 0x8, 0x7, 0x0, 0x3, 0x10008, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000040), 0x16}, 0x14000, 0x1, 0x0, 0x0, 0x6, 0x40, 0xffff, 0x0, 0x4c, 0x0, 0x7f}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2) 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) [ 1497.262363][T31643] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1497.270180][T31643] 22:49:18 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40286608, &(0x7f0000000040)=0x8) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x80000001, 0x0}, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001c40)={r1, 0x58, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0xa, 0x3, &(0x7f0000001b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x81}}, &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x4, '\x00', r4, 0x30, r5, 0x8, &(0x7f0000001c80)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x2, 0x0, &(0x7f0000001cc0)=[{0x4, 0x4, 0x0, 0x1}, {0x3, 0x5, 0xb, 0xb}], 0x10, 0x5}, 0x90) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) r7 = gettid() perf_event_open(&(0x7f0000000640)={0x0, 0x80, 0x0, 0x3, 0x62, 0xec, 0x0, 0x2, 0x12, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000600), 0x11}, 0x1040, 0x9, 0x0, 0x2, 0x4, 0x9, 0x1, 0x0, 0x8, 0x0, 0xffff}, r7, 0x1, 0xffffffffffffffff, 0xa) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000480), &(0x7f0000000580)=r0}, 0x20) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r9, 0x58, &(0x7f0000000580)}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a40)={r6, 0xe0, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001780)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001800)=[0x0], 0x0, 0x7c, &(0x7f0000001840)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001880), &(0x7f00000018c0), 0x8, 0x5a, 0x8, 0x8, &(0x7f0000001900)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x10, 0x18, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000018270000", @ANYRES32=r9, @ANYBLOB="04000000010000008500000010001904d133ec8178a625e5a389ff8a2c966f", @ANYRES32=r6, @ANYBLOB="0000000001000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x500000, 0x1000, &(0x7f0000000700)=""/4096, 0x41100, 0x21, '\x00', 0x0, 0x1f, r6, 0x8, &(0x7f0000001700)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001740)={0x2, 0x7, 0x307b, 0x7fff}, 0x10, r10, r6, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x90) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x401c5820, &(0x7f0000000000)=0x8000) (async) write$cgroup_type(r6, &(0x7f0000000200), 0x9) (async) ioctl$TUNSETLINK(r6, 0x400454cd, 0x320) (async) recvmsg(r6, 0x0, 0x0) close(r6) (async) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x17, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x131c}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x3, 0x1, 0x0, r1}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x1, 0x8, 0x8, 0xa, 0xfffffffffffffffe, 0x1}, @alu={0x4, 0x0, 0x3, 0x6, 0x4, 0xfffffffffffffff0, 0x4}, @generic={0x9, 0x2, 0x6, 0x1000, 0x80000000}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x8, 0x0, 0x0, 0xc3000, 0x0, '\x00', 0x0, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xd, 0x20, 0x2}, 0x10, r3, r0, 0x0, &(0x7f0000000440)=[r1, r1, r1, r1, r6, 0xffffffffffffffff, r1], &(0x7f0000000480), 0x10, 0x7fff}, 0x90) r11 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0)=0x1a0, 0xfffffdef) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x3, 0x8, 0x7, 0x0, 0x3, 0x10008, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000040), 0x16}, 0x14000, 0x1, 0x0, 0x0, 0x6, 0x40, 0xffff, 0x0, 0x4c, 0x0, 0x7f}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2) 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 22:49:18 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x0}, 0x90) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="181000000080005300000000faff0000949764f91691e8eb370000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:18 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @generic={0x8, 0xa, 0xc, 0xff, 0xfffffff9}, @jmp={0x5, 0x0, 0x4, 0x2, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1ff}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x8}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x40, 0xe0, &(0x7f0000000400)=""/224, 0x40f00, 0x4b, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x7, 0x4, 0x7ff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0xfffffff9}, 0x90) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000600)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:18 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="181000000080005300000000faff0000949764f91691e8eb370000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) [ 1497.351950][T31684] FAULT_INJECTION: forcing a failure. [ 1497.351950][T31684] name failslab, interval 1, probability 0, space 0, times 0 [ 1497.389555][T31684] CPU: 1 PID: 31684 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1497.399726][T31684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1497.409620][T31684] Call Trace: [ 1497.412743][T31684] [ 1497.415518][T31684] dump_stack_lvl+0x151/0x1b7 [ 1497.420124][T31684] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1497.425588][T31684] dump_stack+0x15/0x17 [ 1497.429578][T31684] should_fail+0x3c6/0x510 [ 1497.433832][T31684] __should_failslab+0xa4/0xe0 [ 1497.438433][T31684] ? vm_area_dup+0x26/0x230 [ 1497.442769][T31684] should_failslab+0x9/0x20 [ 1497.447110][T31684] slab_pre_alloc_hook+0x37/0xd0 [ 1497.451889][T31684] ? vm_area_dup+0x26/0x230 [ 1497.456227][T31684] kmem_cache_alloc+0x44/0x200 [ 1497.460825][T31684] vm_area_dup+0x26/0x230 [ 1497.464991][T31684] copy_mm+0x9a1/0x13e0 [ 1497.468985][T31684] ? copy_signal+0x610/0x610 [ 1497.473407][T31684] ? __init_rwsem+0xd6/0x1c0 [ 1497.477829][T31684] ? copy_signal+0x4e3/0x610 [ 1497.482256][T31684] copy_process+0x1149/0x3290 [ 1497.486773][T31684] ? proc_fail_nth_write+0x20b/0x290 [ 1497.491894][T31684] ? fsnotify_perm+0x6a/0x5d0 [ 1497.496403][T31684] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1497.501352][T31684] ? vfs_write+0x9ec/0x1110 [ 1497.505692][T31684] kernel_clone+0x21e/0x9e0 [ 1497.510031][T31684] ? file_end_write+0x1c0/0x1c0 [ 1497.514720][T31684] ? create_io_thread+0x1e0/0x1e0 [ 1497.519575][T31684] ? mutex_unlock+0xb2/0x260 [ 1497.524004][T31684] ? __mutex_lock_slowpath+0x10/0x10 [ 1497.529126][T31684] __x64_sys_clone+0x23f/0x290 [ 1497.533725][T31684] ? __do_sys_vfork+0x130/0x130 [ 1497.538507][T31684] ? ksys_write+0x260/0x2c0 [ 1497.542849][T31684] ? debug_smp_processor_id+0x17/0x20 [ 1497.548055][T31684] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1497.553956][T31684] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1497.559428][T31684] do_syscall_64+0x3d/0xb0 [ 1497.563678][T31684] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1497.569406][T31684] RIP: 0033:0x7f0304509da9 [ 1497.573669][T31684] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1497.593187][T31684] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 22:49:19 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="181000000080005300000000faff0000949764f91691e8eb370000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="181000000080005300000000faff0000949764f91691e8eb370000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:19 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0}, 0x90) 22:49:19 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @generic={0x8, 0xa, 0xc, 0xff, 0xfffffff9}, @jmp={0x5, 0x0, 0x4, 0x2, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1ff}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x8}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x40, 0xe0, &(0x7f0000000400)=""/224, 0x40f00, 0x4b, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x7, 0x4, 0x7ff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0xfffffff9}, 0x90) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000600)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 32) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:19 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x8, [@enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x7, 0x80}, {0x9, 0x8}, {0xb, 0x9}]}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0x29, 0x4}, @volatile={0xf}]}, {0x0, [0x5f, 0x30, 0x0, 0x2e, 0x30, 0x0]}}, &(0x7f00000003c0)=""/20, 0x60, 0x14, 0x1, 0x9}, 0x20) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x240}, [@func, @cb_func={0x18, 0x4, 0x4, 0x0, 0x3}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7ff}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000001}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa258}}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0x75, &(0x7f00000002c0)=""/117, 0x41100, 0x44, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x32, 0x100}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000500)=[r2], &(0x7f0000000540)=[{0x0, 0x3, 0x3, 0x1}, {0x2, 0x4, 0x3, 0x4}, {0x4, 0x3, 0x1, 0x1}, {0x2, 0x3, 0xa, 0x1}, {0x4, 0x1, 0xf, 0x1}, {0x3, 0x3, 0xc, 0x1}, {0x3, 0x2, 0x5}, {0x2, 0x2, 0xe, 0x7}], 0x10, 0x5}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:19 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:19 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0}, 0x90) [ 1497.601433][T31684] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1497.609245][T31684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1497.617056][T31684] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1497.625128][T31684] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1497.632937][T31684] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1497.640761][T31684] 22:49:19 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) 22:49:19 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000, 0x0, 0x0, 0x0}, 0x90) 22:49:19 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x50, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1497.717513][T31720] FAULT_INJECTION: forcing a failure. [ 1497.717513][T31720] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1497.736826][T31720] CPU: 0 PID: 31720 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1497.746993][T31720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1497.756881][T31720] Call Trace: [ 1497.760006][T31720] [ 1497.762785][T31720] dump_stack_lvl+0x151/0x1b7 [ 1497.767297][T31720] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1497.772766][T31720] dump_stack+0x15/0x17 [ 1497.776755][T31720] should_fail+0x3c6/0x510 [ 1497.781010][T31720] should_fail_alloc_page+0x5a/0x80 [ 1497.786043][T31720] prepare_alloc_pages+0x15c/0x700 [ 1497.791011][T31720] ? __alloc_pages_bulk+0xe40/0xe40 [ 1497.796024][T31720] __alloc_pages+0x18c/0x8f0 [ 1497.800484][T31720] ? prep_new_page+0x110/0x110 [ 1497.805052][T31720] ? 0xffffffffa0010000 [ 1497.809042][T31720] ? is_bpf_text_address+0x172/0x190 [ 1497.814164][T31720] pte_alloc_one+0x73/0x1b0 [ 1497.818523][T31720] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1497.823536][T31720] ? arch_stack_walk+0xf3/0x140 [ 1497.828224][T31720] __pte_alloc+0x86/0x350 [ 1497.832390][T31720] ? free_pgtables+0x280/0x280 [ 1497.836990][T31720] ? _raw_spin_lock+0xa4/0x1b0 [ 1497.841589][T31720] ? __kasan_check_write+0x14/0x20 [ 1497.846538][T31720] copy_page_range+0x28a8/0x2f90 [ 1497.851309][T31720] ? __kasan_slab_alloc+0xb1/0xe0 [ 1497.856176][T31720] ? pfn_valid+0x1e0/0x1e0 [ 1497.860425][T31720] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1497.865979][T31720] ? __rb_insert_augmented+0x5de/0x610 [ 1497.871278][T31720] copy_mm+0xc7e/0x13e0 [ 1497.875270][T31720] ? copy_signal+0x610/0x610 [ 1497.879690][T31720] ? __init_rwsem+0xd6/0x1c0 [ 1497.884116][T31720] ? copy_signal+0x4e3/0x610 [ 1497.888545][T31720] copy_process+0x1149/0x3290 [ 1497.893058][T31720] ? __kasan_check_write+0x14/0x20 [ 1497.898004][T31720] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1497.902952][T31720] ? compat_start_thread+0x20/0x20 [ 1497.907900][T31720] kernel_clone+0x21e/0x9e0 [ 1497.912239][T31720] ? create_io_thread+0x1e0/0x1e0 [ 1497.917098][T31720] ? finish_task_switch+0x167/0x7b0 [ 1497.922132][T31720] __x64_sys_clone+0x23f/0x290 [ 1497.926741][T31720] ? __do_sys_vfork+0x130/0x130 [ 1497.931421][T31720] ? switch_fpu_return+0x1ed/0x3d0 [ 1497.936370][T31720] ? __kasan_check_read+0x11/0x20 [ 1497.941225][T31720] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 1497.946695][T31720] do_syscall_64+0x3d/0xb0 [ 1497.950949][T31720] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 1497.956587][T31720] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1497.962317][T31720] RIP: 0033:0x7f0304509da9 [ 1497.966574][T31720] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1497.986010][T31720] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1497.994256][T31720] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1498.002065][T31720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1498.009879][T31720] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:19 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) [ 1498.017687][T31720] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1498.025500][T31720] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1498.033316][T31720] 22:49:19 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000, 0x0, 0x0, 0x0}, 0x90) 22:49:19 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:19 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000, 0x0, 0x0, 0x0}, 0x90) [ 1498.114067][T31728] FAULT_INJECTION: forcing a failure. [ 1498.114067][T31728] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1498.146588][T31728] CPU: 1 PID: 31728 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1498.156755][T31728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1498.166649][T31728] Call Trace: [ 1498.169767][T31728] [ 1498.172546][T31728] dump_stack_lvl+0x151/0x1b7 [ 1498.177060][T31728] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1498.182529][T31728] dump_stack+0x15/0x17 [ 1498.186519][T31728] should_fail+0x3c6/0x510 [ 1498.190774][T31728] should_fail_alloc_page+0x5a/0x80 [ 1498.195804][T31728] prepare_alloc_pages+0x15c/0x700 [ 1498.200757][T31728] ? __alloc_pages_bulk+0xe40/0xe40 [ 1498.205787][T31728] __alloc_pages+0x18c/0x8f0 [ 1498.210212][T31728] ? prep_new_page+0x110/0x110 [ 1498.214815][T31728] ? 0xffffffffa0010000 [ 1498.218805][T31728] ? is_bpf_text_address+0x172/0x190 [ 1498.223925][T31728] pte_alloc_one+0x73/0x1b0 [ 1498.228268][T31728] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1498.233300][T31728] ? arch_stack_walk+0xf3/0x140 [ 1498.237988][T31728] __pte_alloc+0x86/0x350 [ 1498.242152][T31728] ? free_pgtables+0x280/0x280 [ 1498.246752][T31728] ? _raw_spin_lock+0xa4/0x1b0 [ 1498.251356][T31728] ? __kasan_check_write+0x14/0x20 [ 1498.256299][T31728] copy_page_range+0x28a8/0x2f90 [ 1498.261074][T31728] ? __kasan_slab_alloc+0xb1/0xe0 [ 1498.265939][T31728] ? pfn_valid+0x1e0/0x1e0 [ 1498.270187][T31728] ? vma_gap_callbacks_rotate+0x1b7/0x210 [ 1498.275740][T31728] ? __rb_insert_augmented+0x5de/0x610 [ 1498.281039][T31728] copy_mm+0xc7e/0x13e0 [ 1498.285031][T31728] ? copy_signal+0x610/0x610 [ 1498.289452][T31728] ? __init_rwsem+0xd6/0x1c0 [ 1498.293881][T31728] ? copy_signal+0x4e3/0x610 [ 1498.298306][T31728] copy_process+0x1149/0x3290 [ 1498.302821][T31728] ? proc_fail_nth_write+0x20b/0x290 [ 1498.307942][T31728] ? fsnotify_perm+0x6a/0x5d0 [ 1498.312454][T31728] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1498.317408][T31728] ? vfs_write+0x9ec/0x1110 [ 1498.321746][T31728] kernel_clone+0x21e/0x9e0 [ 1498.326081][T31728] ? file_end_write+0x1c0/0x1c0 [ 1498.330768][T31728] ? create_io_thread+0x1e0/0x1e0 [ 1498.335717][T31728] ? mutex_unlock+0xb2/0x260 [ 1498.340142][T31728] ? __mutex_lock_slowpath+0x10/0x10 [ 1498.345264][T31728] __x64_sys_clone+0x23f/0x290 [ 1498.349862][T31728] ? __do_sys_vfork+0x130/0x130 [ 1498.354547][T31728] ? ksys_write+0x260/0x2c0 [ 1498.358897][T31728] ? debug_smp_processor_id+0x17/0x20 [ 1498.364093][T31728] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1498.369998][T31728] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1498.375553][T31728] do_syscall_64+0x3d/0xb0 [ 1498.379979][T31728] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1498.385723][T31728] RIP: 0033:0x7f0304509da9 [ 1498.389962][T31728] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 22:49:19 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x300, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @generic={0x8, 0xa, 0xc, 0xff, 0xfffffff9}, @jmp={0x5, 0x0, 0x4, 0x2, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1ff}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x8}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x40, 0xe0, &(0x7f0000000400)=""/224, 0x40f00, 0x4b, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x7, 0x4, 0x7ff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0xfffffff9}, 0x90) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000600)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @generic={0x8, 0xa, 0xc, 0xff, 0xfffffff9}, @jmp={0x5, 0x0, 0x4, 0x2, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1ff}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x8}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x40, 0xe0, &(0x7f0000000400)=""/224, 0x40f00, 0x4b, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x7, 0x4, 0x7ff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0xfffffff9}, 0x90) (async) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000600)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) (async) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) 22:49:20 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x8, [@enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x7, 0x80}, {0x9, 0x8}, {0xb, 0x9}]}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0x29, 0x4}, @volatile={0xf}]}, {0x0, [0x5f, 0x30, 0x0, 0x2e, 0x30, 0x0]}}, &(0x7f00000003c0)=""/20, 0x60, 0x14, 0x1, 0x9}, 0x20) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x240}, [@func, @cb_func={0x18, 0x4, 0x4, 0x0, 0x3}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7ff}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000001}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa258}}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0x75, &(0x7f00000002c0)=""/117, 0x41100, 0x44, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x32, 0x100}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000500)=[r2], &(0x7f0000000540)=[{0x0, 0x3, 0x3, 0x1}, {0x2, 0x4, 0x3, 0x4}, {0x4, 0x3, 0x1, 0x1}, {0x2, 0x3, 0xa, 0x1}, {0x4, 0x1, 0xf, 0x1}, {0x3, 0x3, 0xc, 0x1}, {0x3, 0x2, 0x5}, {0x2, 0x2, 0xe, 0x7}], 0x10, 0x5}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x8, [@enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x7, 0x80}, {0x9, 0x8}, {0xb, 0x9}]}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0x29, 0x4}, @volatile={0xf}]}, {0x0, [0x5f, 0x30, 0x0, 0x2e, 0x30, 0x0]}}, &(0x7f00000003c0)=""/20, 0x60, 0x14, 0x1, 0x9}, 0x20) (async) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x48) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x240}, [@func, @cb_func={0x18, 0x4, 0x4, 0x0, 0x3}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7ff}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000001}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa258}}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0x75, &(0x7f00000002c0)=""/117, 0x41100, 0x44, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x32, 0x100}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000500)=[r2], &(0x7f0000000540)=[{0x0, 0x3, 0x3, 0x1}, {0x2, 0x4, 0x3, 0x4}, {0x4, 0x3, 0x1, 0x1}, {0x2, 0x3, 0xa, 0x1}, {0x4, 0x1, 0xf, 0x1}, {0x3, 0x3, 0xc, 0x1}, {0x3, 0x2, 0x5}, {0x2, 0x2, 0xe, 0x7}], 0x10, 0x5}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) (async) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000, 0x0, 0x0, 0x0}, 0x90) [ 1498.409403][T31728] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1498.417647][T31728] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1498.425721][T31728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1498.433529][T31728] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1498.441339][T31728] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1498.449149][T31728] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1498.456968][T31728] 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x327, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x8, [@enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x7, 0x80}, {0x9, 0x8}, {0xb, 0x9}]}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0x29, 0x4}, @volatile={0xf}]}, {0x0, [0x5f, 0x30, 0x0, 0x2e, 0x30, 0x0]}}, &(0x7f00000003c0)=""/20, 0x60, 0x14, 0x1, 0x9}, 0x20) (async) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x240}, [@func, @cb_func={0x18, 0x4, 0x4, 0x0, 0x3}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7ff}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000001}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa258}}]}, &(0x7f0000000140)='syzkaller\x00', 0x6, 0x75, &(0x7f00000002c0)=""/117, 0x41100, 0x44, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x32, 0x100}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000500)=[r2], &(0x7f0000000540)=[{0x0, 0x3, 0x3, 0x1}, {0x2, 0x4, 0x3, 0x4}, {0x4, 0x3, 0x1, 0x1}, {0x2, 0x3, 0xa, 0x1}, {0x4, 0x1, 0xf, 0x1}, {0x3, 0x3, 0xc, 0x1}, {0x3, 0x2, 0x5}, {0x2, 0x2, 0xe, 0x7}], 0x10, 0x5}, 0x90) (async) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) 22:49:20 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18000000, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x0, &(0x7f0000000540), &(0x7f0000000340)='GPL\x00', 0x0, 0x1000, &(0x7f0000000d40)=""/4096, 0x40f00, 0x32, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x8, 0x3}, 0xfffffffffffffec1, 0x10, &(0x7f0000000700)={0x5, 0x2, 0x8, 0x3}, 0x10, r3, 0xffffffffffffffff, 0x0, &(0x7f00000006c0)=[r4, 0xffffffffffffffff, r4]}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x14, 0x5, &(0x7f0000000140)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}], &(0x7f00000002c0)='GPL\x00', 0x7, 0x1000, &(0x7f0000000300)=""/4096, 0x41100, 0x11, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000001300)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, r0, 0x0, &(0x7f0000001340)=[r1, r1], 0x0, 0x10, 0x12}, 0x90) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000000, 0x0, 0x0, 0x0}, 0x90) [ 1498.602400][T31770] FAULT_INJECTION: forcing a failure. [ 1498.602400][T31770] name failslab, interval 1, probability 0, space 0, times 0 [ 1498.615909][T31770] CPU: 1 PID: 31770 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1498.626080][T31770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1498.635962][T31770] Call Trace: [ 1498.639087][T31770] [ 1498.641864][T31770] dump_stack_lvl+0x151/0x1b7 [ 1498.646378][T31770] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1498.651846][T31770] dump_stack+0x15/0x17 [ 1498.655836][T31770] should_fail+0x3c6/0x510 [ 1498.660090][T31770] __should_failslab+0xa4/0xe0 [ 1498.664691][T31770] ? vm_area_dup+0x26/0x230 [ 1498.669029][T31770] should_failslab+0x9/0x20 [ 1498.673370][T31770] slab_pre_alloc_hook+0x37/0xd0 [ 1498.678141][T31770] ? vm_area_dup+0x26/0x230 [ 1498.682481][T31770] kmem_cache_alloc+0x44/0x200 [ 1498.687082][T31770] vm_area_dup+0x26/0x230 [ 1498.691248][T31770] copy_mm+0x9a1/0x13e0 [ 1498.695242][T31770] ? copy_signal+0x610/0x610 [ 1498.699666][T31770] ? __init_rwsem+0xd6/0x1c0 [ 1498.704093][T31770] ? copy_signal+0x4e3/0x610 [ 1498.708519][T31770] copy_process+0x1149/0x3290 [ 1498.713034][T31770] ? proc_fail_nth_write+0x20b/0x290 [ 1498.718158][T31770] ? fsnotify_perm+0x6a/0x5d0 [ 1498.722667][T31770] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1498.727623][T31770] ? vfs_write+0x9ec/0x1110 [ 1498.731954][T31770] kernel_clone+0x21e/0x9e0 [ 1498.736293][T31770] ? file_end_write+0x1c0/0x1c0 [ 1498.740980][T31770] ? create_io_thread+0x1e0/0x1e0 [ 1498.745839][T31770] ? mutex_unlock+0xb2/0x260 [ 1498.750354][T31770] ? __mutex_lock_slowpath+0x10/0x10 [ 1498.755475][T31770] __x64_sys_clone+0x23f/0x290 [ 1498.760073][T31770] ? __do_sys_vfork+0x130/0x130 [ 1498.764758][T31770] ? ksys_write+0x260/0x2c0 [ 1498.769103][T31770] ? debug_smp_processor_id+0x17/0x20 [ 1498.774307][T31770] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1498.780209][T31770] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1498.785680][T31770] do_syscall_64+0x3d/0xb0 [ 1498.789931][T31770] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1498.795662][T31770] RIP: 0033:0x7f0304509da9 [ 1498.799913][T31770] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1498.819361][T31770] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1498.827602][T31770] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1498.835408][T31770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1498.843219][T31770] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x340, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0}, 0x90) [ 1498.851030][T31770] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1498.858936][T31770] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1498.866746][T31770] 22:49:20 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66) 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x500, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27030000, 0x0, 0x0, 0x0}, 0x90) [ 1498.949303][T31780] FAULT_INJECTION: forcing a failure. [ 1498.949303][T31780] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1498.988786][T31780] CPU: 0 PID: 31780 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1498.998960][T31780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1499.008853][T31780] Call Trace: [ 1499.011977][T31780] [ 1499.014751][T31780] dump_stack_lvl+0x151/0x1b7 [ 1499.019269][T31780] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1499.024738][T31780] dump_stack+0x15/0x17 [ 1499.028727][T31780] should_fail+0x3c6/0x510 [ 1499.033068][T31780] should_fail_alloc_page+0x5a/0x80 [ 1499.038100][T31780] prepare_alloc_pages+0x15c/0x700 [ 1499.043058][T31780] ? __alloc_pages_bulk+0xe40/0xe40 [ 1499.048083][T31780] __alloc_pages+0x18c/0x8f0 [ 1499.052502][T31780] ? prep_new_page+0x110/0x110 [ 1499.057104][T31780] ? 0xffffffffa0010000 [ 1499.061094][T31780] ? is_bpf_text_address+0x172/0x190 [ 1499.066217][T31780] pte_alloc_one+0x73/0x1b0 [ 1499.070554][T31780] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1499.075588][T31780] ? arch_stack_walk+0xf3/0x140 [ 1499.080278][T31780] __pte_alloc+0x86/0x350 [ 1499.084441][T31780] ? free_pgtables+0x280/0x280 [ 1499.089040][T31780] ? _raw_spin_lock+0xa4/0x1b0 [ 1499.093645][T31780] ? __kasan_check_write+0x14/0x20 [ 1499.098599][T31780] copy_page_range+0x28a8/0x2f90 [ 1499.103368][T31780] ? __kasan_slab_alloc+0xb1/0xe0 [ 1499.108230][T31780] ? pfn_valid+0x1e0/0x1e0 [ 1499.112476][T31780] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 1499.118030][T31780] ? __rb_insert_augmented+0x5de/0x610 [ 1499.123328][T31780] copy_mm+0xc7e/0x13e0 [ 1499.127320][T31780] ? copy_signal+0x610/0x610 [ 1499.131743][T31780] ? __init_rwsem+0xd6/0x1c0 [ 1499.136171][T31780] ? copy_signal+0x4e3/0x610 [ 1499.140598][T31780] copy_process+0x1149/0x3290 [ 1499.145111][T31780] ? proc_fail_nth_write+0x20b/0x290 [ 1499.150233][T31780] ? fsnotify_perm+0x6a/0x5d0 [ 1499.154743][T31780] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1499.159692][T31780] ? vfs_write+0x9ec/0x1110 [ 1499.164031][T31780] kernel_clone+0x21e/0x9e0 [ 1499.168368][T31780] ? file_end_write+0x1c0/0x1c0 [ 1499.173055][T31780] ? create_io_thread+0x1e0/0x1e0 [ 1499.177916][T31780] ? mutex_unlock+0xb2/0x260 [ 1499.182344][T31780] ? __mutex_lock_slowpath+0x10/0x10 [ 1499.187606][T31780] __x64_sys_clone+0x23f/0x290 [ 1499.192152][T31780] ? __do_sys_vfork+0x130/0x130 [ 1499.196836][T31780] ? ksys_write+0x260/0x2c0 [ 1499.201178][T31780] ? debug_smp_processor_id+0x17/0x20 [ 1499.206384][T31780] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1499.212288][T31780] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1499.217754][T31780] do_syscall_64+0x3d/0xb0 [ 1499.222007][T31780] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1499.227734][T31780] RIP: 0033:0x7f0304509da9 [ 1499.231990][T31780] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1499.251515][T31780] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1499.259761][T31780] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1499.267574][T31780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1499.275391][T31780] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1499.283198][T31780] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1499.291009][T31780] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x600, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x700, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x0, &(0x7f0000000540), &(0x7f0000000340)='GPL\x00', 0x0, 0x1000, &(0x7f0000000d40)=""/4096, 0x40f00, 0x32, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x8, 0x3}, 0xfffffffffffffec1, 0x10, &(0x7f0000000700)={0x5, 0x2, 0x8, 0x3}, 0x10, r3, 0xffffffffffffffff, 0x0, &(0x7f00000006c0)=[r4, 0xffffffffffffffff, r4]}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x14, 0x5, &(0x7f0000000140)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}], &(0x7f00000002c0)='GPL\x00', 0x7, 0x1000, &(0x7f0000000300)=""/4096, 0x41100, 0x11, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000001300)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, r0, 0x0, &(0x7f0000001340)=[r1, r1], 0x0, 0x10, 0x12}, 0x90) (async) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29010000, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000710300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) [ 1499.298826][T31780] 22:49:20 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35020000, 0x0, 0x0, 0x0}, 0x90) 22:49:20 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000710300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000710300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) 22:49:20 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67) 22:49:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7a2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1499.366380][T31803] FAULT_INJECTION: forcing a failure. [ 1499.366380][T31803] name failslab, interval 1, probability 0, space 0, times 0 [ 1499.383562][T31803] CPU: 1 PID: 31803 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1499.393730][T31803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1499.403703][T31803] Call Trace: [ 1499.406747][T31803] [ 1499.409526][T31803] dump_stack_lvl+0x151/0x1b7 [ 1499.414039][T31803] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1499.419506][T31803] dump_stack+0x15/0x17 [ 1499.423494][T31803] should_fail+0x3c6/0x510 [ 1499.427749][T31803] __should_failslab+0xa4/0xe0 [ 1499.432348][T31803] ? vm_area_dup+0x26/0x230 [ 1499.436687][T31803] should_failslab+0x9/0x20 [ 1499.441030][T31803] slab_pre_alloc_hook+0x37/0xd0 [ 1499.445799][T31803] ? vm_area_dup+0x26/0x230 [ 1499.450139][T31803] kmem_cache_alloc+0x44/0x200 [ 1499.454745][T31803] vm_area_dup+0x26/0x230 [ 1499.458913][T31803] copy_mm+0x9a1/0x13e0 [ 1499.462908][T31803] ? copy_signal+0x610/0x610 [ 1499.467325][T31803] ? __init_rwsem+0xd6/0x1c0 [ 1499.471753][T31803] ? copy_signal+0x4e3/0x610 [ 1499.476177][T31803] copy_process+0x1149/0x3290 [ 1499.480693][T31803] ? proc_fail_nth_write+0x20b/0x290 [ 1499.485809][T31803] ? fsnotify_perm+0x6a/0x5d0 [ 1499.490325][T31803] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1499.495275][T31803] ? vfs_write+0x9ec/0x1110 [ 1499.499613][T31803] kernel_clone+0x21e/0x9e0 [ 1499.503950][T31803] ? file_end_write+0x1c0/0x1c0 [ 1499.508639][T31803] ? create_io_thread+0x1e0/0x1e0 [ 1499.513500][T31803] ? mutex_unlock+0xb2/0x260 [ 1499.517923][T31803] ? __mutex_lock_slowpath+0x10/0x10 [ 1499.523045][T31803] __x64_sys_clone+0x23f/0x290 [ 1499.527646][T31803] ? __do_sys_vfork+0x130/0x130 [ 1499.532330][T31803] ? ksys_write+0x260/0x2c0 [ 1499.536673][T31803] ? debug_smp_processor_id+0x17/0x20 [ 1499.541879][T31803] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1499.547781][T31803] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1499.553248][T31803] do_syscall_64+0x3d/0xb0 [ 1499.557501][T31803] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1499.563229][T31803] RIP: 0033:0x7f0304509da9 [ 1499.567484][T31803] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1499.586922][T31803] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1499.595168][T31803] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1499.602979][T31803] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:21 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000710300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) (async) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c000000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 0: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000, 0x0, 0x0, 0x0}, 0x90) [ 1499.610791][T31803] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1499.618603][T31803] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1499.626414][T31803] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1499.634229][T31803] 22:49:21 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68) 22:49:21 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x900, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1499.705243][T31819] FAULT_INJECTION: forcing a failure. [ 1499.705243][T31819] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1499.719024][T31819] CPU: 0 PID: 31819 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1499.729181][T31819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1499.739075][T31819] Call Trace: [ 1499.742194][T31819] [ 1499.744973][T31819] dump_stack_lvl+0x151/0x1b7 [ 1499.749486][T31819] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1499.754953][T31819] ? bpf_ringbuf_reserve+0x68/0x70 [ 1499.759899][T31819] dump_stack+0x15/0x17 [ 1499.763892][T31819] should_fail+0x3c6/0x510 [ 1499.768145][T31819] should_fail_alloc_page+0x5a/0x80 [ 1499.773189][T31819] prepare_alloc_pages+0x15c/0x700 [ 1499.778125][T31819] ? __alloc_pages+0x8f0/0x8f0 [ 1499.782734][T31819] ? __alloc_pages_bulk+0xe40/0xe40 [ 1499.787763][T31819] __alloc_pages+0x18c/0x8f0 [ 1499.792185][T31819] ? prep_new_page+0x110/0x110 [ 1499.796787][T31819] ? 0xffffffffa0010000 [ 1499.800777][T31819] ? is_bpf_text_address+0x172/0x190 [ 1499.805901][T31819] pte_alloc_one+0x73/0x1b0 [ 1499.810246][T31819] ? pfn_modify_allowed+0x2f0/0x2f0 [ 1499.815274][T31819] ? arch_stack_walk+0xf3/0x140 [ 1499.819960][T31819] __pte_alloc+0x86/0x350 [ 1499.824126][T31819] ? free_pgtables+0x280/0x280 [ 1499.828723][T31819] ? _raw_spin_lock+0xa4/0x1b0 [ 1499.833336][T31819] ? __kasan_check_write+0x14/0x20 [ 1499.838274][T31819] copy_page_range+0x28a8/0x2f90 [ 1499.843047][T31819] ? __kasan_slab_alloc+0xb1/0xe0 [ 1499.847911][T31819] ? pfn_valid+0x1e0/0x1e0 [ 1499.852164][T31819] ? vma_interval_tree_augment_rotate+0x1a3/0x1d0 [ 1499.858420][T31819] copy_mm+0xc7e/0x13e0 [ 1499.862401][T31819] ? copy_signal+0x610/0x610 [ 1499.866827][T31819] ? __init_rwsem+0xd6/0x1c0 [ 1499.871251][T31819] ? copy_signal+0x4e3/0x610 [ 1499.875679][T31819] copy_process+0x1149/0x3290 [ 1499.880193][T31819] ? proc_fail_nth_write+0x20b/0x290 [ 1499.885314][T31819] ? fsnotify_perm+0x6a/0x5d0 [ 1499.889830][T31819] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1499.894773][T31819] ? vfs_write+0x9ec/0x1110 [ 1499.899114][T31819] kernel_clone+0x21e/0x9e0 [ 1499.903454][T31819] ? file_end_write+0x1c0/0x1c0 [ 1499.908141][T31819] ? create_io_thread+0x1e0/0x1e0 [ 1499.912999][T31819] ? mutex_unlock+0xb2/0x260 [ 1499.917428][T31819] ? __mutex_lock_slowpath+0x10/0x10 [ 1499.922550][T31819] __x64_sys_clone+0x23f/0x290 [ 1499.927149][T31819] ? __do_sys_vfork+0x130/0x130 [ 1499.931832][T31819] ? ksys_write+0x260/0x2c0 [ 1499.936174][T31819] ? debug_smp_processor_id+0x17/0x20 [ 1499.941380][T31819] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1499.947283][T31819] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1499.952751][T31819] do_syscall_64+0x3d/0xb0 [ 1499.957006][T31819] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1499.962731][T31819] RIP: 0033:0x7f0304509da9 [ 1499.966987][T31819] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1499.986425][T31819] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1499.994672][T31819] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x19000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f020000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1500.002484][T31819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1500.010292][T31819] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1500.018105][T31819] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1500.025921][T31819] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1500.033731][T31819] 22:49:21 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401, 0x0}, 0x52) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x0, &(0x7f0000000540), &(0x7f0000000340)='GPL\x00', 0x0, 0x1000, &(0x7f0000000d40)=""/4096, 0x40f00, 0x32, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x8, 0x3}, 0xfffffffffffffec1, 0x10, &(0x7f0000000700)={0x5, 0x2, 0x8, 0x3}, 0x10, r3, 0xffffffffffffffff, 0x0, &(0x7f00000006c0)=[r4, 0xffffffffffffffff, r4]}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x14, 0x5, &(0x7f0000000140)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}], &(0x7f00000002c0)='GPL\x00', 0x7, 0x1000, &(0x7f0000000300)=""/4096, 0x41100, 0x11, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000001300)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, r0, 0x0, &(0x7f0000001340)=[r1, r1], 0x0, 0x10, 0x12}, 0x90) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x401}, 0x52) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x0, &(0x7f0000000540), &(0x7f0000000340)='GPL\x00', 0x0, 0x1000, &(0x7f0000000d40)=""/4096, 0x40f00, 0x32, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x8, 0x3}, 0xfffffffffffffec1, 0x10, &(0x7f0000000700)={0x5, 0x2, 0x8, 0x3}, 0x10, r3, 0xffffffffffffffff, 0x0, &(0x7f00000006c0)=[r4, 0xffffffffffffffff, r4]}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x14, 0x5, &(0x7f0000000140)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}], &(0x7f00000002c0)='GPL\x00', 0x7, 0x1000, &(0x7f0000000300)=""/4096, 0x41100, 0x11, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000001300)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, r0, 0x0, &(0x7f0000001340)=[r1, r1], 0x0, 0x10, 0x12}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8) (async) write$cgroup_int(r6, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) 22:49:21 executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x18000000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61000000, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69) 22:49:21 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_serviced\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000007b3a6d7b850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='jbd2_checkpoint\x00', r2}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x5, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800e1ffffffffffffff183000000000000000000040000000099500003a9319b5000000000000008d35bf982fcbc18255658d2afd143d22e2761b13fd729f7cd6b5fecf667c4baf1cdf5a1f3a884b57a9de693e4efb826aab5f8c58a9c022571d18c3594bf932da627fc17534efdd2e8a5d26866d9bda93578d4d4eaa72fc6aa4a271a4bb917d23e6494e90024cd1b69f2045060000000000000006e6c73ccf83e20f533cc79a119d68bca61ed6348177940939131f2316a97f0675c04298d0cdb23126ce1747f56a535f86f294"], &(0x7f0000000540)='syzkaller\x00', 0xd259, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0xa}, 0x8}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=@bloom_filter={0x1e, 0x9, 0x3, 0x1000, 0x80, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0xa}, 0x48) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001480), 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0xc, 0x2, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x3, 0xc, &(0x7f00000004c0)=""/12, 0x40f00, 0xd, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x2, 0xec3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000014c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000011c0)={{0x1}, &(0x7f0000001140), &(0x7f0000001180)='%-010d \x00'}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r6 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x7, '\x00', 0x0, r0, 0x5, 0x1, 0x4}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x3, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0xcf}, @map_idx], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, &(0x7f0000000680)=[0xffffffffffffffff]}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={r0, 0x58, &(0x7f0000000300)}, 0x10) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000d40)={0x1b, 0x0, 0x0, 0x80000001, 0x0, r7, 0x8, '\x00', 0x0, r0, 0x0, 0x2}, 0xffffffffffffffac) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={0x1, 0x58, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r6}, &(0x7f00000007c0), &(0x7f0000000840)='%pS \x00'}, 0x20) r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000980)={r3}, 0x8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_tracing={0x1a, 0x19, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@generic={0x3, 0x6, 0x6, 0x2, 0x4}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @jmp={0x5, 0x0, 0x6, 0x2, 0x3, 0xfffffffffffffffe, 0xffffffffffffffe0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x4a800, 0x0, 0x0, 0x1f00, 0x10, '\x00', r10, 0x17, r3, 0x8, &(0x7f0000000580)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0xb}, 0x10, 0xefda, 0xffffffffffffffff, 0x9, &(0x7f00000009c0)=[r3, r7, r11], &(0x7f0000000a00)=[{0x2, 0x5, 0x6, 0x4}, {0x0, 0x2, 0xe, 0x5}, {0x4, 0x4, 0xe, 0x6}, {0x0, 0x3, 0x8}, {0x3, 0x3, 0x4, 0x4}, {0x5, 0x1, 0x8, 0x7}, {0x5, 0x1, 0x3, 0x4}, {0x3, 0x3, 0x9, 0x3}, {0x4, 0x5, 0x9, 0x4}], 0x10, 0x9}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='jbd2_checkpoint\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x1a000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001040)={r8, 0xe0, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000dc0)=[0x0], &(0x7f0000000e00)=[0x0, 0x0, 0x0], 0x0, 0x4a, &(0x7f0000000e40)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000e80), &(0x7f0000000ec0), 0x8, 0x29, 0x8, 0x8, &(0x7f0000000f00)}}, 0x10) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r12, 0x40086607, 0x20001412) [ 1500.156121][T31841] FAULT_INJECTION: forcing a failure. [ 1500.156121][T31841] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.170054][T31841] CPU: 0 PID: 31841 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1500.180217][T31841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1500.190107][T31841] Call Trace: [ 1500.193233][T31841] [ 1500.196009][T31841] dump_stack_lvl+0x151/0x1b7 [ 1500.200523][T31841] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1500.205989][T31841] dump_stack+0x15/0x17 [ 1500.209977][T31841] should_fail+0x3c6/0x510 [ 1500.214234][T31841] __should_failslab+0xa4/0xe0 [ 1500.218981][T31841] ? anon_vma_clone+0x9a/0x500 [ 1500.223576][T31841] should_failslab+0x9/0x20 [ 1500.227914][T31841] slab_pre_alloc_hook+0x37/0xd0 [ 1500.232689][T31841] ? anon_vma_clone+0x9a/0x500 [ 1500.237288][T31841] kmem_cache_alloc+0x44/0x200 [ 1500.241987][T31841] anon_vma_clone+0x9a/0x500 [ 1500.246402][T31841] anon_vma_fork+0x91/0x4e0 [ 1500.250741][T31841] ? anon_vma_name+0x43/0x70 [ 1500.255165][T31841] ? vm_area_dup+0x17a/0x230 [ 1500.259592][T31841] copy_mm+0xa3a/0x13e0 [ 1500.263596][T31841] ? copy_signal+0x610/0x610 [ 1500.268011][T31841] ? __init_rwsem+0xd6/0x1c0 [ 1500.272437][T31841] ? copy_signal+0x4e3/0x610 [ 1500.276866][T31841] copy_process+0x1149/0x3290 [ 1500.281378][T31841] ? proc_fail_nth_write+0x20b/0x290 [ 1500.286505][T31841] ? fsnotify_perm+0x6a/0x5d0 [ 1500.291012][T31841] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1500.295967][T31841] ? vfs_write+0x9ec/0x1110 [ 1500.300308][T31841] kernel_clone+0x21e/0x9e0 [ 1500.304640][T31841] ? file_end_write+0x1c0/0x1c0 [ 1500.309328][T31841] ? create_io_thread+0x1e0/0x1e0 [ 1500.314199][T31841] ? mutex_unlock+0xb2/0x260 [ 1500.318611][T31841] ? __mutex_lock_slowpath+0x10/0x10 [ 1500.323734][T31841] __x64_sys_clone+0x23f/0x290 [ 1500.328340][T31841] ? __do_sys_vfork+0x130/0x130 [ 1500.333029][T31841] ? ksys_write+0x260/0x2c0 [ 1500.337363][T31841] ? debug_smp_processor_id+0x17/0x20 [ 1500.342565][T31841] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1500.348468][T31841] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1500.353937][T31841] do_syscall_64+0x3d/0xb0 [ 1500.358189][T31841] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1500.363941][T31841] RIP: 0033:0x7f0304509da9 [ 1500.368181][T31841] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1500.387625][T31841] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1500.395856][T31841] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 22:49:21 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:21 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0xd8, &(0x7f0000000500)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x63, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x36, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8a4f0d8, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x59}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000080)='syzkaller\x00', 0x20, 0x1e, &(0x7f00000000c0)=""/30, 0x41000, 0x5d, '\x00', r6, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x2, 0x5, 0x1, 0x7fff}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000780)=[{0x5, 0x2, 0x1, 0x8}, {0x1, 0x2, 0x6, 0x4}], 0x10, 0x5}, 0x90) 22:49:21 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61020000, 0x0, 0x0, 0x0}, 0x90) [ 1500.403666][T31841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1500.411477][T31841] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1500.419290][T31841] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1500.427100][T31841] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1500.434919][T31841] 22:49:22 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70) 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 32) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 32) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) (async, rerun: 64) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0xd8, &(0x7f0000000500)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x63, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10) (rerun: 64) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x36, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8a4f0d8, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x59}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000080)='syzkaller\x00', 0x20, 0x1e, &(0x7f00000000c0)=""/30, 0x41000, 0x5d, '\x00', r6, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x2, 0x5, 0x1, 0x7fff}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000780)=[{0x5, 0x2, 0x1, 0x8}, {0x1, 0x2, 0x6, 0x4}], 0x10, 0x5}, 0x90) [ 1500.620454][T31866] FAULT_INJECTION: forcing a failure. [ 1500.620454][T31866] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.633140][T31866] CPU: 1 PID: 31866 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1500.643291][T31866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1500.653182][T31866] Call Trace: [ 1500.656333][T31866] [ 1500.659082][T31866] dump_stack_lvl+0x151/0x1b7 [ 1500.663594][T31866] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1500.669065][T31866] dump_stack+0x15/0x17 [ 1500.673053][T31866] should_fail+0x3c6/0x510 [ 1500.677308][T31866] __should_failslab+0xa4/0xe0 [ 1500.681905][T31866] ? vm_area_dup+0x26/0x230 [ 1500.686275][T31866] should_failslab+0x9/0x20 [ 1500.690586][T31866] slab_pre_alloc_hook+0x37/0xd0 [ 1500.695358][T31866] ? vm_area_dup+0x26/0x230 [ 1500.699699][T31866] kmem_cache_alloc+0x44/0x200 [ 1500.704300][T31866] vm_area_dup+0x26/0x230 [ 1500.708463][T31866] copy_mm+0x9a1/0x13e0 [ 1500.712461][T31866] ? copy_signal+0x610/0x610 [ 1500.716883][T31866] ? __init_rwsem+0xd6/0x1c0 [ 1500.721310][T31866] ? copy_signal+0x4e3/0x610 [ 1500.725737][T31866] copy_process+0x1149/0x3290 [ 1500.730268][T31866] ? proc_fail_nth_write+0x20b/0x290 [ 1500.735373][T31866] ? fsnotify_perm+0x6a/0x5d0 [ 1500.739883][T31866] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1500.744831][T31866] ? vfs_write+0x9ec/0x1110 [ 1500.749172][T31866] kernel_clone+0x21e/0x9e0 [ 1500.753511][T31866] ? file_end_write+0x1c0/0x1c0 [ 1500.758198][T31866] ? create_io_thread+0x1e0/0x1e0 [ 1500.763058][T31866] ? mutex_unlock+0xb2/0x260 [ 1500.767485][T31866] ? __mutex_lock_slowpath+0x10/0x10 [ 1500.772606][T31866] __x64_sys_clone+0x23f/0x290 [ 1500.777205][T31866] ? __do_sys_vfork+0x130/0x130 [ 1500.781891][T31866] ? ksys_write+0x260/0x2c0 [ 1500.786231][T31866] ? debug_smp_processor_id+0x17/0x20 [ 1500.791439][T31866] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1500.797349][T31866] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1500.802807][T31866] do_syscall_64+0x3d/0xb0 [ 1500.807060][T31866] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1500.812789][T31866] RIP: 0033:0x7f0304509da9 [ 1500.817046][T31866] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1500.836483][T31866] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1500.844731][T31866] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1500.852539][T31866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1500.860350][T31866] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) (async) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) (async) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, 0xffffffffffffffff}, 0x4) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0xd8, &(0x7f0000000500)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x63, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x36, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8a4f0d8, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x59}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000080)='syzkaller\x00', 0x20, 0x1e, &(0x7f00000000c0)=""/30, 0x41000, 0x5d, '\x00', r6, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x2, 0x5, 0x1, 0x7fff}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000780)=[{0x5, 0x2, 0x1, 0x8}, {0x1, 0x2, 0x6, 0x4}], 0x10, 0x5}, 0x90) 22:49:22 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71) 22:49:22 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_serviced\x00', 0x0, 0x0) (async, rerun: 32) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000007b3a6d7b850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async, rerun: 32) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='jbd2_checkpoint\x00', r2}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x5, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800e1ffffffffffffff183000000000000000000040000000099500003a9319b5000000000000008d35bf982fcbc18255658d2afd143d22e2761b13fd729f7cd6b5fecf667c4baf1cdf5a1f3a884b57a9de693e4efb826aab5f8c58a9c022571d18c3594bf932da627fc17534efdd2e8a5d26866d9bda93578d4d4eaa72fc6aa4a271a4bb917d23e6494e90024cd1b69f2045060000000000000006e6c73ccf83e20f533cc79a119d68bca61ed6348177940939131f2316a97f0675c04298d0cdb23126ce1747f56a535f86f294"], &(0x7f0000000540)='syzkaller\x00', 0xd259, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0xa}, 0x8}, 0x90) (async) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=@bloom_filter={0x1e, 0x9, 0x3, 0x1000, 0x80, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0xa}, 0x48) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001480), 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0xc, 0x2, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x3, 0xc, &(0x7f00000004c0)=""/12, 0x40f00, 0xd, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x2, 0xec3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000014c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000011c0)={{0x1}, &(0x7f0000001140), &(0x7f0000001180)='%-010d \x00'}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async) r6 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) (async, rerun: 32) r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (rerun: 32) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x7, '\x00', 0x0, r0, 0x5, 0x1, 0x4}, 0x48) (async) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x3, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0xcf}, @map_idx], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, &(0x7f0000000680)=[0xffffffffffffffff]}, 0x90) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={r0, 0x58, &(0x7f0000000300)}, 0x10) (async) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000d40)={0x1b, 0x0, 0x0, 0x80000001, 0x0, r7, 0x8, '\x00', 0x0, r0, 0x0, 0x2}, 0xffffffffffffffac) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={0x1, 0x58, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r6}, &(0x7f00000007c0), &(0x7f0000000840)='%pS \x00'}, 0x20) (async, rerun: 32) r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000980)={r3}, 0x8) (rerun: 32) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_tracing={0x1a, 0x19, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@generic={0x3, 0x6, 0x6, 0x2, 0x4}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @jmp={0x5, 0x0, 0x6, 0x2, 0x3, 0xfffffffffffffffe, 0xffffffffffffffe0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x4a800, 0x0, 0x0, 0x1f00, 0x10, '\x00', r10, 0x17, r3, 0x8, &(0x7f0000000580)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0xb}, 0x10, 0xefda, 0xffffffffffffffff, 0x9, &(0x7f00000009c0)=[r3, r7, r11], &(0x7f0000000a00)=[{0x2, 0x5, 0x6, 0x4}, {0x0, 0x2, 0xe, 0x5}, {0x4, 0x4, 0xe, 0x6}, {0x0, 0x3, 0x8}, {0x3, 0x3, 0x4, 0x4}, {0x5, 0x1, 0x8, 0x7}, {0x5, 0x1, 0x3, 0x4}, {0x3, 0x3, 0x9, 0x3}, {0x4, 0x5, 0x9, 0x4}], 0x10, 0x9}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='jbd2_checkpoint\x00', r1}, 0x10) (async) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x1a000) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001040)={r8, 0xe0, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000dc0)=[0x0], &(0x7f0000000e00)=[0x0, 0x0, 0x0], 0x0, 0x4a, &(0x7f0000000e40)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000e80), &(0x7f0000000ec0), 0x8, 0x29, 0x8, 0x8, &(0x7f0000000f00)}}, 0x10) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r12, 0x40086607, 0x20001412) 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62000000, 0x0, 0x0, 0x0}, 0x90) [ 1500.868160][T31866] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1500.875976][T31866] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1500.883790][T31866] 22:49:22 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63000000, 0x0, 0x0, 0x0}, 0x90) [ 1500.950728][T31886] FAULT_INJECTION: forcing a failure. [ 1500.950728][T31886] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.963257][T31886] CPU: 1 PID: 31886 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1500.973405][T31886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1500.983307][T31886] Call Trace: [ 1500.986434][T31886] [ 1500.989203][T31886] dump_stack_lvl+0x151/0x1b7 [ 1500.993713][T31886] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1500.999180][T31886] dump_stack+0x15/0x17 [ 1501.003170][T31886] should_fail+0x3c6/0x510 [ 1501.007422][T31886] __should_failslab+0xa4/0xe0 [ 1501.012020][T31886] ? anon_vma_fork+0xf7/0x4e0 [ 1501.016537][T31886] should_failslab+0x9/0x20 [ 1501.020875][T31886] slab_pre_alloc_hook+0x37/0xd0 [ 1501.025649][T31886] ? anon_vma_fork+0xf7/0x4e0 [ 1501.030170][T31886] kmem_cache_alloc+0x44/0x200 [ 1501.034763][T31886] anon_vma_fork+0xf7/0x4e0 [ 1501.039103][T31886] ? anon_vma_name+0x43/0x70 [ 1501.043529][T31886] ? vm_area_dup+0x17a/0x230 [ 1501.047954][T31886] copy_mm+0xa3a/0x13e0 [ 1501.051948][T31886] ? copy_signal+0x610/0x610 [ 1501.056372][T31886] ? __init_rwsem+0xd6/0x1c0 [ 1501.060800][T31886] ? copy_signal+0x4e3/0x610 [ 1501.065224][T31886] copy_process+0x1149/0x3290 [ 1501.069850][T31886] ? proc_fail_nth_write+0x20b/0x290 [ 1501.074960][T31886] ? fsnotify_perm+0x6a/0x5d0 [ 1501.079474][T31886] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1501.084421][T31886] ? vfs_write+0x9ec/0x1110 [ 1501.088764][T31886] kernel_clone+0x21e/0x9e0 [ 1501.093099][T31886] ? file_end_write+0x1c0/0x1c0 [ 1501.097785][T31886] ? create_io_thread+0x1e0/0x1e0 [ 1501.102645][T31886] ? mutex_unlock+0xb2/0x260 [ 1501.107071][T31886] ? __mutex_lock_slowpath+0x10/0x10 [ 1501.112196][T31886] __x64_sys_clone+0x23f/0x290 [ 1501.116793][T31886] ? __do_sys_vfork+0x130/0x130 [ 1501.121478][T31886] ? ksys_write+0x260/0x2c0 [ 1501.125820][T31886] ? debug_smp_processor_id+0x17/0x20 [ 1501.131026][T31886] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1501.136929][T31886] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1501.142396][T31886] do_syscall_64+0x3d/0xb0 [ 1501.146648][T31886] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1501.152418][T31886] RIP: 0033:0x7f0304509da9 [ 1501.156630][T31886] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1501.176198][T31886] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1501.184402][T31886] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1501.192214][T31886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000f00)=ANY=[@ANYBLOB="180000ce000080005300000000faff0000940000000fad412e550000f20e00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000007c0)=[0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xf0, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x3a, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000dc0)={r0, 0xe0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x9b, &(0x7f0000000bc0)=[{}], 0x8, 0x10, &(0x7f0000000c00), &(0x7f0000000c40), 0x8, 0x9c, 0x8, 0x8, &(0x7f0000000c80)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1e, 0x13, &(0x7f0000000580)=@raw=[@call={0x85, 0x0, 0x0, 0x13}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc7b, 0x0, 0x0, 0x0, 0x2}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @map_fd={0x18, 0xb, 0x1, 0x0, r1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}}], &(0x7f0000000640)='GPL\x00', 0x6e6, 0xc8, &(0x7f0000000680)=""/200, 0x41100, 0x7, '\x00', r2, 0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x1, 0x6, 0x0, 0x8}, 0x10, r3, r0, 0x0, &(0x7f0000000e00)=[r1, r1, r1, r1], 0x0, 0x10, 0xbd}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) write$cgroup_int(r5, &(0x7f00000001c0)=0x1a0, 0xfffffdef) openat$cgroup_ro(r5, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x19, &(0x7f00000002c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @generic={0x3f, 0x5, 0x6, 0x3, 0x7fffffff}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x15, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x0, 0xfff, 0x1f}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r1, r1, r1, r5, r5, r1], &(0x7f0000000400)=[{0x2, 0x1, 0x6, 0xa}, {0x4, 0x5, 0x8, 0x1}, {0x3, 0x2, 0x10, 0x6}, {0x4, 0x3, 0x4, 0xa}, {0x4, 0x2, 0x10, 0x3}], 0x10, 0xfffffffe}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mmc_request_done\x00', r6}, 0x10) [ 1501.200114][T31886] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1501.207923][T31886] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1501.215737][T31886] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1501.223553][T31886] [ 1501.230593][T31886] ------------[ cut here ]------------ [ 1501.235997][T31886] refcount_t: underflow; use-after-free. [ 1501.241818][T31886] WARNING: CPU: 0 PID: 31886 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0 22:49:22 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_serviced\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000007b3a6d7b850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='jbd2_checkpoint\x00', r2}, 0x10) (async) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x5, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800e1ffffffffffffff183000000000000000000040000000099500003a9319b5000000000000008d35bf982fcbc18255658d2afd143d22e2761b13fd729f7cd6b5fecf667c4baf1cdf5a1f3a884b57a9de693e4efb826aab5f8c58a9c022571d18c3594bf932da627fc17534efdd2e8a5d26866d9bda93578d4d4eaa72fc6aa4a271a4bb917d23e6494e90024cd1b69f2045060000000000000006e6c73ccf83e20f533cc79a119d68bca61ed6348177940939131f2316a97f0675c04298d0cdb23126ce1747f56a535f86f294"], &(0x7f0000000540)='syzkaller\x00', 0xd259, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0xa}, 0x8}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=@bloom_filter={0x1e, 0x9, 0x3, 0x1000, 0x80, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0xa}, 0x48) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001480), 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0xc, 0x2, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x3, 0xc, &(0x7f00000004c0)=""/12, 0x40f00, 0xd, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x2, 0xec3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000014c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000011c0)={{0x1}, &(0x7f0000001140), &(0x7f0000001180)='%-010d \x00'}, 0x20) (async) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r6 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x7, '\x00', 0x0, r0, 0x5, 0x1, 0x4}, 0x48) (async) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x3, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0xcf}, @map_idx], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, &(0x7f0000000680)=[0xffffffffffffffff]}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={r0, 0x58, &(0x7f0000000300)}, 0x10) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000d40)={0x1b, 0x0, 0x0, 0x80000001, 0x0, r7, 0x8, '\x00', 0x0, r0, 0x0, 0x2}, 0xffffffffffffffac) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={0x1, 0x58, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r6}, &(0x7f00000007c0), &(0x7f0000000840)='%pS \x00'}, 0x20) (async) r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000980)={r3}, 0x8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_tracing={0x1a, 0x19, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@generic={0x3, 0x6, 0x6, 0x2, 0x4}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @jmp={0x5, 0x0, 0x6, 0x2, 0x3, 0xfffffffffffffffe, 0xffffffffffffffe0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='GPL\x00', 0x4a800, 0x0, 0x0, 0x1f00, 0x10, '\x00', r10, 0x17, r3, 0x8, &(0x7f0000000580)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0xb}, 0x10, 0xefda, 0xffffffffffffffff, 0x9, &(0x7f00000009c0)=[r3, r7, r11], &(0x7f0000000a00)=[{0x2, 0x5, 0x6, 0x4}, {0x0, 0x2, 0xe, 0x5}, {0x4, 0x4, 0xe, 0x6}, {0x0, 0x3, 0x8}, {0x3, 0x3, 0x4, 0x4}, {0x5, 0x1, 0x8, 0x7}, {0x5, 0x1, 0x3, 0x4}, {0x3, 0x3, 0x9, 0x3}, {0x4, 0x5, 0x9, 0x4}], 0x10, 0x9}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='jbd2_checkpoint\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) (async) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x1a000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001040)={r8, 0xe0, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000dc0)=[0x0], &(0x7f0000000e00)=[0x0, 0x0, 0x0], 0x0, 0x4a, &(0x7f0000000e40)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000e80), &(0x7f0000000ec0), 0x8, 0x29, 0x8, 0x8, &(0x7f0000000f00)}}, 0x10) (async) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r12, 0x40086607, 0x20001412) 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69000000, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000f00)=ANY=[@ANYBLOB="180000ce000080005300000000faff0000940000000fad412e550000f20e00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000f00)=ANY=[@ANYBLOB="180000ce000080005300000000faff0000940000000fad412e550000f20e00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000007c0)=[0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xf0, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x3a, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000dc0)={r0, 0xe0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x9b, &(0x7f0000000bc0)=[{}], 0x8, 0x10, &(0x7f0000000c00), &(0x7f0000000c40), 0x8, 0x9c, 0x8, 0x8, &(0x7f0000000c80)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1e, 0x13, &(0x7f0000000580)=@raw=[@call={0x85, 0x0, 0x0, 0x13}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc7b, 0x0, 0x0, 0x0, 0x2}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @map_fd={0x18, 0xb, 0x1, 0x0, r1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}}], &(0x7f0000000640)='GPL\x00', 0x6e6, 0xc8, &(0x7f0000000680)=""/200, 0x41100, 0x7, '\x00', r2, 0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x1, 0x6, 0x0, 0x8}, 0x10, r3, r0, 0x0, &(0x7f0000000e00)=[r1, r1, r1, r1], 0x0, 0x10, 0xbd}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) (async) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) write$cgroup_int(r5, &(0x7f00000001c0)=0x1a0, 0xfffffdef) openat$cgroup_ro(r5, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) (async) openat$cgroup_ro(r5, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x19, &(0x7f00000002c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @generic={0x3f, 0x5, 0x6, 0x3, 0x7fffffff}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x15, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x0, 0xfff, 0x1f}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r1, r1, r1, r5, r5, r1], &(0x7f0000000400)=[{0x2, 0x1, 0x6, 0xa}, {0x4, 0x5, 0x8, 0x1}, {0x3, 0x2, 0x10, 0x6}, {0x4, 0x3, 0x4, 0xa}, {0x4, 0x2, 0x10, 0x3}], 0x10, 0xfffffffe}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mmc_request_done\x00', r6}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mmc_request_done\x00', r6}, 0x10) [ 1501.253204][T31886] Modules linked in: [ 1501.259232][T31886] CPU: 0 PID: 31886 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1501.279970][T31886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1501.291108][T31886] RIP: 0010:refcount_warn_saturate+0x158/0x1a0 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a000000, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000f00)=ANY=[@ANYBLOB="180000ce000080005300000000faff0000940000000fad412e550000f20e00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000007c0)=[0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xf0, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x3a, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000dc0)={r0, 0xe0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000b00)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x9b, &(0x7f0000000bc0)=[{}], 0x8, 0x10, &(0x7f0000000c00), &(0x7f0000000c40), 0x8, 0x9c, 0x8, 0x8, &(0x7f0000000c80)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1e, 0x13, &(0x7f0000000580)=@raw=[@call={0x85, 0x0, 0x0, 0x13}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc7b, 0x0, 0x0, 0x0, 0x2}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @map_fd={0x18, 0xb, 0x1, 0x0, r1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}}], &(0x7f0000000640)='GPL\x00', 0x6e6, 0xc8, &(0x7f0000000680)=""/200, 0x41100, 0x7, '\x00', r2, 0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x1, 0x6, 0x0, 0x8}, 0x10, r3, r0, 0x0, &(0x7f0000000e00)=[r1, r1, r1, r1], 0x0, 0x10, 0xbd}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) write$cgroup_int(r5, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) write$cgroup_int(r5, &(0x7f00000001c0)=0x1a0, 0xfffffdef) openat$cgroup_ro(r5, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) (async) openat$cgroup_ro(r5, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x19, &(0x7f00000002c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x1}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @generic={0x3f, 0x5, 0x6, 0x3, 0x7fffffff}, @map_fd={0x18, 0x5, 0x1, 0x0, r1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x15, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x0, 0xfff, 0x1f}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r1, r1, r1, r5, r5, r1], &(0x7f0000000400)=[{0x2, 0x1, 0x6, 0xa}, {0x4, 0x5, 0x8, 0x1}, {0x3, 0x2, 0x10, 0x6}, {0x4, 0x3, 0x4, 0xa}, {0x4, 0x2, 0x10, 0x3}], 0x10, 0xfffffffe}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mmc_request_done\x00', r6}, 0x10) 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:22 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x9fffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x4}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r0, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000680)=[0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000400), 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3, 0xb, &(0x7f0000000d00)=ANY=[@ANYBLOB="4a4d356fe97677fcf6bda6c6d4bb34fd7dabf25456c54b07e3d26dad9e8c0ab398dcfa110bd30b24a3e250261592d2d55e2862eb259164b254360a4624049d431a839171350dfda62027efaec13894bf1a18313fbcbd86c2bfbef3246bb77336987001a71e8b6ea628281247cd69d92a765ba29e0a520008000000000000eedf5eef91283dfed04f44e0f3e4abc64adae0fdcc8a9cfbe3a8c2ac305ef001f1f8392816eedfcc34d79ca08ff7e491d25b19b57a31c4debf3da55d5b1838764359d0e3aae2d8ce2d1a1e0279d8705fa250fc52e5e3b5b439fa62"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', r2, 0x14, r3, 0x8, &(0x7f00000009c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x2, 0x4, 0x3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a40)=[0xffffffffffffffff, 0x1, r1, 0xffffffffffffffff]}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x4, &(0x7f0000000c80)=ANY=[], &(0x7f0000000cc0)='GPL\x00', 0x0, 0xe5, &(0x7f0000000bc0)=""/229, 0x41000, 0x14, '\x00', r2, 0x0, r0, 0x8, &(0x7f0000000300)={0x9}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0x10, 0x0, 0xfff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r0, r4, r0], 0x0, 0x10, 0x1}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='freezer.state\x00', 0x26e1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000140), 0x2, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7) openat$cgroup_int(r6, &(0x7f00000000c0)='cpu.idle\x00', 0x2, 0x0) mkdirat$cgroup(r6, &(0x7f0000000100)='syz0\x00', 0x1ff) write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1) 22:49:22 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1501.311723][T31886] Code: 04 01 48 c7 c7 40 c8 82 85 e8 e4 9e dc fe 0f 0b eb 8b e8 6b 49 0b ff c6 05 73 8e 9e 04 01 48 c7 c7 a0 c8 82 85 e8 c8 9e dc fe <0f> 0b e9 6c ff ff ff e8 4c 49 0b ff c6 05 55 8e 9e 04 01 48 c7 c7 [ 1501.339598][T31886] RSP: 0018:ffffc90000a17968 EFLAGS: 00010246 [ 1501.349547][T31886] RAX: 038d3eb4d259e700 RBX: 0000000000000003 RCX: 0000000000040000 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b000000, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) (async) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) (async) write$cgroup_int(r2, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70000000, 0x0, 0x0, 0x0}, 0x90) 22:49:22 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x0, 0x4, 0x1000, &(0x7f0000000300)=""/4096}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x10}, 0xc) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000002240)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYRES8=r6], 0x32600) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002180)={0x18, 0x13, &(0x7f0000001300)=@raw=[@ldst={0x2, 0x3, 0x3, 0x8, 0x8}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @generic={0x6, 0x6, 0x0, 0x1}, @generic={0x0, 0xf, 0x3, 0xeb, 0x5}, @map_idx={0x18, 0x2}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9e3}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}], 0x0, 0xfffffff9, 0x40, &(0x7f0000001e40)=""/64, 0x0, 0x5c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001ec0)={0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000002140)=[r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000002dc0)='cgroup.events\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x0, 0x15, &(0x7f0000002880)=ANY=[@ANYBLOB="1800000006000000000000001e00000036110000c51c9119d0be689dd5ec6ec05fbd03d008be8463b02aade605541663cd4860bf35bc163e6dcc0af286ebfffd22b7f25cb56536fb69bf7662b4a86c5b698907e00721c11a4429a5e8fb1a4f01dbb47de987fdbe2ccecddbd5f22c478780d4a95fe585b89c7823119dcf760c9f31cd12e8773c497ec3a8ce69d26384dd00fd47e3ae1e98249db88a8cc0681e791294e05ddc286c5429c47a167207e846b3b0dc5678bd442cbad8c2f930a7a3b40d0c7b8bace88f7c7882071398b2622fcaf30f87ef85f4d188c27bae4bc233f5acedc4097d3c87e314a1c8966d4e961ade55bf4c1f1eb1bd01fbd294f2cc4596257b2755dd9bdd", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000095000000000000005807119afc608d70a5a8924ee86627b1a6231e7246625f4eca2ff937ea644738ebc164cdfc6523a58339fc2a99d2e8fcec976db25d0647f69ea69701f1fdfbe54ef971d50de2f8d620c40fb166b1f9ae5f63772c8145cd97c242ef3a2ed454cdf4f03e84d625c4278327fa68f82eb12978dcf892001000002377d65c6cc6d4283fb551fc8179cbb7018499d0058e1f86418c490d45d43084510e6891921f49d9b7e50b0c1319dc63aaaa83232bb304737c6e397ec50cb56a8bc1f193a0c8cd5655baa63560c43c1d3fe31cd2382379f8a8a83053190baaf834ba03fd04013e378a28b83f8183803d8a861687ee63169ccfab6b67db8d411e2424181c2e5f0a115eb721aaba02401da08e37cfa197ca8fbf3e48472e37535da542542235047834a20000000000000000000000000000003cb561318ddcbce23ce530fdb6f9cb5654765a4d5c0f88f8720b918b9bb7c7ac1ccbca0711cdcb6ea2d8570b8487805c6d722297c65655e024c4b05c6b924495ff27bf519cd32b7a0ef8d283b17f0babb4ff5c75b354075d6f4622f4a5479e05cda68a0f19a3a8aa01d4f07c14ecaa8d0a553e21e89c6190d833fb0fc8fc4c53e7d56e02737b968aafa7f94ce6b37c040d5c58", @ANYRES32=r7, @ANYBLOB="000000000000000085100000fcffffff18600000030000000000000003000000bf91000000000000b70200000100000085000000"], &(0x7f0000001740)='syzkaller\x00', 0x0, 0x4, &(0x7f0000001780)=""/4, 0x40f00, 0x2a, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f00000017c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001800)={0x2, 0x7, 0x9}, 0x10, 0x0, r5, 0x4, &(0x7f0000001880), &(0x7f00000018c0)=[{0x3, 0x2, 0x6, 0x2}, {0x2, 0x5, 0x8, 0x7}, {0x1, 0x3, 0xb, 0xb}, {0x0, 0x2}], 0x10, 0x80000000}, 0x90) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001b00)=r8, 0x4) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r10}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001c40)=@bpf_tracing={0x1a, 0x2, &(0x7f0000001580)=ANY=[@ANYRESDEC], &(0x7f0000001a40)='syzkaller\x00', 0x400, 0x65, &(0x7f0000001a80)=""/101, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000015c0)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x64ff, r10, 0x3, &(0x7f0000001e00)=[r6, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001c00)=[{0x2, 0x2, 0xa, 0x8}, {0x5, 0x1, 0x10, 0xb}, {0x0, 0x3, 0xb, 0xa}]}, 0x90) r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r12 = openat$cgroup_ro(r11, &(0x7f0000001700)='freezer.self_freezing\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002480)={0x1e, 0xf, &(0x7f0000001680)=@raw=[@generic={0x81, 0xe, 0x5, 0x140, 0x7f}, @jmp={0x5, 0x1, 0x5, 0x7, 0x6, 0x6, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x6}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000001600)='GPL\x00', 0x0, 0x1000, &(0x7f0000002f80)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x28, r12, 0x8, &(0x7f0000001880)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001900)={0x1, 0x6, 0x6}, 0x10, r8, 0xffffffffffffffff, 0x9, &(0x7f00000020c0)=[r7, r6], &(0x7f00000023c0)=[{0x0, 0x4, 0x6, 0x3}, {0x3, 0x1, 0xa, 0x7}, {0x2, 0x4, 0xc, 0x41cd7dad2d98cb2c}, {0x0, 0x1, 0x6, 0x3}, {0x5, 0x2, 0x3, 0x9}, {0x1, 0x3, 0x0, 0xc}, {0x2, 0x5, 0xc, 0x4}, {0x1, 0x3, 0xb, 0x6}, {0x3, 0x5, 0xf, 0xa}], 0x10, 0x29}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r3, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x26, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xf8, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r3, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], 0x0, 0x37, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0xb5, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) r15 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d40)={0x6, 0x1e, &(0x7f0000000a80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @alu={0x4, 0x1, 0x5, 0x5, 0x8, 0x8, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x7, 0xb, 0x3, 0x50, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000b80)='syzkaller\x00', 0x101, 0x9b, &(0x7f0000000bc0)=""/155, 0x40f00, 0x1b, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000c80)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0xe, 0x9, 0x2d37}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000d00)=[r1, r3, r3, r1, r3], 0x0, 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x3, 0x1b, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x7}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x701df987, 0x0, 0x0, 0x0, 0x7}, @exit, @printk={@x}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}]}, &(0x7f0000000040)='syzkaller\x00', 0x1, 0x81, &(0x7f00000003c0)=""/129, 0x40f00, 0x10, '\x00', r13, 0x67, r3, 0x8, &(0x7f0000000700)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0x1, 0xfffff9df, 0x101}, 0x10, r14, r15, 0x2, &(0x7f0000000e00)=[r1, r1, r3], &(0x7f0000000e40)=[{0x2, 0x5, 0x1}, {0x0, 0x4, 0xd, 0x8}], 0x10, 0x6}, 0x90) [ 1501.359375][T31886] RDX: ffffc90006ca0000 RSI: 0000000000019c50 RDI: 0000000000019c51 [ 1501.374182][T31886] RBP: ffffc90000a17978 R08: ffffffff81575f25 R09: ffffed103ee065e8 [ 1501.401926][T31886] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11022d13614 22:49:22 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x71000000, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72000000, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1501.443515][T31886] R13: ffff88811689b0a0 R14: 0000000000000003 R15: ffff888163462999 [ 1501.480383][T31886] FS: 00007f030328b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73000000, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x79000000, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1100, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1501.529375][T31886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1501.564415][T31886] CR2: 00000000202b0000 CR3: 000000011ef38000 CR4: 00000000003506b0 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000, 0x0, 0x0, 0x0}, 0x90) [ 1501.606602][T31886] DR0: 0000000000000098 DR1: 0000000000000000 DR2: 0000000000000000 [ 1501.623217][T31886] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b000000, 0x0, 0x0, 0x0}, 0x90) [ 1501.673881][T31886] Call Trace: 22:49:23 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x0, 0x4, 0x1000, &(0x7f0000000300)=""/4096}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x10}, 0xc) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000002240)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYRES8=r6], 0x32600) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002180)={0x18, 0x13, &(0x7f0000001300)=@raw=[@ldst={0x2, 0x3, 0x3, 0x8, 0x8}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @generic={0x6, 0x6, 0x0, 0x1}, @generic={0x0, 0xf, 0x3, 0xeb, 0x5}, @map_idx={0x18, 0x2}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9e3}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}], 0x0, 0xfffffff9, 0x40, &(0x7f0000001e40)=""/64, 0x0, 0x5c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001ec0)={0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000002140)=[r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90) (async) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000002dc0)='cgroup.events\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x0, 0x15, &(0x7f0000002880)=ANY=[@ANYBLOB="1800000006000000000000001e00000036110000c51c9119d0be689dd5ec6ec05fbd03d008be8463b02aade605541663cd4860bf35bc163e6dcc0af286ebfffd22b7f25cb56536fb69bf7662b4a86c5b698907e00721c11a4429a5e8fb1a4f01dbb47de987fdbe2ccecddbd5f22c478780d4a95fe585b89c7823119dcf760c9f31cd12e8773c497ec3a8ce69d26384dd00fd47e3ae1e98249db88a8cc0681e791294e05ddc286c5429c47a167207e846b3b0dc5678bd442cbad8c2f930a7a3b40d0c7b8bace88f7c7882071398b2622fcaf30f87ef85f4d188c27bae4bc233f5acedc4097d3c87e314a1c8966d4e961ade55bf4c1f1eb1bd01fbd294f2cc4596257b2755dd9bdd", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000095000000000000005807119afc608d70a5a8924ee86627b1a6231e7246625f4eca2ff937ea644738ebc164cdfc6523a58339fc2a99d2e8fcec976db25d0647f69ea69701f1fdfbe54ef971d50de2f8d620c40fb166b1f9ae5f63772c8145cd97c242ef3a2ed454cdf4f03e84d625c4278327fa68f82eb12978dcf892001000002377d65c6cc6d4283fb551fc8179cbb7018499d0058e1f86418c490d45d43084510e6891921f49d9b7e50b0c1319dc63aaaa83232bb304737c6e397ec50cb56a8bc1f193a0c8cd5655baa63560c43c1d3fe31cd2382379f8a8a83053190baaf834ba03fd04013e378a28b83f8183803d8a861687ee63169ccfab6b67db8d411e2424181c2e5f0a115eb721aaba02401da08e37cfa197ca8fbf3e48472e37535da542542235047834a20000000000000000000000000000003cb561318ddcbce23ce530fdb6f9cb5654765a4d5c0f88f8720b918b9bb7c7ac1ccbca0711cdcb6ea2d8570b8487805c6d722297c65655e024c4b05c6b924495ff27bf519cd32b7a0ef8d283b17f0babb4ff5c75b354075d6f4622f4a5479e05cda68a0f19a3a8aa01d4f07c14ecaa8d0a553e21e89c6190d833fb0fc8fc4c53e7d56e02737b968aafa7f94ce6b37c040d5c58", @ANYRES32=r7, @ANYBLOB="000000000000000085100000fcffffff18600000030000000000000003000000bf91000000000000b70200000100000085000000"], &(0x7f0000001740)='syzkaller\x00', 0x0, 0x4, &(0x7f0000001780)=""/4, 0x40f00, 0x2a, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f00000017c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001800)={0x2, 0x7, 0x9}, 0x10, 0x0, r5, 0x4, &(0x7f0000001880), &(0x7f00000018c0)=[{0x3, 0x2, 0x6, 0x2}, {0x2, 0x5, 0x8, 0x7}, {0x1, 0x3, 0xb, 0xb}, {0x0, 0x2}], 0x10, 0x80000000}, 0x90) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001b00)=r8, 0x4) (async) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r10}, 0x10) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001c40)=@bpf_tracing={0x1a, 0x2, &(0x7f0000001580)=ANY=[@ANYRESDEC], &(0x7f0000001a40)='syzkaller\x00', 0x400, 0x65, &(0x7f0000001a80)=""/101, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000015c0)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x64ff, r10, 0x3, &(0x7f0000001e00)=[r6, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001c00)=[{0x2, 0x2, 0xa, 0x8}, {0x5, 0x1, 0x10, 0xb}, {0x0, 0x3, 0xb, 0xa}]}, 0x90) (async) r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r12 = openat$cgroup_ro(r11, &(0x7f0000001700)='freezer.self_freezing\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002480)={0x1e, 0xf, &(0x7f0000001680)=@raw=[@generic={0x81, 0xe, 0x5, 0x140, 0x7f}, @jmp={0x5, 0x1, 0x5, 0x7, 0x6, 0x6, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x6}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000001600)='GPL\x00', 0x0, 0x1000, &(0x7f0000002f80)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x28, r12, 0x8, &(0x7f0000001880)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001900)={0x1, 0x6, 0x6}, 0x10, r8, 0xffffffffffffffff, 0x9, &(0x7f00000020c0)=[r7, r6], &(0x7f00000023c0)=[{0x0, 0x4, 0x6, 0x3}, {0x3, 0x1, 0xa, 0x7}, {0x2, 0x4, 0xc, 0x41cd7dad2d98cb2c}, {0x0, 0x1, 0x6, 0x3}, {0x5, 0x2, 0x3, 0x9}, {0x1, 0x3, 0x0, 0xc}, {0x2, 0x5, 0xc, 0x4}, {0x1, 0x3, 0xb, 0x6}, {0x3, 0x5, 0xf, 0xa}], 0x10, 0x29}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r3, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x26, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xf8, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r3, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], 0x0, 0x37, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0xb5, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) (async) r15 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d40)={0x6, 0x1e, &(0x7f0000000a80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @alu={0x4, 0x1, 0x5, 0x5, 0x8, 0x8, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x7, 0xb, 0x3, 0x50, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000b80)='syzkaller\x00', 0x101, 0x9b, &(0x7f0000000bc0)=""/155, 0x40f00, 0x1b, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000c80)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0xe, 0x9, 0x2d37}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000d00)=[r1, r3, r3, r1, r3], 0x0, 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x3, 0x1b, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x7}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x701df987, 0x0, 0x0, 0x0, 0x7}, @exit, @printk={@x}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}]}, &(0x7f0000000040)='syzkaller\x00', 0x1, 0x81, &(0x7f00000003c0)=""/129, 0x40f00, 0x10, '\x00', r13, 0x67, r3, 0x8, &(0x7f0000000700)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0x1, 0xfffff9df, 0x101}, 0x10, r14, r15, 0x2, &(0x7f0000000e00)=[r1, r1, r3], &(0x7f0000000e40)=[{0x2, 0x5, 0x1}, {0x0, 0x4, 0xd, 0x8}], 0x10, 0x6}, 0x90) 22:49:23 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1200, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b601100, 0x0, 0x0, 0x0}, 0x90) [ 1501.697270][T31886] [ 1501.701204][T31886] ? show_regs+0x58/0x60 [ 1501.705337][T31886] ? __warn+0x160/0x2f0 [ 1501.726556][T31886] ? refcount_warn_saturate+0x158/0x1a0 22:49:23 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) write$cgroup_int(r3, &(0x7f00000001c0)=0x1a0, 0xfffffdef) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x0, 0x4, 0x1000, &(0x7f0000000300)=""/4096}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async) r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x10}, 0xc) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000002240)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYRES8=r6], 0x32600) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002180)={0x18, 0x13, &(0x7f0000001300)=@raw=[@ldst={0x2, 0x3, 0x3, 0x8, 0x8}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @generic={0x6, 0x6, 0x0, 0x1}, @generic={0x0, 0xf, 0x3, 0xeb, 0x5}, @map_idx={0x18, 0x2}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9e3}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}], 0x0, 0xfffffff9, 0x40, &(0x7f0000001e40)=""/64, 0x0, 0x5c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001ec0)={0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000002140)=[r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3f}, 0x90) (async) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000002dc0)='cgroup.events\x00', 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x0, 0x15, &(0x7f0000002880)=ANY=[@ANYBLOB="1800000006000000000000001e00000036110000c51c9119d0be689dd5ec6ec05fbd03d008be8463b02aade605541663cd4860bf35bc163e6dcc0af286ebfffd22b7f25cb56536fb69bf7662b4a86c5b698907e00721c11a4429a5e8fb1a4f01dbb47de987fdbe2ccecddbd5f22c478780d4a95fe585b89c7823119dcf760c9f31cd12e8773c497ec3a8ce69d26384dd00fd47e3ae1e98249db88a8cc0681e791294e05ddc286c5429c47a167207e846b3b0dc5678bd442cbad8c2f930a7a3b40d0c7b8bace88f7c7882071398b2622fcaf30f87ef85f4d188c27bae4bc233f5acedc4097d3c87e314a1c8966d4e961ade55bf4c1f1eb1bd01fbd294f2cc4596257b2755dd9bdd", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000095000000000000005807119afc608d70a5a8924ee86627b1a6231e7246625f4eca2ff937ea644738ebc164cdfc6523a58339fc2a99d2e8fcec976db25d0647f69ea69701f1fdfbe54ef971d50de2f8d620c40fb166b1f9ae5f63772c8145cd97c242ef3a2ed454cdf4f03e84d625c4278327fa68f82eb12978dcf892001000002377d65c6cc6d4283fb551fc8179cbb7018499d0058e1f86418c490d45d43084510e6891921f49d9b7e50b0c1319dc63aaaa83232bb304737c6e397ec50cb56a8bc1f193a0c8cd5655baa63560c43c1d3fe31cd2382379f8a8a83053190baaf834ba03fd04013e378a28b83f8183803d8a861687ee63169ccfab6b67db8d411e2424181c2e5f0a115eb721aaba02401da08e37cfa197ca8fbf3e48472e37535da542542235047834a20000000000000000000000000000003cb561318ddcbce23ce530fdb6f9cb5654765a4d5c0f88f8720b918b9bb7c7ac1ccbca0711cdcb6ea2d8570b8487805c6d722297c65655e024c4b05c6b924495ff27bf519cd32b7a0ef8d283b17f0babb4ff5c75b354075d6f4622f4a5479e05cda68a0f19a3a8aa01d4f07c14ecaa8d0a553e21e89c6190d833fb0fc8fc4c53e7d56e02737b968aafa7f94ce6b37c040d5c58", @ANYRES32=r7, @ANYBLOB="000000000000000085100000fcffffff18600000030000000000000003000000bf91000000000000b70200000100000085000000"], &(0x7f0000001740)='syzkaller\x00', 0x0, 0x4, &(0x7f0000001780)=""/4, 0x40f00, 0x2a, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f00000017c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001800)={0x2, 0x7, 0x9}, 0x10, 0x0, r5, 0x4, &(0x7f0000001880), &(0x7f00000018c0)=[{0x3, 0x2, 0x6, 0x2}, {0x2, 0x5, 0x8, 0x7}, {0x1, 0x3, 0xb, 0xb}, {0x0, 0x2}], 0x10, 0x80000000}, 0x90) (async) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001b00)=r8, 0x4) (async) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r10}, 0x10) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001c40)=@bpf_tracing={0x1a, 0x2, &(0x7f0000001580)=ANY=[@ANYRESDEC], &(0x7f0000001a40)='syzkaller\x00', 0x400, 0x65, &(0x7f0000001a80)=""/101, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000015c0)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x64ff, r10, 0x3, &(0x7f0000001e00)=[r6, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001c00)=[{0x2, 0x2, 0xa, 0x8}, {0x5, 0x1, 0x10, 0xb}, {0x0, 0x3, 0xb, 0xa}]}, 0x90) r11 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r12 = openat$cgroup_ro(r11, &(0x7f0000001700)='freezer.self_freezing\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002480)={0x1e, 0xf, &(0x7f0000001680)=@raw=[@generic={0x81, 0xe, 0x5, 0x140, 0x7f}, @jmp={0x5, 0x1, 0x5, 0x7, 0x6, 0x6, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x6}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000001600)='GPL\x00', 0x0, 0x1000, &(0x7f0000002f80)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x28, r12, 0x8, &(0x7f0000001880)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000001900)={0x1, 0x6, 0x6}, 0x10, r8, 0xffffffffffffffff, 0x9, &(0x7f00000020c0)=[r7, r6], &(0x7f00000023c0)=[{0x0, 0x4, 0x6, 0x3}, {0x3, 0x1, 0xa, 0x7}, {0x2, 0x4, 0xc, 0x41cd7dad2d98cb2c}, {0x0, 0x1, 0x6, 0x3}, {0x5, 0x2, 0x3, 0x9}, {0x1, 0x3, 0x0, 0xc}, {0x2, 0x5, 0xc, 0x4}, {0x1, 0x3, 0xb, 0x6}, {0x3, 0x5, 0xf, 0xa}], 0x10, 0x29}, 0x90) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r3, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x26, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xf8, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r3, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], 0x0, 0x37, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0xb5, 0x8, 0x8, &(0x7f0000000900)}}, 0x10) (async) r15 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d40)={0x6, 0x1e, &(0x7f0000000a80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @alu={0x4, 0x1, 0x5, 0x5, 0x8, 0x8, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x7, 0xb, 0x3, 0x50, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000b80)='syzkaller\x00', 0x101, 0x9b, &(0x7f0000000bc0)=""/155, 0x40f00, 0x1b, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000c80)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000cc0)={0x1, 0xe, 0x9, 0x2d37}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000d00)=[r1, r3, r3, r1, r3], 0x0, 0x10, 0x7}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x3, 0x1b, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x7}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x701df987, 0x0, 0x0, 0x0, 0x7}, @exit, @printk={@x}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}]}, &(0x7f0000000040)='syzkaller\x00', 0x1, 0x81, &(0x7f00000003c0)=""/129, 0x40f00, 0x10, '\x00', r13, 0x67, r3, 0x8, &(0x7f0000000700)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000740)={0x1, 0x1, 0xfffff9df, 0x101}, 0x10, r14, r15, 0x2, &(0x7f0000000e00)=[r1, r1, r3], &(0x7f0000000e40)=[{0x2, 0x5, 0x1}, {0x0, 0x4, 0xd, 0x8}], 0x10, 0x6}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff, 0x0, 0x0, 0x0}, 0x90) [ 1501.750636][T31886] ? report_bug+0x3d9/0x5b0 [ 1501.762377][T31886] ? refcount_warn_saturate+0x158/0x1a0 [ 1501.779952][T31886] ? handle_bug+0x41/0x70 [ 1501.793035][T31886] ? exc_invalid_op+0x1b/0x50 [ 1501.807618][T31886] ? asm_exc_invalid_op+0x1b/0x20 [ 1501.823583][T31886] ? __wake_up_klogd+0xd5/0x110 [ 1501.833094][T31886] ? refcount_warn_saturate+0x158/0x1a0 [ 1501.838796][T31886] ? refcount_warn_saturate+0x158/0x1a0 [ 1501.844223][T31886] vm_area_free_no_check+0x123/0x130 [ 1501.849597][T31886] copy_mm+0xefb/0x13e0 [ 1501.853627][T31886] ? copy_signal+0x610/0x610 [ 1501.859101][T31886] ? __init_rwsem+0xd6/0x1c0 [ 1501.863567][T31886] ? copy_signal+0x4e3/0x610 [ 1501.868238][T31886] copy_process+0x1149/0x3290 [ 1501.872790][T31886] ? proc_fail_nth_write+0x20b/0x290 [ 1501.878204][T31886] ? fsnotify_perm+0x6a/0x5d0 [ 1501.882750][T31886] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1501.887939][T31886] ? vfs_write+0x9ec/0x1110 [ 1501.893012][T31886] kernel_clone+0x21e/0x9e0 [ 1501.897704][T31886] ? file_end_write+0x1c0/0x1c0 [ 1501.902421][T31886] ? create_io_thread+0x1e0/0x1e0 [ 1501.907516][T31886] ? mutex_unlock+0xb2/0x260 [ 1501.911971][T31886] ? __mutex_lock_slowpath+0x10/0x10 [ 1501.917353][T31886] __x64_sys_clone+0x23f/0x290 [ 1501.921984][T31886] ? __do_sys_vfork+0x130/0x130 [ 1501.926887][T31886] ? ksys_write+0x260/0x2c0 [ 1501.931255][T31886] ? debug_smp_processor_id+0x17/0x20 [ 1501.936455][T31886] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1501.942754][T31886] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1501.948421][T31886] do_syscall_64+0x3d/0xb0 [ 1501.952697][T31886] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1501.958633][T31886] RIP: 0033:0x7f0304509da9 [ 1501.962937][T31886] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1501.982725][T31886] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1501.991207][T31886] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1501.999208][T31886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 22:49:23 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72) 22:49:23 executing program 2: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000380)={0xccab1775cf0638d4, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xc8, 0xffffffff, 0x0, 0x8}, 0x0, 0x800e, r0, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002100)={0x18, 0x2b, &(0x7f0000002340)=ANY=[@ANYBLOB="1800000077000000000000000600000018110000", @ANYRESHEX=0x0, @ANYBLOB="0000000000000000b702000014000000b7030000bf09000000000000550901000000000095b700000000000885000000c4000000181200006b26e5fa8f600cd2cd71f4f80f782366eba1d455818c4c8712a60efe519fbf07fd3ef4205f200a", @ANYRES32, @ANYBLOB="0000000100000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff00000800000018230000", @ANYRES32=0x1, @ANYBLOB="0000000000000100000000000000000085000000a50000009562f8f710000000139affff0000000018120000c243235ed25c95115927634d7b", @ANYRES32, @ANYRES16=r0], &(0x7f0000000340)='syzkaller\x00', 0x2, 0xdd, &(0x7f0000002000)=""/221, 0x41100, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x1, 0x9, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, 0x0, &(0x7f0000014ff5)='GPL\x00', 0x0, 0x1000, &(0x7f0000000c40)=""/4096, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x200}, 0x8}, 0x90) r6 = perf_event_open(0x0, 0x0, 0x8, r0, 0x8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000280), &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000002300)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) r8 = openat$cgroup_ro(r4, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000bc0)={0x0, 0x3}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0xd, 0xa, &(0x7f0000000600)=ANY=[@ANYBLOB="851000f2466d9a00186a00000a0000000000007322000085000000d200000018420fcc8a6f60e2e7f21f359200fb00000000008500ffff950000000000000000e6007f000000000000200000"], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x99, &(0x7f0000000680)=""/153, 0x41000, 0x0, '\x00', r7, 0x2e, r4, 0x8, &(0x7f0000000b00)={0x9, 0x80000002}, 0x8, 0x10, &(0x7f0000000b40)={0x4, 0xa, 0x5, 0x7ff}, 0x10, 0xffffffffffffffff, r5, 0x1, &(0x7f0000001c40)=[r8, 0xffffffffffffffff, r9], &(0x7f0000001c80)=[{0xfffffffe, 0x3, 0xb, 0xa}], 0x10, 0x6}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002240)={0x6, 0x5, &(0x7f00000021c0)=ANY=[@ANYRES64=r5, @ANYRESHEX=r7, @ANYRES64=r9, @ANYRES8=r0, @ANYRES64=r6, @ANYRES8=r3, @ANYRESDEC=r1, @ANYRES16], &(0x7f00000005c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x9, '\x00', r7, 0x25, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0xf, 0x2000005, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000021c0), &(0x7f0000002200), 0x10, 0x3ff}, 0x90) openat$cgroup_ro(r4, &(0x7f0000000280)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) recvmsg$unix(r4, &(0x7f0000000140)={&(0x7f0000000040)=@abs, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/134, 0x86}, {&(0x7f0000000380)=""/230, 0xe6}, {&(0x7f0000000480)=""/240, 0xf0}], 0x3, &(0x7f0000000580)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}, 0x40016041) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r10}, 0x10) r12 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r11}, 0x8) write$cgroup_int(r12, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83000000, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1300, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1502.007190][T31886] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1502.015054][T31886] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1502.023052][T31886] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1502.031056][T31886] [ 1502.033925][T31886] ---[ end trace 1337d97a36b43a86 ]--- [ 1502.064286][T31985] FAULT_INJECTION: forcing a failure. [ 1502.064286][T31985] name failslab, interval 1, probability 0, space 0, times 0 [ 1502.077332][T31985] CPU: 0 PID: 31985 Comm: syz-executor.1 Tainted: G W 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1502.088872][T31985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1502.098770][T31985] Call Trace: [ 1502.101887][T31985] [ 1502.104667][T31985] dump_stack_lvl+0x151/0x1b7 [ 1502.109177][T31985] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1502.114656][T31985] dump_stack+0x15/0x17 [ 1502.118637][T31985] should_fail+0x3c6/0x510 [ 1502.122891][T31985] __should_failslab+0xa4/0xe0 [ 1502.127491][T31985] ? vm_area_dup+0x26/0x230 [ 1502.131833][T31985] should_failslab+0x9/0x20 [ 1502.136186][T31985] slab_pre_alloc_hook+0x37/0xd0 [ 1502.140947][T31985] ? vm_area_dup+0x26/0x230 [ 1502.145281][T31985] kmem_cache_alloc+0x44/0x200 [ 1502.149883][T31985] vm_area_dup+0x26/0x230 [ 1502.154082][T31985] copy_mm+0x9a1/0x13e0 [ 1502.158145][T31985] ? copy_signal+0x610/0x610 [ 1502.162556][T31985] ? __init_rwsem+0xd6/0x1c0 [ 1502.166983][T31985] ? copy_signal+0x4e3/0x610 [ 1502.171407][T31985] copy_process+0x1149/0x3290 [ 1502.175923][T31985] ? proc_fail_nth_write+0x20b/0x290 [ 1502.181041][T31985] ? fsnotify_perm+0x6a/0x5d0 [ 1502.185566][T31985] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1502.190503][T31985] ? vfs_write+0x9ec/0x1110 [ 1502.194843][T31985] kernel_clone+0x21e/0x9e0 [ 1502.199180][T31985] ? file_end_write+0x1c0/0x1c0 [ 1502.203866][T31985] ? create_io_thread+0x1e0/0x1e0 [ 1502.208728][T31985] ? mutex_unlock+0xb2/0x260 [ 1502.213156][T31985] ? __mutex_lock_slowpath+0x10/0x10 [ 1502.218371][T31985] __x64_sys_clone+0x23f/0x290 [ 1502.222963][T31985] ? __do_sys_vfork+0x130/0x130 [ 1502.227648][T31985] ? ksys_write+0x260/0x2c0 [ 1502.231987][T31985] ? debug_smp_processor_id+0x17/0x20 [ 1502.237281][T31985] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1502.243184][T31985] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1502.248650][T31985] do_syscall_64+0x3d/0xb0 [ 1502.252902][T31985] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1502.258632][T31985] RIP: 0033:0x7f0304509da9 [ 1502.262884][T31985] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1502.282335][T31985] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1502.290578][T31985] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1502.298385][T31985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1502.306195][T31985] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:23 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x9fffffffffffffff, 0xffffffffffffffff, 0x0) (async) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x4}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) (async, rerun: 32) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r0, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000680)=[0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000400), 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async, rerun: 32) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3, 0xb, &(0x7f0000000d00)=ANY=[@ANYBLOB="4a4d356fe97677fcf6bda6c6d4bb34fd7dabf25456c54b07e3d26dad9e8c0ab398dcfa110bd30b24a3e250261592d2d55e2862eb259164b254360a4624049d431a839171350dfda62027efaec13894bf1a18313fbcbd86c2bfbef3246bb77336987001a71e8b6ea628281247cd69d92a765ba29e0a520008000000000000eedf5eef91283dfed04f44e0f3e4abc64adae0fdcc8a9cfbe3a8c2ac305ef001f1f8392816eedfcc34d79ca08ff7e491d25b19b57a31c4debf3da55d5b1838764359d0e3aae2d8ce2d1a1e0279d8705fa250fc52e5e3b5b439fa62"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', r2, 0x14, r3, 0x8, &(0x7f00000009c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x2, 0x4, 0x3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a40)=[0xffffffffffffffff, 0x1, r1, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) (async) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x4, &(0x7f0000000c80)=ANY=[], &(0x7f0000000cc0)='GPL\x00', 0x0, 0xe5, &(0x7f0000000bc0)=""/229, 0x41000, 0x14, '\x00', r2, 0x0, r0, 0x8, &(0x7f0000000300)={0x9}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0x10, 0x0, 0xfff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r0, r4, r0], 0x0, 0x10, 0x1}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='freezer.state\x00', 0x26e1, 0x0) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000140), 0x2, 0x0) (async, rerun: 64) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup/syz1\x00', 0x200002, 0x0) (async, rerun: 64) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7) (async) openat$cgroup_int(r6, &(0x7f00000000c0)='cpu.idle\x00', 0x2, 0x0) mkdirat$cgroup(r6, &(0x7f0000000100)='syz0\x00', 0x1ff) (async, rerun: 32) write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1) (rerun: 32) 22:49:23 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73) [ 1502.314014][T31985] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1502.321816][T31985] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1502.329633][T31985] 22:49:23 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1400, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85ffffff, 0x0, 0x0, 0x0}, 0x90) 22:49:23 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90ffffff, 0x0, 0x0, 0x0}, 0x90) [ 1502.395939][T31987] FAULT_INJECTION: forcing a failure. [ 1502.395939][T31987] name failslab, interval 1, probability 0, space 0, times 0 [ 1502.453519][T31987] CPU: 0 PID: 31987 Comm: syz-executor.1 Tainted: G W 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1502.465087][T31987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1502.475009][T31987] Call Trace: [ 1502.478103][T31987] [ 1502.480880][T31987] dump_stack_lvl+0x151/0x1b7 [ 1502.485395][T31987] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1502.490861][T31987] dump_stack+0x15/0x17 [ 1502.494850][T31987] should_fail+0x3c6/0x510 [ 1502.499106][T31987] __should_failslab+0xa4/0xe0 [ 1502.503710][T31987] ? anon_vma_clone+0x9a/0x500 [ 1502.508301][T31987] should_failslab+0x9/0x20 [ 1502.512639][T31987] slab_pre_alloc_hook+0x37/0xd0 [ 1502.517411][T31987] ? anon_vma_clone+0x9a/0x500 [ 1502.522012][T31987] kmem_cache_alloc+0x44/0x200 [ 1502.526618][T31987] anon_vma_clone+0x9a/0x500 [ 1502.531038][T31987] anon_vma_fork+0x91/0x4e0 [ 1502.535391][T31987] ? anon_vma_name+0x43/0x70 [ 1502.539804][T31987] ? vm_area_dup+0x17a/0x230 [ 1502.544230][T31987] copy_mm+0xa3a/0x13e0 [ 1502.548225][T31987] ? copy_signal+0x610/0x610 [ 1502.552650][T31987] ? __init_rwsem+0xd6/0x1c0 [ 1502.557073][T31987] ? copy_signal+0x4e3/0x610 [ 1502.561511][T31987] copy_process+0x1149/0x3290 [ 1502.566018][T31987] ? proc_fail_nth_write+0x20b/0x290 [ 1502.571139][T31987] ? fsnotify_perm+0x6a/0x5d0 [ 1502.575651][T31987] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1502.580597][T31987] ? vfs_write+0x9ec/0x1110 [ 1502.584939][T31987] kernel_clone+0x21e/0x9e0 [ 1502.589275][T31987] ? file_end_write+0x1c0/0x1c0 [ 1502.593973][T31987] ? create_io_thread+0x1e0/0x1e0 [ 1502.598821][T31987] ? mutex_unlock+0xb2/0x260 [ 1502.603250][T31987] ? __mutex_lock_slowpath+0x10/0x10 [ 1502.608379][T31987] __x64_sys_clone+0x23f/0x290 [ 1502.612974][T31987] ? __do_sys_vfork+0x130/0x130 [ 1502.617654][T31987] ? ksys_write+0x260/0x2c0 [ 1502.621999][T31987] ? debug_smp_processor_id+0x17/0x20 [ 1502.627201][T31987] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1502.633107][T31987] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1502.638577][T31987] do_syscall_64+0x3d/0xb0 [ 1502.642826][T31987] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1502.648553][T31987] RIP: 0033:0x7f0304509da9 [ 1502.652807][T31987] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1502.672248][T31987] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1502.680492][T31987] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1502.688303][T31987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1502.696113][T31987] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9cffffff, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1500, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1502.703928][T31987] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1502.711736][T31987] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1502.719553][T31987] 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9fffffff, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0010000, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1600, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1c41a00, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 2: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000380)={0xccab1775cf0638d4, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xc8, 0xffffffff, 0x0, 0x8}, 0x0, 0x800e, r0, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002100)={0x18, 0x2b, &(0x7f0000002340)=ANY=[@ANYBLOB="1800000077000000000000000600000018110000", @ANYRESHEX=0x0, @ANYBLOB="0000000000000000b702000014000000b7030000bf09000000000000550901000000000095b700000000000885000000c4000000181200006b26e5fa8f600cd2cd71f4f80f782366eba1d455818c4c8712a60efe519fbf07fd3ef4205f200a", @ANYRES32, @ANYBLOB="0000000100000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff00000800000018230000", @ANYRES32=0x1, @ANYBLOB="0000000000000100000000000000000085000000a50000009562f8f710000000139affff0000000018120000c243235ed25c95115927634d7b", @ANYRES32, @ANYRES16=r0], &(0x7f0000000340)='syzkaller\x00', 0x2, 0xdd, &(0x7f0000002000)=""/221, 0x41100, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x1, 0x9, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) (async) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0xfffffe81, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, 0x0, &(0x7f0000014ff5)='GPL\x00', 0x0, 0x1000, &(0x7f0000000c40)=""/4096, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x200}, 0x8}, 0x90) r6 = perf_event_open(0x0, 0x0, 0x8, r0, 0x8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000280), &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000002300)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10) (async) r8 = openat$cgroup_ro(r4, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000bc0)={0x0, 0x3}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0xd, 0xa, &(0x7f0000000600)=ANY=[@ANYBLOB="851000f2466d9a00186a00000a0000000000007322000085000000d200000018420fcc8a6f60e2e7f21f359200fb00000000008500ffff950000000000000000e6007f000000000000200000"], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x99, &(0x7f0000000680)=""/153, 0x41000, 0x0, '\x00', r7, 0x2e, r4, 0x8, &(0x7f0000000b00)={0x9, 0x80000002}, 0x8, 0x10, &(0x7f0000000b40)={0x4, 0xa, 0x5, 0x7ff}, 0x10, 0xffffffffffffffff, r5, 0x1, &(0x7f0000001c40)=[r8, 0xffffffffffffffff, r9], &(0x7f0000001c80)=[{0xfffffffe, 0x3, 0xb, 0xa}], 0x10, 0x6}, 0x90) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002240)={0x6, 0x5, &(0x7f00000021c0)=ANY=[@ANYRES64=r5, @ANYRESHEX=r7, @ANYRES64=r9, @ANYRES8=r0, @ANYRES64=r6, @ANYRES8=r3, @ANYRESDEC=r1, @ANYRES16], &(0x7f00000005c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x9, '\x00', r7, 0x25, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0xf, 0x2000005, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000021c0), &(0x7f0000002200), 0x10, 0x3ff}, 0x90) openat$cgroup_ro(r4, &(0x7f0000000280)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) (async) recvmsg$unix(r4, &(0x7f0000000140)={&(0x7f0000000040)=@abs, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/134, 0x86}, {&(0x7f0000000380)=""/230, 0xe6}, {&(0x7f0000000480)=""/240, 0xf0}], 0x3, &(0x7f0000000580)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}, 0x40016041) (async) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r10}, 0x10) r12 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r11}, 0x8) write$cgroup_int(r12, &(0x7f00000001c0)=0x1a0, 0xfffffdef) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2340000, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5030000, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1700, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 1502.960555][T32023] FAULT_INJECTION: forcing a failure. [ 1502.960555][T32023] name failslab, interval 1, probability 0, space 0, times 0 [ 1503.015159][T32023] CPU: 0 PID: 32023 Comm: syz-executor.1 Tainted: G W 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1503.026716][T32023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1503.036605][T32023] Call Trace: [ 1503.039728][T32023] [ 1503.042505][T32023] dump_stack_lvl+0x151/0x1b7 [ 1503.047021][T32023] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1503.052578][T32023] dump_stack+0x15/0x17 [ 1503.056565][T32023] should_fail+0x3c6/0x510 [ 1503.060822][T32023] __should_failslab+0xa4/0xe0 [ 1503.065419][T32023] ? anon_vma_clone+0x9a/0x500 [ 1503.070024][T32023] should_failslab+0x9/0x20 [ 1503.074358][T32023] slab_pre_alloc_hook+0x37/0xd0 [ 1503.079133][T32023] ? anon_vma_clone+0x9a/0x500 [ 1503.083729][T32023] kmem_cache_alloc+0x44/0x200 [ 1503.088332][T32023] anon_vma_clone+0x9a/0x500 [ 1503.092761][T32023] anon_vma_fork+0x91/0x4e0 [ 1503.097097][T32023] ? anon_vma_name+0x43/0x70 [ 1503.101525][T32023] ? vm_area_dup+0x17a/0x230 [ 1503.105951][T32023] copy_mm+0xa3a/0x13e0 [ 1503.109950][T32023] ? copy_signal+0x610/0x610 [ 1503.114371][T32023] ? __init_rwsem+0xd6/0x1c0 [ 1503.118799][T32023] ? copy_signal+0x4e3/0x610 [ 1503.123230][T32023] copy_process+0x1149/0x3290 [ 1503.127738][T32023] ? proc_fail_nth_write+0x20b/0x290 [ 1503.132856][T32023] ? fsnotify_perm+0x6a/0x5d0 [ 1503.137373][T32023] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1503.142316][T32023] ? vfs_write+0x9ec/0x1110 [ 1503.146658][T32023] kernel_clone+0x21e/0x9e0 [ 1503.151085][T32023] ? file_end_write+0x1c0/0x1c0 [ 1503.155770][T32023] ? create_io_thread+0x1e0/0x1e0 [ 1503.160628][T32023] ? mutex_unlock+0xb2/0x260 [ 1503.165057][T32023] ? __mutex_lock_slowpath+0x10/0x10 [ 1503.170186][T32023] __x64_sys_clone+0x23f/0x290 [ 1503.174777][T32023] ? __do_sys_vfork+0x130/0x130 [ 1503.179463][T32023] ? ksys_write+0x260/0x2c0 [ 1503.183804][T32023] ? debug_smp_processor_id+0x17/0x20 [ 1503.189011][T32023] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1503.194936][T32023] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1503.200384][T32023] do_syscall_64+0x3d/0xb0 [ 1503.204725][T32023] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1503.210451][T32023] RIP: 0033:0x7f0304509da9 [ 1503.214700][T32023] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1503.234145][T32023] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1503.242392][T32023] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1503.250197][T32023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1503.258021][T32023] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 22:49:24 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x9fffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x4}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r0, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000680)=[0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000400), 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000700)}}, 0x10) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3, 0xb, &(0x7f0000000d00)=ANY=[@ANYBLOB="4a4d356fe97677fcf6bda6c6d4bb34fd7dabf25456c54b07e3d26dad9e8c0ab398dcfa110bd30b24a3e250261592d2d55e2862eb259164b254360a4624049d431a839171350dfda62027efaec13894bf1a18313fbcbd86c2bfbef3246bb77336987001a71e8b6ea628281247cd69d92a765ba29e0a520008000000000000eedf5eef91283dfed04f44e0f3e4abc64adae0fdcc8a9cfbe3a8c2ac305ef001f1f8392816eedfcc34d79ca08ff7e491d25b19b57a31c4debf3da55d5b1838764359d0e3aae2d8ce2d1a1e0279d8705fa250fc52e5e3b5b439fa62"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', r2, 0x14, r3, 0x8, &(0x7f00000009c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x2, 0x4, 0x3b}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a40)=[0xffffffffffffffff, 0x1, r1, 0xffffffffffffffff]}, 0x90) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x5, 0x9, 0x5, 0x40, 0x1, 0x100, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x8}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x4, &(0x7f0000000c80)=ANY=[], &(0x7f0000000cc0)='GPL\x00', 0x0, 0xe5, &(0x7f0000000bc0)=""/229, 0x41000, 0x14, '\x00', r2, 0x0, r0, 0x8, &(0x7f0000000300)={0x9}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0x10, 0x0, 0xfff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r0, r4, r0], 0x0, 0x10, 0x1}, 0x90) (async) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='freezer.state\x00', 0x26e1, 0x0) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000140), 0x2, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) (async) write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7) (async) openat$cgroup_int(r6, &(0x7f00000000c0)='cpu.idle\x00', 0x2, 0x0) (async) mkdirat$cgroup(r6, &(0x7f0000000100)='syz0\x00', 0x1ff) (async) write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0}, 0x90) [ 1503.265822][T32023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1503.273637][T32023] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1503.281451][T32023] 22:49:24 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf4240, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1800, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff2f0000, 0x0, 0x0, 0x0}, 0x90) 22:49:24 executing program 1: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x44208000, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75) [ 1503.478065][T32043] BUG: unable to handle page fault for address: ffffed1800000019 [ 1503.485621][T32043] #PF: supervisor read access in kernel mode [ 1503.491434][T32043] #PF: error_code(0x0000) - not-present page [ 1503.497251][T32043] PGD 23fff2067 P4D 23fff2067 PUD 0 [ 1503.502374][T32043] Oops: 0000 [#1] PREEMPT SMP KASAN [ 1503.507415][T32043] CPU: 1 PID: 32043 Comm: syz-executor.1 Tainted: G W 5.15.148-syzkaller-00718-g993bed180178 #0 [ 1503.518950][T32043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 1503.528848][T32043] RIP: 0010:__rb_insert_augmented+0x91/0x610 [ 1503.534660][T32043] Code: 00 74 08 4c 89 ef e8 5e 0b 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 30 0b 2b ff 48 89 d8 48 8b 1b 4c [ 1503.554103][T32043] RSP: 0018:ffffc90000c978f8 EFLAGS: 00010a02 [ 1503.560005][T32043] RAX: ffff88c0000000c0 RBX: ffff88c0000000c8 RCX: dffffc0000000000 [ 1503.567814][T32043] RDX: ffffffff81a50880 RSI: ffff88810fa360c8 RDI: ffff8881500edbe8 [ 1503.575625][T32043] RBP: ffffc90000c97960 R08: dffffc0000000000 R09: ffff8881500edbf0 [ 1503.583434][T32043] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1503.591242][T32043] R13: ffff888163462998 R14: 1ffff11800000019 R15: ffff8881d000c4f8 [ 1503.599053][T32043] FS: 00007f030328b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1503.607819][T32043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1503.614241][T32043] CR2: ffffed1800000019 CR3: 000000011271f000 CR4: 00000000003506a0 [ 1503.622056][T32043] DR0: 0000000000000098 DR1: 0000000000000000 DR2: 0000000000000000 [ 1503.629864][T32043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 1503.637674][T32043] Call Trace: [ 1503.640800][T32043] [ 1503.643578][T32043] ? __die_body+0x62/0xb0 [ 1503.647744][T32043] ? __die+0x7e/0x90 [ 1503.651476][T32043] ? page_fault_oops+0x7f9/0xa90 [ 1503.656249][T32043] ? __rb_insert_augmented+0x91/0x610 [ 1503.661458][T32043] ? kernelmode_fixup_or_oops+0x270/0x270 [ 1503.667012][T32043] ? is_prefetch+0x47a/0x6d0 [ 1503.671440][T32043] ? search_bpf_extables+0x26d/0x2c0 [ 1503.676557][T32043] ? __rb_insert_augmented+0x91/0x610 [ 1503.681764][T32043] ? __rb_insert_augmented+0x91/0x610 [ 1503.686978][T32043] ? fixup_exception+0xbb/0x13c0 [ 1503.691745][T32043] ? stack_trace_save+0x113/0x1c0 [ 1503.696614][T32043] ? kernelmode_fixup_or_oops+0x21b/0x270 [ 1503.702164][T32043] ? __bad_area_nosemaphore+0xcf/0x490 [ 1503.707456][T32043] ? __kasan_slab_alloc+0xc3/0xe0 [ 1503.712315][T32043] ? bad_area_nosemaphore+0x2d/0x40 [ 1503.717349][T32043] ? do_kern_addr_fault+0x69/0x80 [ 1503.722220][T32043] ? exc_page_fault+0x4eb/0x830 [ 1503.726902][T32043] ? asm_exc_page_fault+0x27/0x30 [ 1503.731759][T32043] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 1503.738010][T32043] ? __rb_insert_augmented+0x91/0x610 [ 1503.743215][T32043] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 1503.749462][T32043] vma_interval_tree_insert_after+0x2be/0x2d0 [ 1503.755365][T32043] copy_mm+0xba2/0x13e0 [ 1503.759360][T32043] ? copy_signal+0x610/0x610 [ 1503.763783][T32043] ? __init_rwsem+0xd6/0x1c0 [ 1503.768208][T32043] ? copy_signal+0x4e3/0x610 [ 1503.772637][T32043] copy_process+0x1149/0x3290 [ 1503.777170][T32043] ? proc_fail_nth_write+0x20b/0x290 [ 1503.782272][T32043] ? fsnotify_perm+0x6a/0x5d0 [ 1503.786784][T32043] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1503.791731][T32043] ? vfs_write+0x9ec/0x1110 [ 1503.796073][T32043] kernel_clone+0x21e/0x9e0 [ 1503.800582][T32043] ? file_end_write+0x1c0/0x1c0 [ 1503.805270][T32043] ? create_io_thread+0x1e0/0x1e0 [ 1503.810129][T32043] ? mutex_unlock+0xb2/0x260 [ 1503.814562][T32043] ? __mutex_lock_slowpath+0x10/0x10 [ 1503.819693][T32043] __x64_sys_clone+0x23f/0x290 [ 1503.824276][T32043] ? __do_sys_vfork+0x130/0x130 [ 1503.828964][T32043] ? ksys_write+0x260/0x2c0 [ 1503.833306][T32043] ? debug_smp_processor_id+0x17/0x20 [ 1503.838510][T32043] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1503.844413][T32043] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1503.849882][T32043] do_syscall_64+0x3d/0xb0 [ 1503.854136][T32043] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1503.859865][T32043] RIP: 0033:0x7f0304509da9 [ 1503.864124][T32043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1503.883557][T32043] RSP: 002b:00007f030328b078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1503.891800][T32043] RAX: ffffffffffffffda RBX: 00007f0304637f80 RCX: 00007f0304509da9 [ 1503.899613][T32043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044208000 [ 1503.907423][T32043] RBP: 00007f030328b120 R08: 0000000000000000 R09: 0000000000000000 [ 1503.915234][T32043] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1503.923047][T32043] R13: 000000000000000b R14: 00007f0304637f80 R15: 00007fff4710d1d8 [ 1503.930863][T32043] [ 1503.933720][T32043] Modules linked in: [ 1503.937453][T32043] CR2: ffffed1800000019 [ 1503.941448][T32043] ---[ end trace 1337d97a36b43a87 ]--- [ 1503.946741][T32043] RIP: 0010:__rb_insert_augmented+0x91/0x610 [ 1503.952557][T32043] Code: 00 74 08 4c 89 ef e8 5e 0b 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 30 0b 2b ff 48 89 d8 48 8b 1b 4c [ 1503.971996][T32043] RSP: 0018:ffffc90000c978f8 EFLAGS: 00010a02 [ 1503.977898][T32043] RAX: ffff88c0000000c0 RBX: ffff88c0000000c8 RCX: dffffc0000000000 [ 1503.985709][T32043] RDX: ffffffff81a50880 RSI: ffff88810fa360c8 RDI: ffff8881500edbe8 [ 1503.993521][T32043] RBP: ffffc90000c97960 R08: dffffc0000000000 R09: ffff8881500edbf0 [ 1504.001330][T32043] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1504.009141][T32043] R13: ffff888163462998 R14: 1ffff11800000019 R15: ffff8881d000c4f8 [ 1504.016955][T32043] FS: 00007f030328b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1504.025719][T32043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1504.032532][T32043] CR2: ffffed1800000019 CR3: 000000011271f000 CR4: 00000000003506a0 [ 1504.040302][T32043] DR0: 0000000000000098 DR1: 0000000000000000 DR2: 0000000000000000 [ 1504.048113][T32043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 1504.055927][T32043] Kernel panic - not syncing: Fatal exception [ 1504.061971][T32043] Kernel Offset: disabled [ 1504.066090][T32043] Rebooting in 86400 seconds..